Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Real World API Design Using The Entity Framework Services


Published on

In this session I will show you how I used the Entity Framework Services to design and create an API servicing layer to expose back end data to partners. We will dive into using the Entity Framework (data layer), WCF Data Services (service layer), T4 templates (business entities), WCF Message Inspectors (security) and more.

Published in: Technology
  • Be the first to comment

Real World API Design Using The Entity Framework Services

  1. 1. Real World API Design Using The Entity Framework Services<br />
  2. 2.
  3. 3. dotNetDave Conference DVD!<br />Packed full of:<br />Videos of all sessions from 2010 & 2011(1)!<br />Slide decks from 2011 & 2010!<br />Demo projects from 2011 & 2010!<br />David McCarter’s .NET interview Questions!<br />Extras<br />Conference Photos from 2010!<br />Surprise videos!<br />Book + DVD $25!<br />Only $15!<br />
  4. 4. Check Out Your Local User Groups!<br />San Diego Cloud Computing User Group<br /><br />San Diego .NET Developers Group<br /><br />San Diego .NET User Group<br /><br />San Diego SQL Server User Group<br /><br />
  5. 5.
  6. 6. Overview<br />
  7. 7. Current Problem<br />Partner<br />Company<br />Data Store<br />Internet<br />All Data Stored in local Data Center<br />Customers/ Partners do not have access to data<br />No ability to create “add-ins” to application<br />No ability to “upsell” products<br />
  8. 8. Partner<br />Company<br />Data Store<br />Internet<br />Immediate access to the network data for partners<br />Provide customers with an ever growing wealth of tools for extending application<br />Marketing Exposure<br />Handle billing and purchasing transactions with the end-user<br />Business Proposition<br />
  9. 9. Goals<br />Make it easy to access data<br />Access to data from any application<br />Windows<br />Web<br />iPhone<br />…<br />Track Usage<br />For billing <br />Detect abuse<br />
  10. 10. Goals<br />Provide ability for different application types<br />Visual Application<br />Surface partner application inside of company application<br />Data Application<br />Allow data access to authorized customers<br />Composite Application<br />Combination of Visual and Data<br />
  11. 11. Challenges<br />Current database design<br />Very Confusing<br />Same data in multiple tables.<br />Allow secure access to data<br />App can only access a select number of services<br />App can only access data for authorized customers<br />Access data from multiple locations<br />Some customers store data locally<br />
  12. 12. Design<br />
  13. 13. Database Issues<br />Hundreds of tables.<br />Tables can have hundreds of columns (some not used anymore)<br />Same data is stored in different tables.<br />Tables store multiple types of data.<br />Primary data keys duplicated in almost every table.<br />Too much expertise needed to understand database.<br />
  14. 14. Database Solution<br />Design model of how data should look, regardless of how it’s currently structured<br />
  15. 15. Database Solution<br />Use Views instead of Tables<br />Allows creating data structures that make more sense, easier to use.<br />Allows splitting/ combining of data from Tables.<br />Allows renaming of columns that make data more understandable/ consistency.<br />Use stored procedures to insert/ update data<br />
  16. 16. Database Solution<br />Use Entity Framework 4 to implement object model on top of Views<br />Easy for developers to use/ understand<br />Separate models by purpose<br />Easier to deal with<br />Re-use views in different models (sparingly)<br />Remove properties that don’t make sense in model<br />Insert/ updates only through “main” Entity<br />Use POCO T4 template<br />Easy to separate entities from data access<br />Can add functionality/ business logic<br />Smaller payloads across the wire<br />
  17. 17.
  18. 18.
  19. 19. Exposing Data to Partners<br />Expose services via HTTPs<br />Use WCF Data Services<br />Expose data via REST (JSON and AtomPub) <br />Easy to expose Models<br />One model per service<br />Control Entity access using EntitySetAccessRule<br />
  20. 20. Exposing Data to Partners<br />Use WCF Data Services <br />Limit number of records returned using EntitySetPageSize<br />Prevent partners from access to clients that have not “enabled” the application<br />Modify data coming into service using ChangeInterceptor’s<br />Can also update date in multiple Entities<br />
  21. 21.
  22. 22.
  23. 23. Security<br />Limit partners access to data/ services<br />Validate call is from authorized partner<br />Using certificate or token<br />Validate client<br />Validate partner has access to service.<br />Validate client/ app<br />Validate app<br />Validate app is active<br />Validate app access to client<br />
  24. 24. Security<br />Use WCF Message Inspectors<br />Intercept service call before it hits the service<br />Different Message Inspectors for different types of services<br />General services uses certification<br />Client data services uses token<br />Smaller than a certification<br />Authentication done by calls to back-end<br />Also used for logging partner usage data<br />What they are hitting<br />Payload sizes<br />
  25. 25.
  26. 26.
  27. 27. Summary<br />
  28. 28. Challenges<br />EF does better with “properly” designed databases<br />EF designer can easily screw up models (better in EF 4)<br />WCF Data Services can be limiting<br />Have to jump through a few hoops to have WCF Data Services to expose entities from a separate project<br />Have to manually edit .svc files to use Message Inspectors<br />
  29. 29. Challenges<br />Bad REST Queries = Bad SQL Queries<br />Demands more processing power on the web tier<br />Majority of programmers have never used REST/ LINQ to Rest<br />More of a challenge with other languages (mostly because samples are written in .NET 4)<br />
  30. 30. Looking Forward<br />Allow more write access to data<br />Provide “batch” processing<br />Faster data access on first hit<br />Allow read/write access to Entity per app<br />Create new database from cleaned up model (far in the future)<br />Better configuration, security, logging and developer portal using third-party vendor<br />