Tweet
Tweet

Slide 1

Slide 1 text

Cómo construir un API del que tus padres se sientan orgullosos

Slide 2

Slide 2 text

About Me GET /speakers/adrian-matellanes { "name": "Adrián Matellanes", "roles": [ "Lead API Developer", "Málaga Python Organizer" ], "worksAt": "Ebury" "twitter": "@_amatellanes", "github": "github.com/amatellanes" }

Slide 3

Slide 3 text

We’re building an API !

Slide 4

Slide 4 text

We’re building a RESTful API !

Slide 5

Slide 5 text

What is a RESTful API ?

Slide 6

Slide 6 text

What is a RESTful API? Constraints ● Client-Server ● Stateless ● Cacheable ● Layered System ● Uniform Interface

Slide 7

Slide 7 text

What is a RESTful API? Uniform Interface ● Identification of resources ● Manipulation of resources through representations ● Self Descriptive Messages ● Hypermedia As The Engine Of Application State (HATEOAS)

Slide 8

Slide 8 text

RMM Richardson Maturity Model http://martinfowler.com/articles/richardsonMaturityModel.html

Slide 9

Slide 9 text

RMM (Richardson Maturity Model) Level 1: Resources ● GET - /api/characters ● GET - /api/characters/583 ● GET - /api/characters/211

Slide 10

Slide 10 text

RMM (Richardson Maturity Model) Level 2: HTTP Verbs ● GET ● POST ● DELETE ● PUT ● PATCH ● OPTIONS ● HEAD

Slide 11

Slide 11 text

RMM (Richardson Maturity Model) Level 2: HTTP Verbs ● POST - /api/characters ● GET - /api/characters ● GET|PUT|DELETE - /api/characters/823

Slide 12

Slide 12 text

RMM (Richardson Maturity Model) Level 3: Hypermedia controls GET /api/houses/362 { "name": "House Stark of Winterfell", "region": "The North", "words": "Winter is Coming", "founder": "/api/characters/209", }

Slide 13

Slide 13 text

RMM (Richardson Maturity Model) Level 3: Hypermedia controls HAL http://stateless.co/hal_specification.html JSON-LD http://json-ld.org/ Collection+JSON http://amundsen.com/media-types/collection/ JSON Schema http://json-schema.org/

Slide 14

Slide 14 text

HTTP Status Code

Slide 15

Slide 15 text

HTTP Status Code 2xx Success ● 200 - OK ● 201 - Created ● 204 - No Content

Slide 16

Slide 16 text

HTTP Status Code 3xx Redirection ● 301 - Moved Permanently ● 304 - Not Modified

Slide 17

Slide 17 text

HTTP Status Code 4xx Client Error ● 400 - Bad Request ● 401 - Unauthorized ● 403 - Forbidden ● 404 - Not Found ● 405 - Method Not Allowed

Slide 18

Slide 18 text

HTTP Status Code 5xx Server Error ● 500 - Internal Server Error ● 501 - Not Implemented ● 502 - Bad Gateway ● 503 - Service Unavailable

Slide 19

Slide 19 text

How to build a RESTful API?

Slide 20

Slide 20 text

API

Slide 21

Slide 21 text

Specification Development Testing Deployment

Slide 22

Slide 22 text

Specification Testing Deployment Development

Slide 23

Slide 23 text

Specification Deployment Development Testing

Slide 24

Slide 24 text

Specification Development Testing Deployment

Slide 25

Slide 25 text

API Specification

Slide 26

Slide 26 text

API Specification Swagger 6,316 results 3,870 repositories 4,664 stars 528,000 results http://swagger.io/specification/

Slide 27

Slide 27 text

API Specification Swagger swagger: '2.0' info: version: '1.0.0' title: Game of Thrones API Description: All the data from the universe of Ice And Fire you've ever wanted schemes: - https basePath: /v1 produces: - application/json securityDefinitions: OauthSecurity: type: oauth2 flow: accessCode authorizationUrl: 'https://oauth.simple.api/authorization' tokenUrl: 'https://oauth.simple.api/token' ...

