Rest API Dos and Dont's presentation for TechParty FACCAT 2016

1. REST API
Dos and
Dont`s
@abonfiglio
Adriano Bonfiglio

2. What is REST and RESTful APIs
HTTP Methods
HTTP Status Code
Resources and Endpoints
Relations
Pagination
DEMO
Authentication
Agenda

3. SAP Labs Latin America
Adriano Bonfiglio

4. 300,000
customers in
190 countries
More than
76,500
employees and offices in
130 countries
More than
€ 20,8
billion
in 2015
Annual revenue of
A 44-year history of innovation and
growth as a true industry leader

5. The best company to work
for in Brazil
Named by Você S/A magazine and
Great Place to Work
2015
2015
2015

6. Multi-cultural environment
Training (+24 hours/year/employee)
Competitive compensation policy
Flexible working time
Flexible benefits
SAP Bus
Free drinks & snacks
Benefits

7. Bachelor degree
in progress or complete
IT Technical knowledge
Business process knowledge
Advanced English skills
Spanish skills (plus)
Passion for innovation
Team player
How to work @ SAP

8. http://bit.ly/1Qs0Z7a
Join our talent community!
And get to know about our opportunities

9. REST
REpresentational
State
Transfer

10. RESTful
REST Webservice

11. REST API

12. REST API v1
router.get("/app/users/findAll", userController.list);
response: {message: ok, results:[...]}
router.get("/app/user/findOne/:id", userController.findOne);
response: {message: ok, results:{}}
router.post("/app/user/update/:id", userController.update);
response: {message: ok, results:{}}
router.post("/app/user/save", userController.save);
response: {message: ok, results:{}}
router.get("/app/user/delete/:id", userController.remove);
response: {message: ok}

13. router.get("/app/users/findAll", userController.list);
response: {message: ok, results:[...]}
router.get("/app/user/findOne/:id", userController.findOne);
response: {message: ok, results:{}}
router.post("/app/user/update/:id", userController.update);
response: {message: ok, results:{}}
router.post("/app/user/save", userController.save);
response: {message: ok, results:{}}
router.get("/app/user/delete/:id", userController.remove);
response: {message: ok}
FIRST PROBLEM
REST API v1

14. HTTP Methods
GET
POST
get a representation of a resource
create a new resource
PUT update a resource
PATCH update part of a resource
DELETE delete a resource

15. router.get("/app/users/findAll", userController.list);
response: {message: ok, results:[...]}
router.get("/app/user/findOne/:id", userController.findOne);
response: {message: ok, results:{}}
router.put("/app/user/update/:id", userController.update);
response: {message: ok, results:{}}
router.post("/app/user/save", userController.save);
response: {message: ok, results:{}}
router.delete("/app/user/delete/:id", userController.remove);
response: {message: ok}
REST API v2

16. router.get("/app/users/findAll", userController.list);
response: {message: ok, results:[...]}
router.get("/app/user/findOne/:id", userController.findOne);
response: {message: ok, results:{}}
router.put("/app/user/update/:id", userController.update);
response: {message: ok, results:{}}
router.post("/app/user/save", userController.save);
response: {message: ok, results:{}}
router.delete("/app/user/delete/:id", userController.remove);
response: {message: ok}
SECOND PROBLEM
REST API v2

17. HTTP Status
2xx Success
3xx Redirection
200: Ok
201: Created
204: No content
304: Not modified
4xx Client Error 404: Not Found,
400: Bad Request,
401: Unauthorized,
403: Forbidden,
405: Method not allowed,
422: Unprocessable Entity

18. router.get("/app/users/findAll", userController.list);
response: HTTP1.1 200 OK {message: “”, results:[...]}
router.get("/app/user/findOne/:id", userController.findOne);
response: HTTP1.1 200 OK {message: ok, results:{}}
router.put("/app/user/update/:id", userController.update);
response: HTTP1.1 200 OK {message: “”, results:{}}
router.post("/app/user/save", userController.save);
response: HTTP1.1 201 Created {message: “”, results:{}}
router.delete("/app/user/delete/:id", userController.remove);
response: HTTP1.1 204 No Content
REST API v3

