Enjoying the Move from WCF to the Web API

3,855
-1

Published on

A more advanced talk for those developers thinking of making the move from ASMX or WCF-based services to the ASP.NET Web API. RESTful services have their place in the middle tiers and this talk addresses how to make the mental shift toward REST. There's a lot of focus on how to ease the transition from such a complex framework as WCF to something as simplistic as the Web API.

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,855
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
80
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide
  • Values idealism over pragmatism and app longevity over short-term efficiencyResult: nobody does it correctly
  • Enjoying the Move from WCF to the Web API

    1. 1. Enjoying the Move from WCF to the ASP.NET Web API W. Kevin Hazzard
    2. 2. An API should be… • Discoverable • Intuitive • Standards-based • Economical • Adaptive • Fun
    3. 3. Richardson Maturity Model martinfowler.com/articles/richardsonMaturityModel.html
    4. 4. The ASMX Experience • Simple publication model • HTTP for transport only • Slow serialization • Tightly integration with ASP.NET and IIS • Difficult to test • Encourages the RPC (swamp of POX) model • A simple, Level 0 experience Level 3 Level 2 Level 1 Level 0
    5. 5. The WCF Experience • Complex publication model • Highly configurable transports • Better serialization • Well-integrated with IIS • Also easy to self-host • Very rich metadata • Difficult to test • Rich data contracts hint at resource-orientation • A highly-adaptable but complex Level 1 experience Level 3 Level 2 Level 1 Level 0
    6. 6. From StackOverflow.com “I am totally confused between WCF and ASMX web services. I have used a lot of web services in my earlier stage and now there is this new thing introduced called WCF. I can still create WCF that function as a web service. I think there will be more stuff in WCF. Can anyone provide me any article or difference between WCF and Web services such as which one to use and when?” Result: many developers stayed with ASMX.
    7. 7. Cessna 172 v. Boeing 747 ASMX WCF
    8. 8. The Web API Experience • Tightly coupled to HTTP • Content negotiation • Open-ended formatting • No reliance on a platform • (Almost) no metadata • Solid resource-orientation • Easy to test • A simple, HTTP- centric, Level 2 experience with nascent hypermedia support Level 3 Level 2 Level 1 Level 0
    9. 9. H A T E O A S Hypermedia As The Engine Of Application State H A T E O A S
    10. 10. Today, would you design a web application that requires proprietary or native, third- party plug-ins to run inside the web browser?
    11. 11. Web API Architecture
    12. 12. Web API Processing Architecture HttpRequestMessage HttpResponseMessag e
    13. 13. HTTP Request GET /index.html HTTP/1.1 Accept: text/html Accept-Encoding: gzip, deflate Accept-Language: en-US User-Agent: Mozilla/5.0 Connection: Keep-Alive
    14. 14. HttpRequestMessage Method Headers Content GET /index.html HTTP/1.1 Accept: text/html Accept-Encoding: gzip, deflate Accept-Language: en-US User-Agent: Mozilla/5.0 Connection: Keep-Alive RequestUri
    15. 15. Extensions, etc. • CreateErrorResponse – many overloads • CreateResponse – many overloads • GetClientCertificate • GetProperty<T> • GetQueryNameValuePairs • GetUrlHelper • Properties Most are in System.Net.Http.dll.
    16. 16. HTTP Response HTTP/1.1 200 OK Cache-Control: private, max-age=0 Content-Type: application/json Vary: Accept-Encoding Date: Thu, 31 Dec 2015 23:59:59 GMT Content-Length: 412 Connection: keep-alive Set-Cookie: XYZ=123; domain=.me.com; path=/ [{"id" : 811, "First" : “Kevin”, ...
    17. 17. HttpResponseMessage Headers Content HTTP/1.1 200 OK Cache-Control: private, max-age=0 Content-Type: application/json Vary: Accept-Encoding Date: Thu, 31 Dec 2015 23:59:59 GMT Content-Length: 412 Connection: keep-alive Set-Cookie: XYZ=123; domain=.me.com; path=/ [{"id" : 811, "First" : “Kevin”, ... StatusCode
    18. 18. Response Extras • ReasonString – string • IsSuccessStatusCode - bool • RequestMessage – HttpRequestMessage
    19. 19. Important Attributes o HttpGet o HttpPost o HttpPut o HttpPatch o HttpDelete o HttpHead o HttpOptions o AcceptVerbs o Authorize o AllowAnonymous o NonAction o FromBody o FromUri o Queryable
    20. 20. Example One Create a Simple Controller to Fetch Person Entities Add OData Query Syntax Support Constrain the Queryable Interface
    21. 21. Example One Summary • Implement a basic controller with actions • Demonstrate controller selection by convention • Discuss controller selection by attribution • Implement OData query parameters and demonstrate • Discuss Queryable attribute
    22. 22. Where’s my metadata? • Web API publishes metadata! • See Yao’s blog: http://blogs.msdn.com/b/yaohuang1 • IApiExplorer research has yielded o Web API Help Pages o Web API Test Client
    23. 23. Example Two Add WebApiTestClient to the Project and Configure Turn Documentation Comments on and Configure
    24. 24. Cross-Cutting Concerns HttpMessageHandler class: protected abstract Task<HttpResponseMessage> SendAsync( HttpRequestMessage request, CancellationToken token);
    25. 25. DelegatingHandler Derives from HttpMessageHandler Chains handlers together in the order you add them
    26. 26. Chained Handlers Server SendAsync SendAsync SendAsync
    27. 27. Example Three Implement an Authorization Key Handler
    28. 28. Example Three Summary • Implement an application key handler • Discuss the invocation of the InnerHandler • Demonstrate the creation and return of an error response • Discuss why throwing exceptions will always return an HTTP 500 (Internal Server Error) result • Demonstrate using the request object to create the error response instead • Attach the handler to the pipeline • Debug with Help & Test
    29. 29. Security Tips • Tunnel via SSL when possible • Use Thinktecture IdentityModel for authentication • Use [Authorize] and [AllowAnonymous] for authentication • For CORS support: o ThinkTecture.IdentityModel o Microsoft ASP.NET Web API Cross-Origin Support (Beta) • Think PAINT
    30. 30. Self-Hosting Microsoft ASP.NET Web API Self Host http://topshelf-project.com http://owin.org https://katanaproject.codeplex.com
    31. 31. Issues and Missing Stuff Caching (Safety) Idempotence Transaction Enlistment Concurrency and Instancing Message Encryption One-way APIs
    32. 32. Recommendations • Focus on documentation, media types and hyperlinking • Use help pages and the WebApiTestClient • Define cross-cutting concerns and use message handlers • Consider the Katana Project and Open Web Interface for .NET (OWIN) for self-hosting • Use the ThinkTecture.Identity Model • Make testing a central theme in your API development because it’s so easy
    33. 33. Contacting Kevin @KevinHazzard blogs.captechconsulting.com manning.com/hazzard

    ×