Phil Sturgeon, profile picture
Uploaded byPhil Sturgeon
PPTX, PDF2,604 views

API Pain Points (PHPNE)

The document discusses various aspects of API design and development, focusing on error handling, HTTP status codes, and the importance of consistent naming conventions. It emphasizes proper responses to client requests, the need for robust error messages, and best practices for versioning APIs. The content also touches on the significance of automated testing and flexible response handling to ensure user satisfaction.

Embed presentation

Downloaded 19 times
A P I P A I N - P O I N T S G E T T I N G T H I N G S W R O N G F O R F U N A N D P R O F I T @ P H I L S T U R G E O N 2 0 1 4
A R C H I T E C T U R E O L D S C H O O L
http://girlsgotsole.com/blog/thankful-thursday-rest-days/
D A T A B A S E S E E D I N G L E A V E Y O U R C U S T O M E R S A L O N E
E N D P O I N T T H E O R Y N A M I N G T H I N G S I S H A R D
P L U R A L V S I N G U L A R ? C O N S I S T E N C Y I S K I N G /user/23 /users
P L U R A L V S I N G U L A R ? C O N S I S T E N C Y I S K I N G /opportunity/43 /opportunities
P L U R A L V S I N G U L A R ? C O N S I S T E N C Y I S K I N G /person/dave /people
P L U R A L V S I N G U L A R ? C O N S I S T E N C Y I S K I N G /places /places/12 /places/12/checkins /places/12/checkins/34 /checkins/34
N O N E E D F O R S E O Q U E R Y S T R I N G S A R E F I N E /users/active/true /users?active=true
A U T O - I N C R E M E N T = B A D C T R L + S Y O U R W E B S I T E /checkins/1 /checkins/2 /checkins/2369 … /checkins/3
A U T O - I N C R E M E N T = B A D C T R L + S Y O U R W E B S I T E github.com/zackkitzmiller/tiny-php $tiny = new ZackKitzmillerTiny('lDpuU74QNH6B'); echo $tiny->to(5); // E echo $tiny->from('E'); // 5
A U T O - I N C R E M E N T = B A D C T R L + S Y O U R W E B S I T E use RhumsaaUuidUuid; use RhumsaaUuidExceptio $uuid4 = Uuid::uuid4(); echo $uuid4; // 25769c6c-d34d-4bfe-ba98-e0ee856f3e7a github.com/ramsey/uuid
H T T P V E R B S M A T T E R H O N E S T L Y Dont be @jamiehannaford. That sounds like a bad day.
F O R M P A Y L O A D S J U S T S E N D J S O N foo=something&bar[baz]=thing &bar[stuff]=junk&bar=true18
H A C K Y P A Y L O A D S N O T L I K E T H A T
R E A L J S O N P A Y L O A D S T H N X !
R E A D I N G R E A L D A T A I S E A S Y T H E H T T P W A Y json_decode($_POST['stupid-json']); json_decode(file_get_contents(‘php://input')); Input::get(‘foo’);
2 0 0 I S N O T T H E O N L Y S U C C E S S K N O W Y O U R C O D E S if ($statusCode != 200) { throw new Exception('AAGHH!!'); }
2xx is all about success 3xx is all about redirection 4xx is all about client errors 5xx is all about service errors
200 - Generic everything is OK 201 - Created something OK 202 - Accepted but is being processed async 400 - Bad Request (Validation?) 401 - Unauthorized 403 - Current user is forbidden 404 - That URL is not a valid route 405 - Method Not Allowed 410 - Data has been deleted, deactivated, suspended, etc 500 - Something unexpected happened and it is the APIs fault 503 - API is not here right now, please try again later
418 - I am a Teapot http://httpstatus.es/418
C L E A R , H U M A N E R R O R S W H A T H A P P E N E D { "error": { "errors": [ { "domain": "youtube.parameter", "reason": "missingRequiredParameter", "message": "No filter selected.", "locationType": "parameter", "location": "" } ], "code": 400, "message": "No filter selected." } }
