An overview of how to structure your Lumen APIs to make them awesome. Topics covered: requests, responses, logging, documentation and testing.
Slides assume some background in Laravel.
The Internet is full of Web Services, everyday more and more. Some services offer API (application programming interface) that developers use to build new applications (mash-ups). One of the most known and used technology for the machine-to-machine communication is SOAP (Simple Object Access Protocol) but in the last years we can use another paradigm, ReST (Representational State Transfer). How does it work?
The Internet is full of Web Services, everyday more and more. Some services offer API (application programming interface) that developers use to build new applications (mash-ups). One of the most known and used technology for the machine-to-machine communication is SOAP (Simple Object Access Protocol) but in the last years we can use another paradigm, ReST (Representational State Transfer). How does it work?
DEVNET-1001 Coding 101: How to Call REST APIs from a REST Client and PythonCisco DevNet
Are you new to coding? This session will get you started using REST, Python. We will cover coding basics and create some simple examples that retrieve, parse and display JSON data using the Cisco APIC-EM REST APIs. Bring your laptop and we’ll help you get your own development environment set up so you can code with us.
A RESTful API is only truly RESTful if it uses hypermedia to tell us about all the actions that can be performed on the curent resource, allowing us to traverse the API from a single entry point.
His session looks at REST and HATEOAS (Hypermedia As The Engine Of Application State) to illustrate good service structure. Ben will use the RESTful file sharing service fdrop.it to illustrate the various examples of how this can be used.
This session is recommended for architects and senior developers alike and will give a good grounding in writing excellent, self-explanatory RESTful services.
Les Hazlewood, Stormpath co-founder and CTO and the Apache Shiro PMC Chair demonstrates how to design a beautiful REST + JSON API. Includes the principles of RESTful design, how REST differs from XML, tips for increasing adoption of your API, and security concerns.
Presentation video: https://www.youtube.com/watch?v=5WXYw4J4QOU
More info: http://www.stormpath.com/blog/designing-rest-json-apis
Further reading: http://www.stormpath.com/blog
Sign up for Stormpath: https://api.stormpath.com/register
Stormpath is a user management and authentication service for developers. By offloading user management and authentication to Stormpath, developers can bring applications to market faster, reduce development costs, and protect their users. Easy and secure, the flexible cloud service can manage millions of users with a scalable pricing model.
Pragmatic RESTful API principles, along with a solid consumption architecture, can allow for a great amount of automation in your program development. At the same time, securing the application can be extremely tricky from JavaScript.
In this session we will explore several principles behind RESTful API design and consumption using JavaScript, many of the standards that were integrated in the redevelopment of the PayPal API architecture in the new RESTful APIs.
We will cover many of these architecture standards, including:
* Building in action automation using HATEOAS
* OAuth 2 in the JavaScript model
* The challenges behind secure resource consumption through JavaScript
Simple REST-API overview for developers. An newer version is here: https://www.slideshare.net/patricksavalle/super-simple-introduction-to-restapis-2nd-version-127968966
This slide show is from my presentation on what JSON and REST are. It aims to provide a number of talking points by comparing apples and oranges (JSON vs. XML and REST vs. web services).
Building Automated REST APIs with PythonJeff Knupp
Writing REST APIs with ORMs and web frameworks is a chore. I'm lazy, and I don't want to write boring code. In this talk, I'll go over what REST APIs are, why they're useful, and why we should never have to write one from scratch again.
By the end of this talk, we'll have achieved developer Nirvana: a RESTful API service and Admin interface for existing databases *without writing any code*.
I needed to ramp-up my Dev team on RESTful systems. Existing content on this topic was either too terse or too verbose.
So I created this deck as a necessary and sufficient tutorial on REST. The goal was for my Devs to walk away with enough of an understanding to be (and want to be) dangerous.
So here it is...REST in 18 slides (ok, 21 slides if you include Cover, References, and Thank You). This is more text-heavy than I prefer, but I needed an excuse to try out SlideShare so I opted for a presentation format.
