Web APIs


Published on

Published in: Education
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Web APIs

  1. 1. Web APIs Carlos Santos Tecnologias Dinâmicas para a Internet - MCMM - UA 25 outubro 2013
  2. 2. API • Application programming interface • “Reasons Why APIs Are Reshaping Your Business” http://www.slideshare.net/faberNovel/6-reasons-why-apis-are-reshaping-yourbusiness • (1 a 18) Página Wikipédia sobre APIs http://en.wikipedia.org/wiki/ Application_programming_interface • ver referência: “What is an API? Your guide to the Internet Business (R)evolution” http://www. 3scale.net/wp-content/uploads/2012/06/What-is-an-API-1.0.pdf
  3. 3. SOAP vs REST • Web Services vs Web API • [...] a software system designed to support interoperable machine-to-machine interaction over a network. It has an interface described in a machine-processable format (specifically WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP messages, typically conveyed using HTTP with an XML serialization in conjunction with other Web-related standards. (W3C) • Complexidade vs Simplicidade • Proprietário vs Aberto
  4. 4. REST “REST, or in the full form, Representational State Transfer has become the standard design architecture for developing web APIs. At its heart REST is a stateless client-server relationship; this means that unlike many other approaches there is no client context being stored server side (no Sessions). To counteract that, each request contains all the information necessary for the server to authenticate the user, and any session state data that must be sent as well.
 REST takes advantage of the HTTP request methods to layer itself into the existing HTTP architecture. These operations consist of the following: • GET - Used for basic read requests to the server • PUT - Used to modify an existing object on the server • POST - Used to create a new object on the server • DELETE - Used to remove an object on the server By creating URI endpoints that utilize these operations, a RESTful API is quickly assembled.” “Creating a RESTful API with PHP” - http://coreymaynard.com/blog/creating-a-restful-api-with-php/
  5. 5. HTTP • “HTTP: The Protocol Every Web Developer Must Know” http://net.tutsplus.com/tutorials/tools-and-tips/http-the-protocolevery-web-developer-must-know-part-1/ • Mais importante: Verbos e Status Codes
  6. 6. Boas práticas • “How To Design A Good API and Why it Matters” • • • vídeo: http://www.youtube.com/watch?v=heh4OeB9A-c slides: http://lcsd05.cs.tamu.edu/slides/keynote.pdf “Best Practices for Designing a Pragmatic RESTful API” http://www.vinaysahni.com/best-practices-for-a-pragmatic-restful-api
  7. 7. XML vs JSON http://www.oxygenxml.com/xml_editor/json_editor.html
  8. 8. XML vs JSON • “JSON vs XML: How JSON Is Superior To XML” https://www.udemy.com/blog/json-vs-xml/ • “Why JSON will continue to push XML out of the picture” http://blog.appfog.com/why-json-will-continue-to-push-xml-outof-the-picture/ • “JSON: The Fat-Free Alternative to XML” http:// www.json.org/xml.html
  9. 9. JSON • “JSON” http://en.wikipedia.org/wiki/JSON • “jQuery.getJSON()” http://api.jquery.com/jQuery.getJSON/ • “jQuery.parseJSON()” http://api.jquery.com/jQuery.parseJSON/ • “PHP: JSON - Manual” http://php.net/manual/en/ book.json.php
  10. 10. XSS • “What is Cross Site Scripting and How Can You Fix it?” http://www.acunetix.com/websitesecurity/cross-site-scripting/ • “Cross-site scripting” http://en.wikipedia.org/wiki/Crosssite_scripting • “Same origin policy” http://en.wikipedia.org/wiki/Sameorigin_policy
  11. 11. JSONP vs Proxy • Como efetuar pedidos Ajax? • • “Breaking The Cross Domain Barrier” http://www.slideshare.net/SlexAxton/ breaking-the-cross-domain-barrier JSONP • • • http://en.wikipedia.org/wiki/JSONP http://stackoverflow.com/questions/2067472/what-is-jsonp-all-about Proxy • http://developer.yahoo.com/javascript/howto-proxy.html
  12. 12. Autenticação • “Basic access authentication” http://en.wikipedia.org/wiki/ Basic_access_authentication • “Digest access authentication” http://en.wikipedia.org/wiki/ Digest_access_authentication • OAuth (1.0 ou 2.0) http://en.wikipedia.org/wiki/Oauth
  13. 13. Versões • Compatibilidade? • E quando deixa de existir? • “Best Practices for Designing a Pragmatic RESTful API” http://www.vinaysahni.com/best-practices-for-a-pragmatic-restfulapi#versioning
  14. 14. Segurança API • API Rate limiting • http://stackoverflow.com/questions/8775079/ • http://www.quora.com/APIs/How-are-API-keys-and-developer-accountsgenerated-by-platforms-like-Facebook-Twitter-Mint-and-LinkedIn
  15. 15. A seguir... • Exemplo de criação de uma Web API em REST com respostas em JSON • http://code.ua.pt/projects/ajax-api-ntc-lab4-2012