Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Building Async APIs with HTTP/2+ and Mercure

Kévin Dunglas
April 22, 2020
Programming
0
1.3k

Building Async APIs with HTTP/2+ and Mercure

Mercure.rocks is a new protocol allowing to push data updates to web browsers and other HTTP clients in a convenient, fast, reliable and battery-efficient way. It is especially useful to publish real-time updates of resources served through web APIs, to reactive web and mobile apps.

From the ground up, Mercure has been designed to work with technologies not able to maintain persistent connections. It's especially relevant in serverless environments, but is also convenient when using PHP or FastCGI scripts.

Mercure is basically a higher-level replacement for WebSockets. But unlike WebSockets, it leverages the new capabilities of HTTP/2 and HTTP/3.
It has been designed with hypermedia APIs in mind, is auto-discoverable through the Web Linking RFC and is also compatible with GraphQL.
It natively supports authorization, reconnection in case of network issue (with refetching of missed events), subscribing to several topics, topics patterns (using templated URIs)...

Because it is built on top of Server-sent Events and plain old HTTP requests, it is already compatible with all modern browsers, and requires 0 client-side dependencies.

The protocol is open (available as an Internet Draft), and a reference open source implementation of the server written in Go is available. Integrations with popular web frameworks are already available!

During this talk, you'll learn everything you need to get started with the Mercure protocol!

Kévin Dunglas

April 22, 2020
Tweet

More Decks by Kévin Dunglas

See All by Kévin Dunglas
The PHP Revolution Is Underway: FrankenPHP 1.0 Beta
dunglas
0
710
Mitigate Attacks on your PHP Supply Chain
dunglas
2
850
Symfony ImportMaps: Manage Your JavaScript Dependencies Without Node
dunglas
1
2.7k
Ne vous lamentez pas, organisez-vous !
dunglas
0
840
FrankenPHP: a modern app server for PHP and Symfony apps
dunglas
1
3k
How can JSON-LD help you sell more?
dunglas
1
950
FrankenPHP: A modern app server for PHP, written in Go
dunglas
3
8.4k
API Platform 3
dunglas
3
13k
Building Decentralized Web Apps with Solid and Symfony
dunglas
2
6.4k

Other Decks in Programming

See All in Programming
Jakarta EE Guide for Spring Developers
ivargrimstad
0
330
RustでWasm Runtimeを書いた in UV_Study
skanehira
1
250
初めましてLaravel、君のことを教えてくれ! 〜春に就職したばかりの新卒エンジニアが調べた内部仕様と、そのプロセス〜
amixedcolor
0
160
ドメインを中心にしたプロダクト開発/domain-driven-product
hirodragon112
1
190
RDRA, ICONIX, DDDの実践から得た学び
hsawaji
5
680
RustでWasm Runtimeを書いた in WebAssembly night #11
skanehira
0
260
Chatwork プロダクト本部 紹介資料(エンジニア向け)
chatwork_hr
0
460
個人開発のiOSアプリでUI/UXを標準に寄せてみた / 20230919_orochi
uhooi
0
210
身に覚えのないDeveloper Program License違反を通告されてアプリの検索順位を下げられた時の闘い方 / iosdc2023-rookies-lt
ski
0
340
about_rails_girls_document_translation
maimux2x
0
4.9k
組織のコード品質を向上させる “レビューシステム”の取り組み
pospome
5
3.7k
ユニットテスト並行化の導入と運用:Goでの事例紹介
shohata
1
420

Featured

See All Featured
XXLCSS - How to scale CSS and keep your sanity
sugarenia
239
1.2M
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
10
1.2k
Side Projects
sachag
450
39k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
352
21k
How to name files
jennybc
56
84k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
18
6.1k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
16
1.4k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
657
120k
Rebuilding a faster, lazier Slack
samanthasiow
71
7.8k
Art, The Web, and Tiny UX
lynnandtonic
285
18k
Fontdeck: Realign not Redesign
paulrobertlloyd
74
4.6k
Mobile First: as difficult as doing things right
swwweet
214
8.2k

Transcript

  1. @dunglas - mercure.rocks
    Building Async APIs with
    HTTP/2+ and

    View Slide

  2. @dunglas - mercure.rocks
    Kévin Dunglas
    ❏ Founder of Les-Tilleuls.coop
    ❏ Creator of Mercure, Vulcain, API Platform…
    ❏ Symfony Core Team
    @dunglas

    View Slide

  3. @dunglas - mercure.rocks
    API and cloud experts
    ✊ worker-owned, self-managed cooperative
    50 people, 1,000% growth in 6 years
    [email protected]
    Les-Tilleuls.coop

    View Slide

  4. @dunglas - mercure.rocks
    Async and Real-Time
    APIs?!