E R R O R S S H O U L D M A K E S E N S E W H A T H A P P E N E D &mine=true "reason": "missingRequiredParameter", "message": "No filter selected.", … WTF
S U P P L E M E N T H T T P C O D E S W H A T H A P P E N E D { "error": { "type": "OAuthException", "message": "Session has expired at unix time 138 } }
S U P P L E M E N T H T T P C O D E S W H A T H A P P E N E D { "error": { "message": "(#210) Subject must be a page.", "type": "OAuthException", "code": 210 } }
S U P P L E M E N T H T T P C O D E S W H A T H A P P E N E D { "error": { "message": "(#210) Subject must be a page.", "type": "OAuthException", "code": 210, "url": “http://developers.facebook.com/errors#210“ } }
O A U T H 2 . 0 thephpleague.com github.com/thephpleague/oauth2-server
O A U T H 2 C A N D O A L O T P A S S W O R D S , I M P L I C I T , S O C I A L L O G I N S …
U S E S S L
L O L E X C E P T F O R …
F A C E B O O K … Y O U B # % @ * D S ! ! ! S E R I O U S L Y Refresh Tokens? Lol
Y O U T U B E … Y O U S E M I - B # % @ * D S ! ! ! S T I L L S E R I O U S L Y Refresh Tokens? Kinda
P R E S E N T A T I O N L A Y E R D O N T L E T U S E R S B E H I N D T H E C U R T A I N
return Places::all(); P R E S E N T A T I O N L A Y E R D O N T L E T U S E R S B E H I N D T H E C U R T A I N
T R A N S F O R M E R S … A S S E M B L E ! public function transform(Book $book) { return [ 'id' => (int) $book->id, 'title' => $book->title, 'year' => $book->yr, ‘created' => (string) $book->created_at, ]; } fractal.thephpleague.com
F L E X I B L E R E S P O N S E S S T O P Y O U R I P H O N E D E V C O M P L A I N I N G GET /checkins/dsfXte ?include=place,user,activity
P A G I N A T E D A T A G R O W S F A S T { "data": [ ... ], "cursors": { "after": "MTI=", "next_url": "https://api.example.com/places ?cursor=MTI%3" } }
D E F I N E A L I M I T R A N G E P A G I N A T I O N D D O S if ($limit < 1 || $limit > 100) { $limit = 100; }
A U T O M A T E T E S T I N G I F Y O U L O V E Y O U R J O B http://www.engineersgotblued.com/
P H P U N I T + B E H A T http://www.bil-jac.com/bestfriendsclub.php
Scenario: Find a merchant When I request "GET /moments/1" Then I get a "200" response And scope into the "data" property And the properties exist: """ id title year created """
Scenario: Try to find an ` checkin When I request "GET /checkins/nope" Then I get a "404" response
Scenario:Wrong Arguments for user follow Given I have the payload: """ {"is_following": "foo"} """ When I request "PUT /users/1” Then I get a "400" response Not a boolean
apiblueprint.org
V E R S I O N I N G / V 1 / D O E S N T C O U N T https://api.example.com/v1/places
V E R S I O N I N G / V 1 / D O E S N T C O U N T https://api-v1.example.com/places
V E R S I O N I N G / V 1 / D O E S N T C O U N T Accept: application/vnd.example+json; version=1 Accept: application/vnd.example+json; version=2
V E R S I O N I N G / V 1 / D O E S N T C O U N T Accept: application/vnd.example.user+json; version=1 Accept: application/vnd.example.user+json; version=2
V E R S I O N I N G / V 1 / D O E S N T C O U N T Copy Facebook Maybe? THIS ONE TIME! Facebook ruined the one good thing they ever did
E V E R Y T H I N G I S W R O N G D O N T B E T H A T G U Y troyhunt.com/2014/02/your-api-versioning-is-wrong-which-is.html
leanpub.com/build-apis-you-wont-hate/c/TOONARMY

