Short presentation given at a local Kotlin meetup on what to look for in a server framework and pros/cons of Kotlin server frameworks that are available
2. Agenda
- What is a backend?
- What to look for in a server framework?
- What frameworks are available?
- Pros/Cons of each framework
3. What is a Backend?
REST API
Web server
Chat server
4. 1. Backends are
What apps/clients talk to so that users can
➔ Read dynamic data
So you can share information
➔ Authenticate
Because it’s about user access
➔ Write persistent data
Into a DB on the server for
interaction
5. 2. Backends must
Be reliable
➔ Read dynamic data
Scalable
➔ Authenticate
Secure
➔ Write persistent data
Resilient
6. What do you look for in a
framework?
Kotlin, DSL, Websockets, HTTP/2,
Non-Blocking, CORS, CSRF, OIDC,
OAuth2, Testing, Documentation
7. 1. Kotlin!
On the server is:
➔ Familiar Language
Closer to Isomorphic
➔ Concise
Extension and Higher Order
functions, DSLs
➔ Null/Type Safety
Compared to Javascript, Python,
Ruby
8. Java (Spring Webflux) Kotlin
class BlogRouter(private val blogHandler:
BlogHandler) {
fun router() =
router {
("/blog" and accept(TEXT_HTML)).nest {
GET("/", blogHandler::findAllBlogs)
GET("/{slug}",
blogHandler::findOneBlog)
}
("/api/blog" and
accept(APPLICATION_JSON)).nest {
GET("/", blogHandler::findAll)
GET("/{id}", blogHandler::findOne)
}
}
}
public class BlogRouter {
public RouterFunction<ServerResponse>
route(BlogHandler blogHandler) {
return RouterFunctions
.route(RequestPredicates.GET("/blog").and(RequestPredicat
es.accept(MediaType.TEXT_HTML)),
blogHandler::findAllBlogs)
.route(RequestPredicates.GET("/blog/{slug}").and(RequestPr
edicates.accept(MediaType.TEXT_HTML)),
blogHandler::findOneBlog)
.route(RequestPredicates.GET("/api/blog").and(RequestPredi
cates.accept(MediaType.APPLICATION_JSON)),blogHandle
r::findOne)
.route(RequestPredicates.GET("/api/blog/{id}").and(Request
Predicates.accept(MediaType.APPLICATION_JSON)),
blogHandler::findOne);
}
}
9. Express.js Kotlin
class BlogRouter(private val blogHandler:
BlogHandler) {
fun router() =
router {
("/blog" and accept(TEXT_HTML)).nest {
GET("/", blogHandler::findAllBlogs)
GET("/{slug}",
blogHandler::findOneBlog)
}
("/api/blog" and
accept(APPLICATION_JSON)).nest {
GET("/", blogHandler::findAll)
GET("/{id}", blogHandler::findOne)
}
}
}
var router = express.Router()
var blogHandler = BlogHandler()
router.get('/blog', function (req, res) {
res.send(blogHandler.findAllBlogs())
})
router.get('/blog/:slug', function (req, res) {
res.send(blogHandler.findOneBlog(req.params
))
})
router.get('/api/blog', function (req, res) {
res.send(blogHandler.findAll())
})
router.get('/blog/:id', function (req, res) {
res.send(blogHandler.findOne(req.params))
})
10. 2. Speed
Efficiency
➔ Non-blocking
Reactor or Kotlin Coroutine
Event driven w/ Netty vs. threading
➔ Http/2
Formerly Google’s SPDY that uses
single connections to grab
resources
Push resources to clients
➔ Websockets
Useful for real-time chat/games
11. 3. CORS
Cross Origin Resource Sharing
➔ Browser Javascript security
Limits domains web client (Single
Page Apps) is allowed access to
➔ Microservices
Web clients can call different
endpoints for each microservice
12. 4. CSRF
Cross Site Request Forgery
➔ Browser form security
Prevents other sites from sending in
the same form fields for a request
➔ Browser cookie security
CSRF can protect cookies that are
sent to browsers
13. 5. OIDC/OAuth2
Delegation, not Authentication
➔ Oauth2
Standard refresh tokens and access
token that can be revoked
➔ OIDC
OpenID Connect; aka, OAuth2 v2 or
OpenID v3
JSON Web Token encoded data
Auth token and delegation token
15. 7. Documentation
How? Help?
