Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Representation state transfer and some other important stuff

2,472 views

Published on

Representation state transfer and some other important stuff. Internal workshop @ enrise

Published in: Technology
  • Be the first to comment

Representation state transfer and some other important stuff

  1. 1. RepresentationalStateTransfer(REST)(and some other important stuff)
  2. 2. Warning before we start ‣ REST != MVC ‣ Do not think in controllers, id’s, actions, models, views, plugins, helpers etc... ‣ In fact, do not think about implementation AT ALL!!
  3. 3. What is REST?Roy Fielding said: REST is a coordinated set of architectural constraints that attempts to minimize latency and network communication while at the same time maximizing the independence and scalability of component implementations. This is achieved by placing constraints on connector semantics where other styles have focused on component semantics. REST enables the caching and reuse of interactions, dynamic substitutability of components, and processing of actions by intermediaries, thereby meeting the needs of an Internet-scale distributed hypermedia system.
  4. 4. What is REST? ‣ Cacheable ‣ Stateless ‣ Scalable ‣ Fault-tolerant ‣ Loosely coupled‣ ADVANTAGES OF REST
  5. 5. What is REST? ‣ URL identifies a resource ‣ URLs have an hierarchy ‣ Methods perform operations on resources ‣ Operation must be implicit ‣ Hypermedia format to represent data ‣ Link relations to navigate‣ THE PRINCIPLES OF REST
  6. 6. What is REST? ‣ Identification of resources ‣ Manipulation of resources ‣ Self-descriptive messages ‣ HATEOAS‣ THE FOUR MAIN PRINCIPLES
  7. 7. What is REST? ‣ Identification of resources ‣ Manipulation of resources ‣ Self-descriptive messages ‣ HATEOAS‣ THE FOUR MAIN PRINCIPLES
  8. 8. Identification of resources ‣ /index.php?action=getarticle&id=5 ‣ /default/article/5/4/6/size Cacheable? Scalable? Readable?‣ You are doing it wrong... :(
  9. 9. Identification of resources ‣ /articles We want all articles ‣ /articles/5/photos/4/comments/1 We want the first comment of the fourth photo for the fifth article ‣ /articles/5/photos/4/comments We want all comments of the fourth photo for the fifth article Cacheable! Scalable! Readable!‣ Readable and maintainable!
  10. 10. Identification of resources ✗ /photos/order/size/limit/5 ✗ /photos/limit/5/order/size ✓ /photos?order=size&limit=5 ✓ /photos?limit=5&order=size‣ FILTERING THROUGH A QUERY STRING, NOT THE URI
  11. 11. What is REST? ‣ Identification of resources ‣ Manipulation of resources ‣ Self-descriptive messages ‣ HATEOAS‣ THE FOUR MAIN PRINCIPLES
  12. 12. Manipulation of resources ‣ Create ‣ Retrieve ‣ Update ‣ Delete ‣ But please note that REST != CRUD
  13. 13. Manipulation of resources ‣ Create = PUT ‣ Retrieve = GET ‣ Update = POST ‣ Delete = DELETE‣ CRUD to HTTP verb mapping
  14. 14. Manipulation of resources ‣ Any client should be able to make the request as many times as necessary. ‣ GET, OPTIONS, HEAD‣ SAFE METHODS
  15. 15. Manipulation of resources ‣ Garantuees that the client can repeat the request when it’s not certain. ‣ $x++ vs $x=4 ‣ ALL METHODS EXCEPT “POST”‣ IDEMPOTENT METHODS
  16. 16. What is REST? ‣ Identification of resources ‣ Manipulation of resources ‣ Self-descriptive messages ‣ HATEOAS‣ THE FOUR MAIN PRINCIPLES
  17. 17. Self-descriptive messages‣ Stateless!‣ All information for processing is available: ‣ How? (method + content-type) ‣ What? (URI) ‣ When? (preconditions) ‣ Who? (authentication)
  18. 18. Self-descriptive messages GET /article/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth oauth_nonce=”123” ... If-None-Matched: absad12412414‣ HOW (method)
  19. 19. Self-descriptive messages GET /article/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth oauth_nonce=”123” ... If-None-Matched: absad12412414‣ HOW (content-type)
