0
ASP.NET Web API
and HTTP Fundamentals
Ido Flatow

Senior Architect
Microsoft MVP
SELA Group

@idoFLATOW
http://bit.ly/flat...
ASP.NET WEB API AND HTTP FUNDAMENTALS

CRAMMING YOUR BRAINS WITH
HTTP & ASP.NET WEB API


HTTP Fundamentals via Web API

...
ASP.NET WEB API AND HTTP FUNDAMENTALS

ABOUT ME



Senior architect, Sela Group
Co-author of:






WCF 4 – Microsof...
ASP.NET WEB API AND HTTP FUNDAMENTALS

WHY IS HTTP IMPORTANT?


HTTP is a first class application layer protocol



Unli...
ASP.NET WEB API AND HTTP FUNDAMENTALS

NO REALLY, WHY?
 Today's




systems face new challenges:

Internet scale applic...
ASP.NET WEB API AND HTTP FUNDAMENTALS

NO REALLY, WHY?
 Today's


systems face new challenges:

Broader reach of clients...
ASP.NET WEB API AND HTTP FUNDAMENTALS

WHAT ABOUT ASP.NET WEB API?
 The

.NET platform never had a first class
framework ...
ASP.NET WEB API AND HTTP FUNDAMENTALS

THE HISTORY OF ASP.NET WEB API
6 Preview Versions

WCF Web API
on CodePlex

WCF Web...
ASP.NET WEB API AND HTTP FUNDAMENTALS

HTTP MESSAGES 101
 HTTP

is a first class application protocol:



Widely support...
ASP.NET WEB API AND HTTP FUNDAMENTALS

HTTP REQUEST MESSAGES
GET http://localhost:2300/api/agents/Bond HTTP/1.1
Accept: te...
ASP.NET WEB API AND HTTP FUNDAMENTALS

HTTP RESPONSE MESSAGES
HTTP/1.1 200 OK
Cache-Control: public, max-age=300
Content-T...
ASP.NET WEB API AND HTTP FUNDAMENTALS

URIS
 HTTP

is not an RPC protocol

 HTTP

uses URIs to identify resources over
t...
ASP.NET WEB API AND HTTP FUNDAMENTALS

CLEAN URLS AND ASP.NET


Using clean URLs can be a problem with IIS



IIS needs ...
ASP.NET WEB API AND HTTP FUNDAMENTALS

THE BASICS OF WEB API - ROUTING
DEMO

www.devconnections.com

14
ASP.NET WEB API AND HTTP FUNDAMENTALS

ROUTING WITH ATTRIBUTES
 Why

attributes over convention?



Child (sub) resource...
ASP.NET WEB API AND HTTP FUNDAMENTALS

VERBS
 HTTP

defines a set of Methods or Verbs that
add an action-like semantics t...
ASP.NET WEB API AND HTTP FUNDAMENTALS

3, 2, 1, ACTIONS!
 Actions

are matched by HTTP verb
public names and the existenc...
ASP.NET WEB API AND HTTP FUNDAMENTALS

HANDLING VERBS IN ASP.NET WEB API
DEMO

www.devconnections.com

18
ASP.NET WEB API AND HTTP FUNDAMENTALS

STATUS CODES


Status codes describe the result of the server’s effort
to satisfy ...
ASP.NET WEB API AND HTTP FUNDAMENTALS

STATUS CODE EXAMPLES


404?



401?



304?



503?



500?



200?



301?
...
ASP.NET WEB API AND HTTP FUNDAMENTALS

HTTP RESPONSE MESSAGE
 Returning

an HttpResponseMessage allows
more control over ...
ASP.NET WEB API AND HTTP FUNDAMENTALS

HANDLING STATUS CODES
DEMO

www.devconnections.com

22
ASP.NET WEB API AND HTTP FUNDAMENTALS

ERROR HANDLING


In HTTP services errors are handled by





Returning an appro...
ASP.NET WEB API AND HTTP FUNDAMENTALS

HANDLING ERRORS
DEMO

www.devconnections.com

24
ASP.NET WEB API AND HTTP FUNDAMENTALS

MEDIA TYPES
 HTTP

was originally designed to transfer
Hypertext

 Hypertext

doc...
ASP.NET WEB API AND HTTP FUNDAMENTALS

CONTENT NEGOTIATION
 HTTP

defines a process to best match the
server’s response t...
ASP.NET WEB API AND HTTP FUNDAMENTALS

MEDIA TYPE FORMATTERS
 ASP.NET

Web API uses Media Type Formatters to
control seri...
ASP.NET WEB API AND HTTP FUNDAMENTALS

CONTENT NEGOTIATION IN WEB API
DEMO

www.devconnections.com

28
ASP.NET WEB API AND HTTP FUNDAMENTALS

VALIDATING USER INPUT


Use System.ComponentModel.DataAnnotations
on entity classe...
ASP.NET WEB API AND HTTP FUNDAMENTALS

