SlideShare a Scribd company logo

Restful webservice

Download as PPTX, PDF
Dong Ngoc
Dong Ngoc

Restful Web Service

Technology
1 of 26
• Introduction of Restful Web Service • Main steps for building a Restful Web Service • Some frameworks use to build a Restful Web Service Restful Web Service Agenda
• REST is described by a set of architectural constraints that attempt to minimize latency and network communications while, at the same time, maximizing the independence and scalability of component implementations. • REST characteristic/constraints(ordered) – Client-Server: Separation of concerns is the principle behind the client-server. – Stateless: communication must be stateless in nature – Caching: improve network efficiency – Uniform interface: The uniform interface simplifies and decouples the architecture, which enables each part to evolve independently – Layered System: A REST-based solution can be comprised of multiple architectural layers, and no one layer can "see past" the next – Code On-Demand(optional): Rest concept
• Restful web service built base on the REST architecture style with some important features: – Use HTTP protocol for communication between components. – The web services are completely stateless. – A caching infrastructure can be leveraged for performance. – Bandwidth is particularly important and needs to be limited. REST is particularly useful for limited-profile devices, such as PDAs and mobile phones. – The service producer and service consumer have a mutual understanding of the context and content being passed along by having a negotiation. Restful Web Service
• Simplicity – Compliant with unique interface for abstraction. – Reduce step of service define and discovery. – Utilize non-schema format for transferring data like Json. • Performance – Cacheable – Reduce network latency and bandwidth • Scalability – Easy to scale with statelessness – Support load balancing across service instances via the layered and Uniform interface constraints. • Reliability – Help to avoid single points of failure • Portability – The ease of moving services and solutions from one deployed location to another Benefit of Restful Web Service
• Define resource/service want to expose • Determine appropriate HTTP methods • Add authentication/encryption • Caching appropriate data • Applying best practices Main steps building a Restful WS
• Base on business domain model – An abstraction to represent an object associate with type, data, and relationship: a user, document, image, services… – Has data associate with it. – It is a “noun” in application. – Resource can contain sub-resource • Has an identification – Each resource has an unique associate to identify. – Can use URL, URI • Resource representation – Is a view of resource state at particular time. – A representation of resource is transferred between components, not resource itself. – Can be represented by various format: JSON, XML,HTML… to interact between components – A resource can be represented by many representation. Restful Resource model
A resource model sample http://localhost/hotel/{hotelId} -> Single Resource http://localhost/hotel/1/room/1 -> sub-resource http://localhost/hotel/1/Reservation/15 http://localhost/hotel/1/Room/4/Reservation/15
• Resource metadata – Id: Identifies the unique ID of a resource. – Href: Identifies the URL of the current resource. – Link: Identifies a relationship for a resource. This attribute is itself an object and has “rel” “href” attributes. – This can be referred to HATEOAS • Resource state and application state – Resource state: value of resource at particular time and maintained at server, be persistent and survivable, ex purchase status…. – Application state: maintain at client, the way client interact with server, like paging info, authentication info….and can refer as session state – Each client request encapsulating all necessary application state , server doesn’t maintains session state for working with each client…. Resource model
Resource state and application state
• Use HTTP as a standard protocol for manipulate resource – Used to transfer representation of resource over network – Utilize all verbs in HTTP – Hierarchy the URI to express hierarchy parameter • GET to retrieve a resource – GET http://www.example.com/hotel/12345 – Is safe and Idempotent – Is cacheable • DELETE to delete a resource – DELETE http://www.example.com/hotel/12345 Operation on Resource
• POST to add a resource – POST http://www.example.com/customers – Create resources when you do not know the resource identifier. • PUT to update a resource – Requests you MUST send all the available properties/values, not just the ones you want to change. – Is Idempotent – Can use to create new Resource. • For other operations to represent status(not state) of resource belong to a process: cancel… – Encapsulate in the resource representation. – Define another resource Operation on resource
Resource operation samples Guest cancel reservation: DELETE /guest/1/reservation/233?cance=true Guest transfer money for reservation: POST /guest/1/reservation/233/acount/1/transfer/2 Register a user POST /register/