  20. 20. Self-descriptive messages GET /article/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth oauth_nonce=”123” ... If-None-Matched: absad12412414‣ WHAT
  21. 21. Self-descriptive messages GET /article/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth oauth_nonce=”123” ... If-None-Matched: absad12412414‣ WHEN
  22. 22. Self-descriptive messages GET /article/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth oauth_nonce=”123” ... If-None-Matched: absad12412414‣ WHO
  23. 23. What is REST? ‣ Identification of resources ‣ Manipulation of resources ‣ Self-descriptive messages ‣ HATEOAS‣ THE FOUR MAIN PRINCIPLES
  24. 24. HATEOAS HATEOAS = Hypermedia As The Engine Of Application State
  25. 25. HATEOAS This is the hardest and of course, most important part of REST
  26. 26. HATEOAS ‣ Use links to allow clients to discover locations and operations. ‣ Link relations are used to express options. ‣ Clients do not need to know URLs. ‣ This controls the state.
  27. 27. State inside your REST API Fetch Select Confirm Pay E-Ticket‣ “Flight booking API”
  28. 28. State inside your REST API POST /search?order=price&limit=5 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 <search> <destination>LPA</destination> <date>24-may-2011</date> <type>firstclass</type> </search>‣ Search for specified flights
  29. 29. State inside your REST API HTTP/1.1 200 OK Content-type: application/vnd.enrise.nl+xml ; version: 1.0 <flights xmlns=...> <flight> <flightno>KL1234</flightno> <time>4:24</time> <link method=”get” rel=”details” action=”/flight/15263” type=”text/xml”> <link method=”post” rel=”confirm” action=”/confirm/flight/15263” type=”text/xml”> </flight> <flight> <flightno>HV123</flightno> <time>3:54</time> <link method=”get” rel=”details” action=”/flight/523525” type=”text/xml”> <link method=”post” rel=”confirm” action=”/confirm/flight/523525” type=”text/xml”> </flight> </flights>‣ Returns a collection of flights
  30. 30. State inside your REST API POST /confirm/flight/15263 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 HTTP/1.1 401 Authentication required‣ Confirm a specific flight
  31. 31. State inside your REST API POST /confirm/flight/15263 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth ...... <flight> <seat>2A</seat> <meal>vegetarian</meal> </flight> HTTP/1.1 201 Created Location: /booking/1616163 <booking> <link rel=”details” href=”/booking/1616163” method=”get” type=”application/xml”> <link rel=”payment” href=”/payment/booking/1616163” type=”application/xml”> <link rel=”cancel” href=”/payment/booking/1616163” method=”delete” type=”application/xml”> </booking>‣ Confirm a specific flight, with more info
  32. 32. State inside your REST API OPTIONS /booking/1616163 HTTP/1.1 Host: www.enrise.com Authorization: OAuth ...... HTTP/1.1 200 OK Allow: GET, DELETE, PUT‣ What can we do with our booking?
  33. 33. State inside your REST API DELETE /booking/1616163 HTTP/1.1 Host: www.enrise.com Authorization: OAuth ...... HTTP/1.1 204 No content‣ Cancel our booking!
  34. 34. State inside your REST API GET /booking/1616163 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth... HTTP/1.1 200 OK <booking> <flight> <flightno>KL1234</flightno> <time>4:24</time> <link rel=”details” method=”get” href=”/flight/15263”> </flight> <payment> <status>Not paid</status> <link rel=”details” method=”get” href=”/payment/booking/1616163”> </payment> </booking>‣ Still need to pay for the flight
  35. 35. State inside your REST API POST /payment/booking/1616163 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth ...... <payment> <cardno>4111-1111-1111-1111</cardno> <expires>04/13</expires> <name>Joshua Thijssen</name> <amount currency=”eur”>414.00</amount> </payment> HTTP/1.1 201 Created Location: /payment/booking/1616163‣ Pay through another resource
  36. 36. State inside your REST API OPTIONS /booking/1616163 HTTP/1.1 Host: www.enrise.com Authorization: OAuth ...... HTTP/1.1 200 OK Allow: GET, PUT‣ Can’t delete our booking since it’s paid
