In this AutoHotkey Webinar we cover an Intro to API calls with AutoHotkey.

Video Hour 1: High-level:

• What is a Webservice API call
• Web Scraping vs. WebServices / API
• List of some “fun” WebService / APIs as well as links to resources to tens-of-thousands!
• Differences between a Get vs. Post request
• High-level look at oAuth1 vs. oAuth2
• Resources
  • HTTP: Intro to HyperText Protocol, Types of Requests, oAuth, Parsing XML, XPath, JSON
  • AutoHotkey resource: Syntax writer, winHTTPrequest, Msxml2 vs. WinHTTPrequest, Parsing XML & JSON
• Basic examples of API requests (compared using browser and winHTTP request)

Video Hour 2: Coding and Q&A

• Played with several APIs
• Discussed & demonstrated reverse-engineering API calls from a website
• Passing key-value pairs (and using a function to keep it organized)
• Reviewed additional APIs
• Q&A

If you’re new to API calls, be sure to get our API Syntax Writer

Download API Syntax Writer

Or use one of our Fiddler Rippers

Download Fiddler API Syntax Ripper

Download Fiddler Everywhere API Syntax Ripper

---

Script Highlight: Select text and “pretty” hyperlink text

The below script demonstrates how you can use AHK to automate highlighting text on a page and then, using the winClip library, constructing a “pretty” html link.  Here are links to the GetActiveBrowserURL and WinClipAPI / WinClip

Intro to API calls with AutoHotkey

---

What is a Webservice API? (Application Programming Interface?)

---

Examples of Webservice / API calls with AutoHotkey

• Application / Software querying products for sale on Amazon.com
• App on your phone getting latest Weather
• Database pulling updated sales report
• Using your Tablet to Select movies to watch on Netflix
• DropBox application syncing files between your computer & cloud
• Google places search

---

APIs are becoming increasingly available!

…Since 2005, we’ve seen APIs grow from a curiosity, to a trend, and now to the point where APIs are core to many businesses. APIs have provided tremendous value to countless organizations and developers, which is reflected in their continued growth.   Source: Programmable Web

 

 

---

Main Differences between WebService / API call & Web Browser

---

When to use API verse Web Scraping?

---

Some Webservices / APIs

Some of the Amazing APIs out there…

Programmable Web – list of thousands of APIs as well as a great, six-part, article reviewing APIs

Short-list of APIs open to public on Wikipedia,   Google APIs– Over 100 APIs @ Google; Yahoo APIs

Social Sites : Twitter, Pinterest, Google+, YouTube, Facebook, LinkedIn, reddit, StumbleUpon, WordPress, Instagram

Contact / Business Lookup: ClearBit, Pipl, FullContact, Dunn & Bradstreet , Foursquare, Google Places, Yelp, GeoNames

Weather: Weather Underground, Yahoo Weather, World Air

Finance: Google Finance, Yahoo Finance, PayPal, Stripe, XigniteRealTime, Ally Invest

Government: A bunch of Government APIs, Cloud.Gov, US Census, 18F.gsa.gov

Additional: Wikipedia, Amazon Product, email to text, SmartSheet,SurveyGizmo, Bitly, SnapOCR, PasteBin, DropBox, Zoho, Zillow, imugr, Mailgun, MailChimp,  Microsoft: Graph, MS Office: Excel  Word  SharePoint  OneNote Outlook Yammer PowerPoint

---

Break-down of a REST API request via COM object

• Create COM object
• Open Endpoint (w/ parameters & Authentication if GET request)
• Set RequestHeader(s)
• Send (w/”payload & Authentication” for POST requests)
• Get response (body or text)

---

Main differences of oAuth1 verse oAuth2

Unfortunately there is no “standard” implementation of oAuth1 or oAuth2 however, at a high-level, here are some of the main conceptual differences:

oAuth1:

• Need a Key & Token from Webservice API (typically different than your username and password)
• You use your Key & Token in your API call
• oAuth1 is less secure and, generally, being phased out
• While being phased out often the “developers” (us) can use oAuth1 for development of the “app”

oAuth2:

• Need a Key and Token (same as oAuth1) however you use the Key & Token and some other parameters to perform a “handshake” which returns a secure token which typically times-out in seconds / minutes/hours
• Your token is restricted to the level of your account (or what has been authorized)
• The secure token is what is shared with your actual endpoint. (this allows other Social sites (like LinkedIn, Facebook, etc.) to assist your login but not have your username/password to the endpoint

---

HTTP and AutoHotkey Resources

HTTP Protocol & General Tutorials

• What is an HTTP Request
• Intro to REST APIs (Representational State Transfer) vs SOAP APIs (Simple Object Access Protocol)
• HTTP Headers for Dummies Request Headers ; HTTP Made really easy
• Types of Requests (GET and POST are by far the most frequent)
• YouTube discussion comparing Get vs Post
• 4 YouTube videos on oAuth2 Part 1, Part 2, Part 3, Part 4 ; Good video discussing various Authentication protocols
• Parse XML DOM, Xpath ,XDOM Properties & Methods, JSON
• Tools: Fiddler, Wireshark, Postman, Boomerang, SoapUI, F12/Developer tools / Network Traffic

AutoHotkey specific

• API Syntax Writer
• AHK Functions: WinHttpRequest by tmplinshi HTTPRequest from VxE
• URLDownloadToVar XMLHTTP Request for Asynchronous downloads
• Msxml2.XMLHTTP vs WinHttpRequest
• Multi-part/form data and AHK function to post it (often used when dealing with binary)
• Parsing: XML: XMLclass
• JSON: COCO JSON and Jxon AHK_Lib-JSON , VxE: AHK-Lib-JSON_ToObj  , AHK-Lib-JSON_FromObj

---

---

Let’s make some API calls with AutoHotkey!

Weather Underground

1. Dallas forecast in XML
2. Dallas forecast in JSON
3. Using WinHttpRequest
4. Example with browser

Yahoo business

1. Pizza restaurants in zip code 75019 in XML
2. Pizza restaurants in zip code 75019 in JSON
3. Using WinHTTPRequest