More Related Content

PDF
Semantic Web & TYPO3
byAndré Wuttig
 
PDF
Testing TYPO3 Applications
byAndré Wuttig
 
PPT
Api pain points
byPhil Sturgeon
 
PDF
Porque VIM?
byAugusto Pascutti
 
PPTX
Inside a Digital Collection: Historic Clothing in Omeka
byArden Kirkland
 
PDF
Noah Brier: How to build web apps
byPlanning-ness
 
PDF
How to Build a Web App (for Non-Programmers)
byNoah Brier
 
PDF
Using HTML5 for a great Open Web
byRobert Nyman
 
Semantic Web & TYPO3
byAndré Wuttig
 
Testing TYPO3 Applications
byAndré Wuttig
 
Api pain points
byPhil Sturgeon
 
Porque VIM?
byAugusto Pascutti
 
Inside a Digital Collection: Historic Clothing in Omeka
byArden Kirkland
 
Noah Brier: How to build web apps
byPlanning-ness
 
How to Build a Web App (for Non-Programmers)
byNoah Brier
 
Using HTML5 for a great Open Web
byRobert Nyman
 

What's hot

PDF
Php web backdoor obfuscation
bySandro Zaccarini
 
PDF
H4x0rs gonna hack
byXchym Hiệp
 
PDF
PHP Backdoor: The rise of the vuln
bySandro Zaccarini
 
PDF
Code obfuscation, php shells & more
byMattias Geniar
 
PDF
Diary of a Hack
byHelmut Hummel
 
PDF
Tasc workshop presentation
byvalleraj
 
PPT
wreewrer
byJohnHotyn
 
PPT
Unix shell scripting basics
byAbhay Sapru
 
PPTX
Twas the night before Malware...
byDoktorMandrake
 
PDF
Rooted 2010 ppp
bynoc_313
 
KEY
Web Development with CoffeeScript and Sass
byBrian Hogan
 
PDF
Yahoo is open to developers
byChristian Heilmann
 
PPT
YQL - Christian Heilmann Open Hack London presentation
byKorben00
 
PDF
Easy logins for Ruby web applications
byFrancois Marier
 
PDF
SULTHAN's - PHP MySQL programs
bySULTHAN BASHA
 
KEY
Yql && Raphaël
byLachlan Hardy
 
PPT
Concept History
byjonphipps
 
PDF
Building Things Fast - and getting approval
bySimon Willison
 
PDF
SmartData Webinar Slides JSON-LD
byDATAVERSITY
 
Php web backdoor obfuscation
bySandro Zaccarini
 
H4x0rs gonna hack
byXchym Hiệp
 
PHP Backdoor: The rise of the vuln
bySandro Zaccarini
 
Code obfuscation, php shells & more
byMattias Geniar
 
Diary of a Hack
byHelmut Hummel
 
Tasc workshop presentation
byvalleraj
 
wreewrer
byJohnHotyn
 
Unix shell scripting basics
byAbhay Sapru
 
Twas the night before Malware...
byDoktorMandrake
 
Rooted 2010 ppp
bynoc_313
 
Web Development with CoffeeScript and Sass
byBrian Hogan
 
Yahoo is open to developers
byChristian Heilmann
 
YQL - Christian Heilmann Open Hack London presentation
byKorben00
 
Easy logins for Ruby web applications
byFrancois Marier
 
SULTHAN's - PHP MySQL programs
bySULTHAN BASHA
 
Yql && Raphaël
byLachlan Hardy
 
Concept History
byjonphipps
 
Building Things Fast - and getting approval
bySimon Willison
 
SmartData Webinar Slides JSON-LD
byDATAVERSITY
 

Similar to API Pain Points (PHPNE)

PDF
Frans Rosén Keynote at BSides Ahmedabad
bySecurity BSides Ahmedabad
 
KEY
Pragmatic RESTful API Design: Apigee Webinar
byApigee | Google Cloud
 
PPTX
API Design - 3rd Edition
byApigee | Google Cloud
 
KEY
Api anti patterns
byMike Pearce
 
PDF
What’s Your Problem?
byNordic APIs
 
PDF
APIs REST Usables con Hypermedia por Javier Ramirez, para codemotion
byjavier ramirez
 