VALIDATING USER INPUT
public class Contact {
[Required]
public string FullName { ge...
ASP.NET WEB API AND HTTP FUNDAMENTALS

VALIDATING USER INPUT
DEMO

www.devconnections.com

31
ASP.NET WEB API AND HTTP FUNDAMENTALS

ODATA QUERYABLE ACTIONS
 The

Open Data Protocol (OData) provides a
RESTful standa...
ASP.NET WEB API AND HTTP FUNDAMENTALS

DEFINING ODATA ACTIONS


Install the Microsoft.AspNet.WebApi.OData NuGet
package

...
ASP.NET WEB API AND HTTP FUNDAMENTALS

WEB API AND ODATA
[Queryable]
public IQueryable<Agent> GetAgents()
{
return reposit...
ASP.NET WEB API AND HTTP FUNDAMENTALS

ODATA ACTIONS
DEMO

www.devconnections.com

35
ASP.NET WEB API AND HTTP FUNDAMENTALS

ODATA MODELS
 OData

also provides a mechanism for
exposing entity models:


Publ...
ASP.NET WEB API AND HTTP FUNDAMENTALS

CREATING AND EXPOSING ODATA
MODELS
 Exposing

an OData model requires the
followin...
ASP.NET WEB API AND HTTP FUNDAMENTALS

CONSUMING ODATA SERVICES


Add a service reference to the OData service



Create...
ASP.NET WEB API AND HTTP FUNDAMENTALS

ODATA MODELS
DEMO

www.devconnections.com

39
ASP.NET WEB API AND HTTP FUNDAMENTALS

DEPENDENCY RESOLVER
AND THE API CONTROLLER


To be testable, the ApiController sho...
ASP.NET WEB API AND HTTP FUNDAMENTALS

HTTP.SYS, WHAT’S THAT?


It’s the thing that handles HTTP on your machine



It’s...
ASP.NET WEB API AND HTTP FUNDAMENTALS

IIS 101



Web application hosting
Comes in two flavors






IIS Express

Ful...
ASP.NET WEB API AND HTTP FUNDAMENTALS

ENABLING COMPRESSION WITH IIS



Compression is something the client needs to
req...
ASP.NET WEB API AND HTTP FUNDAMENTALS

HTTP PERSISTENT CONNECTION
IT’S ALIVE



Beginning with HTTP 1.1, clients and ser...
ASP.NET WEB API AND HTTP FUNDAMENTALS

KEEPING IT ALIVE!
DEMO

www.devconnections.com

45
ASP.NET WEB API AND HTTP FUNDAMENTALS

KEEP IT ALIVE, BUT FOR HOW LONG?







IIS by default adds Keep-Alive to ever...
ASP.NET WEB API AND HTTP FUNDAMENTALS

WHO NEEDS IIS? WE HAVE SELF-HOSTING
IIS is the natural hosting environment for the
...
ASP.NET WEB API AND HTTP FUNDAMENTALS

CACHING
 HTTP

caches store copies of responses to
reduce network traffic

 HTTP
...
ASP.NET WEB API AND HTTP FUNDAMENTALS

TYPES OF CACHES


Browser/Client Cache
Stores representations locally on the compu...
ASP.NET WEB API AND HTTP FUNDAMENTALS

CONTROLLING CACHE
 HTTP

headers can be used to control
cache behaviors

 HTTP

p...
ASP.NET WEB API AND HTTP FUNDAMENTALS

CONTROLLING CACHE
DEMO

www.devconnections.com

51
ASP.NET WEB API AND HTTP FUNDAMENTALS

ETAG: VERSIONING & CONCURRENCY





When caching content, we need to identify w...
ASP.NET WEB API AND HTTP FUNDAMENTALS

ETAG VERSIONING
public HttpResponseMessage Get(int id)
{
HttpResponseMessage respon...
ASP.NET WEB API AND HTTP FUNDAMENTALS

SECURITY


HTTP messages are clear text, in order to
have any form of secured conn...
ASP.NET WEB API AND HTTP FUNDAMENTALS

HTTPS - HOW SECURE SOCKETS LAYER WORKS
3. Client verifies certificate’s
authenticit...
ASP.NET WEB API AND HTTP FUNDAMENTALS

CLASSIC HTTP AUTHENTICATION


HTTP uses the Authorization header to pass
authentic...
ASP.NET WEB API AND HTTP FUNDAMENTALS

BASIC AUTHENTICATION
DEMO

www.devconnections.com

57
ASP.NET WEB API AND HTTP FUNDAMENTALS

HTTP STREAMING


Advantages



Message can be handled before received completely...
ASP.NET WEB API AND HTTP FUNDAMENTALS