Operation on resource summary
• Authentication – Various approaches can be used • Authorization – Role of user to use service • Other consideration – Validation all input on server – Validate Malformed XML/JSON – No sensitive data in URL Restful WS security
• Authentication a restful Web Service – Stateless , so can’t rely on session to keep authentication info. – Client need to provide all necessary info a each request. – Base on some methods: Basic, Digest, Token base, Oauth2 • Basic authentication – Send pair of Username/Password encode base64. – Not secure • Digest authentication – Password is encrypted using MD-5 – More secure than Basic Authentication. • Token-base authentication • Oauth2 approach Restful WS: Authentication
Token Base Authentication • Database for validating token • Json web token for self validation token.
Oauth2 authentication
• The API suggests its own usage – Using common and concrete terms – Using noun, not verb: /getAllCars -> /cars – Do not mix up singular and plural nouns, prefer plural for all resources. • JSON when possible, XML if have to • SSL everywhere - all the time • Deal with collection of resources via GET – Appling filter via query parameter – Sort the result – Limiting which fields are returned by the API • Average granularity – Balancing between Fine grained and Coarse Grained – Don’t mix DB CRUD and Resource CRUD. • Use sub-resources for relations • Updates & creation should return a resource representation – Prevent an API consumer from having to hit the API again Some best practices
• Versioning with timestamp, a release number and in the path, not header • Leverage the HTTP status codes and error In a payload • Allow overriding HTTP method – Some proxies support only POST and GET methods, using custom HTTP Header X-HTTP- Method-Override. • Use HTTP headers for specifying serialization formats – Content-Type defines the request format – Accept defines a list of acceptable response formats • Self-description the request-response. • Stateless design. Some other best practices
• Java platform – Base on JAX-RS specification stand for Java API for RESTful Web Services – Various compliant implementation: Jersey, RESTEasy – Spring MVC also support building a Restful Web Service. • .Net platform – Using ASP.NET Web API – WCF • Other platforms – Scala with Akka HTTP – Golang with Revel Frameworks/Tools to build a Restful WS
• Annotation – @Path: is used to define a URI matching pattern for incoming HTTP requests to a specific resource. URI value can be a regular expression, variables are denoted by braces { and }: @Path("/users/{username}") -> http://example.com/users/Galileo @Path("{database}-db") public Object getDatabase(@PathParam("database") String db) -> http://example.com/oracle-db – @GET: HTTP GET method is used to retrieve a representation of a resource, and It is both an idempotent and safe operation • GET http://www.example.com/customers/12345 • GET http://www.example.com/customers/12345/orders – @POST: HTTP POST to *create* new resources • POST http://www.example.com/customers • POST http://www.example.com/customers/12345/orders JAX-RS
• Annotation – @PUT: HTTP PUT to create/update a resource, this is an idempotent – @DELETE: HTTP DELETE use to delete a resource – @PathParam: retrieval based on id like GET /employee/{id} – @QueryParam: for filtering, allows to inject individual URI query parameter GET /customers?start=0&size=10 -> @GET(“/customers”) @Produces("application/xml") public String getCustomers(@QueryParam("start") int start, @QueryParam("size") int size) – @FormParam: used to access application/x-www-formurlencoded request bodies. – @DefaultValue – @Cookie: use to retrieve the cookie value sending by client. JAX-RS
• Asynchronous – Client asynchronous call by polling using Future or callback using AsyncInvoker interface. – Server side asynchronous implementation • Bean validation – Supports the Bean Validation to verify JAX-RS resource classes. – Using annotation: @NotNull, @Email.. • Filter and handler – Server filter: Request Filter and Response Filter by implementing ContainerRequestFilter, ContainerRequestFilter. – Client filter: Request Filter and Response Filter by implementing ClientRequestFilter, ClientResponseFilter. JAX-RS
• Content negotiation – Client/Server can specify the expected content: • Media: GET /library Accept: application/json • Language: GET /stuff Accept-Language: en-us, es • Encode: – Using annotation: • @Consumes: specify which MIME media types of representations a resource can accept, or consume, sending from the client. • @Produces: specify the MIME media types of representations a resource can produce and send back to the client: application/json, application/xml, text/html, image/jpeg, image/png • Client API • HATEOAS JAX-RS
Other useful tools • Rest Client – Google Advanced Rest Client • Document maker – Swagger – RAML • Json validation – Json parser(http://json.parser.online.fr/) • Monitor – Mashape(https://www.mashape.com/) – Kibana with Logstash
THANK YOU

