Representation state transfer and some other important stuff

2,300 views
2,243 views

Published on

Representation state transfer and some other important stuff. Internal workshop @ enrise

Published in: Technology
0 Comments
7 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,300
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
44
Comments
0
Likes
7
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Representation state transfer and some other important stuff

    1. 1. RepresentationalStateTransfer(REST)(and some other important stuff)
    2. 2. Warning before we start ‣ REST != MVC ‣ Do not think in controllers, id’s, actions, models, views, plugins, helpers etc... ‣ In fact, do not think about implementation AT ALL!!
    3. 3. What is REST?Roy Fielding said: REST is a coordinated set of architectural constraints that attempts to minimize latency and network communication while at the same time maximizing the independence and scalability of component implementations. This is achieved by placing constraints on connector semantics where other styles have focused on component semantics. REST enables the caching and reuse of interactions, dynamic substitutability of components, and processing of actions by intermediaries, thereby meeting the needs of an Internet-scale distributed hypermedia system.
    4. 4. What is REST? ‣ Cacheable ‣ Stateless ‣ Scalable ‣ Fault-tolerant ‣ Loosely coupled‣ ADVANTAGES OF REST
    5. 5. What is REST? ‣ URL identifies a resource ‣ URLs have an hierarchy ‣ Methods perform operations on resources ‣ Operation must be implicit ‣ Hypermedia format to represent data ‣ Link relations to navigate‣ THE PRINCIPLES OF REST
    6. 6. What is REST? ‣ Identification of resources ‣ Manipulation of resources ‣ Self-descriptive messages ‣ HATEOAS‣ THE FOUR MAIN PRINCIPLES
    7. 7. What is REST? ‣ Identification of resources ‣ Manipulation of resources ‣ Self-descriptive messages ‣ HATEOAS‣ THE FOUR MAIN PRINCIPLES
    8. 8. Identification of resources ‣ /index.php?action=getarticle&id=5 ‣ /default/article/5/4/6/size Cacheable? Scalable? Readable?‣ You are doing it wrong... :(
    9. 9. Identification of resources ‣ /articles We want all articles ‣ /articles/5/photos/4/comments/1 We want the first comment of the fourth photo for the fifth article ‣ /articles/5/photos/4/comments We want all comments of the fourth photo for the fifth article Cacheable! Scalable! Readable!‣ Readable and maintainable!
    10. 10. Identification of resources ✗ /photos/order/size/limit/5 ✗ /photos/limit/5/order/size ✓ /photos?order=size&limit=5 ✓ /photos?limit=5&order=size‣ FILTERING THROUGH A QUERY STRING, NOT THE URI
    11. 11. What is REST? ‣ Identification of resources ‣ Manipulation of resources ‣ Self-descriptive messages ‣ HATEOAS‣ THE FOUR MAIN PRINCIPLES
    12. 12. Manipulation of resources ‣ Create ‣ Retrieve ‣ Update ‣ Delete ‣ But please note that REST != CRUD
    13. 13. Manipulation of resources ‣ Create = PUT ‣ Retrieve = GET ‣ Update = POST ‣ Delete = DELETE‣ CRUD to HTTP verb mapping
    14. 14. Manipulation of resources ‣ Any client should be able to make the request as many times as necessary. ‣ GET, OPTIONS, HEAD‣ SAFE METHODS
    15. 15. Manipulation of resources ‣ Garantuees that the client can repeat the request when it’s not certain. ‣ $x++ vs $x=4 ‣ ALL METHODS EXCEPT “POST”‣ IDEMPOTENT METHODS
    16. 16. What is REST? ‣ Identification of resources ‣ Manipulation of resources ‣ Self-descriptive messages ‣ HATEOAS‣ THE FOUR MAIN PRINCIPLES
    17. 17. Self-descriptive messages‣ Stateless!‣ All information for processing is available: ‣ How? (method + content-type) ‣ What? (URI) ‣ When? (preconditions) ‣ Who? (authentication)
    18. 18. Self-descriptive messages GET /article/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth oauth_nonce=”123” ... If-None-Matched: absad12412414‣ HOW (method)
    19. 19. Self-descriptive messages GET /article/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth oauth_nonce=”123” ... If-None-Matched: absad12412414‣ HOW (content-type)
    20. 20. Self-descriptive messages GET /article/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth oauth_nonce=”123” ... If-None-Matched: absad12412414‣ WHAT
    21. 21. Self-descriptive messages GET /article/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth oauth_nonce=”123” ... If-None-Matched: absad12412414‣ WHEN
    22. 22. Self-descriptive messages GET /article/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth oauth_nonce=”123” ... If-None-Matched: absad12412414‣ WHO
    23. 23. What is REST? ‣ Identification of resources ‣ Manipulation of resources ‣ Self-descriptive messages ‣ HATEOAS‣ THE FOUR MAIN PRINCIPLES
    24. 24. HATEOAS HATEOAS = Hypermedia As The Engine Of Application State
    25. 25. HATEOAS This is the hardest and of course, most important part of REST
    26. 26. HATEOAS ‣ Use links to allow clients to discover locations and operations. ‣ Link relations are used to express options. ‣ Clients do not need to know URLs. ‣ This controls the state.