HTTP STREAMING AND WEB API


Reading a streamed request





Request.Content.Re...
ASP.NET WEB API AND HTTP FUNDAMENTALS

STREAMING WITH WEB API
DEMO

www.devconnections.com

60
ASP.NET WEB API AND HTTP FUNDAMENTALS

DUPLEX COMMUNICATION
WITH HTTP


HTTP is a request-response protocol



Updates a...
ASP.NET WEB API AND HTTP FUNDAMENTALS

WEBSOCKETS IN A GLANCE
 Bi-directional
 Supports

both HTTP and HTTPS (SSL)

 Ac...
ASP.NET WEB API AND HTTP FUNDAMENTALS

ASP.NET SIGNALR 101
 Real-time,

over HTTP

persistent connection abstraction

 U...
ASP.NET WEB API AND HTTP FUNDAMENTALS

ASP.NET SIGNALR 101
 Supported

clients:



Desktop applications using .NET 4/4.5...
ASP.NET WEB API AND HTTP FUNDAMENTALS

SIGNALR API, CHOOSE WHAT WORKS
FOR YOU
 Connections


Low level



Raw strings u...
ASP.NET WEB API AND HTTP FUNDAMENTALS

ASP.NET SIGNALR
DEMO

www.devconnections.com

66
ASP.NET WEB API AND HTTP FUNDAMENTALS

SO WHAT DID WE LEARN TODAY?


HTTP Fundamentals via Web API



Hosting

You are n...
ASP.NET WEB API AND HTTP FUNDAMENTALS

RESOURCES


HTTP




www.ietf.org/rfc/rfc2616.txt

REST




www.ics.uci.edu/~f...
Upcoming SlideShare
Loading in...5
×

ASP.NET Web API and HTTP Fundamentals

17,021

Published on

ASP.NET Web API is the de facto framework for building HTTP-based services in the .NET ecosystem. With its WCF and MVC lineage, Web API brings to the table better architecture, easier configuration, increased testability, and as always, it's customizable from top to bottom. But to properly use Web API it is not enough to get familiar with its architecture and API, you also need to really understand what HTTP is all about. HTTP is the most common application layer protocol in the world, and yet, not many web developers are familiar with HTTP concepts such as of chunking, caching, and persisted connections. In this full-day tutorial, we will focus on designing and implementing HTTP-based services with ASP.NET Web API, and you will learn how to better use it to implement the features provided by HTTP.

Published in: Technology
0 Comments
16 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
17,021
On Slideshare
0
From Embeds
0
Number of Embeds
17
Actions
Shares
0
Downloads
470
Comments
0
Likes
16
Embeds 0
No embeds

No notes for slide
  • Additionally supports constraints (type, min/max restriction, regex, and range), optional and default values, ordering, and extensibility.http://www.asp.net/web-api/overview/web-api-routing-and-actions/attribute-routing-in-web-api-2
  •  
  •  
  •  
  •  
  •  
  • Controlling Cache Behavior
  • Transcript of "ASP.NET Web API and HTTP Fundamentals"

