Credential Management

The Credential management API is a Promised-based standard browser API that facilitates seamless sign-ins across devices by providing an interface between the website and the browser. This API allows the user to sign in with one tab via an account chooser and helps to store credentials in the browsers by which can be synced across devices. This helps that user who has signed in to one browser already – he or she can then stay logged in to all other devices as well if they use the same browser.

This API not only works with native-browser password management, but it can also provide information about credentials from a federated identity provider. What it means is this: any entity that a website trusts to correctly authenticate a user and provide an API for that purpose can be a provider in this API to store the credential and retrieve it if necessary. For example, Google Account, GitHub, Twitter, Facebook, or OpenID Connect are examples of a federated identity provider framework.

Keep in mind that this API will only work when the origin is secure; in other words, similar to PWA, your website must run on HTTPS.

Let’s start implementing in an Angular project and see how it works.

To continue with UserContainerComponent, we will first inject this service, then will define my autoSignIn method and will call that on ngOnInit. On both the signup and login methods, we will call the store method from the credential service to save and update the user credential.

It is also a good practice to use the autocomplete attribute on the login form to help the browser to appropriately identify the fields (Figure 12-1).

   <input

          matInput

          placeholder="Enter your email"

          autocomplete="username"

          formControlName="email"

          required

        />

<input

          matInput

          autocomplete="current-password"

          placeholder="Enter your password"

          [type]="hide ? 'password' : 'text'"

          formControlName="password"

        />

We run the application in a new browser, then we will go to the login page and by entering my credential will log in to the website. You’ll see a prompt message that asks the user to save the credential in the browser (see Figure 12-2).

To test my auto sign-in, we will open a new clean browser and will go to the login page, then we will notice that we get redirected to the note list, and a snackbar message appears that shows we am automatically signed in (see Figure 12-3).

Finally, the mediation optional or required will display an account chooser prompt that allows users to select their account of choice, especially if they have more than one account saved (See Figure 12-4).

Payment Request

There is a high probability that all of us reading this book have made a payment on the web – at least once. So we all know that how time consuming, and boring it is to fill out the checkout forms, especially if it has more than one step.

The payment request standard API is developed by W3C to ensure the online payment system for both consumers and merchants remains consistent and smooth with minimal effort. This is not a new way of payment; rather, it’s a way that aims to make the checkout process easier.

With this API, consumers always see a native platform UI when they want to select payment details such as shipping address, credit card, contact details, etc. Imagine that once you save all of the information in your browsers, you can simply just reuse them in every single checkout page where this API is supported. How pleasant an experience it will be: ignore the filling out of lots of fields in a checkout form, credit card information, and more. Instead we will be seeing saved information consistently with a familiar native UI. Just a few clicks or tabs to select, and it’s done!

Another advantage of this API is to accept different payment methods from a variety of handlers to the web with relatively easy integration: for example, Apple Pay, Samsung Pay, Google Pay.

Long story short, I am going to add a donation button in the PWA note app.

There is another Promised-based method on requestPayment called canMakePayment(), which is essentially a helper to determine if the user has a supported payment method to make this payment before show() gets called. It may not be in all user agents; therefore, we need to feature detect.

Then we call show() , once the user is done, and Promise will get resolved with the user’s selection details including contact information, credit card, shipping, and more. Now it’s time to validate and process the payment with the back end.

Open header.component.html() and add the following button (see Figure 12-5):

  <button mat-menu-item (click)="donateMe()" *ngIf="isWebPaymentSupported">

    <mat-icon>attach_money</mat-icon>

    <span>Donate</span>

  </button>

We will build application and run and test it in the browser and mobile (See Figures 12-6 and 12-7).

Video and Audio Capturing

The Media Streams is an API related to WebRTC, which provides support for streaming audio and video data. This API has been around for a while. New Promised-based getUserMedia() is a method that ask for user permission for microphone and camera; and, thus, you will get access to the live stream.

In this section, we will add a new feature to “add note” page, where users can save an interactive video with audio to their notes.

Note, we will not send this video to a server in this example, but the implementation will be ready to communicate to the back end in order to save the video and audio if needed.

This code is straightforward. As always, it is a feature detection for MediaRecorder, and if it is supported by a browser, we will continue and show this feature to our user and will initialize getUserMedia() ; therefore, we ask for audio and video permission as shown in Figure 12-8.