PDF
The Art of API Design - PHP Tek 2025, Chris Tankersley
byChris Tankersley
 
PDF
Resource-Oriented Web Services
byBradley Holt
 
PPT
Api pain points
byPhil Sturgeon
 
PDF
Profiling Web Archives IIPC GA 2015
bySawood Alam
 
PDF
2012 03 27_philly_jug_rewrite_static
byLincoln III
 
PPT
PHP Server side restful API - linkedin
byVũ Quang Sơn
 
ODP
NEPHP '13: Pragmatic API Development
byAndrew Curioso
 
ZIP
The Power of Open Data
byPhil Windley
 
PDF
REST in ( a mobile ) peace @ WHYMCA 05-21-2011
byAlessandro Nadalin
 
PDF
So you think you know REST - DPC11
byEvert Pot
 
PDF
Restful design at work v2.0
byBoulder Java User's Group
 
PDF
BeJUG JAX-RS Event
byStephan Janssen
 
KEY
API Best Practices
byUri Lavi
 
PDF
Создание API, которое полюбят разработчики. Глубокое погружение
bySQALab
 
Frans Rosén Keynote at BSides Ahmedabad
bySecurity BSides Ahmedabad
 
Pragmatic RESTful API Design: Apigee Webinar
byApigee | Google Cloud
 
API Design - 3rd Edition
byApigee | Google Cloud
 
Api anti patterns
byMike Pearce
 
What’s Your Problem?
byNordic APIs
 
APIs REST Usables con Hypermedia por Javier Ramirez, para codemotion
byjavier ramirez
 
The Art of API Design - PHP Tek 2025, Chris Tankersley
byChris Tankersley
 
Resource-Oriented Web Services
byBradley Holt
 
Api pain points
byPhil Sturgeon
 
Profiling Web Archives IIPC GA 2015
bySawood Alam
 
2012 03 27_philly_jug_rewrite_static
byLincoln III
 
PHP Server side restful API - linkedin
byVũ Quang Sơn
 
NEPHP '13: Pragmatic API Development
byAndrew Curioso
 
The Power of Open Data
byPhil Windley
 
REST in ( a mobile ) peace @ WHYMCA 05-21-2011
byAlessandro Nadalin
 
So you think you know REST - DPC11
byEvert Pot
 
Restful design at work v2.0
byBoulder Java User's Group
 
BeJUG JAX-RS Event
byStephan Janssen
 
API Best Practices
byUri Lavi
 
Создание API, которое полюбят разработчики. Глубокое погружение
bySQALab
 

More from Phil Sturgeon

KEY
CodeIgniter 3.0
byPhil Sturgeon
 
PPT
PHP-FIG: Past, Present and Future
byPhil Sturgeon
 
PDF
Become Master of Your Own Universe - DIBI 2013
byPhil Sturgeon
 
KEY
Why I &lt;3 Laravel 4
byPhil Sturgeon
 
KEY
Introduction to Fuel
byPhil Sturgeon
 
KEY
Running an Open-Source CodeIgniter project
byPhil Sturgeon
 
KEY
Cms expo
byPhil Sturgeon
 
PDF
Laravel and Composer
byPhil Sturgeon
 
CodeIgniter 3.0
byPhil Sturgeon
 
PHP-FIG: Past, Present and Future
byPhil Sturgeon
 
Become Master of Your Own Universe - DIBI 2013
byPhil Sturgeon
 
Why I &lt;3 Laravel 4
byPhil Sturgeon
 
Introduction to Fuel
byPhil Sturgeon
 
Running an Open-Source CodeIgniter project
byPhil Sturgeon
 
Cms expo
byPhil Sturgeon
 
Laravel and Composer
byPhil Sturgeon
 

Recently uploaded

PDF
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
PDF
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PPTX
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
PDF
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PDF
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
PDF
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PDF
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PDF
Hybrid Cloud vs Multi-Cloud Strategy 2025
byTeleglobal International
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
cybercrime in Information security .pptx
byismaeelsahib032
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
The year in review - MarvelClient in 2025
bypanagenda
 
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
Hybrid Cloud vs Multi-Cloud Strategy 2025
byTeleglobal International
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 

API Pain Points (PHPNE)

