Contacts need to be correctly associated with the proper groupġ0.Photo-fetching is heavily rate-limited and you need to architect your sync such that photo-download rate-limits do not cause the entire sync loop to stop.Pictures are PII under GDPR you’ll need to store them in a secure, deletable way.Sanitizing & truncating data received off the wire before storing it Your sync loop needs to handle getting access tokens from refresh tokens & replacing them when they expireĦ. You’ll need to use a poll-based sync architecture as that is a limitation of Google’s contacts APIs.Ĥ.Build code to diff & update complex, interrelated objects like email addresses, IM addresses, web pages, and phone numbersĥ. If you need the Google Data API (to access “Other contacts”), you’ll need to use an older XML-based Google Data client library, many of which are unmaintained / not updatedĢ.Google SDKs not necessarily the best option and hide many of the complexities of auth, in a bad way.Properly handle rate-limit & quota errorsġ. ![]() Handling incoming push notifications from Google at scale, including maintaining subscriptions to the proper ones and unsubscribing when no longer relevantħ. Comes out of the box with Gmails API so somewhat straightforwardĦ.See this blog for an in-depth overview of why RRULES can be challenging:.Ongoing maintenance that you pay down over time.Edge case handling: extremely large messages, weird attachment formats, messages that have broken MIME-types or are otherwise spec-noncompliant (this is a big, ongoing project) A normal case is easy, but when a MIME type isn’t specified properly it’s much more complicatedĩ.Make sure your database is truncating long headers in a way that doesn’t lose valuable informationĨ.Adding HTML tags in the right places to make it format / display properly The basics are easy, but extracting the character set from the right place in MIME and converting it is time consuming.You’ll have to investigate rate limiting by bandwidth, per-user, for this project, by account, or something else. The Google APIs have multiple rate limits and don’t tell you what rate-limits you hit.Properly handle rate-limiting / 429 errors Attachment storage and handling, including encryptionĤ. Handle performance and integration with the sync componentsģ.Handle scaling (you can easily DDoS yourself if you don’t know what you’re doing).Add support for Google push notifications (this is a big project) Build email sync functionality, starting w/polling the Gmail API for the data that you needĢ. Properly handling the case where a user only grants a subset of the requested permissions, which is now an option that Google supportsġ. You have to handle them to make sure you’re not stopping syncing accounts when they should still sync.ħ.These issues often translate to 500 or 403 errors coming from Google.Roughly once a year, Google makes a bad code push that breaks their auth APIs.Implement logic to handle reliability issues and outages from Google Implement logic to properly handle revoked refresh tokensĦ. Implement logic to refresh access tokens when needed & notifying usersĥ. Build the system so it’s prepared to handle a security leakĤ. ![]() Build logic to handle edge cases and secret re-encryption. ![]()
0 Comments
Leave a Reply. |