Party + REST = Win

PARTY +
REST =
WIN!
BUILDING A RESTFUL WEB
SERVICE AS A COMPANION APP
FOR A LIVE EVENT
Jimmy Sieben
Lead Programmer, Gearbox Software
Twitter: @jimmys
jimmy.sieben@gearboxsoftware.com

A WORD ABOUT ME
I have been programming for 20+ years (15 professionally)
I am a game maker since 1995
I joined Gearbox in 2002
Network & Game Programming on multiple titles
• Halo: Combat Evolved (PC)
• Brothers in Arms: Road to Hill 30 (PC/Xbox)
• Brothers in Arms: Hell’s Highway (PC/PS3/Xbox 360)
• Borderlands 1 (PC/PS3/Xbox 360)
• Borderlands 2 (PC/PS3/Xbox 360)

WHAT ARE WEB
SERVICES?
Web services enable devices to communicate over the web
HTTP is used as the underlying protocol
Data is sent and received in a machine-readable encoding
• XML
• JSON
• Protocol Buffers
• Various vendor-specific encodings
Services are written in a wide variety of languages
Many frameworks exist to support creating Web Services

WHY WEB SERVICES?
Provide API for a Web Application
HTTP is a well-known protocol
HTTP easily traverses firewalls
Take advantage of widely deployed tools
Every language implements it well
Stateless design is simple to implement and scale

WHAT ARE WEB
SERVICES USED FOR?
Social Networking
Software as a Service
Infrastructure as a Service
System Integration
Mashups

WEB SERVICE
ARCHITECTURES
Two dominant architectures for Web Services exist:
SOAP / XML-RPC
• Focused on exposing business rules and state
• Formal descriptions of protocol, automated tools
• Relies on complex infrastructure components
• XML is usually the encoding
RESTful
• Focused on resources and relationships between them
• Informal specs; not a standard – a technique or style
• Typically simpler and lighter weight
• JSON is a popular encoding

REPRESENTATIONAL
STATE
TRANSFER
Architecture described by Roy Fielding in his Doctoral
dissertation Architectural Styles and the Design of Network-
based Software Architectures (2000) available here:
http://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm
• Client–server
• Stateless
• Cacheable
• Layered system
• Uniform interface
• Code on demand (optional)

PRINCIPLES OF
RESTFUL SERVICES
• Identification of Resources
• Identify resources via URIs
• Resources are independent of representation
• Manipulate Resources Through Representations
• Resource representation & associated metadata is enough
information for a client to modify or delete it
• Self-descriptive Messages
• MIME types determine how to interpret content
• Cache control defined by the response
• HATEOAS: Hypermedia As The Engine of Application State
• Clients make state transitions based on actions defined in
representations

OH, CRUD!
Use HTTP Verbs on Resources
Create
Read
Update
Delete
POST
GET
PUT
DELETE

MIME TYPES
DESCRIBE CONTENT
• RFC 2046 describes a system to identify content format
• Syntax: type/subtype; optional parameters
• image/jpeg
• text/html; charset=UTF-8
• HTTP Headers use these to negotiate content
• Accept allows client to request format
• Content-type required on responses to identify format
• Common MIME types
• text/plain
• text/html
• application/json
• application/xml
• image/jpeg
• image/png

HTTP STATUS CODES
• RESTful Services use these to communicate application state
• 1xx: Informational
• 2xx: Successful
• 200 Success
• 201 Created
• 3xx: Redirection
• 301 Moved Permanently
• 4xx: Client Error
• 401 Unauthorized
• 404 Not Found
• 5xx: Server Error
• 500 Internal Server Error
• 503 Service Unavailable

Source: https://cwiki.apache.org/WINK/1-introduction-to-apache-wink.html
RESTFUL SERVICE

Person: {name: “Bob”, age: 25}
http://www.example.com/person/123
{name: “Bob”, age: 25, mother:
“http://www.example.com/person/78}
{name: “Martha”, age: 58, mother:
“http://www.example.com/person/11”}
Define the Resources
important for your
application
Expose resources as
paths in the URI
Build relationships
between those
resources
DESIGNING A
RESTFUL SERVICE

CREATE: POST TO A
COLLECTION
REQUEST
POST /people HTTP/1.1
Content-type:
application/json
Content-length: nnn
{name: “Bob”, age: 25}
RESPONSE
HTTP/1.1 201 Created
Content-type:
application/json
Content-length: nnn
Location:
Etag: 74bef98a330ac
{name: “Bob”, age: 25,
updated: “2013-01-
31T18:24:36Z”}

READ: GET A
RESOURCE
REQUEST
GET /person/123 HTTP/1.1
Accept: application/json
RESPONSE
HTTP/1.1 200 OK
Content-type:
application/json
Content-length: nnn
Location:
Etag: 74bef98a330ac
updated: “2013-01-
31T18:24:36Z”}

UPDATE: PUT A
RESOURCE
REQUEST
PUT /person/123 HTTP/1.1
Content-type:
application/json
Content-length: nnn
{name: “Bob”, age: 24}
RESPONSE
HTTP/1.1 200 OK
Content-type:
application/json
Content-length: nnn
Location:
Etag: 83c092fdb32b
updated: “2013-01-
31T18:47:02Z”}

