Your SlideShare is downloading. ×
0
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
RESTful API Automation with JavaScript
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

RESTful API Automation with JavaScript

2,524

Published on

Pragmatic RESTful API principles, along with a solid consumption architecture, can allow for a great amount of automation in your program development. At the same time, securing the application can …

Pragmatic RESTful API principles, along with a solid consumption architecture, can allow for a great amount of automation in your program development. At the same time, securing the application can be extremely tricky from JavaScript.

In this session we will explore several principles behind RESTful API design and consumption using JavaScript, many of the standards that were integrated in the redevelopment of the PayPal API architecture in the new RESTful APIs.

We will cover many of these architecture standards, including:

* Building in action automation using HATEOAS
* OAuth 2 in the JavaScript model
* The challenges behind secure resource consumption through JavaScript

Published in: Technology
0 Comments
5 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,524
On Slideshare
0
From Embeds
0
Number of Embeds
20
Actions
Shares
0
Downloads
67
Comments
0
Likes
5
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. With JavaScriptRESTful API AutomationJonathan LeBlancHead of Developer Evangelism (North America)Github: http://github.com/jcleblancSlides: http://slideshare.net/jcleblancTwitter: @jcleblanc
  • 2. What We’re CoveringREST ConceptsAutomation through hypermediaconstraintsOAuth 2 in JavaScript
  • 3. What We Want
  • 4. JavaScript Challenges
  • 5. Cross Origin Resource SharingAccess to other domains / subdomains isrestricted (same origin policy)JSONP to request resources across domainsCross-origin resource sharing (CORS)You Send: Origin: http://site.comThey Send: Access-Control-Allow-Origin: http://site.com
  • 6. Keeping Things HiddenToken based auth mechanismOAuth: Client SecretBasic Auth: PasswordAPI request action to reaction mappingA schematic for how data forces site changes
  • 7. Action Automation
  • 8. RESTful API Core ConceptsHonor HTTP request verbsUse proper HTTP status codesNo version numbering in URIsReturn format via HTTP Accept headerDouble Rainbow: Discovery via HATEOAS
  • 9. Uniform Interface Sub-ConstraintsResource IdentificationResources must be manipulated viarepresentationsSelf descriptive messagesHypermedia as the engine ofapplication state
  • 10. How we Normally Consume APIs
  • 11. Using HATEOAS to Automate
  • 12. "links": [{"href":"https://api.sandbox.paypal.com/v1/payments/authorization/6H149011U8307001M","rel":"self","method":"GET"},{"href":"https://api.sandbox.paypal.com/v1/payments/authorization/6H149011U8307001M/capture","rel":"capture","method":"POST"},{"href":"https://api.sandbox.paypal.com/v1/payments/authorization/6H149011U8307001M/void","rel":"void","method":"POST"}]
  • 13. OAuth 2 & JavaScript?
  • 14. A Little Use BackgroundUser loginApplication onlyUser Involvement
  • 15. User Agent Flow: RedirectPrepare the Redirect URIAuthorization Endpointclient_id response_type (token)scope redirect_uriBrowser RedirectRedirect URI
  • 16. User Agent Flow: RedirectBuilding the redirect linkvar auth_uri = auth_endpoint +"?response_type=token" +"&client_id=" + client_id +"&scope=profile" +"&redirect_uri=" + window.location;$("#auth_btn").attr("href", auth_uri);
  • 17. User Agent Flow: Hash ModFetch the Hash Modaccess_tokenrefresh_tokenexpires_inExtract Access Token
  • 18. User Agent Flow: Hash Modhttp://site.com/callback#access_token=rBEGu1FQr54AzqE3Q&refresh_token=rEBt51FZr54HayqE3V4a&expires_in=3600var hash = document.location.hash;var match = hash.match(/access_token=(w+)/);Extracting the access token from the hash
  • 19. User Agent Flow: Get ResourcesSet Request Headers + URIResource EndpointHeader: token type + access tokenHeader: accept data typeHTTPS Request
  • 20. User Agent Flow: Get Resources$.ajax({url: resource_uri,beforeSend: function (xhr) {xhr.setRequestHeader(Authorization, OAuth + token);xhr.setRequestHeader(Accept, application/json);},success: function (response) {//use response object}});Making an authorized request
  • 21. Good JavaScript API InteractionUsing Proper REST standardsAutomation through hypermediaconstraintsUsing OAuth 2 appropriately
  • 22. http://bit.ly/rest_automation_jsThank You! Questions?Jonathan LeBlancHead of Developer Evangelism (North America)Github: http://github.com/jcleblancSlides: http://slideshare.net/jcleblancTwitter: @jcleblanc

×