ZendCon 2015 - Build Restful API easily with Symfony

Build Restful API easily
with Symfony Sarah Khalil - October 21st, 2015

View Slide

Who I am?
• Head of
• Trainer & Developer
• Enjoying sharer
• Contributor to

View Slide

View Slide

What is REST?

View Slide

What is REST?
• REpresentational State Transfer
• Architecture (not a protocol!)
• Associated to Service Oriented Architecture
• Management of resources

View Slide

The 6 constraints of
REST

View Slide

Client - Server (1/6)
• Separation of concerns.

• Portability.

View Slide

Stateless (2/6)
• Based on HTTP.

• Session has to be held on the client side.

View Slide

Cacheable (3/6)
• Avoid useless requests.

View Slide

Layered system (4/6)
• The client requests a resource but it doesn’t know the
system behind.

View Slide

Uniform interface (5/6)
• Each resource has its identiﬁed: the URI.

• Each resource has its representation.

• Auto-descripted message: if it’s JSON, the HTTP
response has a content-type header saying.

View Slide

Code on demand (6/6)
• The client should be executing some code coming
from the server, to avoid more work on the server side.

View Slide

HTTP Methods
• GET

• POST

• PUT

• PATCH
• DELETE

• OPTIONS

• CONNECT

• HEAD

View Slide

Restful API

View Slide

Keep’em in mind
• JSON, XML, HTML…
• By developers and for developers
• Scalability
• Latency
• Security
!

View Slide

http://martinfowler.com

View Slide

HATEOAS
• Hypermedia as the engine of Application State
• Discoverability

View Slide

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle
BazingaHateoasBundle NelmioApiDocBundle

View Slide

Philosophy

View Slide

Request
GET /users HTTP/1.1
User-Agent: curl/7.37.1
Host: 127.0.0.1:8000
Accept: */*

View Slide

Symfony\Component\HttpFoundation\Request

View Slide

Response
HTTP/1.1 200 OK
Host: 127.0.0.1:8000
Connection: close
X-Powered-By: PHP/5.6.3
Set-Cookie: PHPSESSID=ecdadm6o2d5v9ei0m181j8gh96; path=/
Cache-Control: no-cacheDate: Wed, 11 Feb 2015 23:42:50 GMT
Content-Type: text/html; charset=UTF-8
X-Debug-Token: 32860d
X-Debug-Token-Link: /_profiler/32860d

View Slide

Symfony\Component\HttpFoundation
\Response

View Slide

HttpKernel

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle
Work with resources

View Slide

View Slide

Json/XML Object
serialization
deserialization

View Slide

Conﬁguration
• XML, YML and Annotation.
• http://jmsyst.com/libs/serializer/master/reference
• Helper to serialize properties the way you need.

View Slide

class DefaultController
{
public function indexAction()
{
$obj = new \StdClass();
$obj->latitude = -33.87087;
$obj->longitude = 151.225459;
$data = $this->get(‘jms_serializer’)
->serialize($obj, ’json’);
return new Response(
$data,
200,
array(‘Content-Type’=>’application/json’)
);
}
}

View Slide

HTTP/1.1 200 OK
Host: 127.0.0.1
X-Powered-By: PHP/5.6.3
Content-Type: application/json
{
"latitude": -33.87087,
"longitude": 151.225459
}
Output

View Slide

Exclusion policy
/**
* @JMS\ExclusionPolicy("all")
*/
class Product
{
/**
* @JMS\Expose()
*/
private $name;
private $users;
}
• Visitor pattern

• Object graph

• Relations (xToMany)

View Slide

Serializer handler
• Speciﬁc needs
• implements JMS\Serializer\Handler\SubscribingHandlerInterface
•

View Slide

public static function getSubscribingMethods()
{
return [
[
'direction' =>
GraphNavigator::DIRECTION_SERIALIZATION,
'format' => ‘json',
'type' => ‘AppBundle\MyClass’,
'method' => ‘serialize',
],
[
'direction' =>
GraphNavigator::DIRECTION_DESERIALIZATION,
'type' => ‘AppBundle\MyClass',
'method' => ‘deserialize',
],
];
}