    1. 1. ASP.NET Web API and HTTP Fundamentals Ido Flatow Senior Architect Microsoft MVP SELA Group @idoFLATOW http://bit.ly/flatow-blog This presentation: http://sdrv.ms/1eKAsRd
    2. 2. ASP.NET WEB API AND HTTP FUNDAMENTALS CRAMMING YOUR BRAINS WITH HTTP & ASP.NET WEB API  HTTP Fundamentals via Web API  Hosting  HTTP Messages  HTTP.SYS  URIs  IIS 101  Routing  HTTP compression  Verbs  Persisted Connections  Controllers and Actions  Web API Self Hosting  Status Codes  HttpRequestMessage HttpResponseMessage  Error Handling  Content Negotiation  Media Type Formatters  OData  Validations  Dependency Resolver www.devconnections.com  More HTTP and Web API  Caching  Concurrency  Security  Streaming  WebSockets & SignalR 2
    3. 3. ASP.NET WEB API AND HTTP FUNDAMENTALS ABOUT ME   Senior architect, Sela Group Co-author of:     WCF 4 – Microsoft official course   Developing Windows Azure and Web Services – Microsoft official course Pro .NET Performance – Apress Microsoft MVP Focus on server, services, and cloud technologies Manager of the Israeli Web Developers User Group www.devconnections.com
    4. 4. ASP.NET WEB API AND HTTP FUNDAMENTALS WHY IS HTTP IMPORTANT?  HTTP is a first class application layer protocol  Unlike other protocols it was created to support a single information system  That system happened to be the largest and main information system of the human race: www.devconnections.com 4
    5. 5. ASP.NET WEB API AND HTTP FUNDAMENTALS NO REALLY, WHY?  Today's   systems face new challenges: Internet scale applications Cloud-based applications www.devconnections.com 5
    6. 6. ASP.NET WEB API AND HTTP FUNDAMENTALS NO REALLY, WHY?  Today's  systems face new challenges: Broader reach of clients www.devconnections.com 6
    7. 7. ASP.NET WEB API AND HTTP FUNDAMENTALS WHAT ABOUT ASP.NET WEB API?  The .NET platform never had a first class framework for HTTP-based services  WCF was created as a SOAP-based framework and never really matured to support HTTP www.devconnections.com 7
    8. 8. ASP.NET WEB API AND HTTP FUNDAMENTALS THE HISTORY OF ASP.NET WEB API 6 Preview Versions WCF Web API on CodePlex WCF WebHttp Binding (.NET 4) www.devconnections.com ASP.NET Web API 4 Release ASP.NET is Open Source ASP.NET Web API 2 Release Candidate ASP.NET Web API (Beta) 8
    9. 9. ASP.NET WEB API AND HTTP FUNDAMENTALS HTTP MESSAGES 101  HTTP is a first class application protocol:  Widely supported across platforms and devices  Scalable  Simple  Uses the request-response messaging pattern  Define resource-based semantics and not RPC (Remote Procedure Call) or methods www.devconnections.com 9
    10. 10. ASP.NET WEB API AND HTTP FUNDAMENTALS HTTP REQUEST MESSAGES GET http://localhost:2300/api/agents/Bond HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US,en;q=0.7,he;q=0.3 User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0) Accept-Encoding: gzip, deflate Host: localhost:2300 DNT: 1 Connection: Keep-Alive www.devconnections.com 10
    11. 11. ASP.NET WEB API AND HTTP FUNDAMENTALS HTTP RESPONSE MESSAGES HTTP/1.1 200 OK Cache-Control: public, max-age=300 Content-Type: application/json; charset=utf-8 ETag: "1" Server: Microsoft-IIS/8.0 X-AspNet-Version: 4.0.30319 Date: Mon, 19 Nov 2012 17:49:40 GMT Content-Length: 142 { } "Id": "Bond", "FullName": "James Bond", "Alias": "007", "Version": 1, "Image": "http://localhost:2300/api/agents/Bond.jpg" www.devconnections.com 11
    12. 12. ASP.NET WEB API AND HTTP FUNDAMENTALS URIS  HTTP is not an RPC protocol  HTTP uses URIs to identify resources over the network  An HTTP URI has the following basic structure: http://theagency.com:8080/agents?id=1 Schema www.devconnections.com Host Port Absolute Path Query 12
    13. 13. ASP.NET WEB API AND HTTP FUNDAMENTALS CLEAN URLS AND ASP.NET  Using clean URLs can be a problem with IIS  IIS needs extensions to map requests to handlers  Without extensions, IIS is lost  ASP.NET Routing to the rescue with UrlRoutingModule  It’s all about patterns… and mapping them to handlers  The starting point of MVC, Dynamic Data, and Web API  System.Web.Routing.RouteTable.Routes.MapHttpRoute RouteTable.Routes.MapHttpRoute( name: "DefaultApi", routeTemplate: "api/{controller}/{id}", defaults: new { id = RouteParameter.Optional } ); www.devconnections.com 13
    14. 14. ASP.NET WEB API AND HTTP FUNDAMENTALS THE BASICS OF WEB API - ROUTING DEMO www.devconnections.com 14
