SlideShare a Scribd company logo

Kotlin server side frameworks

Ken Yee
Ken Yee

Short presentation given at a local Kotlin meetup on what to look for in a server framework and pros/cons of Kotlin server frameworks that are available

Software
1 of 32
Download to read offline
Komparing Kotlin Server Frameworks Ken Yee (Android and occasional backend dev)
Agenda - What is a backend? - What to look for in a server framework? - What frameworks are available? - Pros/Cons of each framework
What is a Backend? REST API Web server Chat server
1. Backends are What apps/clients talk to so that users can ➔ Read dynamic data So you can share information ➔ Authenticate Because it’s about user access ➔ Write persistent data Into a DB on the server for interaction
2. Backends must Be reliable ➔ Read dynamic data Scalable ➔ Authenticate Secure ➔ Write persistent data Resilient
What do you look for in a framework? Kotlin, DSL, Websockets, HTTP/2, Non-Blocking, CORS, CSRF, OIDC, OAuth2, Testing, Documentation
1. Kotlin! On the server is: ➔ Familiar Language Closer to Isomorphic ➔ Concise Extension and Higher Order functions, DSLs ➔ Null/Type Safety Compared to Javascript, Python, Ruby
Java (Spring Webflux) Kotlin class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } public class BlogRouter { public RouterFunction<ServerResponse> route(BlogHandler blogHandler) { return RouterFunctions .route(RequestPredicates.GET("/blog").and(RequestPredicat es.accept(MediaType.TEXT_HTML)), blogHandler::findAllBlogs) .route(RequestPredicates.GET("/blog/{slug}").and(RequestPr edicates.accept(MediaType.TEXT_HTML)), blogHandler::findOneBlog) .route(RequestPredicates.GET("/api/blog").and(RequestPredi cates.accept(MediaType.APPLICATION_JSON)),blogHandle r::findOne) .route(RequestPredicates.GET("/api/blog/{id}").and(Request Predicates.accept(MediaType.APPLICATION_JSON)), blogHandler::findOne); } }
Express.js Kotlin class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } var router = express.Router() var blogHandler = BlogHandler() router.get('/blog', function (req, res) { res.send(blogHandler.findAllBlogs()) }) router.get('/blog/:slug', function (req, res) { res.send(blogHandler.findOneBlog(req.params )) }) router.get('/api/blog', function (req, res) { res.send(blogHandler.findAll()) }) router.get('/blog/:id', function (req, res) { res.send(blogHandler.findOne(req.params)) })
2. Speed Efficiency ➔ Non-blocking Reactor or Kotlin Coroutine Event driven w/ Netty vs. threading ➔ Http/2 Formerly Google’s SPDY that uses single connections to grab resources Push resources to clients ➔ Websockets Useful for real-time chat/games
3. CORS Cross Origin Resource Sharing ➔ Browser Javascript security Limits domains web client (Single Page Apps) is allowed access to ➔ Microservices Web clients can call different endpoints for each microservice
4. CSRF Cross Site Request Forgery ➔ Browser form security Prevents other sites from sending in the same form fields for a request ➔ Browser cookie security CSRF can protect cookies that are sent to browsers
5. OIDC/OAuth2 Delegation, not Authentication ➔ Oauth2 Standard refresh tokens and access token that can be revoked ➔ OIDC OpenID Connect; aka, OAuth2 v2 or OpenID v3 JSON Web Token encoded data Auth token and delegation token
6. Testing Bug prevention ➔ Unit Testing Test internal business logic ➔ Integration Testing Test server
7. Documentation How? Help? ➔ Official Documentation Clear documentation for features Useful examples ➔ Community StackOverflow Github stars Real projects ➔ API Swagger/RAML
Which frameworks? Ktor, Http4K Jooby Vert.x, Spring JHipster, ...
Features Age Javalin SparkJava Ktor Jooby Vert.x Spring Http4K
