 I'm a software developer intern at Hackerank and I'm doing my GSOP with Homeview and I'm working on increasing test coverage for brew and I did my outreach with Mozilla. Now for those of you who do not know about Outreachy, Outreachy is basically an initiative of the software freedom convenancy. It's open to participation for women, transgenders and other underrepresented communities. There are two rounds every year for Outreachy. I participated in the last round which was held from December to March and for more information you can find it on genome.org slash Outreachy. Now I did my Outreachy with Mozilla and the project that I worked on was Kinto. So Kinto is basically a minimalist JSON storage service. It has synchronization and sharing abilities. It's basically written in Python and in Firefox it's used for remote settings and storage.sync API. Now a little more about how Kinto is used in Firefox. Now there are two client libraries that are embedded in Firefox. One is the Kinto HTTP client which sends across HTTP requests to the Kinto API to fetch data while the Kinto offline client is used for offline synchronization. Now the applications where this actually is used is one CRL which is basically a list of the revoked certificates. Then it also has a list of add-ons and plugins that are malicious and it protects you from using those and then it's also used in the storage on sync API and it also stores data for A, B testing experiments in iOS. Now coming to the main topic of today that we're discussing which is web push. Now first I'd like to explain the entire terminology of web push, how it all works, what all elements are at play here. There are three things. One is a service worker. A service worker is basically a JavaScript file which works in the background. It handles notifications and also background sync APIs. Now a service worker can only work on a website or webpage that is registered over HTTPS. Coming to the push server. A push server is basically a server that is associated with the browser. It acts as a router between the browser and the web application server. It helps route data from the web application server to the browser. Now the web app server. The web app server is basically the server associated with your web application which sends our information to the user agent, basically the users. Now the entire structure of how it works. So basically when you load a website which has the facility of sending your notifications you see a pop-up which asks you if you'd like to subscribe for notifications. If you click on allow the service worker associated with the web app sends a request to the push server of the browser saying hey I would like to subscribe to notifications and please give me some credentials so I can forward it to the web application server and inform the web application server where to reach out to me. So the push server responds back with two things. One is the encryption keys. Second is the capability URL. Now there are two ways in which information can be accessed over the internet. First is through a password or a token wherein the user who has to access the information has the password or the token. And the other way is the information is available on obscured URLs and people who should have access to that information are the only ones with access to those URLs. Such URLs are called capability URLs. So push server responds back with a capability URL and an encryption key. Once the service worker receives these it needs to send it to the web application server saying hey this is where you can reach out to me and the server, the web application server which I'm calling as the Kinto server here right now in the use case stores the endpoint and the encryption keys. Now when the server has to push information out to the users, it takes the payload which is basically the information that has to be sent across and uses these encryption keys to encrypt the payload and then sends across a request to the push server of the browser, sends a post request basically to the push server saying hey please send this information across and then the push server can send it across to the browser, can send it across to the browser using a UAID. Now a UAID is basically the user agent ID with which a push server recognizes a particular browser. So it sends it across to your browser using the UAID and then the browser routes it across to the particular service worker using a channel ID. Now if the user is not online at that time, then the push server will queue up the message that had to be sent for a particular amount of time, call the TTL which is the time to live header which has to be pre-specified by the web application server. Now coming to the part where we like coming to the part where like the project I'm talking about, the microservices, the microservice that I and my mentor designed to use as the use as the web push microservice. Now considering the use case, we decided that a PubServ paradigm would be best for designing it. Now PubServ is basically a public subscribe in which there are publishers and subscribers. The subscribers choose to subscribe to certain channels according to the information they want to be notified about. And the publishers send across information to a particular channel, it's sent across in one push and the users that have subscribed to a particular channel get the information about it. Now since we need to maintain information about channels and then we also need to save subscriptions, the data about the encryption keys and the capability URLs, we needed two endpoints specifically which would be the slash channels and the slash subscriptions endpoints. And now we also do not want to be using, we do not want to use, we do not want to have user management, basically not having a username or password for using this. So we decided for authentication, we need OAuth to bearer tokens. Now the major question that we had at hand was how to go about designing it, how to go, what language to use, what framework to use, how to go about it. So then we used Kinto.core, Kinto.core is not like a framework, it's basically like a toolkit which you can use to create HTTP REST APIs, it exposes well-defined endpoints and it's built on, built using Kornies, Pyramid and SQL Alchemy Core, SQL Alchemy Core for database sessions in pooling and Kornies and Pyramid for all the HTTP stuff and the REST stuff. Now with Kinto.core you get the independence to customize and also you get a lot of default endpoints. So the only task we had at hand was to add the endpoints we required which was channels and subscriptions that was basically customizing it for