Recommended

Soap and restful webservice
Soap and restful webserviceSoap and restful webservice
Soap and restful webserviceDong Ngoc
 
Overview of RESTful web services
Overview of RESTful web servicesOverview of RESTful web services
Overview of RESTful web servicesnbuddharaju
 
Restful web services ppt
Restful web services pptRestful web services ppt
Restful web services pptOECLIB Odisha Electronics Control Library
 
Rest web services
Rest web servicesRest web services
Rest web servicesPaulo Gandra de Sousa
 
Implementation advantages of rest
Implementation advantages of restImplementation advantages of rest
Implementation advantages of restBalamurugan Easwaran
 
REST API Design
REST API DesignREST API Design
REST API DesignDevi Kiran G
 
Rest & RESTful WebServices
Rest & RESTful WebServicesRest & RESTful WebServices
Rest & RESTful WebServicesPrateek Tandon
 
REST - Representational state transfer
REST - Representational state transferREST - Representational state transfer
REST - Representational state transferTricode (part of Dept)
 

Recommended

Soap and restful webservice
Soap and restful webserviceSoap and restful webservice
Soap and restful webserviceDong Ngoc
 
Overview of RESTful web services
Overview of RESTful web servicesOverview of RESTful web services
Overview of RESTful web servicesnbuddharaju
 
Restful web services ppt
Restful web services pptRestful web services ppt
Restful web services pptOECLIB Odisha Electronics Control Library
 
Rest web services
Rest web servicesRest web services
Rest web servicesPaulo Gandra de Sousa
 
Implementation advantages of rest
Implementation advantages of restImplementation advantages of rest
Implementation advantages of restBalamurugan Easwaran
 
REST API Design
REST API DesignREST API Design
REST API DesignDevi Kiran G
 
Rest & RESTful WebServices
Rest & RESTful WebServicesRest & RESTful WebServices
Rest & RESTful WebServicesPrateek Tandon
 
REST - Representational state transfer
REST - Representational state transferREST - Representational state transfer
REST - Representational state transferTricode (part of Dept)
 
Restful webservices
Restful webservicesRestful webservices
Restful webservicesLuqman Shareef
 
REST & RESTful Web Service
REST & RESTful Web ServiceREST & RESTful Web Service
REST & RESTful Web ServiceHoan Vu Tran
 
RESTful services
RESTful servicesRESTful services
RESTful servicesgouthamrv
 
Hadoop introduction
Hadoop introductionHadoop introduction
Hadoop introductionDong Ngoc
 
Restful web services by Sreeni Inturi
Restful web services by Sreeni InturiRestful web services by Sreeni Inturi
Restful web services by Sreeni InturiSreeni I
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web ServicesHalil Burak Cetinkaya
 
RESTful Architecture
RESTful ArchitectureRESTful Architecture
RESTful ArchitectureKabir Baidya
 
SOAP-based Web Services
SOAP-based Web ServicesSOAP-based Web Services
SOAP-based Web ServicesKatrien Verbert
 
Doing REST Right
Doing REST RightDoing REST Right
Doing REST RightKerry Buckley
 
Rest presentation
Rest presentationRest presentation
Rest presentationsrividhyau
 
Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA psrpatnaik
 
REST - Representational State Transfer
REST - Representational State TransferREST - Representational State Transfer
REST - Representational State TransferPeter R. Egli
 
Designing REST services with Spring MVC
Designing REST services with Spring MVCDesigning REST services with Spring MVC
Designing REST services with Spring MVCSerhii Kartashov
 
RESTful Web Services
RESTful Web ServicesRESTful Web Services
RESTful Web ServicesChristopher Bartling
 
Spring Web Services: SOAP vs. REST
Spring Web Services: SOAP vs. RESTSpring Web Services: SOAP vs. REST
Spring Web Services: SOAP vs. RESTSam Brannen
 
The Rest Architectural Style
The Rest Architectural StyleThe Rest Architectural Style
The Rest Architectural StyleRobert Wilson
 
REST API Recommendations
REST API RecommendationsREST API Recommendations
REST API RecommendationsJeelani Shaik
 
Soap and Rest
Soap and RestSoap and Rest
Soap and RestEdison Lascano
 
Introduction to the Web API
Introduction to the Web APIIntroduction to the Web API
Introduction to the Web APIBrad Genereaux
 
L18 REST API Design
L18 REST API DesignL18 REST API Design
L18 REST API DesignÓlafur Andri Ragnarsson
 
Overall enterprise application architecture
Overall enterprise application architectureOverall enterprise application architecture
Overall enterprise application architectureDong Ngoc
 
What's an api
What's an apiWhat's an api
What's an apiJacques Ledoux
 

More Related Content

What's hot

REST & RESTful Web Service
REST & RESTful Web ServiceREST & RESTful Web Service
REST & RESTful Web ServiceHoan Vu Tran
 