    View Slide

  5. @dunglas - mercure.rocks

    View Slide

  6. @dunglas - mercure.rocks
    Why a New Protocol?

    View Slide

  7. © Ilya Grigorik
    High Performance Browser Networking (O'Reilly)

    View Slide

  8. @dunglas - mercure.rocks
    WebSocket (RFC 6455)
    Benefits over SSE:
    ❏ Full-duplex
    communication
    ❏ Low level: full control
    Drawbacks over SSE:
    ❏ Low level: no native
    ❏ auth
    ❏ re-connection
    ❏ state reconciliation
    ❏ events history
    ❏ Obsoleted by HTTP/2 & 3
    ❏ Hard to secure

    View Slide

  9. @dunglas - mercure.rocks
    The Persistent Connections Problem
    ❏ WebSocket and SSE rely on persistent connections
    ❏ Serverless platforms (AWS Lambda, Cloud Run, Azure
    functions…), PHP, FastCGI…

    are designed for short-lived connections
    ❏ Persistent, long-lived, concurrent connections are better
    handled by

    dedicated and optimized software and hardware

    View Slide

  10. View Slide

  11. @dunglas - mercure.rocks
    The Mercure Protocol

    View Slide

  12. @dunglas - mercure.rocks

    View Slide

  13. @dunglas - mercure.rocks
    Mercure, at a Glance
    ❏ Full-duplex, but plain old HTTP
    ❏ Publish: HTTP POST
    ❏ Subscribe: SSE
    ❏ Built-in: reconnection, retrieving of lost messages, history
    ❏ Auto-discoverable: designed for REST and GraphQL
    ❏ JWT-based authorization mechanism (private updates)
    ❏ Designed for serverless, PHP, FastCGI…
    ❏ End-2-End encryption support

    View Slide

  14. @dunglas - mercure.rocks
    Stream Events to Clients

    View Slide

  15. @dunglas - mercure.rocks
    Internet Draft: draft-dunglas-mercure

    View Slide

  16. View Slide

  17. @dunglas - mercure.rocks
    Mercure and HTTP/2+

    View Slide

  18. @dunglas - mercure.rocks
    © Narayan Prusty
    What is Multiplexing in HTTP/2?
    HTTP/2 Multiplexing

    View Slide

  19. @dunglas - mercure.rocks
    HTTP/2 global support:

    95% of all internet users
    ...and SSEs also work with HTTP/1.x

    View Slide

  20. @dunglas - mercure.rocks
    SSE global support:

    100% of all internet users
    there is a polyfill for IE 5.5+

    View Slide

  21. @dunglas - mercure.rocks
    Publishing

    View Slide

  22. @dunglas - mercure.rocks
    Publishing
    POST /.well-known/mercure
    Content-Type: application/x-www-form-urlencoded
    Authorization: Bearer:
    topic=&data=

    View Slide

  23. @dunglas - mercure.rocks
    const http = require('http');
    const querystring = require('querystring');
    const postData = querystring.stringify({
    'topic': 'https://example.com/books/1',
    'data': JSON.stringify({ '@id': 'https://example.com/books/1', status: 'OufOfStock'}),
    });
    const req = http.request({
    hostname: 'demo.mercure.rocks',
    port: '80',
    path: '/.well-known/mercure',
    method: 'POST',
    headers: {
    Authorization: 'Bearer snip',
    'Content-Type': 'application/x-www-form-urlencoded',
    'Content-Length': Buffer.byteLength(postData),
    }
    });
    req.write(postData);req.end();
    Publishing: Node.js

    View Slide

  24. @dunglas - mercure.rocks
    Publishing: Symfony (PHP)

    View Slide

  25. @dunglas - mercure.rocks
    Subscribing

    View Slide

  26. @dunglas - mercure.rocks
    Subscribing: Basic Usage
    const es = new EventSource(
    'https://demo.mercure.rocks/.well-known/mercure?topic=https://example.com/books/1'
    );
    // The callback will be called every time an update is published
    es.onmessage = function (e) {
    console.log(JSON.parse(e.data));
    }

    View Slide

  27. @dunglas - mercure.rocks
    Subscribing: Several Topics
    const url = new URL('https://demo.mercure.rocks/.well-known/mercure');
    url.searchParams.append('topic', 'https://example.com/books/1')
    url.searchParams.append('topic', 'https://example.com/reviews/21')
    const es = new EventSource(url);
    es.onmessage = function (e) {
    console.log(JSON.parse(e.data));
    }