  37. 37. State inside your REST API GET /booking/1616163 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version: 1.0 Authorization: OAuth... HTTP/1.1 200 OK <booking> <flight> <flightno>KL1234</flightno> <time>4:24</time> <link rel=”details” method=”get” href=”/flight/15263”> </flight> <payment> <status>Paid in full</status> <link rel=”details” method=”get” href=”/payment/booking/1616163”> </payment> <link rel=”eticket” method=”get” href=”/eticket/12415156261616”> </booking>‣ We can fetch our eticket now
  38. 38. (Common) pitfalls of REST design ‣ Versioning ‣ Methods in uri ‣ One uri per resource ‣ Controller resources & non-CRUD
  39. 39. (Common) pitfalls of REST design ‣ Versioning ‣ Methods in uri ‣ One uri per resource ‣ Controller resources & Non-CRUD
  40. 40. (Common) pitfalls of REST design ‣ /api/v1.1/article/1234/photos ‣ /api/v1.2/article/1234/photos ‣ Different resources?‣ Versioning
  41. 41. (Common) pitfalls of REST design GET /api/article/1234/photos HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 GET /api/article/1234/photos HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+json ; version = 1.1 GET /api/article/1234/photos HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+json ; version = 5.0.4a‣ Versioning
  42. 42. (Common) pitfalls of REST design ‣ Versioning ‣ Methods in uri ‣ One uri per resource ‣ Controller resources & Non-CRUD
  43. 43. (Common) pitfalls of REST design ‣ /api/get/article/1234/photos ‣ /api/article/new ‣ /api/article/list‣ Methods in URL
  44. 44. (Common) pitfalls of REST design ‣ Versioning ‣ Methods in uri ‣ One uri per resource ‣ Controller resources & Non-CRUD
  45. 45. (Common) pitfalls of REST design ‣ /api/article/1234 ‣ /api/article/red+teddybear ‣ Different resources‣ One URI per resource
  46. 46. (Common) pitfalls of REST design GET /api/article/red+teddybear HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 HTTP/1.1 303 See Other Location: /api/article/1234‣ One URI per resource
  47. 47. (Common) pitfalls of REST design ‣ Versioning ‣ Methods in uri ‣ One uri per resource ‣ Controller resources & Non-CRUD
  48. 48. (Common) pitfalls of REST design ‣ Outside the CRUD? ‣ Multiple operations simultaneously?‣ Controller resources & non-crud
  49. 49. (Common) pitfalls of REST design GET /distance HTTP/1.1 Host: www.enrise.com Accept: text/xml Content-type: text/xml;charset=UTF-8 <xml> <from>Amersfoort, NLD</from> <to>Apeldoorn, NLD</to> </xml> HTTP/1.1 200 OK Content-length: 123 Content-type: text/xml <result> <distance unit=”km”>45</distance> <distance unit=”miles”>27.96</distance> </result>‣ Controller resources & non-crud
  50. 50. (Common) pitfalls of REST design POST /user/jthijssen/address_merge HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 Content-type: text/csv;charset=UTF-8 John Doe, 1 Main Street, Seattle, WA Jane Doe, 100 North Street, Los Angeles, CA HTTP/1.1 303 See Other Location: /user/jthijssen/addressbook‣ Controller resources & non-crud
  51. 51. More important stuff ‣ HTTP Status codes ‣ ETags
  52. 52. HTTP Status codes ‣ Status codes are important ‣ They represent the result of your actions
  53. 53. HTTP Status codes ‣ 1xx Informational ‣ 2xx Success ‣ 3xx Redirection ‣ 4xx Client error ‣ 5xx Server error
  54. 54. HTTP Status codes ‣ 200 OK Resource returned ‣ 201 Created Resource created ‣ 204 No content Resource deleted‣ IMPORTANT 2xx CODES
  55. 55. HTTP Status codes ‣ 304 Not modified Resource wasn’t changed‣ IMPORTANT 3xx CODES
  56. 56. HTTP Status codes ‣ 400 Bad request Incorrect payload ‣ 401 Unauthorized Not authorized to operate ‣ 403 Forbidden Not authenticated to operate ‣ 404 Not found Resource was not found‣ IMPORTANT 4xx CODES
  57. 57. HTTP Status codes ‣ 405 Method not allowed Method incorrect ‣ 406 Not acceptable Cannot return in correct format ‣ 412 Precondition failed “ETag mismatch”‣ IMPORTANT 4xx CODES