RESTful services
RESTful servicesRESTful services
RESTful servicesgouthamrv
 
Hadoop introduction
Hadoop introductionHadoop introduction
Hadoop introductionDong Ngoc
 
Restful web services by Sreeni Inturi
Restful web services by Sreeni InturiRestful web services by Sreeni Inturi
Restful web services by Sreeni InturiSreeni I
 
RESTful Architecture
RESTful ArchitectureRESTful Architecture
RESTful ArchitectureKabir Baidya
 
Rest presentation
Rest presentationRest presentation
Rest presentationsrividhyau
 
Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA psrpatnaik
 
REST - Representational State Transfer
REST - Representational State TransferREST - Representational State Transfer
REST - Representational State TransferPeter R. Egli
 
Designing REST services with Spring MVC
Designing REST services with Spring MVCDesigning REST services with Spring MVC
Designing REST services with Spring MVCSerhii Kartashov
 
Spring Web Services: SOAP vs. REST
Spring Web Services: SOAP vs. RESTSpring Web Services: SOAP vs. REST
Spring Web Services: SOAP vs. RESTSam Brannen
 
The Rest Architectural Style
The Rest Architectural StyleThe Rest Architectural Style
The Rest Architectural StyleRobert Wilson
 
REST API Recommendations
REST API RecommendationsREST API Recommendations
REST API RecommendationsJeelani Shaik
 
Introduction to the Web API
Introduction to the Web APIIntroduction to the Web API
Introduction to the Web APIBrad Genereaux
 

What's hot (20)

Restful webservices
Restful webservicesRestful webservices
Restful webservices
 
REST & RESTful Web Service
REST & RESTful Web ServiceREST & RESTful Web Service
REST & RESTful Web Service
 
RESTful services
RESTful servicesRESTful services
RESTful services
 
Hadoop introduction
Hadoop introductionHadoop introduction
Hadoop introduction
 
Restful web services by Sreeni Inturi
Restful web services by Sreeni InturiRestful web services by Sreeni Inturi
Restful web services by Sreeni Inturi
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web Services
 
RESTful Architecture
RESTful ArchitectureRESTful Architecture
RESTful Architecture
 
SOAP-based Web Services
SOAP-based Web ServicesSOAP-based Web Services
SOAP-based Web Services
 
Doing REST Right
Doing REST RightDoing REST Right
Doing REST Right
 
Rest presentation
Rest presentationRest presentation
Rest presentation
 
Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA
 
REST - Representational State Transfer
REST - Representational State TransferREST - Representational State Transfer
REST - Representational State Transfer
 
Designing REST services with Spring MVC
Designing REST services with Spring MVCDesigning REST services with Spring MVC
Designing REST services with Spring MVC
 
RESTful Web Services
RESTful Web ServicesRESTful Web Services
RESTful Web Services
 
Spring Web Services: SOAP vs. REST
Spring Web Services: SOAP vs. RESTSpring Web Services: SOAP vs. REST
Spring Web Services: SOAP vs. REST
 
The Rest Architectural Style
The Rest Architectural StyleThe Rest Architectural Style
The Rest Architectural Style
 
REST API Recommendations
REST API RecommendationsREST API Recommendations
REST API Recommendations
 
Soap and Rest
Soap and RestSoap and Rest
Soap and Rest
 
Introduction to the Web API
Introduction to the Web APIIntroduction to the Web API
Introduction to the Web API
 
L18 REST API Design
L18 REST API DesignL18 REST API Design
L18 REST API Design
 

Viewers also liked

Overall enterprise application architecture
Overall enterprise application architectureOverall enterprise application architecture
Overall enterprise application architectureDong Ngoc
 
What’s a REST API and why should I care?
What’s a REST API and why should I care?What’s a REST API and why should I care?
What’s a REST API and why should I care?topher1kenobe
 
MDN @ 10 Years: Mistakes, Successes, and Lessons
MDN @ 10 Years: Mistakes, Successes, and LessonsMDN @ 10 Years: Mistakes, Successes, and Lessons
MDN @ 10 Years: Mistakes, Successes, and LessonsJanet Swisher
 
SOAP and RESTful web services in Sakai
SOAP and RESTful web services in SakaiSOAP and RESTful web services in Sakai
SOAP and RESTful web services in SakaiSteve Swinsburg
 
ReST Vs SOA(P) ... Yawn
ReST Vs SOA(P) ... YawnReST Vs SOA(P) ... Yawn
ReST Vs SOA(P) ... Yawnozten
 
