RESTful Web Services

Smart IT Engineering Ltd. RESTful Web Services Imran M Yousuf Smart IT Engineering Ltd.

Smart IT Engineering Ltd. What's not covered
Comparison between various Web Service technologies
Hands on tutorial on how code a RESTful WS
Details of how HTTP works
Details on various media formats

Smart IT Engineering Ltd. What to expect
REST
Definition
Discussion on its constraints
WWW
RESTful Web Service
Resource Oriented Architecture (ROA)
Constraints of ROA
Examples

Smart IT Engineering Ltd. What to expect
A Design Case Study
Questions

Smart IT Engineering Ltd. What is REST
RE presentational S tate T ransfer
Proposed by Dr. Roy Thomas Fielding in his PhD dissertation titled - “Architectural Styles and the Design of Network-based Software Architectures”

Smart IT Engineering Ltd. What is REST
RE presentational S tate T ransfer
REST is an architectural style composed of specific constraints.
The Constraints -
- Client-Server - Stateless - Cache - Uniform Interface - Layered System - Code-On-Demand (Optional)

Smart IT Engineering Ltd. REST Constraints
Client-Server
No restrictions on the nature of the client
No restrictions on the number of the clients
No restriction on communication medium / protocol
Client (Browser) Client (CLI – curl, wget) Client (Desktop) Network Client (Mobile) Client (Another System)

Client-Server
Separate data storage concerns
Improve user interface portability across multiple platforms
Improve scalability by simplifying server components
Components evolve independently

Stateless “ ... each request from client to server must contain all of the information necessary to understand the request, and cannot take advantage of any stored context on the server.”
Advantages Visibility Reliability Scalability

Cache “ ... the data within a response to a request be implicitly or explicitly labeled as cacheable or non-cacheable. If a response is cacheable, then a client cache is given the right to reuse that response data for later, equivalent requests.”
Advantages Efficient Scalability Performance

Layered System The layered system style or also popularly referred to as n-layer system allows an architecture to be composed of hierarchical layers by constraining component behavior such that each component cannot "see" beyond the immediate layer with which they are interacting.
Code-On-Demand Allows client functionality to be extended by downloading and executing code in the form of applets or scripts . This simplifies clients by reducing the number of features required to be pre-implemented.

Uniform Interface Central distinguishing feature of REST Involves four constraints to define 'uniform interface' for REST systems.
Identification of resources
Manipulation of resources through representations
Self-descriptive messages
HATEOAS ( H ypermedia A s T he E ngine O f A pplication S tate)

Uniform Interface - Resource
Any concept that might be the target of an web-author's hypertext reference must fit within the definition of a resource.
A resource is a conceptual mapping to a set of entities , not the entity that corresponds to the mapping at any particular point in time.
If compared of Object Oriented aproach, Object if referrrable is a resource.
Examples of resources would Books, A Book, An Author, Authors, Authors of a Book, A Publisher, Categories of a Book, A Category etc.

Uniform Interface – Representations & Messages
A representation is a sequence of bytes describing a resource in a particular format.
Other commonly used but less precise names for a representation include: document, file, and HTTP message entity, instance, or variant.
Message consists of control data, metadata, messages and in some cases hyperlinks to resources.
Examples: Images (image/jpg, image/png, etc.), Markups (text/html, application/xml etc.) and more.

Uniform Interface – HATEOAS
A hypermedia in each server response will contain links that correspond to all the actions that the client can currently perform.
Therefore, dependent on the current application state, every server response describes the new actions that are available.
The server can change the range of allowable responses in a dynamic way, and a client should adapt its behavior to these changes.
A client of a RESTful application need only know a single fixed URL to access it.

Uniform Interface – HATEOAS
All future actions should be discoverable dynamically from hypermedia links included in the representations of the resources that are returned from that URL.
The link relations should be standardized , so that the client knows what selecting that state transition means.
Standardized media types are also expected to be understood by any client that might use the API.
Application state transitions are driven by a combination of the known processing rules for each media type, client selection from the server-provided choices in representations received, and the user's manipulation of those representations. Thus interactions are driven by hypermedia .

Smart IT Engineering Ltd. REST What is the biggest known RESTful System on planet Earth?

Smart IT Engineering Ltd. REST World Wide Web a.k.a Internet
HTTP Web Pages
HTML pages are hypermedia
CSS
Feeds
Media etc.
JavaScript - Code-On-Demand
Email
Copy
Reply address
FTP
Files
Folders

Smart IT Engineering Ltd. REST Questions?

Smart IT Engineering Ltd. RESTful Web Service What is RESTful Web Service or API? Any system following fulfilling the constraints, thus definition, of REST is a RESTful Web Service.

