APIGILITY, THE API BUILDER FOR PHP by / Senior Software Engineer - Zend Technologies Enrico Zimuel @ezimuel

ABOUT ME I'm a Software Engineer since 1996. I work at since 2008. I'm a core contributor of and . I did research in computer science at the of the University of Amsterdam. I wrote a couple of books about computer programming: and . I'm the co-founder of . I live in (Italy), where I work remotely most of the time. Zend Technologies Zend Framework Apigility Informatics Institute "PHP best practices" "Javascript best practices" PUG Torino Turin

API APIs are becoming more and more important for web and mobile applications.

EXAMPLE: SOCIAL AUTHENTICATION Most web applications offer Social authentication (Login with Facebook, Twitter, etc). This authentication is an API call (e.g. OAuth1/2)

API DEVELOPMENT If you need to start develop an API for your web application, where to start? REST, PRC, JSON, XML, HAL, OAuth, ... Oh My!!!

APIGILITY API builder for PHP applications, the world's easiest way to create high-quality APIs Open source project by Built using Zend Framework 2 (modules) Version 0.8 released in Dec 2013 (still in development) 1.0 beta in Feb/Mar 2014 Zend Technologies http://www.apigility.org

BE API-CENTRIC Separating presentation logic from data provides the flexibility to support multiple client form factors, and future-proofs apps to allow behind-the-scenes change without breaking user interfaces. With Apigility you can take the code that powers your business, and then API-enable it

THINK MOBILE An API-based architecture is essential to agile delivery of mobile applications. Apigility provides JSON representations that can be parsed and used in any mobile framework; write for the web or native applications simultaneously!

APIGILITY: MAIN FEATURES RESTful or RPC JSON (HAL) as default format Error handling (HTTP Problem) Content negotiation Versioning (via URI and Accept header) Filtering and validation Authentication (HTTP Basic/Digest, OAuth2) Documentation

RESTFUL REST (REpresentational State Transfer) is a simple stateless architecture that generally runs over HTTP. It uses URI and HTTP methods to map the different actions (GET, POST, PUT, DELETE). A typical RESTful API url: h t t p : / / d o m a i n / a p i / u s e r [ / : u s e r _ i d ]

RPC "A remote procedure call (RPC) is an inter-process communication that allows a computer program to cause a subroutine or procedure to execute in another address space" (Wikipedia) A RPC over HTTP is actually any kind of API request provided using a specific data format (e.g. RPC-XML, RPC-JSON).

JSON JSON (JavaScript Object Notation), is an open standard format used to transmit data between a server and web application, expressed using Javascript syntax. Example of JSON: { " f i r s t N a m e " : " J o h n " , " l a s t N a m e " : " S m i t h " , " a g e " : 2 5 , " a d d r e s s " : { " s t r e e t A d d r e s s " : " 2 1 2 n d S t r e e t " , " c i t y " : " N e w Y o r k " } , " e m a i l s " : [ ' j o h n . s m i t h @ g m a i l . c o m ' , ' j o h n @ s m i t h . c o m ' ] }

JSON HAL JSON Hypertext Application Language, is a RFC draft proposal ( ) Example: draft-kelly-json-hal-06 { " _ l i n k s " : { " s e l f " : { " h r e f " : " / b l o g - p o s t " } , " a u t h o r " : { " h r e f " : " / p e o p l e / a l a n - w a t t s " } } , " _ e m b e d d e d " : { " a u t h o r " : { " _ l i n k s " : { " s e l f " : { " h r e f " : " / p e o p l e / a l a n - w a t t s " } } , " n a m e " : " A l a n W a t t s " , " b o r n " : " J a n u a r y 6 , 1 9 1 5 " , " d i e d " : " N o v e m b e r 1 6 , 1 9 7 3 " } } }

HTTP PROBLEM HTTP Problem is a RFC draft proposal ( ) Example: draft-nottingham- http-problem-06 C o n t e n t - T y p e : a p p l i c a t i o n / p r o b l e m + j s o n { " d e t a i l " : " T h e G E T m e t h o d h a s n o t b e e n d e f i n e d f o r i n d i v i d u a l " , " s t a t u s " : 4 0 5 , " t i t l e " : " M e t h o d N o t A l l o w e d " , " t y p e " : " h t t p : / / w w w . w 3 . o r g / P r o t o c o l s / r f c 2 6 1 6 / r f c 2 6 1 6 - s e c 1 0 . h t m l " }

CONTENT NEGOTIATION Content negotiation is a mechanism defined in the HTTP specification that makes it possible to serve different versions of a document at the same URI. Example: A c c e p t : a p p l i c a t i o n / h a l + j s o n , a p p l i c a t i o n / j s o n

VERSIONING Agility uses two approaches: By URL, e.g. /api/v 1 /user By Accept header, e.g. Accept:application/vnd.example.v 1 +json

AUTHENTICATION "Authentication is the act of confirming the identity of a person or software program" (Wikipedia) Apigility supports 3 different authentication systems: HTTP Basic HTTP Digest OAUth2

USE APIGILITY FOR Create RESTful/RPC API for an existing PHP application: c o d e - c o n n e c t e d mode Expose a database table as RESTful API: d b - c o n n e c t e d mode

APIGILITY: INSTALLATION Via release tarball: D o w n l o a d f r o m h t t p s : / / g i t h u b . c o m / z f c a m p u s / z f - a p i g i l i t y - s k e l e t o n / r e l e a s e s Via composer: c u r l - s h t t p s : / / g e t c o m p o s e r . o r g / i n s t a l l e r | p h p - - p h p c o m p o s e r . p h a r c r e a t e - p r o j e c t - s d e v z f c a m p u s / z f - a p i g i l i t y - s k e l e t o n p a t h / t o / i n s t a l l Via Git (clone) g i t c l o n e h t t p s : / / g i t h u b . c o m / z f c a m p u s / z f - a p i g i l i t y - s k e l e t o n . g i t c d p a t h / t o / i n s t a l l Install using : Composer c o m p o s e r . p h a r i n s t a l l

EXECUTE THE ADMIN WEB UI Enable the development mode c d p a t h / t o / i n s t a l l p h p p u b l i c / i n d e x . p h p d e v e l o p m e n t e n a b l e Run using a web server, e.g. PHP 5.4+ internal server: c d p a t h / t o / i n s t a l l p h p - S 0 : 8 0 0 0 - t p u b l i c p u b l i c / i n d e x . p h p

APIGILITY ADMIN WEB UI

THANKS! More information on apigility.org This work is licensed under a . I used to make this presentation. Creative Commons Attribution-ShareAlike 3.0 Unported License reveal.js