MQTT with Java - a protocol for IoT and M2M communication
MQTT with Java - a protocol for IoT and M2M communicationMQTT with Java - a protocol for IoT and M2M communication
MQTT with Java - a protocol for IoT and M2M communicationChristian Götz
 
API 101 - Understanding APIs
API 101 - Understanding APIsAPI 101 - Understanding APIs
API 101 - Understanding APIs3scale
 
Restful Web Services
Restful Web ServicesRestful Web Services
Restful Web ServicesAngelin R
 
Powering your next IoT application with MQTT - JavaOne 2014 tutorial
Powering your next IoT application with MQTT - JavaOne 2014 tutorialPowering your next IoT application with MQTT - JavaOne 2014 tutorial
Powering your next IoT application with MQTT - JavaOne 2014 tutorialBenjamin Cabé
 
Web of Science: REST or SOAP?
Web of Science: REST or SOAP?Web of Science: REST or SOAP?
Web of Science: REST or SOAP?Duncan Hull
 
REST to RESTful Web Service
REST to RESTful Web ServiceREST to RESTful Web Service
REST to RESTful Web Service家弘 周
 
API 101 - Understanding APIs.
API 101 - Understanding APIs.API 101 - Understanding APIs.
API 101 - Understanding APIs.Kirsten Hunter
 
Apache Mahout Tutorial - Recommendation - 2013/2014
Apache Mahout Tutorial - Recommendation - 2013/2014 Apache Mahout Tutorial - Recommendation - 2013/2014
Apache Mahout Tutorial - Recommendation - 2013/2014 Cataldo Musto
 
RESTful Web Services with Spring MVC
RESTful Web Services with Spring MVCRESTful Web Services with Spring MVC
RESTful Web Services with Spring MVCdigitalsonic
 
Understanding REST
Understanding RESTUnderstanding REST
Understanding RESTNitin Pande
 

Viewers also liked (20)

Overall enterprise application architecture
Overall enterprise application architectureOverall enterprise application architecture
Overall enterprise application architecture
 
What's an api
What's an apiWhat's an api
What's an api
 
What’s a REST API and why should I care?
What’s a REST API and why should I care?What’s a REST API and why should I care?
What’s a REST API and why should I care?
 
MDN @ 10 Years: Mistakes, Successes, and Lessons
MDN @ 10 Years: Mistakes, Successes, and LessonsMDN @ 10 Years: Mistakes, Successes, and Lessons
MDN @ 10 Years: Mistakes, Successes, and Lessons
 
SOAP and RESTful web services in Sakai
SOAP and RESTful web services in SakaiSOAP and RESTful web services in Sakai
SOAP and RESTful web services in Sakai
 
ReST Vs SOA(P) ... Yawn
ReST Vs SOA(P) ... YawnReST Vs SOA(P) ... Yawn
ReST Vs SOA(P) ... Yawn
 
MQTT with Java - a protocol for IoT and M2M communication
MQTT with Java - a protocol for IoT and M2M communicationMQTT with Java - a protocol for IoT and M2M communication
MQTT with Java - a protocol for IoT and M2M communication
 
API for Beginners
API for BeginnersAPI for Beginners
API for Beginners
 
API 101 - Understanding APIs
API 101 - Understanding APIsAPI 101 - Understanding APIs
API 101 - Understanding APIs
 
Restful Web Services
Restful Web ServicesRestful Web Services
Restful Web Services
 
Powering your next IoT application with MQTT - JavaOne 2014 tutorial
Powering your next IoT application with MQTT - JavaOne 2014 tutorialPowering your next IoT application with MQTT - JavaOne 2014 tutorial
Powering your next IoT application with MQTT - JavaOne 2014 tutorial
 
Web of Science: REST or SOAP?
Web of Science: REST or SOAP?Web of Science: REST or SOAP?
Web of Science: REST or SOAP?
 
Api for dummies
Api for dummies Api for dummies
Api for dummies
 
REST to RESTful Web Service
REST to RESTful Web ServiceREST to RESTful Web Service
REST to RESTful Web Service
 
API 101 - Understanding APIs.
API 101 - Understanding APIs.API 101 - Understanding APIs.
API 101 - Understanding APIs.
 
