Your SlideShare is downloading. ×

Creating Web Services with Zend Framework - Matthew Turland


Published on

Published in: Technology, Education
  • @Kiren Siv If I'm understanding you correctly, I would suggest looking into Zend_Rest_Controller and Zend_Rest_Route and using them in conjunction with the JSON action helper.
    Are you sure you want to  Yes  No
    Your message goes here
  • i am trying to get a json response from a target uri.but not able to go exact way with Zend_Json_Server_Request.I would be great full if you could post a reply to this with examples or point me to a best tutorials.
    Are you sure you want to  Yes  No
    Your message goes here
  • Demos can be found here:
    Are you sure you want to  Yes  No
    Your message goes here
  • Do you have a link to the XML-RPC Demo?
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide
  • Transcript

    • 1. Pick Your Protocol Creating Web Services with Zend Framework Matthew Turland September 17, 2008
    • 2. Everyone acquainted?
      • Lead Programmer for surgiSYS, LLC
      • ZCE, ZFCE, and Zend Framework contributor
      • Blog:
    • 3. You're probably wondering...
      • ... what you're doing here this early in the morning.
      • Web services? Anyone? Anyone?
      • According to the W3C , "a software system designed to support interoperable machine-to-machine interaction over a network."
      • This by itself is vague. The remainder of the definition gets into specifics about SOAP, which is too exclusive.
    • 4. What are web services?
      • For our purposes, web applications implementing communication standards for receiving requests from other web applications to return or operate on data.
      • Automate interactions between software systems that would otherwise require (more) human intervention.
      • Scapegoat for the existence of a number of acronyms in today's IT industry. More on these shortly.
    • 5. What is Zend Framework?
      • Open source web application framework for PHP 5.
      • Sponsored by Zend Technologies.
      • Technology partners include IBM, Google, and Microsoft.
      • Developed by Zend and volunteers since 2005.
      • Great way to develop web services regardless of the implementation method you want to use.
    • 6. What We're Covering
      • Implementation of HTTP authentication to restrict access to web services.
      • Background information on commonly used standards and methodologies for development of web services.
      • Timely details on the state and use of Zend Framework components used to accelerate web service development.
    • 7. HTTP Authentication
      • Extension of the HTTP protocol used for identity authentication as described in RFC 2617 .
      • Sees limited use in access control implementations for web services and general web applications.
      • Two flavors: Basic and Digest. The latter implements more measures for security than the former, but is less commonly used.
    • 8. Zend_Auth_Adapter_Http
      • Offers support for Basic and Digest authentication schemes and authentication via local and proxy servers.
      • Some Digest features, such as nonce tracking for stale support, are not implemented yet.
      • Uses resolvers to authenticate provided credentials against a data source.
      • Uses a file-based resolver by default and offers an interface to implement custom resolvers.
    • 9. File Resolver Formats
      • Format is the same for both Basic and Digest schemes, but supplied data differs between schemes.
      • Basic [$username]:[$realm]:[base64_encode($password)]
      • Digest [$username]:[$realm]:[md5($username . ':' . $realm . ':' . $password)]
    • 10. Configuration
      • $basicResolver = new Zend_Auth_Adapter_Http_Resolver_File('path/to/file');
      • $adapter = new Zend_Auth_Adapter_Http(array(
      • 'accept_schemes' => 'basic', 'realm' => '[Web Service Name]'
      • ));
      • $adapter // request and response are from controller ->setRequest($this->_request) ->setResponse($this->_response) ->setBasicResolver($basicResolver);
    • 11. Use Case
      • // Pulls authentication credentials from the request
      • $result = $adapter->authenticate();
      • if (!$result->isValid()) {
      • $errors = $result->getMessages();
      • } else {
      • $identity = $result->getIdentity();
      • }
    • 12. HTTP Resources
      • RFC 2616 HyperText Transfer Protocol
      • RFC 3986 Uniform Resource Identifiers
      • "HTTP: The Definitive Guide" (ISBN 1565925092)
      • "HTTP Pocket Reference: HyperText Transfer Protocol" (ISBN 1565928628)
      • "HTTP Developer's Handbook" (ISBN 0672324547) by Chris Shiflett
      • Ben Ramsey's blog series on HTTP
    • 13. Common Server Components
      • Zend_Server_Interface "enforces" the use of the SoapServer API on server classes.