  • 1.
    A P IP A I N - P O I N T S G E T T I N G T H I N G S W R O N G F O R F U N A N D P R O F I T @ P H I L S T U R G E O N 2 0 1 4
  • 4.
    A R CH I T E C T U R E O L D S C H O O L
  • 6.
  • 7.
    D A TA B A S E S E E D I N G L E A V E Y O U R C U S T O M E R S A L O N E
  • 8.
    E N DP O I N T T H E O R Y N A M I N G T H I N G S I S H A R D
  • 9.
    P L UR A L V S I N G U L A R ? C O N S I S T E N C Y I S K I N G /user/23 /users
  • 10.
    P L UR A L V S I N G U L A R ? C O N S I S T E N C Y I S K I N G /opportunity/43 /opportunities
  • 11.
    P L UR A L V S I N G U L A R ? C O N S I S T E N C Y I S K I N G /person/dave /people
  • 12.
    P L UR A L V S I N G U L A R ? C O N S I S T E N C Y I S K I N G /places /places/12 /places/12/checkins /places/12/checkins/34 /checkins/34
  • 13.
    N O NE E D F O R S E O Q U E R Y S T R I N G S A R E F I N E /users/active/true /users?active=true
  • 14.
    A U TO - I N C R E M E N T = B A D C T R L + S Y O U R W E B S I T E /checkins/1 /checkins/2 /checkins/2369 … /checkins/3
  • 15.
    A U TO - I N C R E M E N T = B A D C T R L + S Y O U R W E B S I T E github.com/zackkitzmiller/tiny-php $tiny = new ZackKitzmillerTiny('lDpuU74QNH6B'); echo $tiny->to(5); // E echo $tiny->from('E'); // 5
  • 16.
    A U TO - I N C R E M E N T = B A D C T R L + S Y O U R W E B S I T E use RhumsaaUuidUuid; use RhumsaaUuidExceptio $uuid4 = Uuid::uuid4(); echo $uuid4; // 25769c6c-d34d-4bfe-ba98-e0ee856f3e7a github.com/ramsey/uuid
  • 17.
    H T TP V E R B S M A T T E R H O N E S T L Y Dont be @jamiehannaford. That sounds like a bad day.
  • 18.
    F O RM P A Y L O A D S J U S T S E N D J S O N foo=something&bar[baz]=thing &bar[stuff]=junk&bar=true18
  • 19.
    H A CK Y P A Y L O A D S N O T L I K E T H A T
  • 20.
    R E AL J S O N P A Y L O A D S T H N X !
  • 21.
    R E AD I N G R E A L D A T A I S E A S Y T H E H T T P W A Y json_decode($_POST['stupid-json']); json_decode(file_get_contents(‘php://input')); Input::get(‘foo’);
  • 23.
    2 0 0I S N O T T H E O N L Y S U C C E S S K N O W Y O U R C O D E S if ($statusCode != 200) { throw new Exception('AAGHH!!'); }
  • 24.
    2xx is allabout success 3xx is all about redirection 4xx is all about client errors 5xx is all about service errors
  • 25.
    200 - Genericeverything is OK 201 - Created something OK 202 - Accepted but is being processed async 400 - Bad Request (Validation?) 401 - Unauthorized 403 - Current user is forbidden 404 - That URL is not a valid route 405 - Method Not Allowed 410 - Data has been deleted, deactivated, suspended, etc 500 - Something unexpected happened and it is the APIs fault 503 - API is not here right now, please try again later
  • 26.
    418 - Iam a Teapot http://httpstatus.es/418
  • 27.
    C L EA R , H U M A N E R R O R S W H A T H A P P E N E D { "error": { "errors": [ { "domain": "youtube.parameter", "reason": "missingRequiredParameter", "message": "No filter selected.", "locationType": "parameter", "location": "" } ], "code": 400, "message": "No filter selected." } }
  • 28.
    E R RO R S S H O U L D M A K E S E N S E W H A T H A P P E N E D &mine=true "reason": "missingRequiredParameter", "message": "No filter selected.", … WTF
  • 29.
    S U PP L E M E N T H T T P C O D E S W H A T H A P P E N E D { "error": { "type": "OAuthException", "message": "Session has expired at unix time 138 } }