Once permission is granted, Promise gets resolved and the stream will be accessible (see Figure 12-9). When user clicks on tab “start recording” button, MediaRecorder constructor gets called with the live stream data and the options that gave already been defined.

We store each blob in an array until stop() method gets called. Once recording stops, media is ready to be played. By hitting “play” button, we will simply create a stream buffer of the stream array and by creating a Blob URL, we will assign it to an src of <video> tag.

Ta-da, now the video is playing directly in the browser. We are also able to work on the downloadable version of this video (see Figure 12-10).

By the tab or click on “Download“ button, we will create a Blob from an array of recordedBlob and then will create a URL and assign to <a> tag thatI have defined in the template with display: none and then call click() to force browser opening download modal for user in order to ask them where this file must be saved on their system.

Geolocation

The Geolocation API provides the user’s location coordination and exposes it to the web application. The browser will ask for permission for privacy reasons. This Promised-based API has been around for a long time. You might even work with it already.

What I’d like to do is to add user coordination to each note to keep the location as it saves. Thus, we can later show the user’s note’s coordination or exact address using a third-party map provider like Google Map. Since we are saving all coordination data, we will be able to convert this coordination to a meaningful address using third-party map providers in the back end or even in the front end based on application needs.

At the moment, to keep in simple and short, let’s just display the current latitude and longitude to the user.

Finally, add the following html snippet where we use location$ observable with async pipe; however, we first check if geolocation is available by using *ngIf (see permission dialog in Figure 12-11).

    <h4 *ngIf="isGeoLocationSupported">You location is {{ location$ | async }}</h4>

Once permission is allowed by the user, the browser will provide coordination data on each method call (see Figure 12-12).

Web Bluetooth

This Promised-based API is a new technology that opens a new era for Internet of Things through the web. It allows a web application to get connected to Bluetooth Low Energy (BLE) devices.

Imagine developing a PWA where we are able to get access to Bluetooth and get control over devices such as smart home appliances, health accessories, ONLY with web API consistency across all browsers in different platforms.

Keep in mind that this API is still being developed and API may slightly change in the future. I recommend the following implementation status documentation on GitHub.²

Before we continue, I would suggest studying the basic knowledge of how Bluetooth Low Energy (BLE) and the Generic Attribute Profile (GATT)³ work.

In this section, we simulate a BLE device using BLE Peripheral Simulator⁴ app on Android and will pair my PWA note app to that device in order to receive a battery level number. What we have done is this:

1. 1.

   Installed BLE Peripheral Simulator app

    
2. 2.

   Select Battery Service to advertise

    
3. 3.

   Keep the screen on and put the battery level to 73

    

Let’s get started.

First, we will create my WebBluetoothService and import it in CoreModule.

@Injectable()

export class WebBluetoothService {

  public isWebBluetoothSupported: boolean;

  private GATT_SERVICE_NAME = 'battery_service';

  private GATT_SERVICE_CHARACTERISTIC = 'battery_level';

  constructor() {

    if (navigator.bluetooth) {

      this.isWebBluetoothSupported = true;

    }

  }

  async getBatteryLevel(): Promise<any> {

    try {

       // step 1, scan for devices and pair

      const device = await navigator.bluetooth.requestDevice({

        // acceptAllDevices: true

        filters: [{ services: [this.GATT_SERVICE_NAME] }]

      });

      // step 2: connect to device

      const connectedDevice = await this.connectDevice(device);

      // step 3 : Getting Battery Service

      const service = await this.getPrimaryService(connectedDevice, this.GATT_SERVICE_NAME);

      // step 4: Read Battery level characterestic

      const characteristic = await this.getCharacteristic(service, this.GATT_SERVICE_CHARACTERISTIC);

      // step 5: ready battery level

      const value = await characteristic.readValue();

      // step 6: return value

      return `Battery Level is ${value.getUint8(0)}%`;

    } catch (e) {

      console.error(e);

      return `something is wrong: ${e}`;

    }

  }

  private connectDevice(device): Promise<any> {

    return device.gatt.connect();

  }

  private getPrimaryService(connectedDevice, serviceName): Promise<any> {

    return connectedDevice.getPrimaryService(serviceName);

  }

  private getCharacteristic(service, characterestic): Promise<any> {

    return service.getCharacteristic(characterestic);

  }

}

This service is simple. We followed these steps:

1. 1.

