Here we continue with GeekDude working with Chrome and AutoHotkey extracting data from a webpage. This session we focus on getting lists and leverage JSON, Chrome.Jxon_Dump, JSON.stringify, Chrome.Jxon_Load and jQuery.
The great news is that GeekDude explained how we can see the Reddit site the way it was the below video!
Discussed & demonstrated reverse-engineering API calls from a website
Passing key-value pairs (and using a function to keep it organized)
Reviewed additional APIs
Q&A
If you’re new to API calls, be sure to get our API Syntax Writer
Or use one of our Fiddler Rippers
Script Highlight: Select text and “pretty” hyperlink text
The below script demonstrates how you can use AHK to automate highlighting text on a page and then, using the winClip library, constructing a “pretty” html link. Here are links to the GetActiveBrowserURL and WinClipAPI / WinClip
Intro to API calls with AutoHotkey
What is a WebserviceAPI? (Application Programming Interface?)
Application / Software querying products for sale on Amazon.com
App on your phone getting latest Weather
Database pulling updated sales report
Using your Tablet to Select movies to watch on Netflix
DropBox application syncing files between your computer & cloud
Google places search
APIs are becoming increasingly available!
…Since 2005, we’ve seen APIs grow from a curiosity, to a trend, and now to the point where APIs are core to many businesses. APIs have provided tremendous value to countless organizations and developers, which is reflected in their continued growth. Source: Programmable Web
Open Endpoint (w/ parameters & Authentication if GET request)
Set RequestHeader(s)
Send (w/”payload & Authentication” for POST requests)
Get response (body or text)
Main differences of oAuth1 verse oAuth2
Unfortunately there is no “standard” implementation of oAuth1 or oAuth2 however, at a high-level, here are some of the main conceptual differences:
oAuth1:
Need a Key & Token from Webservice API (typically different than your username and password)
You use your Key & Token in your API call
oAuth1 is less secure and, generally, being phased out
While being phased out often the “developers” (us) can use oAuth1 for development of the “app”
oAuth2:
Need a Key and Token (same as oAuth1) however you use the Key & Token and some other parameters to perform a “handshake” which returns a secure token which typically times-out in seconds / minutes/hours
Your token is restricted to the level of your account (or what has been authorized)
The secure token is what is shared with your actual endpoint. (this allows other Social sites (like LinkedIn, Facebook, etc.) to assist your login but not have your username/password to the endpoint