RESTful APIs

Transcript

1. RESTful APIs Maceió Dev Meetup December 17, 2014

2. about.me/endersonmaia

3. What I’m going to talk

4. 30 minutes to • REST • Constraints • Richard Maturity

   Model (RMM) • HTTP Methods • HTTP Satus Codes • Resource Naming • Format • Linking • …

5. REST
 Representational State Transfer (Roy Fielding, 2000)

6. Constraints

7. Client–server

8. Stateless

9. Cacheable

10. Layered system

11. Uniform interface

12. Uniform interface • Resource-Based • Manipulation of Resources Through Representations

    • Self-descriptive Messages • Hypermedia as the Engine of Application State (HATEOAS)

13. RMM Richardson Maturity Model

14. Level 0 The swamp of POX

15. Level 0 The swamp of POX $ curl -X POST

    -d \
 "<?xml version=“1.0"?> \
 <methodCall> \
 <methodName>examples.getStateName</methodName> \
 <params> \
 <param> \
 <value><i4>40</i4></value> \
 </param> \ </params> \
 </methodCall>" http://api.example.com

16. Level 1 Resources

17. Level 1 Resources • GET - http://host/person?action=add? name=John&age=25 • GET

    - http://host/city/delete

18. Level 2 HTTP Verbs

19. Level 2 HTTP Verbs • GET - http://host/users • PUT

    - http://host/users • DELETE - http://host/users

20. Level 3 Hypermedia Controls

21. HTTP Methods

22. GET

23. POST

24. DELETE

25. PUT

26. PATCH

27. OPTIONS

28. – Leonard Richardson, 2007 "OPTIONS is a promising idea that

    nobody uses."

29. HEAD

30. HTTP Status Codes

31. None

32. 2XX

33. 2XX • 200 - OK • 201 - Created •

    202 - Accepted • 204 - No Content

34. 3XX

35. 3XX • 301 - Moved Permanently • 304 - Not

    Modified

36. 4XX

37. 4XX • 400 - Bad Request • 401 - Unauthorized

    • 403 - Forbidden • 404 - Not Found • 409 - Conflict

38. 5XX

39. 5XX • 500 - Internal Server Error • 501 -

    Not Implemented

40. HTTP Headers

41. HTTP
 Method x Status

42. None
43. None
44. None
45. None

46. More …

47. Verbs

48. Verbs • POST - to create (INSERT) a new resource

    • GET - to recover (SELECT) a specific resource • PUT/PATCH - to UPDATE a specific resource • DELETE - to DELETE a specific resource

49. Resource Naming

50. Resource Naming • POST http://example.com/customers • GET http://example.com/customers/33245 • GET|PUT|DELETE

    http://example.com/products/66432 • GET http://example.com/customers/33245/orders • POST http://example.com/customers/33245/orders/ 8769/lineitems • GET http://example.com/customers/33245/orders/ 8769/lineitems/1


51. Resource Naming Anti-Pattern • GET http://api.example.com/services? op=update_customer&id=12345&format=json • GET http://api.example.com/

    update_customer/12345 • GET http://api.example.com/customers/ 12345/update • PUT http://api.example.com/customers/ 12345/update

52. Response

53. Format

54. Format • XML (Atom, …) • JSON (JSON-LD, HAL, …)

55. None

56. Linking

57. None

58. HATEOAS

59. Hypermedia As The Engine Of Application State

60. HATEOAS

61. HATEOAS

62. Idempotence & Safe Methods

63. What’s missing ?

64. What’s missing ? • More about HTTP Header • HTTP

    Authentication samples • Using Tokens • Versioning strategies • ?

65. References • http://stateless.co/hal_specification.html • http://jsonapi.org • http://www.infoq.com/articles/Web-APIs-From-Start-to-Finish • http://restfulwebapis.com •

    http://www.restapitutorial.com • http://martinfowler.com/articles/richardsonMaturityModel.html • http://restcookbook.com • http://www.w3.org/TR/json-ld/ • http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm • http://roy.gbiv.com/untangled/2008/rest-apis-must-be-hypertext-driven • http://brockallen.com/2012/05/14/http-status-codes-for-rest/

66. Thank you! @endersonmaia