View Slide

public function serialize(
JsonSerializationVisitor $visitor,
MyClass $object,
array $type,
Context $context
)
{
$data = $object->toArray();
return $data;
}
public function deserialize(JsonDeserializationVisitor
$visitor, $data)
{
$object = new AppBundle\MyClass($data);
return $object;
}

View Slide

Event subscriber
• http://jmsyst.com/libs/serializer/master/event_system
• implements JMS\Serializer\EventDispatcher\EventSubscriberInterface
name="jms_serializer.event_subscriber"
type="AppBundle\MyClass"
direction="serialization"
format="json"
method="onPostSerialize"
/>

View Slide

serialization
deserialization

View Slide

Object
serialization
deserialization

View Slide

Object
serialization
deserialization
serializer.pre_serialize

View Slide

Object
serialization
deserialization
serializer.post_serialize

View Slide

Json/XML Object
serialization
deserialization

View Slide

Json/XML Object
serialization
deserialization
serializer.pre_deserialize

View Slide

Json/XML Object
serialization
deserialization
serializer.pre_deserialize serializer.post_deserialize

View Slide

class PostSerializeMediaListener implements EventSubscriberInterface
{
public function onPostSerialize(ObjectEvent $event)
{
$myObject = $event->getObject();
$event->getVisitor()->addData('newElementInJson', 'information’);
}
public static function getSubscribedEvents()
{
return array(
array(
'event' => Events::POST_SERIALIZE,
'class' => ‘AppBundle\MyClass',
'method' => ‘onPostSerialize',
),
);
}
}

View Slide

Other features
• Serialization group
• Versionning

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle
Setup your Symfony
application

View Slide

View Slide

Controller
# app/config/config.yml
fos_rest:
view:
view_response_listener: force
sensio_framework_extra:
view: { annotations: false }
/**
* @View()
*/
public function getUsersAction()
{
…
return $data;
}

View Slide

Content-Type negociation
• Request => Accept
• priorities of media-type(s) that your application is ready to get.
• Response => Content-Type
• the media type of the response (html, json, png…).

View Slide

Content-Type negociation
• Priorities define the order of media types as the
application prefers:
• Request:
Accept text/json;q=0.9,*/*;q=0.8,text/html
# app/config/config.yml
fos_rest:
format_listener:
rules:
- { path: '^/', priorities: ['json'], fallback_format: html }
weighting

View Slide

Request body converter
• Decoder
• ParamConverter
# app/config/config.yml
sensio_framework_extra:
request: { converters: true }
fos_rest:
body_converter:
enabled: true
/**
* @ParamConverter("post",
converter="fos_rest.request_body")
*/
public function updateAction(Post $post)
{
}

View Slide

Validation

View Slide

Validation (with the Symfony Validator component)
Conﬁguration
fos_rest:
body_converter:
enabled: true
validate: true
validation_errors_argument: validationErrors

View Slide

Validation (with the Symfony Validator component)
Usage
/**
* @ParamConverter("post", converter="fos_rest.request_body")
*/
public function putPostAction(Post $post, ConstraintViolationListInterface
$validationErrors)
{
if (count($validationErrors) > 0) {
// Handle validation errors
}
}

View Slide

Param Fetcher

View Slide

/**
* @QueryParam(
* name="sort",
* requirements="(asc|desc)",
* allowBlank=false,
* default="asc",
* description="Sort direction"
* )
* @RequestParam(
* name="firstname",
* requirements="[a-z]+"
* )
* @QueryParam(
* array=true,
* name="filters",
* [email protected]
* )
*/
public function getArticlesAction(ParamFetcher $paramFetcher)
{}
http://mydomain.com/resources?sort=desc
In $request->request ($_POST)
fos_rest.param_fetcher_listener: true

View Slide

/**
* @QueryParam(name="page", requirements="\d+", default="1")
*/
public function getArticlesAction($page)
{}
fos_rest.param_fetcher_listener: force

View Slide

Error handling

View Slide

Error handling (1/2)
fos_rest:
codes:
'Symfony\Component\Routing\Exception\ResourceNotFoundException': 404
'Doctrine\ORM\OptimisticLockException': HTTP_CONFLICT