Slide 28

Slide 28 text

API Specification Swagger … paths: /characters/{id}: get: summary: Get specific character parameters: - name: id in: path description: The identifier of this character required: true type: string responses: 200: description: History information for the given character schema: $ref: '#/definitions/Character' ...

Slide 29

Slide 29 text

API Specification Swagger … definitions: Character: type: object properties: name: type: string description: The name of this character gender: type: string description: The gender of this character example: name: Oberyn Martell gender: Male

Slide 30

Slide 30 text

API Specification RAML 506 results 834 repositories 2,329 stars 98,000 results https://github.com/raml-org/raml-spec

Slide 31

Slide 31 text

API Specification RAML #%RAML 1.0 title: Game of Thrones API version: v1 baseUri: http://{hostName}.com baseUriParameters: hostName: description: The name of the host mediaType: application/json documentation: - title: Game of Thrones API Documentation content: All the data from the universe of Ice And Fire you've ever wanted securitySchemes: oauth_2_0: !include securitySchemes/oauth_2_0.raml ...

Slide 32

Slide 32 text

API Specification RAML … /characters: /{id}: uriParameters: id: type: number description: The identifier of this character get: description: | Get specific character responses: 200: body: application/json: schema: !include schemas/character.json example: !include examples/character.json

Slide 33

Slide 33 text

API Specification RAML # schemas/character.json { "type": "object", "$schema": "http://json-schema.org/draft-03/schema", "required": true, "properties": { "name": { "type": "string", "required": true, "maxLength": 125 }, "gender": { "type": "string" } } }

Slide 34

Slide 34 text

API Specification RAML # examples/character.json { "name": "Oberyn Martell" "gender": "Male" }

Slide 35

Slide 35 text

API Specification API Blueprint 943 results 409 repositories 4,325 stars 404,000 results https://github.com/apiaryio/api-blueprint

Slide 36

Slide 36 text

API Specification API Blueprint FORMAT: 1A HOST: http://got.api.com/ # Game of Thrones API All the data from the universe of Ice And Fire you've ever wanted. ...

Slide 37

Slide 37 text

API Specification API Blueprint ... # Group Characters ## Character Resource [/characters/{id}] + Parameters + id: 422 (number) - The identifier of this character ### Get specific character [GET] + Response 200 (application/json) + Attributes - characters (Character) ...

Slide 38

Slide 38 text

API Specification API Blueprint ... # Data Structures ## Character (object) - name: Oberyn Martell (required, string) - The name of this character - gender: Male (required, string) - The gender of this character

Slide 39

Slide 39 text

What should I choose?

Slide 40

Slide 40 text

API Specification The API Transformer: Convertron https://apimatic.io/transformer

Slide 41

Slide 41 text

API Specification API Documentation Generator https://github.com/lord/slate

Slide 42

Slide 42 text

API Specification API Documentation Generator https://apiary.io/

Slide 43

Slide 43 text

API Development

Slide 44

Slide 44 text

What framework should I choose?

Slide 45

Slide 45 text

API Development What I DO want ● Python 3 Support ● HTTP request/response ● Easy to understand and use (documentation, minimal magic, no surprise) ● Packages ● URL Routing (RESTful) ● WSGI

Slide 46

Slide 46 text

API Development What I DO NOT want ● Object-Relational Manager (no DB connection) ● Template engine

Slide 47

Slide 47 text

API Development The Contenders

Slide 48

Slide 48 text

Flask

Slide 49

Slide 49 text

API Development Awesome Python webargs - Parse HTTP request arguments https://github.com/sloria/webargs marshmallow - Simplified object serialization https://github.com/marshmallow-code/marshmallow Requests - HTTP for Humans https://github.com/kennethreitz/requests

Slide 50

Slide 50 text

API Development Awesome Flask Flask-RESTful - Quick building REST APIs https://github.com/flask-restful/flask-restful Flask API - Browsable Web API https://github.com/tomchristie/flask-api Connexion - Automagically handles HTTP requests based on Swagger Spec https://github.com/zalando/connexion

Slide 51

Slide 51 text

API Development Flask-RESTful Example from flask import Flask from flask_restful import Resource, Api app = Flask(__name__) api = Api(app) ...