   Detect if bluetooth is available.

    
2. 2.

   Call requestDevice() with proper configuration where we ask browser to filter and show us what we are interested in. There is potentially an option to ask for checking all devices; however, it’s not recommended regarding battery health.

   To make the service simple, we have statically defined GATT service name and characteristic.

    
3. 3.

   Try to connect to device once prompt modal appears.

    
4. 4.

   Call getPrimaryService() to retrieve battery service.

    
5. 5.

   By calling getCharacteristic(), we will ask for battery_level.

    
6. 6.

   Once characteristic was resolved, we will read the value.

    

It seems a bit complex and confusing even though this a very simple device and the documentation is clear. The more you work with these types of devices and technologies, the better you will become at figuring it all out.

You can only ask a browser to discover devices by click or tab on a button; thus, we’ll add a button under the menu in header.component.html and ensure with ngIf that the button appears when it’s supported.

  <button mat-menu-item (click)="getBatteryLevel()" *ngIf="isWebBluetoothSupported">

    <mat-icon>battery_unknown</mat-icon>

    <span>Battery Level</span>

  </button>

Finally, I will define my getBatteryLevel method in header.component.ts, which only shows a message with the battery level once all promises are resolved (see Figure 12-13).

async getBatteryLevel() {

    const level = await this.bluetooth.getBatteryLevel();

    this.snackBar.open(level);

  }

Note

Clone https://github.com/mhadaily/awesome-apress-pwa.git and go to Chapter 12, 05-web-bluetooth-api folder to find all sample codes.

The example above unfolds read possibilities from a BLE device; however, writing⁵ to Bluetooth characteristics and subscribing⁶ to receive GATT notifications are also another case.

We have reviewed the basics of Web Bluetooth and hope that it excites you enough to get started with this awesome web technology.

There is a great Angular library for Web Bluetooth with Observable API by my community friend Wassim Chegham – and you can install by running the following command:

npm i -S @manekinekko/angular-web-bluetooth @types/web-bluetooth

Find the documentation on GitHub https://github.com/manekinekko/angular-web-bluetooth .

Web USB

This Promised-based API provides a safe way to expose USB devices to the web via browsers using JavaScript high-level APIs. This is still a relatively new API and may change over time, implementation is limited, and bugs are reported.

Web USB API by default needs HTTPS, and similar to Web Bluetooth it must be called via a user gesture such as a touch or mouse click. Devices similar to a keyboard and mouse are not accessible to this API.

I believe Web USB opens a new window where it brings a lot of opportunities for academic purposes, students, manufacturers, and developers. Imagine this instead of an online developer tool that can access to a USB board directly or manufacturers who need to write native drivers; instead they will be able to develop a cross-platform JavaScript SDK. Think of a hardware support center who can access directly through their website to my device and diagnose or debug. We can count more and more case studies; however, I should mention that this technology is still growing and, if not right now, will be a mind-blowing feature for the web in the coming future. Truly, the web is amazing; isn’t it?

Enough talking, let’s get started and explorer the API. To keep it simple and give you an idea how Web USB works, we going to connect my “Transcend Pen drive,” and once it’s connected, I will just show a message where it displays hardware information including “serial number.”

First, I write a service called WebUSBService and import to CoreModule.

@Injectable()

export class WebUSBService {

  public isWebUSBSupported: boolean;

  constructor(private snackBar: SnackBarService) {

    if (navigator.usb) {

      this.isWebUSBSupported = true;

    }

  }

  async requestDevice() {

    try {

      const usbDeviceProperties = { name: 'Transcend Information, Inc.', vendorId: 0x8564 };

      const device = await navigator.usb.requestDevice({ filters: [usbDeviceProperties] });

      // await device.open();

      console.log(device);

      return `

      USB device name: ${device.productName}, Manifacture is ${device.manufacturerName}

      USB Version is: ${device.usbVersionMajor}.${device.usbVersionMinor}.${device.usbVersionSubminor}

      Product Serial Number is ${device.serialNumber}

      `;

    } catch (error) {

      return 'Error: ' + error.message;

    }

  }

  async getDevices() {

    const devices = await navigator.usb.getDevices();

    devices.map(device => {

      console.log(device.productName); // "Mass Storage Device"

      console.log(device.manufacturerName); // "JetFlash"

      this.snackBar.open(

        `this. USB device name: ${device.productName}, Manifacture is ${device.manufacturerName} is connected.`

      );

    });

  }

}

Let’s break it down:

1. 1.