Apache Mahout Tutorial - Recommendation - 2013/2014
Apache Mahout Tutorial - Recommendation - 2013/2014 Apache Mahout Tutorial - Recommendation - 2013/2014
Apache Mahout Tutorial - Recommendation - 2013/2014
 
RESTful Web Services with Spring MVC
RESTful Web Services with Spring MVCRESTful Web Services with Spring MVC
RESTful Web Services with Spring MVC
 
Understanding REST
Understanding RESTUnderstanding REST
Understanding REST
 
RESTful API Design, Second Edition
RESTful API Design, Second EditionRESTful API Design, Second Edition
RESTful API Design, Second Edition
 
JSON and REST
JSON and RESTJSON and REST
JSON and REST
 

Similar to Restful webservice

Pragmatic REST APIs
Pragmatic REST APIsPragmatic REST APIs
Pragmatic REST APIsamesar0
 
Rest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.jsRest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.jsCarol McDonald
 
Java colombo-deep-dive-into-jax-rs
Java colombo-deep-dive-into-jax-rsJava colombo-deep-dive-into-jax-rs
Java colombo-deep-dive-into-jax-rsSagara Gunathunga
 
Restful web services with java
Restful web services with javaRestful web services with java
Restful web services with javaVinay Gopinath
 
Rest and Sling Resolution
Rest and Sling ResolutionRest and Sling Resolution
Rest and Sling ResolutionDEEPAK KHETAWAT
 
ASP.NET Mvc 4 web api
ASP.NET Mvc 4 web apiASP.NET Mvc 4 web api
ASP.NET Mvc 4 web apiTiago Knoch
 
(ATS6-PLAT04) Query service
(ATS6-PLAT04) Query service (ATS6-PLAT04) Query service
(ATS6-PLAT04) Query service BIOVIA
 
OpenTravel Advisory Forum 2012 REST XML Resources
OpenTravel Advisory Forum 2012 REST XML ResourcesOpenTravel Advisory Forum 2012 REST XML Resources
OpenTravel Advisory Forum 2012 REST XML ResourcesOpenTravel Alliance
 
Restful webservices
Restful webservicesRestful webservices
Restful webservicesKong King
 
Creating a RESTful api without losing too much sleep
Creating a RESTful api without losing too much sleepCreating a RESTful api without losing too much sleep
Creating a RESTful api without losing too much sleepMike Anderson
 
Webservices Workshop - september 2014
Webservices Workshop - september 2014Webservices Workshop - september 2014
Webservices Workshop - september 2014clairvoyantllc
 

Similar to Restful webservice (20)

Pragmatic REST APIs
Pragmatic REST APIsPragmatic REST APIs
Pragmatic REST APIs
 
APITalkMeetupSharable
APITalkMeetupSharableAPITalkMeetupSharable
APITalkMeetupSharable
 
Rest
RestRest
Rest
 
Rest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.jsRest with Java EE 6 , Security , Backbone.js
Rest with Java EE 6 , Security , Backbone.js
 
Java colombo-deep-dive-into-jax-rs
Java colombo-deep-dive-into-jax-rsJava colombo-deep-dive-into-jax-rs
Java colombo-deep-dive-into-jax-rs
 
Restful web services with java
Restful web services with javaRestful web services with java
Restful web services with java
 
Rest and Sling Resolution
Rest and Sling ResolutionRest and Sling Resolution
Rest and Sling Resolution
 
ASP.NET Mvc 4 web api
ASP.NET Mvc 4 web apiASP.NET Mvc 4 web api
ASP.NET Mvc 4 web api
 
Overview of java web services
Overview of java web servicesOverview of java web services
Overview of java web services
 
(ATS6-PLAT04) Query service
(ATS6-PLAT04) Query service (ATS6-PLAT04) Query service
(ATS6-PLAT04) Query service
 
ROA.ppt
ROA.pptROA.ppt
ROA.ppt
 
SharePoint 2013 - What's New
SharePoint 2013 - What's NewSharePoint 2013 - What's New
SharePoint 2013 - What's New
 
REST Basics
REST BasicsREST Basics
REST Basics
 
OpenTravel Advisory Forum 2012 REST XML Resources
OpenTravel Advisory Forum 2012 REST XML ResourcesOpenTravel Advisory Forum 2012 REST XML Resources
OpenTravel Advisory Forum 2012 REST XML Resources
 
Restful webservices
Restful webservicesRestful webservices
Restful webservices
 
Rest introduction
Rest introductionRest introduction
Rest introduction
 
Creating a RESTful api without losing too much sleep
Creating a RESTful api without losing too much sleepCreating a RESTful api without losing too much sleep
Creating a RESTful api without losing too much sleep
 