Ktor Ktor Routing routing { accept(ContentType.Text.Html) { get(“/blog”) { call.respond(blogHandler::findAllBlogs) } get(“/blog/{slug}”) { call.respond(blogHandler.findOneBlog(call.parameters) ) } } accept(ContentType.Application.Json) { get("/api/blog") { call.respond(blogHandler::findAll) } get("/api/blog/{id}") { call.respond(blogHandler.findOne(call.parameters)) } } } ➔ Pros JetBrains’ official server framework Pure Kotlin Kotlin coroutine support ➔ Cons Least mature framework Not much module support but enough Only Freemarker/Velocity templates
Ktor Coroutines get("/{...}") { withContext(CommonPool) { call.slow() } } private suspend fun ApplicationCall.slow() { respondHtml { body { "Slow result" } } }
Web API DB Load Balancers Clients Monolith Architecture
Web Account Load Balancers/ Service Locators Clients Cart Logging (ELK) Gateway Microservice Architecture Tracing (Zipkin)
Http4K Http4K Routing routes( “/blog” bind routes( “/” bind GET to { _ -> bloghandler.findAllBlogs() }, “/{slug}” bind GET to { req -> bloghandler.findOneBlog(req) } ), “/api” bind routes( “/blog” bind GET to { _ -> bloghandler.findAll() }, “/blog/{id}” bind GET to { req -> bloghandler.findOne(req) } ) ).asServer(Jetty(8000)).start() ➔ Pros Pure Kotlin Resilience4J support Can deploy to AWS Lambda Pluggable backends Micrometer support Zipkin support Swagger support OAuth support for Auth0 and Google ➔ Cons No built-in non-blocking support No Kotlin coroutine support Not as mature as other Java frameworks
Jooby Jooby Routing class App: Kooby({ use(Jackson()) get("/blog") { bloghandler.findAllBlogs() } get("/blog/:slug") { req -> bloghandler.findOneBlog(req.param(“slug”).value) } get("/api/blog") { bloghandler.findAll() } get(“/api/blog/:id”) { blogHandler.findOne(req.param<Int>(“id”)) } }) ➔ Pros Pluggable backends Event loop non-blocking Even more modules than Http4K Swagger/RAML Lots of DB support Job scheduling ➔ Cons No Kotlin coroutine support No zipkin or opentracing support
Vert.x Vert.x Routing private val router = Router.router(vertx).apply { get("/blog") .handler(bloghandler::findAllBlogs) get("/blog/:slug") .handler(bloghandler::findOneBlog) get("/api/blog") .handler(bloghandler::findAll) get("/api/blog/:id") .handler (bloghandler::findOne) } ➔ Pros Kotlin coroutine support Event loop non-blocking Near top in TechEmpower benchmarks Micrometer and Hawkular Auto-clustering Polyglot (JS, Python, Clojure, Java, etc.) Redpipe for Reactive Kovert (opinionated Kotlin) Swagger support ➔ Cons A bit more monolith than microservice Not as mainstream in US
Vert.x
Spring Spring Routing class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } ➔ Pros Most popular framework Webflux/Reactor non-blocking Most modules Kitchen sink can be daunting Spring Initializer to autogen microservice Spring Initializer supports Kotlin! JHipster Swagger support ➔ Cons Need kotlin-spring/jpa plugins No official Kotlin coroutine support
Spring WebFlux @GetMapping("/api/blog/{id}") public Mono<ResponseEntity<Blog>> getBlogById(@PathVariable(value = "id") String blogId) { return blogRepository.findById(blogId) .map(savedBlog -> ResponseEntity.ok(savedBlog)) .defaultIfEmpty( ResponseEntity.notFound().build()); }
JHipster JHipster Cmds jhipster --blueprint generator-jhipster-kotlin yo jhipster:import-jdl blog-jdl.jh https://developer.okta.com/blog/2018/03/01 /develop-microservices-jhipster-oauth ➔ Pros Scaffolds Spring/Angular projects Jhipster-kotlin generates Kotlin projects Design data models and autogen CRUD RAILS/GRAILS-like Generates Netflix microservice arch Includes user management (UAA) ➔ Cons Harder to find where to change things Easy to complicate simple projects
zipkin
All The Things! Backends are easy in Kotlin Lots of choices
Further Reading - https://nordicapis.com/api-security-oauth-openid-connect-depth/ - https://ktor.io/ - https://www.http4k.org/ - https://jooby.org/ - https://vertx.io/ - https://github.com/kohesive/kovert - http://redpipe.net/ - https://spring.io/ - https://github.com/konrad-kaminski/spring-kotlin-coroutine - https://www.jhipster.tech/ - https://github.com/jhipster/jhipster-kotlin - https://www.techempower.com/benchmarks/