      • Zend_Server_Reflection extends the PHP 5 Reflection API to add various features used in server introspection for delivering API metadata to clients.
      • Zend_Server_Abstract is likely to be deprecated or significantly refactored in future releases.
    • 14. Acronym #1
      • REST: REpresentational State Transfer
      • Born in 2000 in the dissertation of Roy Fielding, a principal author of the HTTP specification.
      • Not tied to a specific protocol, but most often implemented on an HTTP server.
      • A collection of network architecture principles centered around resources and operations to facilitate transfer of state between clients and servers.
    • 15. What's a resource?
      • Source of specific information in a particular format (known as its representation).
      • Platform-independent machine equivalent of a noun.
      • Referred to using Universal Resource Identifiers or URIs.
      • A client can interact with a resource by knowing its URI, the operation to perform, and how to interpret the returned resource representation.
    • 16. Operations
      • HTTP
      • POST
      • GET
      • PUT
      • DELETE
      • CRUD
      • Create, Update, Delete
      • Retrieve
      • Create, Delete/Create
      • Delete
    • 17. Representations
      • Anything with an associated MIME type.
      • A single resource can have multiple representations.
      • Content negotiation allows the client to indicate what representations it supports and prefers.
      • Some web services add a request parameter or extension to the resource URI to indicate the requested representation. Not very RESTful, but easier to use.
    • 18. Still don't get it?
      • REST is not a standard, protocol, or architecture so much as an architectural style or set of design principles.
      • Check out "RESTful Web Services" by Leonard Richardson and Sam Ruby, ISBN 0596529260.
      • Keep listening, contrasts later on in this presentation may make the nature of REST more clear.
    • 19. Zend_Rest_Server
      • Exposes normal functions and class methods for remote invocation.
      • Can return or directly output return values of the exposed functions and methods.
      • Supports output of DOMNode, DOMDocument, and SimpleXMLElement return values.
      • Non-XML return types are converted to XML using DOM.
    • 20. Sound strange?
      • Only HTTP methods supported are GET and POST, so it ends up being more like "REST-RPC" than REST. (Ben Ramsey has a good blog post on this.)
      • XML output is assumed, which makes the class inflexible toward other representations (ex: JSON via Zend_Json ).
      • Very sparse documentation.
    • 21.
      • $server = new Zend_Rest_Server();
      • $server->addFunction('someFunctionName');
      • $server->addFunction('someOtherFunctionName');
      • $functions = $server->getFunctions();
      • $server->setClass(
      • 'Some_Class_Name',
      • null, // namespace from Zend_Server_Interface
      • $args // for Some_Class_Name::__construct()
      • );
      • $server->handle($request); // $request = $_REQUEST
      • $server->returnResponse(true);
      • $return = $server->handle($request);
      Show me the code!
    • 22. Don't bother with these...
      • // They either are stubs or they may as well be.
      • $server->setEncoding('UTF-8');
      • $encoding = $server->getEncoding();
      • $server->loadFunctions($functions);
      • $server->setPersistence($mode);
      • $headers = $server->getHeaders();
    • 23. Alternative Approach
      • Zend_Rest_Server is likely to be on the chopping block in the 2.0 branch. Don't use it for new projects and make it a long-term goal to migrate existing projects using it.
      • Use Zend Framework MVC features together with the ContextSwitch action helper to vary the returned resource representation.
      • Keep an eye out for new developments to support REST services.
    • 24. RESTful Routing
      • Default routes in the rewrite router offer no standard conducive toward the REST approach.
      • Zend_Controller_Router_Route_Rest is a new (as in not-yet-approved) proposal by Luke Crouch to implement a common URI-to-action mapping for RESTful web services.
    • 25. Zend_Rest_Client
      • Lightweight wrapper for Zend_Http_Client geared toward consuming REST-based services.
      • Can be used to implement automated test suites for application components that use Zend_Rest_Server.
      • __call() implementation follows suit with the REST-RPC style of the server component.
      • Using Zend_Http_Client itself is likely a better idea.
    • 26. REST Demo
      • Check my blog for slides and demo source code after the conference.