    15. 15. ASP.NET WEB API AND HTTP FUNDAMENTALS ROUTING WITH ATTRIBUTES  Why attributes over convention?  Child (sub) resources  Multiple type of parameters or return values  Versioning of actions and controllers  Start  by enabling attribute routing config.MapHttpAttributeRoutes(); [RoutePrefix("api/agents/{agentId}")] public class ObservationsController : ApiController { // GET api/agents/bond/observations [HttpGet("observations/{date}")] public Observation Get(string agentId, DateTime date) { ... } } www.devconnections.com 15
    16. 16. ASP.NET WEB API AND HTTP FUNDAMENTALS VERBS  HTTP defines a set of Methods or Verbs that add an action-like semantics to requests  Verbs are defined as the first segment of the request-line: GET http://localhost:4392/travelers/1 HTTP/1.1  There are eight verbs defined in HTTP 1.1: GET POST PUT DELETE www.devconnections.com HEAD OPTIONS TRACE CONNECT 16
    17. 17. ASP.NET WEB API AND HTTP FUNDAMENTALS 3, 2, 1, ACTIONS!  Actions are matched by HTTP verb public names and the existence of parameters class ProductsController : ApiController { public IEnumerable<Product> GetProducts() {...} public Product GetProductById(int id) {...} public HttpResponseMessage PostProduct(Product product) {...} } GET api/products GET api/products/42 POST api/products www.devconnections.com DELETE api/products/42
    18. 18. ASP.NET WEB API AND HTTP FUNDAMENTALS HANDLING VERBS IN ASP.NET WEB API DEMO www.devconnections.com 18
    19. 19. ASP.NET WEB API AND HTTP FUNDAMENTALS STATUS CODES  Status codes describe the result of the server’s effort to satisfy the request  Passed in the response's status-line as three digit alongside a textual description called reason phrase  HTTP has five different categories of status-codes:  1xx – Informational (100 / 101)  2xx – Success (200 – 206)  3xx – Redirection (300 – 307)  4xx – Client Error (400 – 417)  5xx – Server Error (500 – 505) www.devconnections.com 19
    20. 20. ASP.NET WEB API AND HTTP FUNDAMENTALS STATUS CODE EXAMPLES  404?  401?  304?  503?  500?  200?  301?  302? www.devconnections.com 20
    21. 21. ASP.NET WEB API AND HTTP FUNDAMENTALS HTTP RESPONSE MESSAGE  Returning an HttpResponseMessage allows more control over the response, including:  Status code  HTTP headers  Entity body public HttpResponseMessage CreateAgent(Agent agent) { agent = _repository.Add(agent); var response = Request.CreateResponse<Agent>(HttpStatusCode.Created, agent); response.Headers.Location = GetAgentLocation(agent.Id); return response; } www.devconnections.com 21
    22. 22. ASP.NET WEB API AND HTTP FUNDAMENTALS HANDLING STATUS CODES DEMO www.devconnections.com 22
    23. 23. ASP.NET WEB API AND HTTP FUNDAMENTALS ERROR HANDLING  In HTTP services errors are handled by    Returning an appropriate status code Returning an entity body explaining the error (when applicable) Web API allows you to handle exceptions by  Return an HttpResponseMessage with appropriate status code (404, 500 …)  Throw an HttpResponseException  Create a general exception handler by using Filters www.devconnections.com 23
    24. 24. ASP.NET WEB API AND HTTP FUNDAMENTALS HANDLING ERRORS DEMO www.devconnections.com 24
    25. 25. ASP.NET WEB API AND HTTP FUNDAMENTALS MEDIA TYPES  HTTP was originally designed to transfer Hypertext  Hypertext documents contain references to other resources including images, video, etc.  Multipurpose Internet Mail Extensions (MIME) Types or Media-types allow HTTP to express different formats: text/html; charset=UTF-8 Type www.devconnections.com Subtype Type specific parameters 25
    26. 26. ASP.NET WEB API AND HTTP FUNDAMENTALS CONTENT NEGOTIATION  HTTP defines a process to best match the server’s response to the client’s expectation  Negotiation can be done using:  Headers: Accept, Accept- Language, Accept- Charset, Accept-Encoding  URI: File extensions (.jpeg, .html), host-name: (com, org), path and query www.devconnections.com 26
    27. 27. ASP.NET WEB API AND HTTP FUNDAMENTALS MEDIA TYPE FORMATTERS  ASP.NET Web API uses Media Type Formatters to control serialization  Each media type formatter is associated with a media type, file extension, or query string  The host is configured with a collection of MediaTypeFormatter objects  Create custom formatters by deriving from:  MediaTypeFormatter – asynchronous read/write  BufferedMediaTypeFormatter – synchronous read/write www.devconnections.com 27
    28. 28. ASP.NET WEB API AND HTTP FUNDAMENTALS CONTENT NEGOTIATION IN WEB API DEMO www.devconnections.com 28
    29. 29. ASP.NET WEB API AND HTTP FUNDAMENTALS VALIDATING USER INPUT  Use System.ComponentModel.DataAnnotations on entity classes to add validation rules  Validation rules can be check by calling ModelState.IsValid  When validation fails, return a Bad Request (400)  ModelState is a dictionary of property name & errors, use it to construct a meaningful response www.devconnections.com 29