➔ Official Documentation
Clear documentation for features
Useful examples
➔ Community
StackOverflow
Github stars
Real projects
➔ API
Swagger/RAML
22. Http4K Http4K Routing
routes(
“/blog” bind routes(
“/” bind GET to { _ -> bloghandler.findAllBlogs()
},
“/{slug}” bind GET to { req ->
bloghandler.findOneBlog(req) }
),
“/api” bind routes(
“/blog” bind GET to { _ -> bloghandler.findAll()
},
“/blog/{id}” bind GET to { req ->
bloghandler.findOne(req) }
)
).asServer(Jetty(8000)).start()
➔ Pros
Pure Kotlin
Resilience4J support
Can deploy to AWS Lambda
Pluggable backends
Micrometer support
Zipkin support
Swagger support
OAuth support for Auth0 and Google
➔ Cons
No built-in non-blocking support
No Kotlin coroutine support
Not as mature as other Java
frameworks
23. Jooby Jooby Routing
class App: Kooby({
use(Jackson())
get("/blog") {
bloghandler.findAllBlogs()
}
get("/blog/:slug") { req ->
bloghandler.findOneBlog(req.param(“slug”).value)
}
get("/api/blog") {
bloghandler.findAll()
}
get(“/api/blog/:id”) {
blogHandler.findOne(req.param<Int>(“id”))
}
})
➔ Pros
Pluggable backends
Event loop non-blocking
Even more modules than Http4K
Swagger/RAML
Lots of DB support
Job scheduling
➔ Cons
No Kotlin coroutine support
No zipkin or opentracing support
24. Vert.x Vert.x Routing
private val router =
Router.router(vertx).apply {
get("/blog")
.handler(bloghandler::findAllBlogs)
get("/blog/:slug")
.handler(bloghandler::findOneBlog)
get("/api/blog")
.handler(bloghandler::findAll)
get("/api/blog/:id")
.handler (bloghandler::findOne)
}
➔ Pros
Kotlin coroutine support
Event loop non-blocking
Near top in TechEmpower
benchmarks
Micrometer and Hawkular
Auto-clustering
Polyglot (JS, Python, Clojure, Java, etc.)
Redpipe for Reactive
Kovert (opinionated Kotlin)
Swagger support
➔ Cons
A bit more monolith than microservice
Not as mainstream in US
26. Spring Spring Routing
class BlogRouter(private val blogHandler:
BlogHandler) {
fun router() =
router {
("/blog" and accept(TEXT_HTML)).nest {
GET("/", blogHandler::findAllBlogs)
GET("/{slug}",
blogHandler::findOneBlog)
}
("/api/blog" and
accept(APPLICATION_JSON)).nest {
GET("/", blogHandler::findAll)
GET("/{id}", blogHandler::findOne)
}
}
}
➔ Pros
Most popular framework
Webflux/Reactor non-blocking
Most modules
Kitchen sink can be daunting
Spring Initializer to autogen
microservice
Spring Initializer supports Kotlin!
JHipster
Swagger support
➔ Cons
Need kotlin-spring/jpa plugins
No official Kotlin coroutine support
28. JHipster JHipster Cmds
jhipster --blueprint generator-jhipster-kotlin
yo jhipster:import-jdl blog-jdl.jh
https://developer.okta.com/blog/2018/03/01
/develop-microservices-jhipster-oauth
➔ Pros
Scaffolds Spring/Angular projects
Jhipster-kotlin generates Kotlin
projects
Design data models and autogen
CRUD
RAILS/GRAILS-like
Generates Netflix microservice arch
Includes user management (UAA)
➔ Cons
Harder to find where to change things
Easy to complicate simple projects