Upgrade to Pro — share decks privately, control downloads, hide ads and more …

NDC OSLO 2017

NDC OSLO 2017

Do you want a single endpoint to access your data? Fetch only the data your client needs all in a single network request? Evolve your API without versions? Well if the answer is yes to any of these questions then GraphQL might just be what you are looking for. GraphQL is a query language for your application and not your database. With GraphQL, developers can use composable typed queries to request and receive only what’s required from the server.

We’ll walk through an introduction to GraphQL, drawing comparisons with traditional RESTful API’s, highlighting the implications on server and client design. Live coding examples will be used to illustrate how to get started creating a GraphQL server including: defining a schema, connecting to a database, fetching/manipulating data and much more.

Sandeep Singh

June 16, 2017
Tweet

More Decks by Sandeep Singh

Other Decks in Technology

Transcript

  1. ◦Modern API considerations & challenges ◦What it is, what it’s

    not and what GraphQL aims to solves? ◦GraphQL core concepts ◦Demo ◦Considerations Agenda @initial_spark
  2. ◦Architectural style ◦Resources ! a single resource e.g. api/patients (nouns)

    ◦Verbs ! GET, PUT, DELETE & POST ◦HATEOAS (Hypermedia As The Engine Of Application State) REST @initial_spark
  3. Ad-hoc endpoints CLIENT 1 REST API CLIENT 2 REST API

    REST API /patients_summary /patients_summary_mobile @initial_spark
  4. GraphQL is a query language for your API. GraphQL allows

    developers to compose typed queries to request and receive only the data that’s required from the server in a single network request. “ @initial_spark
  5. ◦Specification ◦ Open sourced by Facebook in 2015 ◦Hierarchical ◦

    Objects with nested associations ◦Client specified queries ◦ Specify their own data needs against the capabilities exposed from the server ◦Strongly typed ◦ Server defines an application-specific type system What is GraphQL? @initial_spark
  6. ◦About graph databases ◦Assumes nothing about: ! Transport protocol !

    Data storage ◦A solution for binary streams e.g. file upload ◦Limited to JavaScript What GraphQL isn’t @initial_spark
  7. Efficiency query{ patient(id:"22344667"){ id firstName surname dateOfBirth gender nhsNumber medications(top:5){

    name dose prescribedOn } allergies { type recorded severity } } } { "data": { "patient": { "id": 1, "firstName": "Tom", "surname": "Smith", "dateOfBirth": "12/12/1980", "gender": "MALE", "nhsNumber": "12345678911", "medications": [ { "dose": "500mg twice a day", "name": "Amoxicillin", "prescribedOn": "10/01/2016" }, { "dose": "10mg once a day", "name": "Prednisolone", "prescribedOn": "01/05/2011" } ], "allergies":[] } } } @initial_spark
  8. Introspection { __schema{ types{ name } } } • Query

    schema, types and fields • Build tools • Auto complete /Validate • Code generation • Documentation @initial_spark
  9. REST GraphQL Conceptual Model Resources Graph Related operations Yes No

    Introspection No Yes Data typing Weak Strong Real-Time No Yes Comparison @initial_spark
  10. Type system @initial_spark • Object type • Scalar types •

    Enumeration Types • Lists • Interfaces • Unions type Medication{ id: Integer name: String dose: String } type Patient{ id:Integer identifier:String! firstName:String surname:String dateOfBirth:String isDeceased:Boolean medications: [Medication] }
  11. Resolve const PatientType = new GraphQLObjectType({ name: 'Patient', description: 'A

    Patient in the EHR.', fields: { name: { type: GraphQLString, description: ’Name of patient.', resolve(obj, args, ctx){ return ’Tony Stark'; } } ... }, }); • Call business logic • Map object • Call existing REST API • Query and mutate data • Applies to all fields @initial_spark
  12. Schema @initial_spark const schema = new GraphQLSchema({ query: new GraphQLObjectType({

    name: 'RootQueryType', fields: { patient: { type: PatientType, description: 'Gets patient by nhs number', args: { nhsNumber: { type: new GraphQLNonNull(GraphQLString) } }, resolve: (obj, args, context) => context.db.getPatient(nhsNumber) } }), mutation: //optional subscription: //optional });
  13. Caching ◦ Client and app server ◦ Can’t use network

    caching e.g. Varnish, Squid etc ◦ Solution: Cache queries (normalised cache) @initial_spark
  14. Security ◦ Don’t expose anything you don’t want to be

    public ◦ Malicious queries ◦ Solution: Timeouts, max query depth/query complexity analysis @initial_spark
  15. Error handling ◦ Can’t use HTTP codes to provide information

    ◦ Surfacing errors to user(s) ◦ Solution: Validation, return errors in response object @initial_spark