    27. 27. State inside your REST API Fetch Select Confirm Pay E-Ticket‣ “Flight booking API”
    28. 28. State inside your REST API POST /search?order=price&limit=5 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 <search> <destination>LPA</destination> <date>24-may-2011</date> <type>firstclass</type> </search>‣ Search for specified flights
    29. 29. State inside your REST API HTTP/1.1 200 OK Content-type: application/vnd.enrise.nl+xml ; version: 1.0 <flights xmlns=...> <flight> <flightno>KL1234</flightno> <time>4:24</time> <link method=”get” rel=”details” action=”/flight/15263” type=”text/xml”> <link method=”post” rel=”confirm” action=”/confirm/flight/15263” type=”text/xml”> </flight> <flight> <flightno>HV123</flightno> <time>3:54</time> <link method=”get” rel=”details” action=”/flight/523525” type=”text/xml”> <link method=”post” rel=”confirm” action=”/confirm/flight/523525” type=”text/xml”> </flight> </flights>‣ Returns a collection of flights
    30. 30. State inside your REST API POST /confirm/flight/15263 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 HTTP/1.1 401 Authentication required‣ Confirm a specific flight
    31. 31. State inside your REST API POST /confirm/flight/15263 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth ...... <flight> <seat>2A</seat> <meal>vegetarian</meal> </flight> HTTP/1.1 201 Created Location: /booking/1616163 <booking> <link rel=”details” href=”/booking/1616163” method=”get” type=”application/xml”> <link rel=”payment” href=”/payment/booking/1616163” type=”application/xml”> <link rel=”cancel” href=”/payment/booking/1616163” method=”delete” type=”application/xml”> </booking>‣ Confirm a specific flight, with more info
    32. 32. State inside your REST API OPTIONS /booking/1616163 HTTP/1.1 Host: www.enrise.com Authorization: OAuth ...... HTTP/1.1 200 OK Allow: GET, DELETE, PUT‣ What can we do with our booking?
    33. 33. State inside your REST API DELETE /booking/1616163 HTTP/1.1 Host: www.enrise.com Authorization: OAuth ...... HTTP/1.1 204 No content‣ Cancel our booking!