DELETE: DELETE A
RESOURCE
REQUEST
DELETE /person/123 HTTP/1.1
DELETE /person/123 HTTP/1.1
Authorization: Basic
X738bjNhsk2j==
RESPONSE
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Basic
realm=“administration”
HTTP/1.1 204 No Content

BE CAREFUL WITH BASIC
AUTHORIZATION
• Basic Authorization passes credentials Base64 encoded
• This is easily decoded – equivalent to cleartext!
• Fine for toy examples, be careful for production services
• Can be OK to use if the service is deployed on SSL
• Recommended to consider application-level scheme such
as OAuth 2.0
• See the following for more information
• http://blog.apigee.com/detail/api_authentication_and_how_
it_got_that_way_from_http_basic_to_oauth_2.0
• http://stackoverflow.com/questions/549/the-definitive-
guide-to-forms-based-website-authentication

PARTY ON!
A RESTFUL SERVICE IN PRACTICE

GEARBOX HOLIDAY
PARTY
For the past few years, the party features an extended
presentation that the partygoers watch as gifts are awarded
For 2012, we wanted to extend this with some interactivity
The idea was born to allow participants to vote on their
smartphones by building a companion app
• Ugly Christmas Sweater Contest
• White Elephant – Choose Their Fate
The companion app tabulates votes via RESTful service
The presentation asks the service for the results in real-time

ARCHITECTURE
Party Web Service
(Ruby/Rails)
Presentation
(Flash/ActionScript)
Companion App
(HTML5/JS)
Admin UI
(Ruby/Rails)

Splash screen while voting is closed
COMPANION APP

The ballot is not yet open for voting
PRESENTATION

Voting is happening on the Companion App
PRESENTATION

Participants can tap on sweaters any number of times to vote
COMPANION APP

Polls closed, winner chosen
PRESENTATION

White Elephant voting is in progress
PRESENTATION

Participants can tap on words any number of times to vote
COMPANION APP

BACKEND
SERVICE ADMINISTRATION

Ballots defined, CRUD operations, controls to manually activate & deactivate
http://partyservice/ballots

Choices defined, CRUD operations
http://partyservice/ballot/1/choices

Edit a choice, view the choice
http://partyservice/ballot/1/choice/2

Entrants defined, CRUD operations
http://partyservice/entrants

Edit an entrant, view an entrant
http://partyservice/entrant/3

IMPLEMENTING
A RESOURCE
Examples are in Ruby 1.9 with Rails 3.2
The principles apply to any RESTful design, irrespective of
language and framework
First we will look at the routes which define resources
Then we will see CRUD operations implemented along with a
special custom action
Finally we will bring it all together in the companion app and
the presentation

Defines Resources and provides a means to access them via HTTP verbs
ROUTES: THE HEART OF THE SERVICE

This method supports JSON encoding and creates a ballot from the POST body
CREATE BALLOT

This method displays a ballot either in HTML for the admin UI, or JSON for the app
READ BALLOT

This method reads the JSON ballot, saves it, then renders again in desired format
UPDATE BALLOT

This method deletes a ballot. In the admin UI, it redirects to the ballot listing
DELETE BALLOT

Not 100% RESTful, but a convenient pattern to add another verb
CUSTOM METHOD: ACTIVATE

Also not 100% RESTful, this method records a vote
CUSTOM METHOD: RECORD VOTE

JavaScript in the browser loads choices from the service, inspecting JSON result
APP: LOAD CHOICES

JavaScript in the browser sends votes to a custom action
APP: VOTE ON A CHOICE

Presentation ActionScript prefetches the ballot, choices, and images (HTTP GET)
PRESENTATION: PREFETCH

Presentation ActionScript activates a ballot to open the polls (HTTP POST)
PRESENTATION: ACTIVATE BALLOT

Presentation ActionScript requests results in real-time (HTTP GET)
PRESENTATION: GET RESULTS

RESULTS!
The party service, app, and presentation were a big hit
We processed over 50,000 votes in approximately 10 minutes
Partygoers reported they really enjoyed the experience
Future work:
• More interactivity
• Mini-game?

PARTING THOUGHTS
RESTful Web Services are great because they are a simple
way to take advantage of the whole web pipeline
There are some downsides
• Ad-hoc implementations mean little guidance, especially
on crucial topics like security and I18N
• There’s not necessarily one way to do things
• May need to roll-your-own connections to services from
different vendors
Embrace the architecture, be pragmatic
Build a companion app that pushes the boundary
Have fun!

ADDITIONAL
RESOURCES
Sun Cloud API exploration
http://kenai.com/projects/suncloudapis/pages/HelloCloud
REST Anti-Patterns
http://www.infoq.com/articles/rest-anti-patterns
RESTFul Web Services
Leonard Richardson, Sam Ruby
O'Reilly Media, May 2007
Jimmy Sieben
Lead Programmer, Gearbox Software
Twitter: @jimmys
jimmy.sieben@gearboxsoftware.com

Party + REST = Win

More Related Content

Viewers also liked

Similar to Party + REST = Win

Recently uploaded

Party + REST = Win

Editor's Notes