DEVNET-1001 Coding 101: How to Call REST APIs from a REST Client and PythonCisco DevNet
Are you new to coding? This session will get you started using REST, Python. We will cover coding basics and create some simple examples that retrieve, parse and display JSON data using the Cisco APIC-EM REST APIs. Bring your laptop and we’ll help you get your own development environment set up so you can code with us.
A RESTful API is only truly RESTful if it uses hypermedia to tell us about all the actions that can be performed on the curent resource, allowing us to traverse the API from a single entry point.
His session looks at REST and HATEOAS (Hypermedia As The Engine Of Application State) to illustrate good service structure. Ben will use the RESTful file sharing service fdrop.it to illustrate the various examples of how this can be used.
This session is recommended for architects and senior developers alike and will give a good grounding in writing excellent, self-explanatory RESTful services.
Les Hazlewood, Stormpath co-founder and CTO and the Apache Shiro PMC Chair demonstrates how to design a beautiful REST + JSON API. Includes the principles of RESTful design, how REST differs from XML, tips for increasing adoption of your API, and security concerns.
Presentation video: https://www.youtube.com/watch?v=5WXYw4J4QOU
More info: http://www.stormpath.com/blog/designing-rest-json-apis
Further reading: http://www.stormpath.com/blog
Sign up for Stormpath: https://api.stormpath.com/register
Stormpath is a user management and authentication service for developers. By offloading user management and authentication to Stormpath, developers can bring applications to market faster, reduce development costs, and protect their users. Easy and secure, the flexible cloud service can manage millions of users with a scalable pricing model.
Pragmatic RESTful API principles, along with a solid consumption architecture, can allow for a great amount of automation in your program development. At the same time, securing the application can be extremely tricky from JavaScript.
In this session we will explore several principles behind RESTful API design and consumption using JavaScript, many of the standards that were integrated in the redevelopment of the PayPal API architecture in the new RESTful APIs.
We will cover many of these architecture standards, including:
* Building in action automation using HATEOAS
* OAuth 2 in the JavaScript model
* The challenges behind secure resource consumption through JavaScript
Simple REST-API overview for developers. An newer version is here: https://www.slideshare.net/patricksavalle/super-simple-introduction-to-restapis-2nd-version-127968966
This slide show is from my presentation on what JSON and REST are. It aims to provide a number of talking points by comparing apples and oranges (JSON vs. XML and REST vs. web services).
Building Automated REST APIs with PythonJeff Knupp
Writing REST APIs with ORMs and web frameworks is a chore. I'm lazy, and I don't want to write boring code. In this talk, I'll go over what REST APIs are, why they're useful, and why we should never have to write one from scratch again.
By the end of this talk, we'll have achieved developer Nirvana: a RESTful API service and Admin interface for existing databases *without writing any code*.
I needed to ramp-up my Dev team on RESTful systems. Existing content on this topic was either too terse or too verbose.
So I created this deck as a necessary and sufficient tutorial on REST. The goal was for my Devs to walk away with enough of an understanding to be (and want to be) dangerous.
So here it is...REST in 18 slides (ok, 21 slides if you include Cover, References, and Thank You). This is more text-heavy than I prefer, but I needed an excuse to try out SlideShare so I opted for a presentation format.
Join this webinar to learn how Sumo Logic continues to innovate its service to meet and exceed customer needs. In this session you will gain deep insights into new features, which also address popular customer requests. Colin B Corstorphine - Customer Success Manager and Ben Newton - Product Manager at Sumo Logic will discuss how:
* Transaction Analytics can help you uncover transactional context for deeper business insights
* The new features reduce complexity in your daily operations
* The Pinned Search feature helps you manage your searches efficiently
* Field Extraction can automatically parse log data in real-time
Presentation given by Sungwook Yoon, MapR Data Scientist
Topics Covered:
Advanced Persistent Threat (APT)
Big Data + Threat Intelligence
Hadoop + Spark Solution
Example Detection Algorithm Development Scenarios (most of them are still open problems)
AppSensor Near Real-Time Event Detection and Response - DevNexus 2016jtmelton
AppSensor is an OWASP project that defines a conceptual framework, methodology, guidance and reference implementation to design and deploy malicious behavior detection and automated responses directly within software applications.
