Web APIについての雑談

Web API ʹ͍ͭͯͷࡶஊ ؔϞό #9

ג ͸ͯͳ 8FCΞϓϦέʔγϣϯΤϯδχΞ εϚʔτϑΥϯΞϓϦΤϯδχΞ ͲΕ΋த్൒୺ͰযΔ ޚࡏॴַΑ͔ͬͨ id:Sixeight (@tomohi_ro)

Web API ΢ΣϒΤʔϐʔΞΠ

ؔϞό#9 Web API ͱ͸ͳΜͧ΍ )551ϓϩτίϧΛར༻ͯ͠ωοτϫʔ Ϋӽ͠ʹݺͼग़͢"1* 8FC"1*5IF(PPE1BSUT

εϚʔτϑΥϯΞϓϦ ͱ Web API

౴͑͸ͳ͍

ؔϞό#9 LSUDs ͱSSKDs ▸ LSUDs (large set of unknown developers)
▸ ޿͘Ұൠతʹެ։͞Ε͍ͯΔ ▸ Twitter/Facebook/Instagram/ Google/etc ▸ SSKDs (small set of known developers) ▸ ݶΒΕͨൣғʹެ։͞Ε͍ͯΔ ▸ ࣗࣾΞϓϦͳͲ

44,%T গ਺ͷ஌͍ͬͯΔ։ൃऀ޲͚

ؔϞό#9 SSKDs (small set of known developers) ▸ ૝ఆ͞Εͨ࢖͍ํ͔͠͞Εͳ͍ ▸
ΞϓϦʹ࠷దԽͨ͠ܗͰఏڙͰ͖Δ ▸ ։ൃऀಉ࢜Ͱձ࿩Ͱ͖Δ ▸ ີ݁߹͕ͪ͠ ▸ ଥڠ͕ͪ͠

ίʔϧ 1εΫϦʔϯɺ

ؔϞό#9 1εΫϦʔϯɺ1ίʔϧ ▸ 1ը໘Λදࣔ͢ΔͷʹɺWeb APIͷݺͼग़͠͸Ұճʹ͓͍͑ͨ͞ ▸ جຊతʹ͸ෳ਺ͷϦιʔε͕ඞཁ ▸ αʔόʔଆͷ࣮૷͸ෳࡶʹͳΔ ▸
ͲΜͲΜRESTͷߟ͑ํ͔ΒͦΕΔ ▸ ஫ҙਂ͘ઃܭ͢Ε͹Մೳ ▸ ը໘Λத৺ʹߟ͑͗͢Δͱมߋʹऑ͘ͳΔ

ΤϯυϙΠϯτ APIͷإ

ؔϞό#9 ΤϯυϙΠϯτ ▸ SSKDsͩͱΤϯυϙΠϯτͳΜͰ΋͍͍ͱ͍͏࿩΋ ▸ ϝϯςφϯεੑ ▸ ݟͨ໨ѱ͍ͱ΍ΔؾʹӨڹ͢Δ ▸ ෳ਺ܥͳͷ͔୯਺ܗͳͷ͔
▸ HATEOASΈ͍ͨͳͷ΋ਅ໘໨ʹߟ͑ͯ΋ྑͦ͞͏

3&45 Ԟ͞Μʹઆ໌͠ΖͱݴΘΕͯ΋೉͍͠ see also: http://www.geocities.jp/yamamotoyohei/rest/rest-to-my-wife.htm

ؔϞό#9 REST ▸ ͜͜Ͱ͸ϑΟʔϧσΟϯάͬΆ͍࿩ ▸ 1εΫϦʔϯɺ1ίʔϧͱ૬ੑѱ͍ؾ͕͢Δ ▸ ϩάΞ΢τ͸ DELETE ͳͷ͔Ͳ͏͔
▸ λΠτϧͷߋ৽͸ PATCHʁʁʁʁʁʁ ▸ ૢ࡞͕ႈ౳ͳΒ PUT/DELETEɺͦ͏͡Όͳ͚Ε͹POST