Recommended

What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?Derek Edwards
 
Authentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongAuthentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongDerek Perkins
 
Flask jwt authentication tutorial
Flask jwt authentication tutorialFlask jwt authentication tutorial
Flask jwt authentication tutorialKaty Slemon
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorizationGiulio De Donato
 
ASP.NET MVC Workshop for Women in Technology
ASP.NET MVC Workshop for Women in TechnologyASP.NET MVC Workshop for Women in Technology
ASP.NET MVC Workshop for Women in TechnologyMałgorzata Borzęcka
 
JavaOne 2014 - Securing RESTful Resources with OAuth2
JavaOne 2014 - Securing RESTful Resources with OAuth2JavaOne 2014 - Securing RESTful Resources with OAuth2
JavaOne 2014 - Securing RESTful Resources with OAuth2Rodrigo Cândido da Silva
 
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -Naoki Nagazumi
 
Using Play Framework 2 in production
Using Play Framework 2 in productionUsing Play Framework 2 in production
Using Play Framework 2 in productionChristian Papauschek
 

Recommended

What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?Derek Edwards
 
Authentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongAuthentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongDerek Perkins
 
Flask jwt authentication tutorial
Flask jwt authentication tutorialFlask jwt authentication tutorial
Flask jwt authentication tutorialKaty Slemon
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorizationGiulio De Donato
 
ASP.NET MVC Workshop for Women in Technology
ASP.NET MVC Workshop for Women in TechnologyASP.NET MVC Workshop for Women in Technology
ASP.NET MVC Workshop for Women in TechnologyMałgorzata Borzęcka
 
JavaOne 2014 - Securing RESTful Resources with OAuth2
JavaOne 2014 - Securing RESTful Resources with OAuth2JavaOne 2014 - Securing RESTful Resources with OAuth2
JavaOne 2014 - Securing RESTful Resources with OAuth2Rodrigo Cândido da Silva
 
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -Naoki Nagazumi
 
Using Play Framework 2 in production
Using Play Framework 2 in productionUsing Play Framework 2 in production
Using Play Framework 2 in productionChristian Papauschek
 
Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWTTuyen Vuong
 
JWT Authentication with AngularJS
JWT Authentication with AngularJSJWT Authentication with AngularJS
JWT Authentication with AngularJSrobertjd
 
Entity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applicationsEntity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applicationsMikhail Egorov
 
Super Fast Application development with Mura CMS
Super Fast Application development with Mura CMSSuper Fast Application development with Mura CMS
Super Fast Application development with Mura CMSColdFusionConference
 
Play Framework 2.5
Play Framework 2.5Play Framework 2.5
Play Framework 2.5m-kurz
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and PracticesPrabath Siriwardena
 
In-browser storage and me
In-browser storage and meIn-browser storage and me
In-browser storage and meJason Casden
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPRafal Gancarz
 
Drupal, Android and iPhone
Drupal, Android and iPhoneDrupal, Android and iPhone
Drupal, Android and iPhoneAlexandru Badiu
 
REST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsREST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsJon Todd
 
Hey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the ProblemHey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the ProblemColdFusionConference
 
Android and REST
Android and RESTAndroid and REST
Android and RESTRoman Woźniak
 
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRFOWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRFPaul Mooney
 
2016 pycontw web api authentication
2016 pycontw web api authentication 2016 pycontw web api authentication
2016 pycontw web api authentication Micron Technology
 
Octopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EEOctopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EERudy De Busscher
 
Keycloak Single Sign-On
Keycloak Single Sign-OnKeycloak Single Sign-On
Keycloak Single Sign-OnRavi Yasas
 
RESTEasy
RESTEasyRESTEasy
RESTEasyKhushbu Joshi
 
What is the taste of the Selenide
What is the taste of the SelenideWhat is the taste of the Selenide
What is the taste of the SelenideRoman Marinsky
 
HTML5 Real-Time and Connectivity
HTML5 Real-Time and ConnectivityHTML5 Real-Time and Connectivity
HTML5 Real-Time and ConnectivityPeter Lubbers
 
CQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and DeploymentCQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and Deploymentklcodanr
 
How to debug IoT Agents
How to debug IoT AgentsHow to debug IoT Agents
How to debug IoT AgentsFernando Lopez Aguilar
 
Top 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersTop 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersBrian Huff
 