Smart IT Engineering Ltd. RESTful Web Service
RESTful Web Service system communicates over HTTP protocol
RESTful Web Service design and architecture grows around resource .
All WWW sites are inherently REST-like and can easily be RESTful hence RESTful Web Service; e.g. Google Search Engine.
Web Service not only consists of either HTML markups, CSS and JavaScript, or other media formats, but may consist both

Smart IT Engineering Ltd. Resource Oriented Architecture
Introduced in the book “RESTful Web Services”
Resource-Oriented Architecture is about REST-ful system with the technologies of the Web

Smart IT Engineering Ltd. ROA - Resource
A Resource is anything, a concept, that is worth having a URI to linked to. E.g. http://basis.com.bd/softexpo/2011/
A URI is a name and address of a resource.
A Resource may have many URIs but needs to have at least one .
A Resource may have one or more representations; i.e. it may not have any representations at all.

Having a nice URI is not mendatory as in REST clients do not form URIs rather discover them. So it is indifferent to have basis.com.bd/softexpo/2011/ instead of basis.com.bd/abc/def as long as they name and address the same resource.
It does not hurt to have readable URIs
If Resource has multiple variants, i.e. combination of media format (atom xml, html etc.), encoding (ASCII, UTF-8 etc.) and language (en-US, bn etc.), besides supporting content negotiation, URI for each variant is beneficial for external linking.

HTTP Hints
Content negotiation for representation in HTTP is done through request headers – Accept, Accept-Encoding, Accept-Language
Use Vary header in response in case a URI support multiple representations
Use Location header in response to specify the exact URI to the variant in case of nice URIs.

Smart IT Engineering Ltd. ROA - Features
Key Features of ROA
Addressability
Statelessness
Representations
Links & Connectedness
The Uniform Interface
Safety & Idempotence

Smart IT Engineering Ltd. ROA - Addressability
If an application exposes all conceivable or interesting aspects of its data set as resources then it is addressable.
IOW an addressable application exposes URI for every bit of information it can conceivably serve
This usually refers to infinite URIs
Consider a search resource, e.g. Google Search, A paginated atom feed of all books of a bookstore etc.

Smart IT Engineering Ltd. ROA - Statelessnes
Same as that of REST
Introducing Application State and Resource State.
Application State resides on client side ensuring every request can be treated individually by the server without considering the past requests from the client
Resource State is data that makes up the resource. It resides server side and in case of write-able resource can be modified through its representation

Smart IT Engineering Ltd. ROA – Statelessnes Representations
Lets consider a resource we call Book.
Book has name, ISBN only. (ignoring publisher, author(s) and categories for now).
It has 2 representations HTML and WWW URL Encoded.
Client can track how it reached the book in its client application state. Note different apps may reach to the same resource in different ways. E.g., one from Google Search another from a Facebook app.
The resource state, i.e. the current name and ISBN resides on the server side and is indifferent for any client.
Clients receive the representations of the resource and provides the server with the same to edit its information.

Smart IT Engineering Ltd. ROA – Statelessnes Link & Connectedness
Lets enrich the Book dataset to contain author(s), publisher and categories.
So for every book resource there would be at least 5 related, i.e. Connected/Linked resource. They are the book's authors resource , the book's categories resource , the book's publisher resource , an author of the book (from first resource), a category of the book (from the 3 rd resource).

Smart IT Engineering Ltd. ROA – Resources /books /books/A /books/B /books/C /books/A/authors /books/A/publishers /pubs/A /authors/A /pubs/A/books /authors/A/books /pubs /authors /

Smart IT Engineering Ltd. ROA – Resource Templates /books /books/{id} /books/{id} /books/{id} /books/{id}/authors /books/{id}/publishers /pubs/{id} /authors/{id} /pubs/{id}/books /authors/{id}/books /pubs /authors /

Smart IT Engineering Ltd. ROA – The Uniform Interface
Specifies the generic definition of Uniform Interface from REST
The specifics are in context to HTTP
It basically follows the HTTP specification, does not change any definition but restricts on some of the operations usually performed
IMPORTANT – It remains same across all RESTful WS Providers, reducing learning curve.

Methods
GET – To read resources. Query parameters can be used to restrict the scope of the data set
PUT – To create a resource if the URI is known or replace (completely) the current state of the resource
DELETE – Delete the current resource. Might not actually physically delete the data just change the state.

Methods
POST – Has multiple functions
Create sub-ordinate resource
Append state data to current resource, i.e. partially update the state of the resource
Submit data to some background process, e.g. POST to search data.
The first 2 are uniform but the last is not and is advisable to avoid
In overloading POST with 2 ops one should consider breaking the resource to avoid overloading.