   Feature detection to ensure “usb” is available.

    
2. 2.

   Define requestDevice method , it calls navigator.usb.requestDevice(). I needed to explicitly filter my USB device by vendorID. I didn’t magically come up with vendor hexadecimal number; what I did was to search and find my device name ‘Transcend’ in this list http://​www.​linux-usb.​org/​usb.​ids.

    
3. 3.

   Define getDevices method , and it calls navigator.usb.getDevices(); once resolved, it will return a list of devices that are connected to the origin.

    

We add two buttons in header.component.html , which on click call getDevices() and requestDevice() methods respectively.

  <button mat-menu-item (click)="getUSBDevices()" *ngIf="isWebUSBSupported">

    <mat-icon>usb</mat-icon>

    <span>USB Devices List</span>

  </button>

  <button mat-menu-item (click)="pairUSBDevice()" *ngIf="isWebUSBSupported">

    <mat-icon>usb</mat-icon>

    <span>USB Devices Pair</span>

  </button>

Inject WebUSBService to header.component.ts . Make sure buttons are visible if isWebUSBSupported is true.

constructor(private webUsb: WebUSBService) {

        this.isWebUSBSupported = this.webUsb.isWebUSBSupported;

}

  getUSBDevices() {

    this.webUsb.getDevices();

  }

  async pairUSBDevice() {

    const message = await this.webUsb.requestDevice();

    this.snackBar.open(message);

  }

By clicking on “USB Devices Pair,” a list appears where it shows my device and I can pair it (see Figure 12-14).

Once the pair is completed successfully, the device is ready to be opened and data can be transferred in and out.

For example, here is an example for a device to communicate with:

              await device.open();

              await device.selectConfiguration(1) // Select configuration #1

              await device.claimInterface(0) // Request exclusive control over interface #0

              await device.controlTransferOut({

                      "recipient": "interface",

                      "requestType": "class",

                      "request": 9,

                     "value": 0x0300,

                    "index": 0 })

             const result = await device.transferIn(8, 64); // Ready to receive data⁷

          // and you need to read the result...

This information is specific to each device. However, the methods are an API in the browser.

In general, the Web USB API provides all endpoint types of USB devices:

• Interrupt transfers:

Used for typically nonperiodic, small device “initiated” communication by calling transferIn(endpointNumber, length) and transferOut(endpointNumber, data)

• Control transfers:

Used for command and status operations by calling controlTransferIn(setup, length) and controlTransferOut(setup, data)

• Bulk transfers:

Used for large data such as print-job sent to a printer by calling transferIn(endpointNumber, length) and transferOut(endpointNumber, data)

• Isochronous transfers:

Used for continuous and periodic data, such as an audio or video stream by calling isochronousTransferIn(endpointNumber, packetLengths) and isochronousTransferOut(endpointNumber, data, packetLengths)

Last but not least, it may happen that users connect or disconnect the device from their system. There are two events that can be listened to and acted on accordingly.

      navigator.usb.onconnect = event => {

        // event.device will bring the connected device

        // do something here

        console.log('this device connected again: ' + event.device);

      };

      navigator.usb.ondisconnect = event => {

        // event.device will bring the disconnected device

        // do something here

        console.log('this device disconnected: ', event.device);

      };

Debugging USB in Chrome is easier with the internal page chrome://device-log where you can see all USB device-related events in one single place.

Note

Clone https://github.com/mhadaily/awesome-apress-pwa.git and go to Chapter 12, 06-web-usb-api folder to find all sample codes.

Summary

In this chapter, we have just explored six web APIs. Although they are not an essential part of a PWA, they help to build an app that is even closer to native apps.

As I wrote in the chapter’s introduction, these are not the only new APIs that are coming to web. There are many others that are either under development or consideration to be developed soon.

I am very excited about the future of web development as I can see how it will open endless opportunities in front of us to build and ship a much better web application.