    View Slide

  28. @dunglas - mercure.rocks
    Subscribing: using patterns
    const url = new URL('https://demo.mercure.rocks/.well-known/mercure');
    // URI Template (RFC 6560)
    url.searchParams.append('topic', 'https://example.com/books/{id}')
    // Both https://example.com/books/1 and https://example.com/books/33 will match
    const es = new EventSource(url);
    es.onmessage = function (e) {
    console.log(JSON.parse(e.data));
    }

    View Slide

  29. View Slide

  30. @dunglas - mercure.rocks
    The Discovery Mechanism

    View Slide

  31. @dunglas - mercure.rocks
    Discovery Mechanism
    Web Linking: RFC 5988

    View Slide

  32. @dunglas - mercure.rocks
    Authorization

    View Slide

  33. @dunglas - mercure.rocks
    Authorization
    ❏ Uses JSON Web Token (JWT - RFC 7519)
    ❏ An update can be intended for one or several targets
    ❏ Publisher: must be authenticated
    ❏ Subscriber:
    ❏ Can be anonymous (if allowed by the config)
    ❏ Must be authenticated to receive private updates
    ❏ Two transports: cookie and Authorization header

    View Slide

  34. @dunglas - mercure.rocks
    Authorization

    View Slide

  35. @dunglas - mercure.rocks
    The Mercure Hub

    View Slide

  36. @dunglas - mercure.rocks
    Reference Implementation
    ❏ Implements 100% of the Mercure protocol
    ❏ Fast, written in Go
    ❏ Works everywhere: static binaries and Docker
    ❏ Automatic HTTP/2 and HTTPS (Let’s Encrypt)
    ❏ CORS support, CSRF protection
    ❏ Cloud Native (12Factor App)
    ❏ Open source (AGPL)
    ❏ Optional: a server can implement directly the protocol

    View Slide

  37. @dunglas - mercure.rocks
    Reference Implementation
    https://mercure.rocks

    View Slide

  38. @dunglas - mercure.rocks
    Starting the Hub
    https://mercure.rocks

    View Slide

  39. @dunglas - mercure.rocks
    On a Kubernetes Cluster

    View Slide

  40. @dunglas - mercure.rocks
    Alternative Implementations
    ❏ No hubs: the hub is optional
    ❏ Go library (AGPL)
    ❏ Node.js library (GPL)
    ❏ HA version (managed and on premise)

    View Slide

  41. @dunglas - mercure.rocks
    iGraal / Glory4Gamers Benchmarks
    ❏ Open Source version (EC2 t3.micro)
    ❏ 40k concurrent connections
    ❏ HA version (on premise)
    ❏ 200k concurrent connections

    View Slide

  42. View Slide

  43. @dunglas - mercure.rocks
    Integrations

    View Slide

  44. @dunglas - mercure.rocks
    Integrations
    ❏ Official integrations:
    ❏ Symfony, API Platform
    ❏ Libs:
    ❏ Go, JS, Python, Java, Dart, PHP, Laravel

    View Slide

  45. @dunglas - mercure.rocks
    Example using

    API Platform & React

    View Slide

  46. @dunglas - mercure.rocks
    Create a Mercure-enabled Web API
    api-platform.com

    View Slide

  47. You get a fully-featured API supporting:
    ❏ JSON-LD + Hydra + schema.org
    ❏ GraphQL, JSON:API, HAL
    ❏ OpenAPI
    ❏ auth, pagination, filters, validation,
    HTTP/2 push, test framework…
    ❏ and Mercure support!
    MIT license

    View Slide

  48. @dunglas - mercure.rocks
    Scaffold Mercure-Enabled Clients
    api-platform.com

    View Slide

  49. @dunglas - mercure.rocks
    Try it!
    bit.ly/2H17hN3

    View Slide

  50. @dunglas - mercure.rocks
    Unleashing the Power of AsyncAPI
    servers:
    production:
    url: https://demo.mercure.rocks/.well-known/mercure
    protocol: mercure
    channels:
    'https://example.com/books/{id}':
    parameters:
    id:
    schema:
    type: integer
    subscribe:
    message:
    $ref: '#/components/messages/book'
    publish:
    message:
    $ref: '#/components/messages/book'

    View Slide

  51. @dunglas les-tilleuls.coop
    .rocks

    View Slide