    30. 30. ASP.NET WEB API AND HTTP FUNDAMENTALS VALIDATING USER INPUT public class Contact { [Required] public string FullName { get; set;} [Email] public string Email { get; set;} } if (!this.ModelState.IsValid) { var errors = this.ModelState.Where(s => s.Value.Errors.Count > 0) .Select(s => new KeyValuePair<string, string> (s.Key, s.Value.Errors.First().ErrorMessage)); response = Request.CreateResponse( HttpStatusCode.BadRequest, errors); } www.devconnections.com 30
    31. 31. ASP.NET WEB API AND HTTP FUNDAMENTALS VALIDATING USER INPUT DEMO www.devconnections.com 31
    32. 32. ASP.NET WEB API AND HTTP FUNDAMENTALS ODATA QUERYABLE ACTIONS  The Open Data Protocol (OData) provides a RESTful standard for exposing data models  OData uses URIs to perform query operations:  Entity projection – $select, $expand  Sorting – $orderby  Entity sub-setting – $top, $skip  Filtering – $filter, logical operators: eq, ne, gt, lt www.devconnections.com 32
    33. 33. ASP.NET WEB API AND HTTP FUNDAMENTALS DEFINING ODATA ACTIONS  Install the Microsoft.AspNet.WebApi.OData NuGet package  Define an action with the following characteristics:  Returns IQueryable<T> or IEnumerable<T>  Decorated with the [Queryable] attribute [Queryable] public IQueryable<Agent> GetAgents() { } www.devconnections.com 33
    34. 34. ASP.NET WEB API AND HTTP FUNDAMENTALS WEB API AND ODATA [Queryable] public IQueryable<Agent> GetAgents() { return repository.GetAll().AsQueryable(); } api/agents?$orderby=Name api/agents?$skip=10 api/agents?$skip=50&$top=10 api/agents?$filter=salary gt 50000 www.devconnections.com
    35. 35. ASP.NET WEB API AND HTTP FUNDAMENTALS ODATA ACTIONS DEMO www.devconnections.com 35
    36. 36. ASP.NET WEB API AND HTTP FUNDAMENTALS ODATA MODELS  OData also provides a mechanism for exposing entity models:  Publishing the models metadata  Exposing relations between entities using the Atom media-type www.devconnections.com 36
    37. 37. ASP.NET WEB API AND HTTP FUNDAMENTALS CREATING AND EXPOSING ODATA MODELS  Exposing an OData model requires the following configuration:  Creating an EDM model using the ODataConventionModelBuilder class  Adding a route using the MapODataRoute method  In addition, any controller exposed in the model should derive from the ODataController or EntitySetController<TEntity, TKey> classes www.devconnections.com 37
    38. 38. ASP.NET WEB API AND HTTP FUNDAMENTALS CONSUMING ODATA SERVICES  Add a service reference to the OData service  Create a new instance of the generated Container class  Use LINQ to query the container var client = new MyODataService.Container(new Uri("…")); var agent = (from a in client.Agents where a.Id == "Bond" select a).Single(); www.devconnections.com 38
    39. 39. ASP.NET WEB API AND HTTP FUNDAMENTALS ODATA MODELS DEMO www.devconnections.com 39
    40. 40. ASP.NET WEB API AND HTTP FUNDAMENTALS DEPENDENCY RESOLVER AND THE API CONTROLLER  To be testable, the ApiController should support dependency injection  Web API supports dependency injection with the IDependencyResolver interface  Implement your custom resolver or use it to wrap a known IoC Container (Castle, Unity, MEF, Ninject…)  Register the dependency resolver through Web API global configuration  And Voilà! www.devconnections.com 40 40
    41. 41. ASP.NET WEB API AND HTTP FUNDAMENTALS HTTP.SYS, WHAT’S THAT?  It’s the thing that handles HTTP on your machine  It’s a kernel mode device driver  Ever since Windows XP SP2 / Windows Server 2003  Responsible of   Kernel mode SSL (full support as of Windows Server 2008)  Caching responses in kernel mode   Routing requests to the correct application Implementing QoS, such as connection limits and timeouts Want to know more? netsh http show www.devconnections.com 41
    42. 42. ASP.NET WEB API AND HTTP FUNDAMENTALS IIS 101   Web application hosting Comes in two flavors    IIS Express Full IIS (or simply IIS) Provides  Reliability  Manageability  Security  Performance  Scalability www.devconnections.com 42
    43. 43. ASP.NET WEB API AND HTTP FUNDAMENTALS ENABLING COMPRESSION WITH IIS   Compression is something the client needs to request Requests are not normally compressed  Accept-Encoding: gzip,deflate Server is not obligated to compress the response  Content-Encoding: gzip / deflate  IIS Compression Modes Dynamic Compression Static Compression www.devconnections.com Scenarios Considerations Small number of requests Uses CPU and memory Limited network bandwidth Not cached Improve transmission times Can be cached Graphic-heavy sites Uses some CPU 43