Ϩεϙϯε ҙ֎ͱ໎͏

ؔϞό#9 Ϩεϙϯε ▸ ϦιʔεΛߋ৽ͨ͠ͱ͖ͷϨεϙϯε͸ɺߋ৽લʁͦΕͱ΋ߋ৽ޙʁ ▸ ϦιʔεΛফͨ͠ͱ͖͸204? ▸ 200͚ͩΕͲϨεϙϯεཁΒͳ͍ͱ͖͸ʁ ▸ {“success”:
true} vs {} vs ۭจࣈྻ (←͜Ε͸ͳ͍) ▸ ഑ྻΛฦ͢ͱ͖ʹ΋ΦϒδΣΫτʹ͢Δ͔Ͳ͏͔ ▸ ͜Ε͸ηΩϡϦςΟͷ໰୊͕͋ΔͷͰΦϒδΣΫτͰ ▸ ඞཁͳཁૉ͚ͩʁ֦ுੑΛߟ͑ͯଟΊʹ΋Β͓ͬͯ͘ʁ ▸ {“user”: { id: 1, name: “hoge”}} vs {“user_id”: 1, “user_name”: “hoge”} ▸ ೔෇ͷϑΥʔϚοτͲ͏͢Δͷ͔ ▸ ϖʔδϯάͲ͏͢Δͷ͔ ▸ JSONͳͷ͔ଞͷϑΥʔϚοτͳͷ͔

ΤϥʔϨεϙϯε ࣮͸ॏཁ

ؔϞό#9 ΤϥʔϨεϙϯε ▸ ϑΥʔϚοτ͸ݻఆ͍ͨ͠ ▸ ϝοηʔδΛ;͘ΊΔ vs ΞϓϦͰੜ੒ ▸ ଟݴޠԽͲ͏͢Δ͔ɺߋ৽͠΍͢͞͸Ͳ͏͔
▸ ΞϓϦଆͰΤϥʔʹର͢ΔέΞ͕ͻͭΑ͏͕Ͳ͏͔ ▸ Τϥʔίʔυඞཁͳͷ͔ ▸ Ͳ͜·Ͱ৘ใ͕͍Δͷ͔

ೝূ ࣗ෼Ͱ͋Δ͜ͱͷূ໌

ؔϞό#9 ೝূ ▸ APIτʔΫϯΈ͍ͨͳͷ༻ҙ͢Δ ▸ Expireͱ͔ϦϑϨογϡͷ࢓૊Έ͕͍Δ ▸ ΋ΕͨΒࠔΔ ▸ ܦ࿏͕҉߸Խ͞Ε͍ͯͨΒ·͍͍͋
▸ OAuth 2.0 ▸ ͏·͘΍Δํ๏͸͋Γͦ͏͚ͩΕͲ஌ݟ͸ͳ͠

҉߸Խ ೉ಡԽ Ӆ͍ͨ͠ͷͰ

ؔϞό#9 ҉߸Խ,೉ಡԽ ▸ Ӆ͍ͨ͠৘ใΛӅ͢ ▸ ୈࡾऀʹରͯ͠(ݸਓ৘ใ)ɺ࢖༻ऀʹରͯ͠ (ήʔϜͱ͔) ▸ HTTPSͩͱ͍͍ͩͨ҆৺ ▸
಺༰Λ೉ಡԽͯ͠όΠφϦͰૹΔͱ͔ ▸ ΞϓϦଆͰσίʔυ͢Δͷେม໰୊ ▸ σίϯύΠϧ͞Εͨͱ͖ͷରࡦ ▸ ૬ख͸CIA͡Όͳͯ͘ૉਓ

όʔδϣϯ ޙํޓ׵ͷཁ

ؔϞό#9 όʔδϣϯ ▸ ޙํޓ׵ੑΛอ͍ͪͨ ▸ όʔδϣϯΛࢦఆ͢Δ͜ͱͰϨεϙϯεΛฦ͠Θ͚Δ ▸ /v1/hoge/piyo, ?version=1, X-API-Version:
1, application/ vnd.example.v1+json ▸ Ͳ͏΍ͬͯ؅ཧ͢Δ͔ ▸ ผͷϑΝΠϧͰ؅ཧ͢Δ ▸ ifจͰ෼ذ͢Δ ▸ ݹ͍όʔδϣϯΛ͍ͭഇࢭ͢Δ͔