  • 30.
    S U PP L E M E N T H T T P C O D E S W H A T H A P P E N E D { "error": { "message": "(#210) Subject must be a page.", "type": "OAuthException", "code": 210 } }
  • 31.
    S U PP L E M E N T H T T P C O D E S W H A T H A P P E N E D { "error": { "message": "(#210) Subject must be a page.", "type": "OAuthException", "code": 210, "url": “http://developers.facebook.com/errors#210“ } }
  • 32.
    O A UT H 2 . 0 thephpleague.com github.com/thephpleague/oauth2-server
  • 33.
    O A UT H 2 C A N D O A L O T P A S S W O R D S , I M P L I C I T , S O C I A L L O G I N S …
  • 34.
    U S ES S L
  • 35.
    L O L EX C E P T F O R …
  • 36.
    F A CE B O O K … Y O U B # % @ * D S ! ! ! S E R I O U S L Y Refresh Tokens? Lol
  • 37.
    Y O UT U B E … Y O U S E M I - B # % @ * D S ! ! ! S T I L L S E R I O U S L Y Refresh Tokens? Kinda
  • 38.
    P R ES E N T A T I O N L A Y E R D O N T L E T U S E R S B E H I N D T H E C U R T A I N
  • 39.
    return Places::all(); P RE S E N T A T I O N L A Y E R D O N T L E T U S E R S B E H I N D T H E C U R T A I N
  • 42.
    T R AN S F O R M E R S … A S S E M B L E ! public function transform(Book $book) { return [ 'id' => (int) $book->id, 'title' => $book->title, 'year' => $book->yr, ‘created' => (string) $book->created_at, ]; } fractal.thephpleague.com
  • 43.
    F L EX I B L E R E S P O N S E S S T O P Y O U R I P H O N E D E V C O M P L A I N I N G GET /checkins/dsfXte ?include=place,user,activity
  • 44.
    P A GI N A T E D A T A G R O W S F A S T { "data": [ ... ], "cursors": { "after": "MTI=", "next_url": "https://api.example.com/places ?cursor=MTI%3" } }
  • 45.
    D E FI N E A L I M I T R A N G E P A G I N A T I O N D D O S if ($limit < 1 || $limit > 100) { $limit = 100; }
  • 46.
    A U TO M A T E T E S T I N G I F Y O U L O V E Y O U R J O B http://www.engineersgotblued.com/
  • 47.
    P H PU N I T + B E H A T http://www.bil-jac.com/bestfriendsclub.php
  • 48.
    Scenario: Find amerchant When I request "GET /moments/1" Then I get a "200" response And scope into the "data" property And the properties exist: """ id title year created """
  • 49.
    Scenario: Try tofind an ` checkin When I request "GET /checkins/nope" Then I get a "404" response
  • 50.
    Scenario:Wrong Arguments foruser follow Given I have the payload: """ {"is_following": "foo"} """ When I request "PUT /users/1” Then I get a "400" response Not a boolean
  • 51.
  • 53.
    V E RS I O N I N G / V 1 / D O E S N T C O U N T https://api.example.com/v1/places
  • 54.
    V E RS I O N I N G / V 1 / D O E S N T C O U N T https://api-v1.example.com/places
  • 55.
    V E RS I O N I N G / V 1 / D O E S N T C O U N T Accept: application/vnd.example+json; version=1 Accept: application/vnd.example+json; version=2
  • 56.
    V E RS I O N I N G / V 1 / D O E S N T C O U N T Accept: application/vnd.example.user+json; version=1 Accept: application/vnd.example.user+json; version=2
  • 57.
    V E RS I O N I N G / V 1 / D O E S N T C O U N T Copy Facebook Maybe? THIS ONE TIME! Facebook ruined the one good thing they ever did
  • 58.
    E V ER Y T H I N G I S W R O N G D O N T B E T H A T G U Y troyhunt.com/2014/02/your-api-versioning-is-wrong-which-is.html
  • 59.