19. router.get("/app/users/findAll", userController.list);
response: HTTP1.1 200 OK {message: “”, results:[...]}
router.get("/app/user/findOne/:id", userController.findOne);
response: HTTP1.1 200 OK {message: ok, results:{}}
router.put("/app/user/update/:id", userController.update);
response: HTTP1.1 200 OK {message: “”, results:{}}
router.post("/app/user/save", userController.save);
response: HTTP1.1 201 Created {message: “”, results:{}}
router.delete("/app/user/delete/:id", userController.remove);
response: HTTP1.1 204 No Content
REST API v3

20. router.get("/app/users/findAll", userController.list);
response: HTTP1.1 200 OK {message: “”, results:[...]}
router.get("/app/user/findOne/:id", userController.findOne);
response: HTTP1.1 200 OK {message: ok, results:{}}
router.put("/app/user/update/:id", userController.update);
response: HTTP1.1 200 OK {message: “”, results:{}}
router.post("/app/user/save", userController.save);
response: HTTP1.1 201 Created {message: “”, results:{}}
router.delete("/app/user/delete/:id", userController.remove);
response: HTTP1.1 204 No Content
REST API v3
THIRD PROBLEM

21. Resources and Enpoints
Nouns
Plural
Consistent

22. router.get("/app/users/", userController.list);
response: HTTP1.1 200 OK {message: “”, results:[...]}
router.get("/app/users/:id", userController.findOne);
response: HTTP1.1 200 OK {message:””, results:{}}
router.put("/app/users/:id", userController.update);
response: HTTP1.1 200 OK {message: “”, results:{}}
router.post("/app/users/", userController.save);
response: HTTP1.1 201 Created {message: “”, results:{}}
router.delete("/app/users/:id", userController.remove);
response: HTTP1.1 204 No Content
REST API v4

23. What about Relations?
User
Role

24. router.get("/app/users/:id/roles", userController.findAll);
response: HTTP1.1 200 OK {message:””, results:{}}
router.get("/app/users/:id/roles/:roleId", userController.findOne);
response: HTTP1.1 200 OK {message:””, results:{}}
router.put("/app/users/:id/roles/:roleId", userController.update);
response: HTTP1.1 200 OK {message: “”, results:{}}
router.post("/app/users/:id/roles", userController.save);
response: HTTP1.1 201 Created {message: “”, results:{}}
router.delete("/app/users/:id/roles/:id", userController.remove);
response: HTTP1.1 204 No Content
What about Relations?

25. GET /app/users?page=1&order=desc&sort=name
What about Pagination?

26. GET /app/users?fields=name,lastname
Fields

27. Keep it Simple
GET http://got/hodor
Respose:
HTTP1.1 200 OK
{
“message”:”hodor”
}

28. GET http://localhost://users/1
Respose:
HTTP1.1 200 OK
{
“c_id”:”1”,
“c_interna_id”:”12132”,
“c_Name”:”foo”,
“c_lastName”:”barr”,
“c_structure”: {
“reference”:”32434”,
“code”:”2454435”,
},
“c: last_modified”: “02-29-2016”
}
Keep it clear & clean

29. GET http://localhost://users/1
Respose:
HTTP1.1 200 OK
{
“id”:”1”,
“name”:”foo”,
“lastName”:”barr”,
“last_modified”: “02-29-2016”
}
Keep it clear & clean

30. DEMO

31. Authentication
GET / HTTP/1.1
Host: example.org
Authorization: Basic Zm9vOmJhcg=
BASIC

32. Authentication
GET / HTTP/1.1
Host: example.org
Authorization: Basic Zm9vOmJhcg=
BASIC

33. Authentication
DIGEST

34. Authentication
OAUTH2

35. References
RESTful Web APIs – O`REILLY
https://developer.github.com/v3/
https://developers.trello.com/advanced-reference
https://github.com/adrianobonfiglio/rest-api

36. THANKS!
Questions?