View Slide

Error handling (2/2)
fos_rest:
view:
exception_wrapper_handler: My\Bundle\Handler\MyExceptionWrapperHandler
implements FOS\RestBundle\ViewExceptionWrapperHandlerInterface
public function wrap($data)
{
return new MyExceptionWrapper($data);
}
Take exemple on FOS\RestBundle\Util\ExceptionWrapper

View Slide

Other features
• Automatic generation of routes
• Consistency
• Versioning
• url
• mime type
• Take a look at the documentation
• http://symfony.com/doc/master/bundles/FOSRestBundle/index.html

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle
Unlock the level 3 of the Richardson’s model

View Slide

View Slide

HAL
• Hypertext Application Language
• _links - relations
• _embedded - related resource(s)
• self
• Speciﬁcations: http://stateless.co/hal_speciﬁcation.html

View Slide

JSON API
• Similar to HAL
• meta - meta info such as pagination…
• links - Relations (xToOne - xToMany)
• linked - Resource(s) linked
• Speciﬁcations : http://jsonapi.org/format/

View Slide

Conﬁguration
• Annotation, XML and YML
• Relies on Expression Language (since Symfony 2.4)

View Slide

/**
* @Hateoas\Relation(
* "self",
* href = @Hateoas\Route(
* "get_notification",
* absolute= true,
* parameters = {
* "id" = "expr(object.getId())",
* "user" = "expr(service(‘security.context’).getToken().getUser().getUuid())"
* }
* )
* )
*/
class Notification

View Slide

Result
{
"id": 1,
"_links": {
"self": {
"href": "http://domaine.name/users/eh1754329986/notiﬁcations/1/"
}
}
}

View Slide

/**
* …
* @Hateoas\Relation(
* "activity",
* href = "expr(‘/activity/'~object.getActivity().getId()",
* embedded = "expr(object.getActivity())",
* exclusion = @Hateoas\Exclusion(excludeIf = "expr(object.getActivity() === null)")
* )
*/
class Notification

View Slide

Result
{
"id": 1,
"_embedded": {
"activity": {
"id": 3,
"content": "Activity content",
"_links": {
"self": {
"href": "/activities/3"
}
}
}
}
}

View Slide

Representation
• Use representation to decorate your resource
• Hateoas\Representation\PaginatedRepresentation
• And many more:
https://github.com/willdurand/Hateoas/tree/master/src/Hateoas/Representation

View Slide

"page": 1,
"limit": 10,
"pages": "100",
"total": 1000,
"_links": {
"self": {
"href": "http://domain.name/notifcations?page=1&limit=10"
},
"first": {
},
"last": {
},
"next": {
}
}

View Slide

Representation
• Any representation you need !
• A class with the properties you need.
• Let the serializer do its job.

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle
Guzzle

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle
Guzzle
Communicate between
micro services

View Slide

Frontend
Service 1
Service 2
Service 3
Service 4
Private network
Client

View Slide

Guzzle Bundle
• HTTP Client
• Request
• Response
• HTTPS
• Error management
• https://github.com/misd-
service-development/guzzle-
bundle
• https://github.com/csarrazi/
CsaGuzzleBundle

View Slide

View Slide

Security

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle

View Slide

Authentication
• Authorization header: Authorization: Bearer
• https://github.com/poledev/katas/tree/kata-
authentication
• http://symfony.com/doc/current/cookbook/security/
api_key_authentication.html
• Make it stateless!

View Slide

Authorization
• access_control
• $this->get(‘security.authorization_checker’)->isGranted('ROLE_ADMIN')
• {% if is_granted(‘ROLE_ADMIN’) %}
• Voter
• ACL
• …

View Slide

FosHttpCacheBundle
Keep it mind

View Slide

View Slide

One last thing

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle

View Slide

Symfony Full Stack
JMSSerializerBundle
FOSRestBundle
Documentation

View Slide

View Slide

Oh I forgot to introduce you
Lannister!
@catlannister

View Slide

http://tinyurl.com/sfcon2015

View Slide

http://tinyurl.com/sﬂiveusa

View Slide

Thank you!
@saro0h
speakerdeck.com/saro0h/
saro0h
This is a
zero guys!

View Slide

ZendCon 2015 - Build Restful API easily with Symfony

ZendCon 2015 - Build Restful API easily with Symfony

Sarah KHALIL

More Decks by Sarah KHALIL

Other Decks in Technology

Featured

Transcript