    44. 44. ASP.NET WEB API AND HTTP FUNDAMENTALS HTTP PERSISTENT CONNECTION IT’S ALIVE   Beginning with HTTP 1.1, clients and servers must support persistent connections Persistent is good   Fewer TCP connections = less congestion   Single connection can pipeline HTTP requests   Less simultaneous opened connections = less CPU No re-handshaking = reduced latency Send Connection: Keep-Alive in request and response headers to keep the underlying TCP connection open Connection is dropped if either end lacks sending the Keep-Alive header – Implementation Dependent www.devconnections.com 44
    45. 45. ASP.NET WEB API AND HTTP FUNDAMENTALS KEEPING IT ALIVE! DEMO www.devconnections.com 45
    46. 46. ASP.NET WEB API AND HTTP FUNDAMENTALS KEEP IT ALIVE, BUT FOR HOW LONG?      IIS by default adds Keep-Alive to every response HTTP.SYS has a default timeout of 120 seconds for idle connections When expecting many clients with a small number of request, Keep-Alive may have an overhead For short visits, consider disabling Keep-Alive or reduce the idle timeout to a couple of seconds (5? 2? 1?) Use logs to check visits and frequency of idle connections:  IIS log files: C:inetpublogsLogFiles  HTTP.SYS log files: %windir%system32LogFilesHTTPERR www.devconnections.com 46
    47. 47. ASP.NET WEB API AND HTTP FUNDAMENTALS WHO NEEDS IIS? WE HAVE SELF-HOSTING IIS is the natural hosting environment for the ASP.NET web stack, Web API included  When IIS is not an option or unwanted, use a self-hosted Web API  Just follow three basic steps:    Create host configuration and routing rules   Install the Microsoft ASP.NET Web API Self Host NuGet package Start the self-hosted server Under the covers, Web API self-hosting is handled by WCF www.devconnections.com 47
    48. 48. ASP.NET WEB API AND HTTP FUNDAMENTALS CACHING  HTTP caches store copies of responses to reduce network traffic  HTTP caches reduces call latency and increases server throughput  Caches are a main factor for scalability on the web www.devconnections.com 48
    49. 49. ASP.NET WEB API AND HTTP FUNDAMENTALS TYPES OF CACHES  Browser/Client Cache Stores representations locally on the computer’s hard drive  Proxy Cache Corporates and ISPs provide shared proxies providing shared cache on their network  Gateway (Reverse Proxy) Cache Stores representations on behalf of the server. Content Delivery Networks (CDNs) use gateway cache distributed around the web www.devconnections.com 49
    50. 50. ASP.NET WEB API AND HTTP FUNDAMENTALS CONTROLLING CACHE  HTTP headers can be used to control cache behaviors  HTTP provides method the avoid staleness of cached data  Expiration  Validation  Invalidation www.devconnections.com 50
    51. 51. ASP.NET WEB API AND HTTP FUNDAMENTALS CONTROLLING CACHE DEMO www.devconnections.com 51
    52. 52. ASP.NET WEB API AND HTTP FUNDAMENTALS ETAG: VERSIONING & CONCURRENCY     When caching content, we need to identify when content has changed The ETag (entity tag) header represents the version of the content ETags are sent to the client with the response, and are re-sent to the server on subsequent requests In the action, compare received and existing ETags, and return either:    A new entity if they are different An HTTP 304 (Not Modified) if they are identical When updating entities using POST/PUT, use the ETag for concurrency (version) checks www.devconnections.com
    53. 53. ASP.NET WEB API AND HTTP FUNDAMENTALS ETAG VERSIONING public HttpResponseMessage Get(int id) { HttpResponseMessage response; var etag = Request.Headers.IfNoneMatch.FirstOrDefault(); Agent agent = _manager.GetAgentById(id); if (etag != null && etag.ToString().Replace(@"""", "") == agent.Version) { response = new HttpResponseMessage(HttpStatusCode.NotModified); } else { response = Request.CreateResponse(HttpStatusCode.OK, agent); response.Headers.ETag = new EntityTagHeaderValue( string.Format(@"""{0}""", agent.Version)); } return response; www.devconnections.com 53 }
    54. 54. ASP.NET WEB API AND HTTP FUNDAMENTALS SECURITY  HTTP messages are clear text, in order to have any form of secured connection they must be encrypted  This is what SSL is for  Once encrypted there are still several challenges remaining:  Authentication  Persisting authentication throughout the conversation  Authorization www.devconnections.com 54
    55. 55. ASP.NET WEB API AND HTTP FUNDAMENTALS HTTPS - HOW SECURE SOCKETS LAYER WORKS 3. Client verifies certificate’s authenticity 1. Client requests a secured session 2. Server responds with an X.509 certificate 4. Client sends a symmetric encryption key (encrypted with the server’s public key) 6. Client and server exchange encrypted messages (encrypted with the symmetric key) 5. Server decrypts the encryption key with its private key www.devconnections.com