  58. 58. HTTP Status codes ‣ 500 Internal server error “Something” happened ‣ 501 Not implemented Method is not implemented‣ IMPORTANT 5xx CODES
  59. 59. HTTP Status codes ‣ 501 Not implemented vs 405 Method not allowed ‣ 409 Conflict vs 412 Precondition failed‣ DEBATABLE
  60. 60. ETags & Optimistic locking GET /blogpost/12345 HTTP/1.1 Host: www.enrise.com HTTP/1.1 200 OK Content-length: 1234000 Content-type: text/xml ETag: abcd-1234 <xml> <blogpost> <author>Joshua Thijssen</author> <title>...</title> .... </blogpost> </xml>
  61. 61. ETags & Optimistic locking GET /blogpost/12345 HTTP/1.1 Host: www.enrise.com If-None-Match: abcd-1234 HTTP/1.1 304 Not modified Blogpost is cached and can be used!
  62. 62. ETags & Optimistic locking POST /blogpost/12345 HTTP/1.1 Host: www.enrise.com If-Match: abcd-1234 <xml> <author>Sjors de Valk</author> </xml> HTTP/1.1 412 Precondition failed Blogpost is already modified by “someone”
  63. 63. REST examples Other REST Examples
  64. 64. REST examples POST /articles HTTP/1.1 Host: www.enrise.com Content-type: application/vnd.enrise.nl+xml ; version = 1.0 <article xmlns=”http://www.enrise.com/article”> <name>Teddybear</name> <color>red</color> <stock>15</stock> <price currency=”eur”>15,95</price> <price currency=”usd”>19,95</price> </article> HTTP/1.1 201 Created Location: /articles/1234‣ Creating a resource
  65. 65. REST examples GET /articles HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 HTTP/1.1 200 OK Content-length: 12345 Content-type: application/vnd.enrise.nl+xml Date: sun, 01 Nov 2010 12:34:56 GMT <articles xmlns=”http://www.enrise.com/article”> <article> <name>Teddybear</name> <link method=”get” rel=”article” href=”/articles/1234”> </article> <article> <name>Skippyball</name> <link method=”get” rel=”article” href=”/articles/1121”> </article> </articles>‣ Getting a resource collection
  66. 66. REST examples GET /articles/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 HTTP/1.1 200 OK Content-length: 12345 Content-type: application/vnd.enrise.nl+xml Date: sun, 01 Nov 2010 12:34:56 GMT <article xmlns=”http://www.enrise.com/article”> <name>Teddybear</name> <link method=”get” rel=”article” href=”/articles/1234> </article> HTTP/1.1 404 Not found Content-length: 0 Date: sun, 01 Nov 2010 12:34:56 GMT‣ Getting a resource
  67. 67. REST examples DELETE /articles/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 HTTP/1.1 204 No content Content-length: 0 Date: sun, 01 Nov 2010 12:34:56 GMT‣ Delete a resource
  68. 68. REST examples PUT /articles/1234 HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 Idempotent If-Match: 23709-12135125 <article xmlns=”http://www.enrise.com/article> <name>Teddybear</name> <color>red</color> <stock>30</stock> <price currency=”eur”>15,95</price> <price currency=”usd”>19,95</price> </article> HTTP/1.1 200 OK Content-length: 0 Date: sun, 01 Nov 2010 12:34:56 GMT HTTP/1.1 412 Precondition failed Content-length: 0 Date: sun, 01 Nov 2010 12:34:56 GMT‣ Updating a resource
  69. 69. (Common) pitfalls of REST design POST /user/jthijssen/address_merge HTTP/1.1 Host: www.enrise.com Accept: application/vnd.enrise.nl+xml ; version = 1.0 Content-type: text/csv;charset=UTF-8 John Doe, 1 Main Street, Seattle, WA Jane Doe, 100 North Street, Los Angeles, CA HTTP/1.1 303 See Other Location: /user/jthijssen/addressbook‣ Controller resources
  70. 70. More reading‣ http://en.wikipedia.org/wiki/Representational_State_Transfer‣ http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm‣ http://oreilly.com/catalog/9780596801694‣ http://www.slideshare.net/Wombert/designing-http-interfaces-and- restful-web-services-confoo11-20110310‣ http://www.slideshare.net/adorepump/hateoas-the-confusing-bit- from-rest‣ http://www.slideshare.net/guilhermecaelum/rest-in-practice
  71. 71. Question & discussionhttp://farm1.static.flickr.com/73/163450213_18478d3aa6_d.jpg
  72. 72. ‣ THANK YOU FOR YOUR ATTENTION

×