Slide 52

Slide 52 text

API Development Flask-RESTful Example ... class Character(Resource): def get(self, id): return { 'name': 'Oberyn Martell', 'culture': 'Dornish' } api.add_resource(Character, '/characters/') ...

Slide 53

Slide 53 text

API Development Flask-RESTful Example ... if __name__ == '__main__': app.run(debug=True)

Slide 54

Slide 54 text

API Testing

Slide 55

Slide 55 text

API Testing Unit Testing unittest https://docs.python.org/3/library/unittest.html pytest https://github.com/pytest-dev/pytest nose https://github.com/nose-devs/nose

Slide 56

Slide 56 text

API Testing Mocking Requests HTTPretty https://github.com/gabrielfalcao/HTTPretty httmock https://github.com/patrys/httmock mock https://docs.python.org/3/library/unittest.mock.html

Slide 57

Slide 57 text

API Testing HTTPretty Example @httpretty.activate def test_got_api_returning_deals(): httpretty.register_uri(httpretty.GET, 'http://api.got.com/v1/characters/583', body='{'name': 'Jon Snow'}', content_type='application/json') response = requests.get('http://api.got.com/v1/characters/583') expect(response.json()).to.equal({'name': 'Jon Snow'})

Slide 58

Slide 58 text

Integration Testing Postman

Slide 59

Slide 59 text

Integration Testing Dredd A language-agnostic command-line tool for validating API description document against backend implementation of the API. https://github.com/apiaryio/dredd

Slide 60

Slide 60 text

Integration Testing Wiremock Mock your APIs for fast, robust and comprehensive testing https://github.com/tomakehurst/wiremock

Slide 61

Slide 61 text

Integration Testing Wiremock stub example { "request": { "method": "GET", "url": "/v1/characters/583" }, "response": { "status": 200, "bodyFileName": "jon-snow.json", "headers": { "Content-Type": "application/json" } } }

Slide 62

Slide 62 text

CDC Consumer Driven Contracts http://martinfowler.com/articles/consumerDrivenContracts.html

Slide 63

Slide 63 text

API Testing Performance Testing ab https://httpd.apache.org/docs/2.4/programs/ab.html Locust https://github.com/locustio/locust wrk https://github.com/wg/wrk

Slide 64

Slide 64 text

API Testing Security Testing Secure Pro https://smartbear.com/product/ready-api/secure/overview/

Slide 65

Slide 65 text

API Deployment

Slide 66

Slide 66 text

API Deployment API Gateway http://microservices.io/patterns/apigateway.html

Slide 67

Slide 67 text

API Deployment API Gateway Amazon API Gateway https://aws.amazon.com/api-gateway/ Kong https://getkong.org/

Slide 68

Slide 68 text

API Deployment Serverless

Slide 69

Slide 69 text

API Developer Portal

Slide 70

Slide 70 text

Your API is not for machine, is for people

Slide 71

Slide 71 text

API Developer Portal Tips ● Document precisely and with examples ● Authentication ● Endpoints ● SDKs ● Changelog

Slide 72

Slide 72 text

More...

Slide 73

Slide 73 text

More... API Design Guides PayPal API Style Guide https://github.com/paypal/api-standards Heroku Platform HTTP API Design Guide https://github.com/interagent/http-api-design Microsoft REST API Guidelines https://github.com/Microsoft/api-guidelines

Slide 74

Slide 74 text

More... API Examples GitHub API v3 https://developer.github.com/v3/ Facebook Graph API https://developers.facebook.com/docs/graph-api Twitter REST API https://dev.twitter.com/rest/public Spotify Web API https://developer.spotify.com/web-api/

Slide 75

Slide 75 text

What’s missing....?

Slide 76

Slide 76 text

What’s missing....? :( ● Versioning ● Authentication ● GraphQL

Slide 77

Slide 77 text

Thank you! Questions?