    • 27. Acronym #2
      • XML-RPC: eXtensible Markup Language Remote Procedure Call
      • Created by Dave Winer of UserLand Software in 1998 in conjunction with Microsoft.
      • RPC model using XML as its data exchange format and HTTP as its data transport protocol.
      • Intended to be a simple, minimalistic, and easy to use protocol.
    • 28. What is XML?
      • eXtensible Markup Language
      • General-purpose spec for creating custom markup languages (ex: XHTML , RSS , Atom , SVG ).
      • Fee-free W3C-recommended open standard .
      • Primary purpose is to help information systems share structured data.
      <EverybodyStandBack /> I know XML
    • 29. What is RPC?
      • Remote Procedure Call
      • Originated in 1976 in RFC 707.
      • Also referred to as remote (method) invocation.
      • General term for the ability of a computer program to execute a subroutine in a remote address space.
      • Popular paradigm for implementation of the client-server model of distributed computing using message passing.
    • 30. REST versus RPC
      • REST
      • Nouns
      • Principles
      • Architecture
      • Generally atomic
      • RPC
      • Verbs
      • Standards
      • Implementation
      • Generally not
    • 31. Zend_XmlRpc_Server
      • Zend_XmlRpc_Server is a full-featured XML-RPC server implementation of the specifications found at .
      • Natively supports procedure namespaces and implements expected system.* procedures internally using Zend_Server_Reflection .
      • Prevents output of information for exceptions not thrown by the server component using a whitelisting approach.
    • 32. XML-RPC Components
      • Zend_XmlRpc_Request and Zend_XmlRpc_Response are data structures for client requests to servers and server responses to clients respectively.
      • Zend_XmlRpc_Server allows for injection of custom request instances and use of custom response classes.
      • Zend_XmlRpc_Server_Fault manages whitelisting of exceptions that may be thrown during server operations, in order to ensure application security.
    • 33. Boxcarring Requests
      • Extension to the XML-RPC protocol that allows multiple procedure calls to be sent within a single server request.
      • Not supported by all servers. Support is denoted by the presence of system.multicall in response to a call to system.listMethods .
      • Zend_XmlRpc_Server supports this feature.
    • 34. Zend_XmlRpc_Server_Cache
      • System.* methods support uses Zend_Server_Reflection to handle class introspection, which can be expensive.
      • Zend_XmlRpc_Server_Cache can be used to cache server definitions to a file for better performace.
      • If get($cacheFilePath, $xmlRpcServerInstance) returns true, skip server configuration. Otherwise, configure your server class like normal and then call save($cacheFilePath, $xmlRpcServerInstance).
    • 35. Zend_XmlRpc_Client
      • Zend_XmlRpc_Client supports consumption of remote XML-RPC services and unit testing of server implementations.
      • Automatically handles type conversion between PHP and XML-RPC data types and allows for independent handling of both HTTP errors and XML-RPC faults.
      • Natively supports introspection operations on servers that support the de facto system methods.
    • 36. Zend_XmlRpc_Client_ServerProxy
      • Zend_XmlRpc_Client_ServerProxy proxies remote XML-RPC namespaces to allow them to function as native PHP objects.
      • Ex: $client->getProxy()-> system -> listMethods (); vs. $client->call(' system . listMethods ');
    • 37. XML-RPC Demo
      • And now for something completely different: a demo that actually uses the server components I was just talking about!
    • 38. Acronym #3
      • JSON-RPC: JavaScript Object Notation Remote Procedure Call
      • RPC model similar to XML-RPC except that it uses using JSON as its data exchange format instead of XML.
      • Designed for extreme ease of use.
      • Current working draft version is 1.1.
      • Specification proposal for version 2.0 was released in March 2008.
    • 39. What is JSON?
      • JSON: JavaScript Object Notation
      • Text-based human-readable data interchange format.
      • Based on a subset of JavaScript, but considered to be a language-independent format.
      • Detailed in RFC 4627 by Douglas Crockford.
    • 40. JSON versus XML
      • Pros of JSON
      • Extremely simple
      • Lighter payload
      • Native data type support
      • Cons of JSON
      • Fewer available supporting technologies
      • No native support for binary data or namespaces
      • Primitive data type support is weak
      • Not extensible
    • 41. Zend_Json_Server
      • Supports versions 1 and 2 of the JSON-RPC specification found at .