More Related Content

What's hot

Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWTTuyen Vuong
 
JWT Authentication with AngularJS
JWT Authentication with AngularJSJWT Authentication with AngularJS
JWT Authentication with AngularJSrobertjd
 
Entity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applicationsEntity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applicationsMikhail Egorov
 
Super Fast Application development with Mura CMS
Super Fast Application development with Mura CMSSuper Fast Application development with Mura CMS
Super Fast Application development with Mura CMSColdFusionConference
 
Play Framework 2.5
Play Framework 2.5Play Framework 2.5
Play Framework 2.5m-kurz
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and PracticesPrabath Siriwardena
 
In-browser storage and me
In-browser storage and meIn-browser storage and me
In-browser storage and meJason Casden
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPRafal Gancarz
 
Drupal, Android and iPhone
Drupal, Android and iPhoneDrupal, Android and iPhone
Drupal, Android and iPhoneAlexandru Badiu
 
REST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsREST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsJon Todd
 
Hey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the ProblemHey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the ProblemColdFusionConference
 
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRFOWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRFPaul Mooney
 
2016 pycontw web api authentication
2016 pycontw web api authentication 2016 pycontw web api authentication
2016 pycontw web api authentication Micron Technology
 
Octopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EEOctopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EERudy De Busscher
 
Keycloak Single Sign-On
Keycloak Single Sign-OnKeycloak Single Sign-On
Keycloak Single Sign-OnRavi Yasas
 
What is the taste of the Selenide
What is the taste of the SelenideWhat is the taste of the Selenide
What is the taste of the SelenideRoman Marinsky
 
HTML5 Real-Time and Connectivity
HTML5 Real-Time and ConnectivityHTML5 Real-Time and Connectivity
HTML5 Real-Time and ConnectivityPeter Lubbers
 
CQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and DeploymentCQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and Deploymentklcodanr
 

What's hot (20)

Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWT
 
JWT Authentication with AngularJS
JWT Authentication with AngularJSJWT Authentication with AngularJS
JWT Authentication with AngularJS
 
Entity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applicationsEntity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applications
 
Super Fast Application development with Mura CMS
Super Fast Application development with Mura CMSSuper Fast Application development with Mura CMS
Super Fast Application development with Mura CMS
 
Play Framework 2.5
Play Framework 2.5Play Framework 2.5
Play Framework 2.5
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and Practices
 
In-browser storage and me
In-browser storage and meIn-browser storage and me
In-browser storage and me
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTP
 
Drupal, Android and iPhone
Drupal, Android and iPhoneDrupal, Android and iPhone
Drupal, Android and iPhone
 
REST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsREST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTs
 
Hey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the ProblemHey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the Problem
 
Android and REST
Android and RESTAndroid and REST
Android and REST
 
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRFOWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
 
2016 pycontw web api authentication
2016 pycontw web api authentication 2016 pycontw web api authentication
2016 pycontw web api authentication
 
Octopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EEOctopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EE
 
Keycloak Single Sign-On
Keycloak Single Sign-OnKeycloak Single Sign-On
Keycloak Single Sign-On
 
RESTEasy
RESTEasyRESTEasy
RESTEasy
 
What is the taste of the Selenide
What is the taste of the SelenideWhat is the taste of the Selenide
What is the taste of the Selenide
 
HTML5 Real-Time and Connectivity
HTML5 Real-Time and ConnectivityHTML5 Real-Time and Connectivity
HTML5 Real-Time and Connectivity
 
CQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and DeploymentCQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and Deployment
 

Similar to Kotlin server side frameworks

Top 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersTop 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersBrian Huff
 
FIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE
 
Building APIs with NodeJS on Microsoft Azure Websites - Redmond
Building APIs with NodeJS on Microsoft Azure Websites - RedmondBuilding APIs with NodeJS on Microsoft Azure Websites - Redmond
Building APIs with NodeJS on Microsoft Azure Websites - RedmondRick G. Garibay
 
SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!Wayne Williams
 
Simple REST with Dropwizard
Simple REST with DropwizardSimple REST with Dropwizard
Simple REST with DropwizardAndrei Savu
 
Real-Time Communication Testing Evolution with WebRTC
Real-Time Communication Testing Evolution with WebRTCReal-Time Communication Testing Evolution with WebRTC
Real-Time Communication Testing Evolution with WebRTCAlexandre Gouaillard
 