    34. 34. State inside your REST API GET /booking/1616163 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth... HTTP/1.1 200 OK <booking> <flight> <flightno>KL1234</flightno> <time>4:24</time> <link rel=”details” method=”get” href=”/flight/15263”> </flight> <payment> <status>Not paid</status> <link rel=”details” method=”get” href=”/payment/booking/1616163”> </payment> </booking>‣ Still need to pay for the flight
    35. 35. State inside your REST API POST /payment/booking/1616163 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth ...... <payment> <cardno>4111-1111-1111-1111</cardno> <expires>04/13</expires> <name>Joshua Thijssen</name> <amount currency=”eur”>414.00</amount> </payment> HTTP/1.1 201 Created Location: /payment/booking/1616163‣ Pay through another resource
    36. 36. State inside your REST API OPTIONS /booking/1616163 HTTP/1.1 Host: www.enrise.com Authorization: OAuth ...... HTTP/1.1 200 OK Allow: GET, PUT‣ Can’t delete our booking since it’s paid
    37. 37. State inside your REST API GET /booking/1616163 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth... HTTP/1.1 200 OK <booking> <flight> <flightno>KL1234</flightno> <time>4:24</time> <link rel=”details” method=”get” href=”/flight/15263”> </flight> <payment> <status>Paid in full</status> <link rel=”details” method=”get” href=”/payment/booking/1616163”> </payment> <link rel=”eticket” method=”get” href=”/eticket/12415156261616”> </booking>‣ We can fetch our eticket now
    38. 38. (Common) pitfalls of REST design ‣ Versioning ‣ Methods in uri ‣ One uri per resource ‣ Controller resources & non-CRUD
    39. 39. (Common) pitfalls of REST design ‣ Versioning ‣ Methods in uri ‣ One uri per resource ‣ Controller resources & Non-CRUD
    40. 40. (Common) pitfalls of REST design ‣ /api/v1.1/article/1234/photos ‣ /api/v1.2/article/1234/photos ‣ Different resources?‣ Versioning
    41. 41. (Common) pitfalls of REST design GET /api/article/1234/photos HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 GET /api/article/1234/photos HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+json ; version = 1.1 GET /api/article/1234/photos HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+json ; version = 5.0.4a‣ Versioning
    42. 42. (Common) pitfalls of REST design ‣ Versioning ‣ Methods in uri ‣ One uri per resource ‣ Controller resources & Non-CRUD
    43. 43. (Common) pitfalls of REST design ‣ /api/get/article/1234/photos ‣ /api/article/new ‣ /api/article/list‣ Methods in URL
    44. 44. (Common) pitfalls of REST design ‣ Versioning ‣ Methods in uri ‣ One uri per resource ‣ Controller resources & Non-CRUD
    45. 45. (Common) pitfalls of REST design ‣ /api/article/1234 ‣ /api/article/red+teddybear ‣ Different resources‣ One URI per resource
    46. 46. (Common) pitfalls of REST design GET /api/article/red+teddybear HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 HTTP/1.1 303 See Other Location: /api/article/1234‣ One URI per resource
    47. 47. (Common) pitfalls of REST design ‣ Versioning ‣ Methods in uri ‣ One uri per resource ‣ Controller resources & Non-CRUD
    48. 48. (Common) pitfalls of REST design ‣ Outside the CRUD? ‣ Multiple operations simultaneously?‣ Controller resources & non-crud
    49. 49. (Common) pitfalls of REST design GET /distance HTTP/1.1 Host: www.enrise.com Accept: text/xml Content-type: text/xml;charset=UTF-8 <xml> <from>Amersfoort, NLD</from> <to>Apeldoorn, NLD</to> </xml> HTTP/1.1 200 OK Content-length: 123 Content-type: text/xml <result> <distance unit=”km”>45</distance> <distance unit=”miles”>27.96</distance> </result>‣ Controller resources & non-crud
    50. 50. (Common) pitfalls of REST design POST /user/jthijssen/address_merge HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 Content-type: text/csv;charset=UTF-8 John Doe, 1 Main Street, Seattle, WA Jane Doe, 100 North Street, Los Angeles, CA HTTP/1.1 303 See Other Location: /user/jthijssen/addressbook‣ Controller resources & non-crud
    51. 51. More important stuff ‣ HTTP Status codes ‣ ETags
    52. 52. HTTP Status codes ‣ Status codes are important ‣ They represent the result of your actions
    53. 53. HTTP Status codes ‣ 1xx Informational ‣ 2xx Success ‣ 3xx Redirection ‣ 4xx Client error ‣ 5xx Server error
    54. 54. HTTP Status codes ‣ 200 OK Resource returned ‣ 201 Created Resource created ‣ 204 No content Resource deleted‣ IMPORTANT 2xx CODES
    55. 55. HTTP Status codes ‣ 304 Not modified Resource wasn’t changed‣ IMPORTANT 3xx CODES
    56. 56. HTTP Status codes ‣ 400 Bad request Incorrect payload ‣ 401 Unauthorized Not authorized to operate ‣ 403 Forbidden Not authenticated to operate ‣ 404 Not found Resource was not found‣ IMPORTANT 4xx CODES
    57. 57. HTTP Status codes ‣ 405 Method not allowed Method incorrect ‣ 406 Not acceptable Cannot return in correct format ‣ 412 Precondition failed “ETag mismatch”‣ IMPORTANT 4xx CODES
    58. 58. HTTP Status codes ‣ 500 Internal server error “Something” happened ‣ 501 Not implemented Method is not implemented‣ IMPORTANT 5xx CODES
    59. 59. HTTP Status codes ‣ 501 Not implemented vs 405 Method not allowed ‣ 409 Conflict vs 412 Precondition failed‣ DEBATABLE
    60. 60. ETags & Optimistic locking GET /blogpost/12345 HTTP/1.1 Host: www.enrise.com HTTP/1.1 200 OK Content-length: 1234000 Content-type: text/xml ETag: abcd-1234 <xml> <blogpost> <author>Joshua Thijssen</author> <title>...</title> .... </blogpost> </xml>
    61. 61. ETags & Optimistic locking GET /blogpost/12345 HTTP/1.1 Host: www.enrise.com If-None-Match: abcd-1234 HTTP/1.1 304 Not modified Blogpost is cached and can be used!