      • Zend_Json_Server_Smd supports the Service Mapping Description specification for providing service metadata to clients.
      • Interoperable with Zend_Dojo_Data , the new data component for the Dojo toolkit in Zend Framework 1.6.
    • 42. JSON-RPC Components
      • Zend_Json_Server_Request and Zend_Json_Server_Response are data structures for client requests to servers and server responses to clients respectively.
      • Zend_Json_Server_Error is a data structure for exceptions that may occur in processing requests.
      • Zend_Json_Server allows for injection of request and response instances.
    • 43. Zend_Json_Client ... NOT!
      • Poor Man's Zend_Json_Client
      • Populate a Zend_Json_Server_Request instance with a method, parameters, and a request identifer.
      • Send the return value of $request->toJson() to the service endpoint via an HTTP POST operation using Zend_Http_Client.
      • Pass the HTTP response body to Zend_Json::decode() to get the equivalent PHP data structure.
    • 44. JSON Demo
      • This is the last one... after the next one, of course.
    • 45. Acronym #4
      • SOAP (pre-1.2 - Simple Object Access Protocol)
      • Protocol for exchanging XML-based messages.
      • Originally designed by Dave Winer, Don Box, Bob Atkinson, and Mohsen Al-Ghosein in 1998, with backing from Microsoft, to be the successor of XML-RPC.
      • Version 1.2 of the spec became a W3C recommendation in June 2003. Spec is currently maintained by the W3C XML Protocol Working Group .
    • 46. SOAP versus XML-RPC
      • SOAP message structure is more complex and syntax more verbose than XML-RPC because it allows for extensive message customization.
      • SOAP supports user-defined data types (UDTs) while XML-RPC types are finite and predefined.
      • SOAP supports enumerations, XML namespaces, XML Schemas, and other advanced features.
    • 47. Zend_Soap_Server
      • Intended purpose of Zend_Soap_Server is to simplify use and implementation of SOAP within PHP applications.
      • API is compatible with the SoapServer component of the standard PHP SOAP extension. Composes it to add request, response, and service metadata handling.
      • Same two modes of operation: WSDL and non-WSDL.
    • 48. What is WSDL?
      • Web Services Description Language
      • XML-based language for describing how to access and use web services and the structure of their output.
      • Not tied to SOAP, but often used with it.
      • Version 2.0 (formerly 1.2) is a W3C recommendation and has better support for RESTful services, but is less widely adopted than its predecessor version 1.1.
      • Writing it is about as pleasant as getting a root canal.
    • 49. Zend_Soap_Autodiscover
      • Zend_Soap_Autodiscover can generate WSDL from the source code of the class you expose as a SOAP service.
      • It has a SoapServer-compatible API, but doesn't implement any logic for most methods. Instantiate within a controller, call setClass or addFunction, handle, done.
      • Uses Zend_Server_Reflection to get class and type information, Zend_Soap_Wsdl for WSDL generation, and current request information for endpoint metadata.
    • 50. Zend_Soap_Client
      • Composes the SoapClient component of the standard PHP SOAP extension to add request and response handling and accessor and mutator methods for all configuration options.
      • Includes methods that can be overridden in custom clients for preprocessing of arguments and service operation results.
      • Useful for testing Zend_Soap_Server-based services.
    • 51. SOAP Demo
      • OK, this really is the last one this time. Really.
    • 52. In conclusion...
      • ... people who end their presentations with sentences starting with &quot;in conclusion&quot; have no creativity. Or are just inherently lazy. Or both.
      • As in many arenas, there is no end-all be-all &quot;best&quot; choice of implementation. It's all about what your needs are and what tools can meet them.
      • Zend Framework supports RAD development for the common methods of web service in today's marketplace.
    • 53. Questions?
      • No heckling... OK, maybe just a little.
      • I will hang around afterward if you have questions, points for discussion, or just want to say hi. It's cool, I don't bite or have cooties or anything. I have business cards too.
      • I work with Zend Framework on a fairly regular basis these days and generally blog about my experiences at </ShamelessPlug>
      • Thanks for coming!