rest introduction (chris jimenez)
Post on 06-May-2015
386 Views
Preview:
TRANSCRIPT
REST IntroductionChristopher Jimenez
● Short of Representation State Transfer(Roy Thomas)
● A style of software arquitecture (Client-Server)
● It’s the way the Web already works, just formalized a bit and with some do’s and don’ts.
What is REST??
What’s a Web Service?● A web service is just a web page meant for a
computer to request and process● More precisely, a Web service is a Web
page that’s meant to be consumed by an autonomous program as opposed to a Web browser or similar UI tool
Key REST principles● Give every “thing” an ID● Link things together● Use standard methods● Resources with multiple
representations● Communicate statelessly
Give every “thing” an ID
Give every “thing” an ID
● A “Thing” is actually a resource
● URIs can also be IDs● URIS should be human-
readable
Give every “thing” an ID
http://example.com/customers/1234
http://example.com/orders/2007/10/776654
http://example.com/products/4554
Collection of “things”
http://example.com/customers/
http://example.com/orders/2007/11
http://example.com/products?color=green
To Summarize!!Use URIs to identify everything that merits being identifiable, specifically, all of the “high-level” resources that your application provides, whether they represent individual items, collections of items, virtual and physical objects, or computation results.
Link things Together
Link things together
● At its core is the concept of hypermedia, or in other words: the idea of links
● Links are something we’re all familiar with from HTML, but they are in no way restricted to human consumption.
Link things together
<order self='http://example.com/customers/1234' > <amount>23</amount> <product ref='http://example.com/products/4554' /> <customer ref='http://example.com/customers/1234' /> </order>
Result!The beauty of the link approach using URIs is that the links can point to resources that are provided by a different application, a different server, or even a different company on another continent
Use Standard Methods
Use Standard methods
● HTTP calls these Verbs
● The two everyone knows are GET and POST
● But there is also, PUT, DELETE, HEAD and OPTIONS
Use Standard MethodsHTTP Method CRUD Guaranties.POST CREATE Create - GET RETRIEVE Retrieve Safe, Cacheable,Idempotent
PUT UPDATE Update IdempotentDELETE DELETE Delete Idempotent
Safe??
Safe?
● Takes no action other than retrieval
● User did not request the side-effects, so therefore cannot be held accountable for them.
Cacheable?
Cacheable?
● GET supports very efficient and sophisticated caching
● In many cases, you don’t even have to send a request to the server
WTF! Idempotent?
WTF! Idempotent? ● (Idempotent) unchanged in value following
multiplication by itself
● If you issue a GET request and don’t get a result, you might not know whether your request never reached its destination or the response got lost on its way back to you
● The idempotence guarantee means you can simply issue the request again
Standard Methods
class Resource { Resource(URI u); Response get(); Response post(Request r); Response put(Request r); Response delete();}
Example Not RESTOrders & Customers
RESTful AproachThe Rest Way
Multiple representations
Multiple standards
● XML● JSON● V-CARD● RSS
Multiple representationshttp://www.pixel16.com/callmenot/phones/20.xml<?xml version="1.0" encoding="UTF-8"?><response><phone><Phone><id>18</id><phone>3434343</phone><description>asf</description><created>2013-07-10 17:04:23</created><modified>2013-07-10 17:04:23</modified></Phone></phone></response>
Multiple representationwww.pixel16.com/callmenot/phones/18.json{
"phone":{ "Phone":{
"id":"18", "phone":"3434343", "description":"asf", "created":"2013-07-10 17:04:23", "modified":"2013-07-10 17:04:23"
} }
}
Communicate statelessly
Statelessly
● REST mandates that state be either turned into resource state, or kept on the client
● The server should not have to retain some sort of communication state for any of the clients it communicates with beyond a single request.
Statelessly● Scalability — the number of clients interacting would
seriously impact the server’s footprint if it had to keep client state
● A client could receive a document containing links from the server, and while it does some processing, the server could be shut down, its hard disk could be ripped out and be replaced, the software could be updated and restarted — and if the client follows one of the links it has received from the server, it won’t notice.
Authentication?
Authentication● HTTP basic auth over HTTPS
● Session via Cookies
● Query Authentication
HTTP basic auth over HTTPS● Based on the standard HTTPS protocol
● Awful authentication window displayed on the Browser
● Some server-side additional CPU consumption
● User-name and password are transmitted (over HTTPS) into the Server
Session via Cookies● Is not truly Stateless
● The cookie technique itself is HTTP-linked, so it's not truly RESTful, which should be protocol-independent.
Query AuthenticationConsists in signing each RESTful request via some additional parameters on the URI.
Server-side data caching can be always available(cache the responses at the SQL level, not at the URI level)
Amazon Example
Amazon Example
Useful Resources
Google TeckTalkHow To Design A Good API and Why it Matters
Questions?
top related