ඇޓ׵ͳมߋ ආ͚ΒΕͳ͍

ؔϞό#9 ඇޓ׵ͳมߋ ▸ ਃ੥Ͳ͏͢Δͷ͔ ▸ ਃ੥༻ͷαʔόʔΛ༻ҙͯͦͪ͠Βʹ޲͚Δ ▸ ΤϯυϙΠϯτΛฦ͢API (HATEOASʹͭͳ͕Δ) ▸
ਃ੥࣌ͷΈຊ൪ͱผͷ΋ͷݟͤΔͷͲ͏ͳͷ͔ ▸ ͪͳΈʹ͸ͯͳͰ͸΍ͬͯͳ͍ ▸ ڧ੍όʔδϣϯΞοϓ ▸ ΞϓϦͷόʔδϣϯΛ্͛ͳ͍ͱ࢖͑ͳ͘͢Δ

࿩୊ ͦͷଞͷ

ؔϞό#9 ࿩୊ ▸ υΩϡϝϯτ ▸ ςετ ▸ ΦʔέεϨʔγϣϯ૚ ▸ ཉ͍͠஋͚ͩ΋Β͏ͱ͔
▸ ࣗಈੜ੒ ▸ Swaggerͱ͔ ▸ ແݶʹ͋Δ

·ͱΊ ͦͯ͠

ؔϞό#9 ·ͱΊ ▸ ౴͑͸ͳ͍ ▸ ϓϩδΣΫτຖʹߟ͑Δඞཁ͕͋Δ ▸ ͱʹ͔͘໎͏ ▸ ձ࿩͠·͠ΐ͏

ϝϦʔΫϦε Ϛε

Web APIについての雑談

Web APIについての雑談

Tomohiro Nishimura

More Decks by Tomohiro Nishimura

Other Decks in Technology

Featured

Transcript

Web API ʹ͍ͭͯͷࡶஊ ؔϞό #9

ג ͸ͯͳ 8FCΞϓϦέʔγϣϯΤϯδχΞ εϚʔτϑΥϯΞϓϦΤϯδχΞ ͲΕ΋த్൒୺ͰযΔ ޚࡏॴַΑ͔ͬͨ id:Sixeight (@tomohi_ro)

Web API ΢ΣϒΤʔϐʔΞΠ

ؔϞό#9 Web API ͱ͸ͳΜͧ΍ )551ϓϩτίϧΛར༻ͯ͠ωοτϫʔ Ϋӽ͠ʹݺͼग़͢"1* 8FC"1*5IF(PPE1BSUT

εϚʔτϑΥϯΞϓϦ ͱ Web API

౴͑͸ͳ͍

ؔϞό#9 LSUDs ͱSSKDs ▸ LSUDs (large set of unknown developers)

44,%T গ਺ͷ஌͍ͬͯΔ։ൃऀ޲͚

ؔϞό#9 SSKDs (small set of known developers) ▸ ૝ఆ͞Εͨ࢖͍ํ͔͠͞Εͳ͍ ▸

ίʔϧ 1εΫϦʔϯɺ

ؔϞό#9 1εΫϦʔϯɺ1ίʔϧ ▸ 1ը໘Λදࣔ͢ΔͷʹɺWeb APIͷݺͼग़͠͸Ұճʹ͓͍͑ͨ͞ ▸ جຊతʹ͸ෳ਺ͷϦιʔε͕ඞཁ ▸ αʔόʔଆͷ࣮૷͸ෳࡶʹͳΔ ▸

ΤϯυϙΠϯτ APIͷإ

ؔϞό#9 ΤϯυϙΠϯτ ▸ SSKDsͩͱΤϯυϙΠϯτͳΜͰ΋͍͍ͱ͍͏࿩΋ ▸ ϝϯςφϯεੑ ▸ ݟͨ໨ѱ͍ͱ΍ΔؾʹӨڹ͢Δ ▸ ෳ਺ܥͳͷ͔୯਺ܗͳͷ͔