    56. 56. ASP.NET WEB API AND HTTP FUNDAMENTALS CLASSIC HTTP AUTHENTICATION  HTTP uses the Authorization header to pass authentication data: Authorization: Basic eWFuaXY6eWFuaXY=  According to specs, HTTP supports only two schemas:    Basic (plain text) Digest (hashed password) Nowadays, it is common to find other schemas:  NTLM / Negotiate (Windows authentication)  Certificate  OAuth www.devconnections.com 56
    57. 57. ASP.NET WEB API AND HTTP FUNDAMENTALS BASIC AUTHENTICATION DEMO www.devconnections.com 57
    58. 58. ASP.NET WEB API AND HTTP FUNDAMENTALS HTTP STREAMING  Advantages   Message can be handled before received completely   Less large memory allocation and buffering Connection can remain opened for a long time Useful for    File download/upload Live data feed (notifications, video streams, …) It’s a chunking mechanism  Uses a persistent HTTP connection  The Content-Length HTTP header is omitted  Each chunk is sent as size + chunk  Chunk size can vary  Stream ends when last chunk is sent with size 0 (zero) www.devconnections.com 58
    59. 59. ASP.NET WEB API AND HTTP FUNDAMENTALS HTTP STREAMING AND WEB API  Reading a streamed request    Request.Content.ReadAsStreamAsync (File Stream ) Request.Content.ReadAsMultipartAsync (Multi-part Stream) Writing a streamed response  Do you want to pull from an existing stream? Or push your own data down the stream?  Pull : StreamContent(inputStream)  Push: PushStreamContent(contentWritingAction)  When pushing data use Stream.Flush() to chunk www.devconnections.com 59
    60. 60. ASP.NET WEB API AND HTTP FUNDAMENTALS STREAMING WITH WEB API DEMO www.devconnections.com 60
    61. 61. ASP.NET WEB API AND HTTP FUNDAMENTALS DUPLEX COMMUNICATION WITH HTTP  HTTP is a request-response protocol  Updates are through server polling    Periodic polling (Anything new?) Long polling (I’m waiting for you!) Many disadvantages  Periodic polling inflicts high-latency on updates  Long polling is hard to implement  Can cause bandwidth overhead if used improperly www.devconnections.com 61
    62. 62. ASP.NET WEB API AND HTTP FUNDAMENTALS WEBSOCKETS IN A GLANCE  Bi-directional  Supports both HTTP and HTTPS (SSL)  Accessible  Supports TCP channel (full-duplex) through JavaScript API cross-domain calls  Client-side - IE10, Chrome, Firefox, .NET 4.5  Server-side – IIS 8, ASP.NET 4.5, SignalR  Standardization www.devconnections.com is still in progress!!
    63. 63. ASP.NET WEB API AND HTTP FUNDAMENTALS ASP.NET SIGNALR 101  Real-time, over HTTP persistent connection abstraction  Useful for dashboards & monitoring, collaborative work, job progress, gaming…  SignalR works everywhere  WebSockets  Server Sent Events  Forever Frame  Long Polling www.devconnections.com 63
    64. 64. ASP.NET WEB API AND HTTP FUNDAMENTALS ASP.NET SIGNALR 101  Supported clients:  Desktop applications using .NET 4/4.5  Web browsers using JavaScript  Windows Store and Windows Phone Apps  Supports scaling servers to Web farm with Windows Azure Service Bus, Redis, and SQL Server www.devconnections.com 64
    65. 65. ASP.NET WEB API AND HTTP FUNDAMENTALS SIGNALR API, CHOOSE WHAT WORKS FOR YOU  Connections  Low level  Raw strings up and down (the “old way”)  Broadcast to all clients, groups, or individuals  Connect, reconnect & disconnect semantics  Hubs  Built on top of connections  Client-Server and Server-Client RPC  Automatic client proxy generation for JavaScript www.devconnections.com 65
    66. 66. ASP.NET WEB API AND HTTP FUNDAMENTALS ASP.NET SIGNALR DEMO www.devconnections.com 66
    67. 67. ASP.NET WEB API AND HTTP FUNDAMENTALS SO WHAT DID WE LEARN TODAY?  HTTP Fundamentals via Web API  Hosting You are now an HTTP ninja Rank 1. Just 4 more ranks to go!!  HTTP Messages  HTTP.SYS  URIs  IIS 101  Routing  HTTP compression  Verbs  Persisted Connections  Controllers and Actions  Web API Self Hosting  Status Codes  HttpRequestMessage HttpResponseMessage  Error Handling  Content Negotiation  Media Type Formatters  OData  Validations  Dependency Resolver www.devconnections.com  More HTTP and Web API  Caching  Concurrency  Security  Streaming  WebSockets & SignalR 67
    68. 68. ASP.NET WEB API AND HTTP FUNDAMENTALS RESOURCES  HTTP   www.ietf.org/rfc/rfc2616.txt REST   www.ics.uci.edu/~fielding/pubs/dissertation/top.htm ASP.NET Web API  www.asp.net/web-api  www.asp.net/web-api/videos   This Presentation: sdrv.ms/1eKAsRd webapibloggers.com (without www) Fiddler  www.fiddler2.com  www.youtube.com/watch?v=7Tw5EHvTERc  “Debugging the Web with Fiddler”, Tuesday 2:00PM www.devconnections.com 68
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×