Headers
For pre-condition based locking
Entity Tag – ETag & If-Match
Last Modified Date – Last-Modified & If-Unmodified-Since
Implementation specific
Client side caching
Last Modified Date & Entity Tag for conditional GET using If-Modified-Since and If-None-Match
Cache-Control header for controlling cache
Use Vary to support variants.
Use Location to redirect or point to the permanent URI

Status (commonly used)
200 OK for returning success of request.
201 Created for returning that resource is created, in conjunction with Location header pointing to the created resource.
202 Accepted for returning that request accepted but will process at a later time without any guarantee.
204 No Content for specifying no message entity

302 Found for redirecting, prefer 303 instead.
303 See Other for redirecting using the Location header pointing to the actual resource.
304 Not Modified for conditional GET when condition is unmet, i.e. client can server from client cache.
301 Move Permanently If a resource URI has been changed, e.g. the template for books changed to /r/books from /books.

400 Bad Request when request information is sufficient to process the data, e.g. required field of an HTML Form is missing.
401 Unauthorized and 403 Forbidden for authentication and authorization failures respectively.
404 Not Found for not being able to resolve the URI to a resuorce.
406 Not Acceptable If none variants requested can be served by the server
412 Preconditioned Failed if the conditions in request not met. Useful lock like feature in case of updates.
415 Unsupported Media Type when request entity is not recognized by server for processing.

Smart IT Engineering Ltd. ROA – Safety & Idempotence
If designed according to the spec we get safety and idempotence for free.
Safety – refers to GET and HEAD not changing any state of the resources concerned, but might have side effects, e.g. hit counters.
Idempotence – Repeating any one of PUT, POST, DELETE on a resource any number of will yield the same result.

Smart IT Engineering Ltd. RESTful vs RESTlike/REST-RPC Web Service
Failures with my initial RESTful WS experiments
Overloaded POST
Not realizing HATEOAS, i.e. Linked and Connectedness
Not realizing the strength of content negotiation, i.e. variant support
Not realizing strength of conditional requests
Not realizing the power of HTTP Cache

Smart IT Engineering Ltd. RESTful Web Services & ROA Questions?

Smart IT Engineering Ltd. A Design Walk-through
What remains unchanged?
Use of HTTP as message vessel
Use of URI to address resources
No application state, i.e. session, on server side
What changes?
Resources and their interlinkings
Support of different media formats
Support of variants

Smart IT Engineering Ltd. Design – Content Repository
My Steps to design
Identify domain objects using Object Oriented Approach
Identify cardinal relationships among domains
Identify resource templates from objects and their cardinal relations
Design uri templates for resource templates
Specify Entity tag generation algorithm for resources as applicable
Specify cache directives for resources
Choose supporting media types for resources

Requirement
Contents can be separated logically in a boundary such that their definition and data can easily identified. Contents should extensively searchable, that is, by the logical partition definition type, free text etc. Contents and their fields can have multiple user configurable representations. All logical partitions should have featured contents.

Objects - /(search)?
Workspace - /w/{workspaceId}(/search)?
Representation Template - /w/{workspaceId}/reps(/{repId})?
Variation Template - /w/{workspaceId}/vars(/{varId})?
Root Contents a.k.a. Container - /w/{workspaceId}/container
Contents
Friendly Workspace - /w/{workspaceId}/friendlies
Content types - /w/{workspaceId}/types
Content - /c/{workspaceId}/{contentId}
Field - /c/{workspaceId}/{contentId}/fields(/{fieldName})?
Variation - /c/{workspaceId}/{contentId}/fields/{fieldName}/{varId}
Representation - /c/{workspaceId}/{contentId}/fields(/{repId})?
Content Type -/t/{workspaceId}/{contentTypeId}(/search)?

Objects - /(search)?
Workspace - /w/{workspaceId}(/search)?
Content Type -/t/{workspaceId}/{contentTypeId}(/search)?
The later 2 searches URIs are equivalent of
/search?workspace={workspaceId}
/search?workspace={workspaceId}&type={typeId}

Media Types
Collections
Atom Feed
Text URI-list
Single Objects
JSON
HTTP URL Encoded (Write only)
Search
HTML using Form
XForms in XML
Open Search Description (my only preference)

Smart IT Engineering Ltd. Design Questions? [email_address]

http://imyousuf-tech.blogs.smartitengineering.com	664
http://www.aninki.net	6
http://localhost	1
http://python.mmitd.com	1
http://webcache.googleusercontent.com	1

RESTful Web Services

by imyousuf on Feb 05, 2011

Accessibility

Categories

Upload Details

Usage Rights

5 Embeds 673

Statistics

RESTful Web Services Presentation Transcript