our use case. The other endpoints were already there, for example the hard beat endpoint and other endpoints and it also had the ability to handle the authentication for us, handle monitoring for us and also gave us the ability to add cache if we needed. Now coming to the channel endpoint, the channel endpoint is such that if you want to register a new channel, even if the channel does not exist already, you can register it using the put slash channel slash channel ID slash registration and you can add any new channel ID here and to delete a particular channel, you can use delete slash channel slash channel ID slash registration and to get information about a particular channel, say you want to know how many users have registered to a particular channel and how many times information has been pushed out to that channel, you can get that information using get slash channel slash channel ID and to post information to a particular channel, you can use post slash channel slash channel ID. Now coming to the endpoint subscriptions where we need to maintain information about what encryption keys and endpoint URLs have come from a particular user. Post slash subscriptions will let you send information, will let you post the subscription information to the microservice, to the API basically, get slash subscriptions will help you fetch information about subscriptions of a particular user, delete will help you delete all the subscriptions and if you want to delete a particular subscription ID, delete slash subscriptions slash subscription ID will do that. Now coming to the demo part, I'll start the server, it starts using make serve. So it's running on the 9999 port and now to subscribe to a channel, I'm sending a port request to subscribe to the channel and here, as you can see, the server is running at localhost 9999 as I started it earlier and the version is V0 and the channel ID that I'm using is form builder update, it's just a random string that I'm using and the registration endpoint for registering and the auth token that I'm using for authentication. So I have subscribed to that channel. Now to push information to that channel, I can send, I can send the JSON that I have, which is data loss modified and some information to the, I am posting this to the end point slash channel slash channel ID using the authentication token and like I've been able to post it and like I get 202 since it has been accepted. Now I'd like to thank my mentor Remy for helping me and guiding me all through this project and this was my outreach project basically. Now for those of you who would like to start contributing to Kinto, you can find us on GitHub at github.com slash Kinto and you can also join our Slack channel on slack.kintostorage.org and you can also join our IRC channel on IRC.free.node.net and I'm an intern at Hackerang and for those companies who still use the normal phone screening way and use Skype for interviewing, Hackerang for work gives you the ability to conduct interviews online. It's an online assessment platform and also it really helps you get fast in the recruiting process. It helps your recruiters and hiring managers filter out qualified candidates pretty quickly and Hackerang also has Hackerang for community, which is basically where developers can practice their coding skills. Thank you. You can contact me on Gmail and you can follow me on GitHub and Twitter and you can contact me on LinkedIn and that's it. Thank you. My talk got selected pretty late so I did not have a lot of time to prepare so I could prepare only a really short talk. Thank you. Any questions? We have plenty of time for questions. Yes, we have one question there. Thanks for your talk. Could I be able, if I wanted, could I use Kinto and other parts of ... I'm not able to understand what you're saying. If I wanted to use Kinto, could I set up my own push server using Kinto and branch Firefox and point it at my own push server? You can definitely use this. It's basically called ... the microservice that is there is called web push channels and you can definitely use it to integrate it with your web application and you can use it for push notifications. You'll basically have to add a service worker file which will be in JavaScript and you'll have to send a request to the push server. Basically there's an endpoint. I don't remember the exact URL. It's the ... basically the browser's push server. You have to send a request. There's already a function in JavaScript also if you don't want to explicitly send a request. Once you send the request, you'll get back the credentials. Send the credentials to the ... using a push request to this server. There's a running instance of this server on ... I don't remember the URL again, but there's a running instance of this server and you can send a request ... a push request. The subscriptions will be saved and then you can register to whatever channels you want using the ... using a push request and then whenever a notification has to be sent out, that you can trigger by sending a request to the server again and the server will then route it to the push server and then it will be shown to the users using a notification. In fact, you can also use kinto.core for other projects. Kinto.core is basically made out of ... it's made using Pyramid, Cornice, and SQL Alchemy, so kinto.core can be used for a variety of other projects as well. Excellent. Any other question? Any other question? Well, I have a question. So can you give us an idea of the type of performance or maybe hardware requirement to handle ... I imagine this type of system gets a lot of load, a lot of messages going out to browsers all around. Is it a very heavy process? Do you need big servers or is it something that is fairly lightweight and just a regular ... So I'm not aware how what server instance is being used for this, but my mentor, Remy, he works at Mozilla. So he set up the server. So whatever Mozilla uses for their servers, so that is being used for this server, the Wepoch channel server. And so basically, kinto.core handles all the requests that come across in a fast manner. And this is why we chose to use kinto.core. Because there was very little work on our part. Kinto.core already has the ability to handle all the post requests in a really fast manner. So we just had to create a few functions which could handle that particular endpoint. And there were already many custom end points that were there with kinto.core. So yeah, that's about it. Okay, thanks. Any other question? If I don't see you folks, just wait. But okay, if there are no more questions, then let's thank our speaker again. Thank you.