Webservices Workshop - september 2014
Webservices Workshop - september 2014Webservices Workshop - september 2014
Webservices Workshop - september 2014
 
Attacking REST API
Attacking REST APIAttacking REST API
Attacking REST API
 
Api Design
Api DesignApi Design
Api Design
 

Recently uploaded

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 

Recently uploaded (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 

Restful webservice

  • 1. • Introduction of Restful Web Service • Main steps for building a Restful Web Service • Some frameworks use to build a Restful Web Service Restful Web Service Agenda
  • 2. • REST is described by a set of architectural constraints that attempt to minimize latency and network communications while, at the same time, maximizing the independence and scalability of component implementations. • REST characteristic/constraints(ordered) – Client-Server: Separation of concerns is the principle behind the client-server. – Stateless: communication must be stateless in nature – Caching: improve network efficiency – Uniform interface: The uniform interface simplifies and decouples the architecture, which enables each part to evolve independently – Layered System: A REST-based solution can be comprised of multiple architectural layers, and no one layer can "see past" the next – Code On-Demand(optional): Rest concept
  • 3. • Restful web service built base on the REST architecture style with some important features: – Use HTTP protocol for communication between components. – The web services are completely stateless. – A caching infrastructure can be leveraged for performance. – Bandwidth is particularly important and needs to be limited. REST is particularly useful for limited-profile devices, such as PDAs and mobile phones. – The service producer and service consumer have a mutual understanding of the context and content being passed along by having a negotiation. Restful Web Service
  • 4. • Simplicity – Compliant with unique interface for abstraction. – Reduce step of service define and discovery. – Utilize non-schema format for transferring data like Json. • Performance – Cacheable – Reduce network latency and bandwidth • Scalability – Easy to scale with statelessness – Support load balancing across service instances via the layered and Uniform interface constraints. • Reliability – Help to avoid single points of failure • Portability – The ease of moving services and solutions from one deployed location to another Benefit of Restful Web Service
  • 5. • Define resource/service want to expose • Determine appropriate HTTP methods • Add authentication/encryption • Caching appropriate data • Applying best practices Main steps building a Restful WS
  • 6. • Base on business domain model – An abstraction to represent an object associate with type, data, and relationship: a user, document, image, services… – Has data associate with it. – It is a “noun” in application. – Resource can contain sub-resource • Has an identification – Each resource has an unique associate to identify. – Can use URL, URI • Resource representation – Is a view of resource state at particular time. – A representation of resource is transferred between components, not resource itself. – Can be represented by various format: JSON, XML,HTML… to interact between components – A resource can be represented by many representation. Restful Resource model
  • 7. A resource model sample http://localhost/hotel/{hotelId} -> Single Resource http://localhost/hotel/1/room/1 -> sub-resource http://localhost/hotel/1/Reservation/15 http://localhost/hotel/1/Room/4/Reservation/15
  • 8. • Resource metadata – Id: Identifies the unique ID of a resource. – Href: Identifies the URL of the current resource. – Link: Identifies a relationship for a resource. This attribute is itself an object and has “rel” “href” attributes. – This can be referred to HATEOAS • Resource state and application state – Resource state: value of resource at particular time and maintained at server, be persistent and survivable, ex purchase status…. – Application state: maintain at client, the way client interact with server, like paging info, authentication info….and can refer as session state – Each client request encapsulating all necessary application state , server doesn’t maintains session state for working with each client…. Resource model
  • 9. Resource state and application state
  • 10. • Use HTTP as a standard protocol for manipulate resource – Used to transfer representation of resource over network – Utilize all verbs in HTTP – Hierarchy the URI to express hierarchy parameter • GET to retrieve a resource – GET http://www.example.com/hotel/12345 – Is safe and Idempotent – Is cacheable • DELETE to delete a resource – DELETE http://www.example.com/hotel/12345 Operation on Resource
  • 11. • POST to add a resource – POST http://www.example.com/customers – Create resources when you do not know the resource identifier. • PUT to update a resource – Requests you MUST send all the available properties/values, not just the ones you want to change. – Is Idempotent – Can use to create new Resource. • For other operations to represent status(not state) of resource belong to a process: cancel… – Encapsulate in the resource representation. – Define another resource Operation on resource