3&45 Ԟ͞Μʹઆ໌͠ΖͱݴΘΕͯ΋೉͍͠ see also: http://www.geocities.jp/yamamotoyohei/rest/rest-to-my-wife.htm

ؔϞό#9 REST ▸ ͜͜Ͱ͸ϑΟʔϧσΟϯάͬΆ͍࿩ ▸ 1εΫϦʔϯɺ1ίʔϧͱ૬ੑѱ͍ؾ͕͢Δ ▸ ϩάΞ΢τ͸ DELETE ͳͷ͔Ͳ͏͔

Ϩεϙϯε ҙ֎ͱ໎͏

ؔϞό#9 Ϩεϙϯε ▸ ϦιʔεΛߋ৽ͨ͠ͱ͖ͷϨεϙϯε͸ɺߋ৽લʁͦΕͱ΋ߋ৽ޙʁ ▸ ϦιʔεΛফͨ͠ͱ͖͸204? ▸ 200͚ͩΕͲϨεϙϯεཁΒͳ͍ͱ͖͸ʁ ▸ {“success”:

ΤϥʔϨεϙϯε ࣮͸ॏཁ

ؔϞό#9 ΤϥʔϨεϙϯε ▸ ϑΥʔϚοτ͸ݻఆ͍ͨ͠ ▸ ϝοηʔδΛ;͘ΊΔ vs ΞϓϦͰੜ੒ ▸ ଟݴޠԽͲ͏͢Δ͔ɺߋ৽͠΍͢͞͸Ͳ͏͔

ೝূ ࣗ෼Ͱ͋Δ͜ͱͷূ໌

ؔϞό#9 ೝূ ▸ APIτʔΫϯΈ͍ͨͳͷ༻ҙ͢Δ ▸ Expireͱ͔ϦϑϨογϡͷ࢓૊Έ͕͍Δ ▸ ΋ΕͨΒࠔΔ ▸ ܦ࿏͕҉߸Խ͞Ε͍ͯͨΒ·͍͍͋

҉߸Խ ೉ಡԽ Ӆ͍ͨ͠ͷͰ

ؔϞό#9 ҉߸Խ,೉ಡԽ ▸ Ӆ͍ͨ͠৘ใΛӅ͢ ▸ ୈࡾऀʹରͯ͠(ݸਓ৘ใ)ɺ࢖༻ऀʹରͯ͠ (ήʔϜͱ͔) ▸ HTTPSͩͱ͍͍ͩͨ҆৺ ▸

όʔδϣϯ ޙํޓ׵ͷཁ

ؔϞό#9 όʔδϣϯ ▸ ޙํޓ׵ੑΛอ͍ͪͨ ▸ όʔδϣϯΛࢦఆ͢Δ͜ͱͰϨεϙϯεΛฦ͠Θ͚Δ ▸ /v1/hoge/piyo, ?version=1, X-API-Version:

ඇޓ׵ͳมߋ ආ͚ΒΕͳ͍

ؔϞό#9 ඇޓ׵ͳมߋ ▸ ਃ੥Ͳ͏͢Δͷ͔ ▸ ਃ੥༻ͷαʔόʔΛ༻ҙͯͦͪ͠Βʹ޲͚Δ ▸ ΤϯυϙΠϯτΛฦ͢API (HATEOASʹͭͳ͕Δ) ▸

࿩୊ ͦͷଞͷ

ؔϞό#9 ࿩୊ ▸ υΩϡϝϯτ ▸ ςετ ▸ ΦʔέεϨʔγϣϯ૚ ▸ ཉ͍͠஋͚ͩ΋Β͏ͱ͔

·ͱΊ ͦͯ͠

ؔϞό#9 ·ͱΊ ▸ ౴͑͸ͳ͍ ▸ ϓϩδΣΫτຖʹߟ͑Δඞཁ͕͋Δ ▸ ͱʹ͔͘໎͏ ▸ ձ࿩͠·͠ΐ͏

ϝϦʔΫϦε Ϛε