There are many security protections available to applications today. AppSensor builds on these by providing a mechanism that allows architects and developers to build into their applications a way to detect events and attacks, then automatically respond to them. Not only can this stop and/or reduce the impact of an attack, it gives you incredibly valuable visibility and security intelligence about the operational state of your applications.
Chicago AWS user group meetup - May 2014 at CohesiveCloudCamp Chicago
All slides from the May 2014 Meetup. Talks included:
• "Mining crypto currency on AWS spot instance" - Scott VanDenPlas, Engineer at el el see @scottvdp
• "HA for healthcare" - Ryan Koop, Director of Products & Marketing, Cohesive @ryankoop
• "Using AWS for HA at BrightTag" - Matt Kemp, Engineer of Things™ at BrightTag @mattkemp
• So nice, he's talking twice. - Scott VanDenPlas, Engineer at el el see @scottvdp
Join us again June 24 at Mediafly and in July back at Cohesive!
If you were a carpenter, would your skills at building be more important than the tools you use to build? Skills, right? Tools are just a means to an end. So why do developers think the language they use defines the problems they solve? This talk will take a look at misconceptions across the board, some experiences, both positive and negative, people have had crossing barriers to new languages, and show some of the benefits thinking of one's self as a coder and not a "Ruby coder" or a "PHP dev" can have on being a better problem solver.
Chris Anderson bracht kortgeleden een nieuw boek op de markt onder de titel ‘Free', waarin hij uitlegt hoe bedrijven geld kunnen verdienen aan het gratis weggeven van producten. Het boek is uiteraard ook gratis te verkrijgen ...
IBM Bluemix OpenWhisk: Serverless Conference 2016, London, UK: The Future of ...OpenWhisk
Learn more about the IBM Bluemix OpenWhisk, a serverless event-driven compute platform, which quickly executes application logic in response to events or direct invocations from web/mobile apps or other endpoints.
Npm has modules for devops, like logging, metrics, service discovery. But when you arrive to production, you may find that these are already handled by old players. Avoid the same mistakes I did, when my first node app was on its way to the world.
Kotlin is a language from the tool gurus at JetBrains. In 2016, after about six years of development, Kotlin reached version 1.0. In 2017 it won the hearts of developers and became an officially supported language for Android.
Kotlin, like Java, is for more than creating Android applications. It can replace or enhance Java most places it is used today including on AWS. AWS Lambda functions sometimes called Serverless Computing, is a service which lets us developers build web services without worrying about configuring servers.
In this session, we will create a lambda service on AWS using Kotlin. Along the way, we will learn what a makes Kotlin an excellent replacement for Java and how simple it is to construct an AWS Lambda function.
Real time applications are here and users expecting that Real time data is part of UX. What are your options for building RTA with Symfony2/PHP? Slides from Symfony Camp Ukraine.
This is the slide I shared on the second community offline party of Horizon-Dalian. The topic is about restful web, and I started from web service and web history, telling people what the REST might be, and then gave six bindings of REST style.
InVision is a collaborative design company that’s growing into Golang. That being said, when we started doing web services, we looked at using one of the middleware libraries out there such as Alice and Negroni. We found them all interesting but decided to tackle it on our own. As we did that we realized that our library was pretty cool so we broke it out and open sourced it as Rye. I’ll present on the approach we took and some of the benefits of using Rye including integration with Statsd, Context and custom middleware handlers we’ve added such as CIDR validation and JWT validation.
CNIT 129S - Ch 3: Web Application TechnologiesSam Bowne
For a college course at CCSF taught by Sam Bowne.
https://samsclass.info/129S/129S_S18.shtml
Based on "The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws 2nd Edition", by Dafydd Stuttard , Marcus Pinto; ISBN-10: 1118026470
The Query Service is the new platform solution for querying a variety of data sources. The goal of Query Service is that administrators can configure a metadata description of the data source that can then be used by end users without detailed knowledge of the underlying data source. This session explains how to configure Query Service data sources and use them with the RESTful API or component collection.
Slides for a college course based on "The Web Application Hacker's Handbook", 2nd Ed.