Getting Started with API Management – Why It's Needed On-prem and in the Cloud
Getting Started with API Management – Why It's Needed On-prem and in the CloudGetting Started with API Management – Why It's Needed On-prem and in the Cloud
Getting Started with API Management – Why It's Needed On-prem and in the CloudRevelation Technologies
 
SOLID Programming with Portable Class Libraries
SOLID Programming with Portable Class LibrariesSOLID Programming with Portable Class Libraries
SOLID Programming with Portable Class LibrariesVagif Abilov
 
How to Use Stormpath in angular js
How to Use Stormpath in angular jsHow to Use Stormpath in angular js
How to Use Stormpath in angular jsStormpath
 
Building APIs in an easy way using API Platform
Building APIs in an easy way using API PlatformBuilding APIs in an easy way using API Platform
Building APIs in an easy way using API PlatformAntonio Peric-Mazar
 
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)Richard Bullington-McGuire
 
DreamFactory Essentials Webinar
DreamFactory Essentials WebinarDreamFactory Essentials Webinar
DreamFactory Essentials WebinarDreamFactory
 
web2py:Web development like a boss
web2py:Web development like a bossweb2py:Web development like a boss
web2py:Web development like a bossFrancisco Ribeiro
 
Seattle StrongLoop Node.js Workshop
Seattle StrongLoop Node.js WorkshopSeattle StrongLoop Node.js Workshop
Seattle StrongLoop Node.js WorkshopJimmy Guerrero
 
“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with EverythingDave Hay
 
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systemsDEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systemsFelipe Prado
 
Module 3 - How SWORD Works
Module 3 - How SWORD WorksModule 3 - How SWORD Works
Module 3 - How SWORD WorksSWORD Project
 
REST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsREST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsyoranbe
 

Similar to Kotlin server side frameworks (20)

How to debug IoT Agents
How to debug IoT AgentsHow to debug IoT Agents
How to debug IoT Agents
 
Top 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersTop 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud Developers
 
FIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT Agents
 
Building APIs with NodeJS on Microsoft Azure Websites - Redmond
Building APIs with NodeJS on Microsoft Azure Websites - RedmondBuilding APIs with NodeJS on Microsoft Azure Websites - Redmond
Building APIs with NodeJS on Microsoft Azure Websites - Redmond
 
SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!
 
Simple REST with Dropwizard
Simple REST with DropwizardSimple REST with Dropwizard
Simple REST with Dropwizard
 
Real-Time Communication Testing Evolution with WebRTC
Real-Time Communication Testing Evolution with WebRTCReal-Time Communication Testing Evolution with WebRTC
Real-Time Communication Testing Evolution with WebRTC
 
API SECURITY
API SECURITYAPI SECURITY
API SECURITY
 
Getting Started with API Management – Why It's Needed On-prem and in the Cloud
Getting Started with API Management – Why It's Needed On-prem and in the CloudGetting Started with API Management – Why It's Needed On-prem and in the Cloud
Getting Started with API Management – Why It's Needed On-prem and in the Cloud
 
SOLID Programming with Portable Class Libraries
SOLID Programming with Portable Class LibrariesSOLID Programming with Portable Class Libraries
SOLID Programming with Portable Class Libraries
 
How to Use Stormpath in angular js
How to Use Stormpath in angular jsHow to Use Stormpath in angular js
How to Use Stormpath in angular js
 
Building APIs in an easy way using API Platform
Building APIs in an easy way using API PlatformBuilding APIs in an easy way using API Platform
Building APIs in an easy way using API Platform
 
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
 
DreamFactory Essentials Webinar
DreamFactory Essentials WebinarDreamFactory Essentials Webinar
DreamFactory Essentials Webinar
 
web2py:Web development like a boss
web2py:Web development like a bossweb2py:Web development like a boss
web2py:Web development like a boss
 
Seattle StrongLoop Node.js Workshop
Seattle StrongLoop Node.js WorkshopSeattle StrongLoop Node.js Workshop
Seattle StrongLoop Node.js Workshop
 
“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything
 
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systemsDEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
 
Module 3 - How SWORD Works
Module 3 - How SWORD WorksModule 3 - How SWORD Works
Module 3 - How SWORD Works
 
