• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
REST API Representational State Transfer
 

REST API Representational State Transfer

on

  • 346 views

 

Statistics

Views

Total Views
346
Views on SlideShare
346
Embed Views
0

Actions

Likes
0
Downloads
13
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    REST API Representational State Transfer REST API Representational State Transfer Presentation Transcript

    • Web Basics:Operations, via the HTTP API0 HTTP provides a simple set of operations. Amazingly, all Web exchanges are done using this simple HTTP API: 0 GET 0 Properties: Safe, Idempotent 0 Usage: Retrieving a resource 0 POST 0 Properties: UNSAFE 0 Creating a resource within a collection (resource URI unknown) 0 PUT 0 Properties: Idempotent 0 Usage: Creating or updating a resource at a known URI 0 DELETE 0 Properties: Idempotent 0 Usage: Deleting a resource2 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Resource Oriented Architecture? 0 ROA is the term for REST on HTTP/URI 0 A Service consists of all the resources available within a certain domain of control 0 Since REST is a type of SOA, ROA is an implementation of SOA as well. Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Web Basics: Simple Set of Operations, via the HTTP API Desired HTTP Header action Target POST / HTTP/1.1 Machine Host: ttp://www.amazon.com Book: DaVince Code Book: Da Vince Code HTTP Credit Card: Visa Number: 123-45-6789 Credit Card: Visa Payload Expiry: 12-04-06 Number: 123-45-6789 Expiry: 12-04-06 Amazon Web Server Data being Posted4 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • RESTRoy Fielding described REST as an architecture style whichattempts “to minimize latency and network communication, whileat the same time maximizing the independence and scalability ofcomponent implementations" 5 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • REST - Not a Standard 0 REST is not a standard 0 REST is just a design pattern 0 REST does prescribe the use of standards: 0 HTTP 0 URL 0 XML/HTML/GIF/JPEG/etc. (Resource Representations) 0 text/xml, text/html, image/gif, image/jpeg, etc. (Resource Types, MIME Types)6 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Why is it called "Representational State Transfer? " http://www.boeing.com/aircraft/747 Client Resource Fuel requirements Maintenance schedule ... Boeing747.htmlThe Client references a Web resource using a URL.A representation of the resource is returned (in this case as an HTML document).The representation (e.g., Boeing747.html) places the client in a new state.When the client selects a hyperlink in Boeing747.html, it accesses another resource.The new representation places the client application into yet another state.Thus, the client application transfers state with each resource representation. 7 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • REST Constraints0 Important ‘things’ (Noun) are Resources 0 Addressed through a URI0 Uniform interface (Verb) 0 In HTTP: GET, PUT, POST, DELETE0 Verb-Noun separation makes integration easier 0 GET /customer/45 Instead of getCustomer(45) OR viewCustomer(45) OR showCustomer(45)8 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • REST0 Create a resource for every service.0 Separation of resource from representation0 The data that a Web service returns should link to other data.0 Resources are identified by URIs0 Resources are manipulated through their representations0 Self-descriptive messages 9 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Why not plain HTML? 0 Web pages are designed to be understood by people, 0 layout and styling do matter, not just raw data 0 Every URI could have a human-readable and a machine- process-able representation: 0 Web Services clients ask for the machine-readable one 0 Browsers ask for the human-readable. 0 A web page is a representation of a resource 0 URIs tell a client that theres a concept somewhere 0 Clients can then request a specific representation of the concept from the representations the server makes available10 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Why hypertext? 0 Because the links mirror the structure of how a user makes progress through an application 0 The user is in control, thanks to the Back button and other non-local actions 0 In a Web service, the client should be in control in the same sense <order self=http://example.com/customers/1234 > <amount>23</amount> <product ref=http://example.com/products/4554 /> <customer ref=http://example.com/customers/1234 /> </order>11 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • What is REST?? 0 Uniform Interface 0 Stateless 0 Cacheable 0 Client-Server 0 Layered System 0 Code on Demand (Optional)12 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Uniform Interface0 Simplifies & decouples Architecture for better visibility & evovlability.0 Resource based representation0 Manipulation of resources through representations0 Self-descriptive messages0 Principle of Generality on Interface0 Con: Degrades efficiency0 Optimized: Large grain hypermedia transfer13 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Client Server0 Separation of Concerns0 Improve Portability of UI0 Scalability per simple server components0 Independent evolution14 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Cache0 Eliminates Client server Interactions, partially or completely0 Improves Scalability and performance0 Reduced latency in average0 Con: Decrease on reliability, cached data may not be the recently updated 15 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Layered System0 Restrict knowledge of system to 1 layer0 Bounds systems complexity + Encapsulation0 Intermediaries and load balancing0 Con: Add overhead and latency0 Optimized: Pipes & Filters behavior with intermediaries processing partially the message16 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Stateless0 Statelessness is the key.0 Necessary state is contained in the request itself.0 Prevents partial failures0 No context in server, session in client0 Visibility, reliability, and scalability0 Con: Decrease network performance17 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Code On Demand (Optional)0 Temporary extend or customize client functionality (extensibility- java scripts and java applets)0 Client simplification0 Con: Reduces visibility0 This is the only optional constrain18 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Who is using REST? 0 Google 0 GData, OpenSocial 0 Standards 0 Atom, WebDAV 0 Amazon 0 S3, SimpleDB 0 Microsoft (!) 0 Project Astoria, Web3S19 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Advantages of REST 0 Its architectural constraints when applied as a whole, generate: 0 Scalable component interactions 0 General interfaces 0 Independently deployed connectors 0 Reduced interaction latency 0 Strengthened security 0 Safe encapsulation of legacy systems 0 Separates server implementation from the clients perception of resources 0 Scales well to large numbers of clients 0 Enables transfer of data in streams of unlimited size and type20 Umme Habiba: KTH-Applied Information Security Lab SEECS
    • Thank You 21