  • 12. Resource operation samples Guest cancel reservation: DELETE /guest/1/reservation/233?cance=true Guest transfer money for reservation: POST /guest/1/reservation/233/acount/1/transfer/2 Register a user POST /register/
  • 14. • Authentication – Various approaches can be used • Authorization – Role of user to use service • Other consideration – Validation all input on server – Validate Malformed XML/JSON – No sensitive data in URL Restful WS security
  • 15. • Authentication a restful Web Service – Stateless , so can’t rely on session to keep authentication info. – Client need to provide all necessary info a each request. – Base on some methods: Basic, Digest, Token base, Oauth2 • Basic authentication – Send pair of Username/Password encode base64. – Not secure • Digest authentication – Password is encrypted using MD-5 – More secure than Basic Authentication. • Token-base authentication • Oauth2 approach Restful WS: Authentication
  • 16. Token Base Authentication • Database for validating token • Json web token for self validation token.
  • 18. • The API suggests its own usage – Using common and concrete terms – Using noun, not verb: /getAllCars -> /cars – Do not mix up singular and plural nouns, prefer plural for all resources. • JSON when possible, XML if have to • SSL everywhere - all the time • Deal with collection of resources via GET – Appling filter via query parameter – Sort the result – Limiting which fields are returned by the API • Average granularity – Balancing between Fine grained and Coarse Grained – Don’t mix DB CRUD and Resource CRUD. • Use sub-resources for relations • Updates & creation should return a resource representation – Prevent an API consumer from having to hit the API again Some best practices
  • 19. • Versioning with timestamp, a release number and in the path, not header • Leverage the HTTP status codes and error In a payload • Allow overriding HTTP method – Some proxies support only POST and GET methods, using custom HTTP Header X-HTTP- Method-Override. • Use HTTP headers for specifying serialization formats – Content-Type defines the request format – Accept defines a list of acceptable response formats • Self-description the request-response. • Stateless design. Some other best practices
  • 20. • Java platform – Base on JAX-RS specification stand for Java API for RESTful Web Services – Various compliant implementation: Jersey, RESTEasy – Spring MVC also support building a Restful Web Service. • .Net platform – Using ASP.NET Web API – WCF • Other platforms – Scala with Akka HTTP – Golang with Revel Frameworks/Tools to build a Restful WS
  • 21. • Annotation – @Path: is used to define a URI matching pattern for incoming HTTP requests to a specific resource. URI value can be a regular expression, variables are denoted by braces { and }: @Path("/users/{username}") -> http://example.com/users/Galileo @Path("{database}-db") public Object getDatabase(@PathParam("database") String db) -> http://example.com/oracle-db – @GET: HTTP GET method is used to retrieve a representation of a resource, and It is both an idempotent and safe operation • GET http://www.example.com/customers/12345 • GET http://www.example.com/customers/12345/orders – @POST: HTTP POST to *create* new resources • POST http://www.example.com/customers • POST http://www.example.com/customers/12345/orders JAX-RS
  • 22. • Annotation – @PUT: HTTP PUT to create/update a resource, this is an idempotent – @DELETE: HTTP DELETE use to delete a resource – @PathParam: retrieval based on id like GET /employee/{id} – @QueryParam: for filtering, allows to inject individual URI query parameter GET /customers?start=0&size=10 -> @GET(“/customers”) @Produces("application/xml") public String getCustomers(@QueryParam("start") int start, @QueryParam("size") int size) – @FormParam: used to access application/x-www-formurlencoded request bodies. – @DefaultValue – @Cookie: use to retrieve the cookie value sending by client. JAX-RS
  • 23. • Asynchronous – Client asynchronous call by polling using Future or callback using AsyncInvoker interface. – Server side asynchronous implementation • Bean validation – Supports the Bean Validation to verify JAX-RS resource classes. – Using annotation: @NotNull, @Email.. • Filter and handler – Server filter: Request Filter and Response Filter by implementing ContainerRequestFilter, ContainerRequestFilter. – Client filter: Request Filter and Response Filter by implementing ClientRequestFilter, ClientResponseFilter. JAX-RS
  • 24. • Content negotiation – Client/Server can specify the expected content: • Media: GET /library Accept: application/json • Language: GET /stuff Accept-Language: en-us, es • Encode: – Using annotation: • @Consumes: specify which MIME media types of representations a resource can accept, or consume, sending from the client. • @Produces: specify the MIME media types of representations a resource can produce and send back to the client: application/json, application/xml, text/html, image/jpeg, image/png • Client API • HATEOAS JAX-RS
  • 25. Other useful tools • Rest Client – Google Advanced Rest Client • Document maker – Swagger – RAML • Json validation – Json parser(http://json.parser.online.fr/) • Monitor – Mashape(https://www.mashape.com/) – Kibana with Logstash