REST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsREST APIs in the context of single-page applications
REST APIs in the context of single-page applications
 

Recently uploaded

Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfStefano Stabellini
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odishasmiwainfosol
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...Technogeeks
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....kzayra69
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Hr365.us smith
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 

Recently uploaded (20)

Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)
 
2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 

Kotlin server side frameworks

  • 1. Komparing Kotlin Server Frameworks Ken Yee (Android and occasional backend dev)
  • 2. Agenda - What is a backend? - What to look for in a server framework? - What frameworks are available? - Pros/Cons of each framework
  • 3. What is a Backend? REST API Web server Chat server
  • 4. 1. Backends are What apps/clients talk to so that users can ➔ Read dynamic data So you can share information ➔ Authenticate Because it’s about user access ➔ Write persistent data Into a DB on the server for interaction
  • 5. 2. Backends must Be reliable ➔ Read dynamic data Scalable ➔ Authenticate Secure ➔ Write persistent data Resilient
  • 6. What do you look for in a framework? Kotlin, DSL, Websockets, HTTP/2, Non-Blocking, CORS, CSRF, OIDC, OAuth2, Testing, Documentation
  • 7. 1. Kotlin! On the server is: ➔ Familiar Language Closer to Isomorphic ➔ Concise Extension and Higher Order functions, DSLs ➔ Null/Type Safety Compared to Javascript, Python, Ruby
  • 8. Java (Spring Webflux) Kotlin class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } public class BlogRouter { public RouterFunction<ServerResponse> route(BlogHandler blogHandler) { return RouterFunctions .route(RequestPredicates.GET("/blog").and(RequestPredicat es.accept(MediaType.TEXT_HTML)), blogHandler::findAllBlogs) .route(RequestPredicates.GET("/blog/{slug}").and(RequestPr edicates.accept(MediaType.TEXT_HTML)), blogHandler::findOneBlog) .route(RequestPredicates.GET("/api/blog").and(RequestPredi cates.accept(MediaType.APPLICATION_JSON)),blogHandle r::findOne) .route(RequestPredicates.GET("/api/blog/{id}").and(Request Predicates.accept(MediaType.APPLICATION_JSON)), blogHandler::findOne); } }
  • 9. Express.js Kotlin class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } var router = express.Router() var blogHandler = BlogHandler() router.get('/blog', function (req, res) { res.send(blogHandler.findAllBlogs()) }) router.get('/blog/:slug', function (req, res) { res.send(blogHandler.findOneBlog(req.params )) }) router.get('/api/blog', function (req, res) { res.send(blogHandler.findAll()) }) router.get('/blog/:id', function (req, res) { res.send(blogHandler.findOne(req.params)) })
  • 10. 2. Speed Efficiency ➔ Non-blocking Reactor or Kotlin Coroutine Event driven w/ Netty vs. threading ➔ Http/2 Formerly Google’s SPDY that uses single connections to grab resources Push resources to clients ➔ Websockets Useful for real-time chat/games
  • 11. 3. CORS Cross Origin Resource Sharing ➔ Browser Javascript security Limits domains web client (Single Page Apps) is allowed access to ➔ Microservices Web clients can call different endpoints for each microservice
  • 12. 4. CSRF Cross Site Request Forgery ➔ Browser form security Prevents other sites from sending in the same form fields for a request ➔ Browser cookie security CSRF can protect cookies that are sent to browsers
  • 13. 5. OIDC/OAuth2 Delegation, not Authentication ➔ Oauth2 Standard refresh tokens and access token that can be revoked ➔ OIDC OpenID Connect; aka, OAuth2 v2 or OpenID v3 JSON Web Token encoded data Auth token and delegation token
  • 14. 6. Testing Bug prevention ➔ Unit Testing Test internal business logic ➔ Integration Testing Test server
  • 15. 7. Documentation How? Help? ➔ Official Documentation Clear documentation for features Useful examples ➔ Community StackOverflow Github stars Real projects ➔ API Swagger/RAML