    62. 62. ETags & Optimistic locking POST /blogpost/12345 HTTP/1.1 Host: www.enrise.com If-Match: abcd-1234 <xml> <author>Sjors de Valk</author> </xml> HTTP/1.1 412 Precondition failed Blogpost is already modified by “someone”
    63. 63. REST examples Other REST Examples
    64. 64. REST examples POST /articles HTTP/1.1 Host: www.enrise.com Content-type: application/vnd.enrise.nl+xml ; version = 1.0 <article xmlns=”http://www.enrise.com/article”> <name>Teddybear</name> <color>red</color> <stock>15</stock> <price currency=”eur”>15,95</price> <price currency=”usd”>19,95</price> </article> HTTP/1.1 201 Created Location: /articles/1234‣ Creating a resource
    65. 65. REST examples GET /articles HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 HTTP/1.1 200 OK Content-length: 12345 Content-type: application/vnd.enrise.nl+xml Date: sun, 01 Nov 2010 12:34:56 GMT <articles xmlns=”http://www.enrise.com/article”> <article> <name>Teddybear</name> <link method=”get” rel=”article” href=”/articles/1234”> </article> <article> <name>Skippyball</name> <link method=”get” rel=”article” href=”/articles/1121”> </article> </articles>‣ Getting a resource collection
    66. 66. REST examples GET /articles/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 HTTP/1.1 200 OK Content-length: 12345 Content-type: application/vnd.enrise.nl+xml Date: sun, 01 Nov 2010 12:34:56 GMT <article xmlns=”http://www.enrise.com/article”> <name>Teddybear</name> <link method=”get” rel=”article” href=”/articles/1234> </article> HTTP/1.1 404 Not found Content-length: 0 Date: sun, 01 Nov 2010 12:34:56 GMT‣ Getting a resource
    67. 67. REST examples DELETE /articles/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 HTTP/1.1 204 No content Content-length: 0 Date: sun, 01 Nov 2010 12:34:56 GMT‣ Delete a resource
    68. 68. REST examples PUT /articles/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 Idempotent If-Match: 23709-12135125 <article xmlns=”http://www.enrise.com/article> <name>Teddybear</name> <color>red</color> <stock>30</stock> <price currency=”eur”>15,95</price> <price currency=”usd”>19,95</price> </article> HTTP/1.1 200 OK Content-length: 0 Date: sun, 01 Nov 2010 12:34:56 GMT HTTP/1.1 412 Precondition failed Content-length: 0 Date: sun, 01 Nov 2010 12:34:56 GMT‣ Updating a resource
    69. 69. (Common) pitfalls of REST design POST /user/jthijssen/address_merge HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 Content-type: text/csv;charset=UTF-8 John Doe, 1 Main Street, Seattle, WA Jane Doe, 100 North Street, Los Angeles, CA HTTP/1.1 303 See Other Location: /user/jthijssen/addressbook‣ Controller resources
    70. 70. More reading‣ http://en.wikipedia.org/wiki/Representational_State_Transfer‣ http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm‣ http://oreilly.com/catalog/9780596801694‣ http://www.slideshare.net/Wombert/designing-http-interfaces-and- restful-web-services-confoo11-20110310‣ http://www.slideshare.net/adorepump/hateoas-the-confusing-bit- from-rest‣ http://www.slideshare.net/guilhermecaelum/rest-in-practice
    71. 71. Question & discussionhttp://farm1.static.flickr.com/73/163450213_18478d3aa6_d.jpg
    72. 72. ‣ THANK YOU FOR YOUR ATTENTION

    ×