. . . . REST With Spring HI • My name is Eugen Paraschiv (don’t try to pronounce it) • Created my first REST API with Spring in 2010 • Got excited and started obsessing about REST • Created about 100 separate APIs since then • Made a lot of mistakes and slowly learned from them • The last APIs I created for a client is well positioned to become the largest ElasticSearch installation in the world
. . . . REST With Spring • We’re only working with Resources • Operations on Resources are expressed via HTTP Verbs • A Verb in the URL is a sign of bad design URL – NOUNS, NO VERBS?
. . . . REST With Spring • Resource Name: Foo • Base URL: /api/foos • Standard Operations: create, update, delete, get one, get all, get paginated • Constraints: Foos are unique by name EXAMPLE API
. . . . REST With Spring • Both designs are OK, neither is wrong • Plural indicates that we’re working with a Collections Resource – When we GET, we get back the entire collection URL – SINGULAR VS PLURAL
. . . . REST With Spring • Both designs are OK, neither is wrong • Plural indicates that we’re working with a Collections Resource – When we GET, we get back the entire collection – When we POST, we append / add a new Resource into the collection URL – SINGULAR VS PLURAL
. . . . REST With Spring • Both designs are OK, neither is wrong • Plural indicates that we’re working with a Collections Resource – When we GET, we get back the entire collection – When we POST, we append / add a new Resource into the collection – When we want a single Resource -> we drill into the Collection with a further unique identifier URL – SINGULAR VS PLURAL
. . . . REST With Spring • A HTTP concern, not a REST concern • PUT is idempotent, POST is not • PUT is closer to the semantic of replace • POST is closer to the semantic of insert CREATE VS UPDATE – POST VS PUT
. . . . REST With Spring • => We are going to use: – POST for create (subordinate Resources) – PUT for full update (replace) CREATE VS UPDATE – POST VS PUT
. . . . REST With Spring • The HTTP Spec says that DELETE is idempotent; but: – We send the first DELETE to a Resource – it gets deleted – We send a second DELETE to the same Resource - 404 IS DELETE IDEMPOTENT?
. . . . REST With Spring • The HTTP Spec says that DELETE is idempotent; but: – We send the first DELETE to a Resource – it gets deleted – We send a second DELETE to the same Resource - 404 • Idempotence refers to the state of the system after the request has completed IS DELETE IDEMPOTENT?
. . . . REST With Spring • HTTP Verb: GET • URL: /foos?page=1&size=5 • Response: 200 OK GET ALL - PAGINATED @RequestMapping( value = "/foos", params = { "page", "size" }, method = RequestMethod.GET) @ResponseBody public List<Foo> findPaginated( @RequestParam("page") int page, @RequestParam("size") int size) { return service.findPaginated(page, size).getContent(); }
. . . . REST With Spring GET ALL – PAGINATED - EXAMPLE GET http://localhost:8080/api/foos?page=1&size=10 Link= <http://localhost:8080/api/foos?page=0&size=10>; rel="first", <http://localhost:8080/api/foos?page=78&size=10>; rel="last", <http://localhost:8080/api/foos?page=6&size=10>; rel="next", <http://localhost:8080/api/foos?page=4&size=10>; rel="prev"
. . . . REST With Spring • 400 Bad Request • 401 Unauthenticated and 403 Forbidden • 404 Not Found • 405 Method Not Allowed • 409 Conflict • 415 Unsupported Media Type CLIENT ERRORS – 4XX
. . . . REST With Spring • The generic, catch-all for client side errors • Usually happens for PUT or POST requests • Usually means that the Representation of the Resource is in the right format but still doesn’t make sense 400 Bad Request
. . . . REST With Spring • Should have been named 401 Unauthenticated • The Client is trying to operate on a protected Resource without providing the proper authentication credentials 401 Unauthorized
. . . . REST With Spring • The Client is trying to work with a protected Resource, has provided correct authentication credentials, but simply does not have enough access to that Resource 403 Forbidden
. . . . REST With Spring • The Method specified in the client request is not allowed for that Resource • The response should contain an Allow header 405 Method Not Allowed
. . . . REST With Spring • The request could not be completed due to a conflict with the current state of the resource • Ex: We try to create a Foo Resource with the same name as an existing one => 409 • Do NOT use 412 Precondition Failed instead! 409 Conflict
. . . . REST With Spring • The Representation provided by the Client is not supported • Example: The API only supports JSON • Content-Type: application/xml 415 Unsupported Media Type
. . . . REST With Spring • Use @ControllerAdvice to do global error handling • It can handle exceptions individually or together SPRING GLOBAL EXCEPTION HANDLING
. . . . REST With Spring • Use @ControllerAdvice to do global error handling • It can handle exceptions individually or together • And It allows full control over the body of the Response SPRING GLOBAL EXCEPTION HANDLING
. . . . REST With Spring HANDLE A SINGLE EXCEPTION @ExceptionHandler({ InvalidDateException.class }) public ResponseEntity<Object> handleInvalidDate( InvalidDateException ex, WebRequest request) { … }
. . . . REST With Spring THE ERROR RESPONSE BODY @ExceptionHandler({ … }) public ResponseEntity<Object> handleInvalidDate( RuntimeException ex, WebRequest request) { … return handleExceptionInternal( ex, new ApiError(…), new HttpHeaders(), BAD_REQUEST, request); }
. . . . REST With Spring ERROR HANDLING ON THE CLIENT HTTP/1.1 400 Bad Request Content-Type: application/json;charset=UTF-8 ... { "ui-error": "There was a validation problem", "dev-error": "MethodArgumentNotValidException", "fieldErrors": [ { "field": "data[0].name", "message": "may not be null" } ] }
. . . . REST With Spring • The basics of REST terminology - Resource vs. Representation • Good URL practices: Nouns vs. Verbs, Plural vs. Singular • Create vs. Update - POST vs PUT (vs PATCH) • Is Delete Idempotent? • How to implement pagination in the API well • Deep dive into the 4xx class of Client Errors • Spring - Exception Handling WHAT WE LEARNED
live on the 1st of October Course 1 - The Basics of REST with Spring (60 minutes) Course 2 - REST and HTTP Semantics (72 minutes) Course 3 - Simple Security for REST (40 minutes) REST With Spring http://restwithspring.com
live on the 10th of November Course 4 - Consuming the API from AngularJS (42 minutes) Course 5 - Testing the API (56 minutes) Course 6 - Advanced Security: OAuth2 and JWT (48 minutes) REST With Spring http://restwithspring.com
- goes live on the 20th of December Course 7 - Document, Discover and Evolve the REST API Course 8 – Monitoring and Metrics of REST API Course 9 - CI and CD Pipelines for the API REST With Spring http://restwithspring.com
- went live on the 1st of October The Intermediate Class – 6 courses – 99$ 74$ - went live on the 10th of November The Master Class – 9 courses – 149$ 112$ - out on the 20th of December REST With Spring http://restwithspring.com
baeldung
satoshi7190
philipschwarz
sakahukamaki
little_rubyist
nekomatu
layerx
suzukihoge
tutinoko
thehaigo
d_endo
twada
yujisoftware
tammyeverts
rocio
brad_frost
sonatard
iamctodd
lynnandtonic
reverentgeek
geeforr
chriscoyier
maggiecrowley
csswizardry
philhawksworth