  • 18. Ktor Ktor Routing routing { accept(ContentType.Text.Html) { get(“/blog”) { call.respond(blogHandler::findAllBlogs) } get(“/blog/{slug}”) { call.respond(blogHandler.findOneBlog(call.parameters) ) } } accept(ContentType.Application.Json) { get("/api/blog") { call.respond(blogHandler::findAll) } get("/api/blog/{id}") { call.respond(blogHandler.findOne(call.parameters)) } } } ➔ Pros JetBrains’ official server framework Pure Kotlin Kotlin coroutine support ➔ Cons Least mature framework Not much module support but enough Only Freemarker/Velocity templates
  • 19. Ktor Coroutines get("/{...}") { withContext(CommonPool) { call.slow() } } private suspend fun ApplicationCall.slow() { respondHtml { body { "Slow result" } } }
  • 22. Http4K Http4K Routing routes( “/blog” bind routes( “/” bind GET to { _ -> bloghandler.findAllBlogs() }, “/{slug}” bind GET to { req -> bloghandler.findOneBlog(req) } ), “/api” bind routes( “/blog” bind GET to { _ -> bloghandler.findAll() }, “/blog/{id}” bind GET to { req -> bloghandler.findOne(req) } ) ).asServer(Jetty(8000)).start() ➔ Pros Pure Kotlin Resilience4J support Can deploy to AWS Lambda Pluggable backends Micrometer support Zipkin support Swagger support OAuth support for Auth0 and Google ➔ Cons No built-in non-blocking support No Kotlin coroutine support Not as mature as other Java frameworks
  • 23. Jooby Jooby Routing class App: Kooby({ use(Jackson()) get("/blog") { bloghandler.findAllBlogs() } get("/blog/:slug") { req -> bloghandler.findOneBlog(req.param(“slug”).value) } get("/api/blog") { bloghandler.findAll() } get(“/api/blog/:id”) { blogHandler.findOne(req.param<Int>(“id”)) } }) ➔ Pros Pluggable backends Event loop non-blocking Even more modules than Http4K Swagger/RAML Lots of DB support Job scheduling ➔ Cons No Kotlin coroutine support No zipkin or opentracing support
  • 24. Vert.x Vert.x Routing private val router = Router.router(vertx).apply { get("/blog") .handler(bloghandler::findAllBlogs) get("/blog/:slug") .handler(bloghandler::findOneBlog) get("/api/blog") .handler(bloghandler::findAll) get("/api/blog/:id") .handler (bloghandler::findOne) } ➔ Pros Kotlin coroutine support Event loop non-blocking Near top in TechEmpower benchmarks Micrometer and Hawkular Auto-clustering Polyglot (JS, Python, Clojure, Java, etc.) Redpipe for Reactive Kovert (opinionated Kotlin) Swagger support ➔ Cons A bit more monolith than microservice Not as mainstream in US
  • 26. Spring Spring Routing class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } ➔ Pros Most popular framework Webflux/Reactor non-blocking Most modules Kitchen sink can be daunting Spring Initializer to autogen microservice Spring Initializer supports Kotlin! JHipster Swagger support ➔ Cons Need kotlin-spring/jpa plugins No official Kotlin coroutine support
  • 27. Spring WebFlux @GetMapping("/api/blog/{id}") public Mono<ResponseEntity<Blog>> getBlogById(@PathVariable(value = "id") String blogId) { return blogRepository.findById(blogId) .map(savedBlog -> ResponseEntity.ok(savedBlog)) .defaultIfEmpty( ResponseEntity.notFound().build()); }
  • 28. JHipster JHipster Cmds jhipster --blueprint generator-jhipster-kotlin yo jhipster:import-jdl blog-jdl.jh https://developer.okta.com/blog/2018/03/01 /develop-microservices-jhipster-oauth ➔ Pros Scaffolds Spring/Angular projects Jhipster-kotlin generates Kotlin projects Design data models and autogen CRUD RAILS/GRAILS-like Generates Netflix microservice arch Includes user management (UAA) ➔ Cons Harder to find where to change things Easy to complicate simple projects
  • 29.
  • 31. All The Things! Backends are easy in Kotlin Lots of choices
  • 32. Further Reading - https://nordicapis.com/api-security-oauth-openid-connect-depth/ - https://ktor.io/ - https://www.http4k.org/ - https://jooby.org/ - https://vertx.io/ - https://github.com/kohesive/kovert - http://redpipe.net/ - https://spring.io/ - https://github.com/konrad-kaminski/spring-kotlin-coroutine - https://www.jhipster.tech/ - https://github.com/jhipster/jhipster-kotlin - https://www.techempower.com/benchmarks/