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/129S/129S_F16.shtml
Metrics are Not Enough: Monitoring Apache Kafka / Gwen Shapira (Confluent)Ontico
HighLoad++ 2017
Зал «Дели + Калькутта», 8 ноября, 17:00
Тезисы:
http://www.highload.ru/2017/abstracts/2978.html
When you are running systems in production, clearly you want to make sure they are up and running at all times. But in a distributed system such as Apache Kafka… what does “up and running” even mean?
...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
6. • Also, an excellent use of subdomain routing:
Routing
Requests
7. • Create an /api/1/ping route for public APIs
• Don’t put any middleware in front of the route
• Two reasons:
• Lets clients easily check if server is up
• First step of integrating with an API is just making sure
your request reaches the remote server.
Routing
Requests
8. • Choose an endpoint structure and stick to it
• Have awesome documentation for all endpoints
we will come back to this
• GET is a safe method
this should really go without saying
• PUT and DELETE are idempotent
operation should always produce same result
Routing
Requests
9. • GET https://example.com/api/1/users
• POST https://example.com/api/1/users
• GET https://example.com/api/1/users/1
• PUT https://example.com/api/1/users/1
• DELETE https://example.com/api/1/users/1
Routing
Requests
11. • Session based authentication not appropriate
• Three options:
• Access token authentication
for server-server apps - you provide token in advance
• JSON web token
for client-side apps - you provide a token at user login
• Oauth
for third party apps accessing existing user accounts on your system
Authentication methods
Requests
12. • https://github.com/tymondesigns/jwt-auth
• Scales much better than other options - each server
validates the token, rather than making a DB call
• Frontend apps should store the token with LocalStorage
• Tokens should expire
use refresh tokens to generate new tokens
Authentication - JSON web tokens
Requests
14. • Avoid the magic controller validation
• Instead create a validation class, call it and check in your
controller if it fails
Validation
Requests
15. • Awesome APIs accept many date formats
• Validation facades date validator uses strtotime
• Carbon’s parse method uses strtotime
• Combine the two and you can safely accept any date
• Caveat… a unix timestamp is not parsed by strtotime
Dates
Requests
16. • Even APIs should have a view layer
• Explicitly cast all types
Transformers
Responses
17. • Do not forget to transform your Carbon objects
Transformers
Responses
18. • Use a transformer package
• https://github.com/salebab/larasponse
the documentation sucks, but it’s still the best package
• You provide a class with a transform method, then simply
call it in any controller:
Transformers
Responses
19. • Power comes when you want to include other transforms
in your transformer (transformer class)
• Always include with a transformer (transformer class):
• Or optional include (controller class):
Transformers
Responses
20. • Response macros let you include additional meta data to
response
• Macros also ensure consistency of base response across all
response statuses and all endpoints
• Register in a service provider:
Response Macros
Responses
21. • Log all requests and all responses
• This is 10x as true if you are making a public API
• Make your logs easily accessible
no, SSHing into a server is not easily accessible
When to log
Logging
22. • Shameless plug for today’s sponsor: www.understand.io
probably the best option, so not such a shameless plug
• Anything supported by Monolog should work out the box
• https://papertrailapp.com
• https://www.loggly.com
• The ELK stack https://www.elastic.co
open source
Logging services
Logging
23. • One is auto documented, one isn’t:
Auto documenters
Documentation
24. • http://readme.io/
• https://apiary.io/
• https://www.mashape.com/
• http://swagger.io/ -> popular auto documenter
• GitHub/Bitbucket wikis
Documentation services
Documentation
25. • Tell developers about any breaking API changes
• Give 30 days notice of breaking changes or downtime
ideally longer
• Make it super clear you won’t use the mailing list for
marketing
• Never use the mailing list for marketing
Mailing list
Documentation
26. • Write full end to end API tests. Lumen supports these out
the box:
API tests
Testing
27. • Statically define your test expectations for a given route
your seeder will need to have some fixtures for this
Test every field
Testing
28. • Returning a 200 when you should be returning a 403
(forbidden) is inexcusable.
Test failures
Testing