SlideShare a Scribd company logo
1 of 77
Download to read offline
Tel Aviv, 2017Volodymyr Tsukur @ Engineering Meetup
Hypermedia APIs
and <HATEOAS>
REST
Volodymyr Tsukur
partner @
software
engineer @
flushdia vtsukur
program
committee @
Web / HTTP API
Richardson Maturity Model
6
{
"user": "Noah",
"title": "Meets expectations",
"comment": "hey dude,
you make America Great Again!",
"rank": 10
}
Trump Feedback API
7
{
"user": "Shai",
"title": "!",
"comment": "oh you s** ** a bi***,
how could people elect someone like
you, ******* ******* ???",
"rank": 1
}
Trump Feedback API
DEMO TIME !
9
Method URL Task
POST /reviews Create
GET /reviews View all
GET /reviews/{id} Get
PATCH / PUT /reviews/{id} Update
DELETE /reviews/{id} Delete
CRUD Style API
if (status == Status.NEW) {
submittedAt = LocalDateTime.now()
status = Status.SUBMITTED
} …
CRUD is NOT enough
create submit accept
update
delete
NEW
DELETED
SUBMITTED ACCEPTED
12
Method URL Task
PUT /reviews/{id}/submission Submit
PUT /reviews/{id}/acceptance Accept
GET /reviews/search/accepted
Get accepted
reviews
API Changes
DEMO TIME !
/uri Style Adoption?
43%
Richardson Maturity Model
17
Task Method URL
Update PATCH /reviews/{id}
Delete DELETE /reviews/{id}
Submit PUT /reviews/{id}/submission
Accept PUT /reviews/{id}/acceptance
URL Binding & Construction
URL Change Drivers
URL Change Drivers
• monolith → micro-services
• deployment requirements / proxies
• resource renaming
• optimization by client proximity
• caching
• …
20
Task Method URL
Update
(only if NEW) PATCH /reviews/{id}
Delete
(only if NEW) DELETE /reviews/{id}
Submit
(only if NEW) PUT /reviews/{id}/submission
Accept
(only if
SUBMITTED)
PUT /reviews/{id}/acceptance
"Figuring" Out the Flow
Security!
22
Task Method URL
Update
(only if NEW and user
has permissions)
PATCH /reviews/{id}
Delete
(only if NEW and user
has permissions)
DELETE /reviews/{id}
Submit
(only if NEW and user
has permissions)
PUT /reviews/{id}/submission
Accept
(only if SUBMITTED and
user has permissions)
PUT /reviews/{id}/acceptance
Security!
"Hypermedia" =
{
"user": "Aviran",
"title": "...",
…
}
data
{
…
"_links": {
"submission": {
"href": "/reviews/7/submission"
},
"update": {
"href": "/reviews/7"
},
"deletion": {
"href": "/reviews/7"
}
}
}
link
+
26
Link Relation Task Method
update Update PATCH
deletion Delete DELETE
submission Submit PUT
acceptance Accept PUT
Hypermedia API
DEMO TIME !
Hypermedia Client
if (review._links.has("submission")) {
// draw submit button / UI
}
Non-Hypermedia Client
Hypermedia Client
"Simple" Hypermedia
✓where to go?
✓when?
- how?
"I want hypermedia!" (2014)
0 %
7 %
14 %
21 %
28 %
Hypermedia SOAP CRUD
40%
"I want hypermedia!" (2015)
«A REST API should spend almost all of its
descriptive effort in defining the media type(s)
used for representing resources and driving
application state, or in defining extended relation
names and/or hypertext-enabled mark-up for
existing standard media types.»
Roy T. Fielding, 2008
Hypertext Application Language
Mason{
"name": "Aviran",
"title": "…",
…
"@controls": {
"user": {
"href": "/users/3"
},
"review-submission": {
"href": "/reviews/7/submission",
"method": "PUT"
}
}
}
Hypermedia Factors
level of hypermedia support
CL = Link Semantics
"_links": {
"review": {
"href": "/reviews/7"
}
}
IANA Link Relations
Name Description RFC
self Conveys an identifier for the link's context. RFC4287
first An IRI that refers to the furthest preceding resource in a series of resources. RFC5988
last An IRI that refers to the furthest following resource in a series of resources. RFC5988
up Refers to a parent document in a hierarchy of documents. RFC5988
item
The target IRI points to a resource that is a member of the collection
represented by the context IRI. RFC6573
collection
The target IRI points to a resource which represents the collection resource for
the context IRI. RFC6573
edit Refers to a resource that can be used to edit the link's context. RFC5023
prev/previous
Indicates that the link's context is a part of a series, and that the previous in the
series is the link target. HTML5
next
Indicates that the link's context is a part of a series, and that the next in the
series is the link target. HTML5
IANA Link Relations
Name Description RFC
create-form
The target IRI points to a resource where a submission form can be
obtained. RFC6861
edit-form
The target IRI points to a resource where a submission form for editing
associated resource can be obtained. RFC6861
payment Indicates a resource where payment is accepted RFC5988
latest-version
Points to a resource containing the latest (e.g., current) version of the
context. RFC5829
profile
Identifying that a resource representation conforms to a certain profile,
without affecting the non-profile semantics of the resource representation. RFC6906
search
Refers to a resource that can be used to search through the link's context
and related resources. OpenSearch
index Refers to an index. HTML4
about Refers to a resource that is the subject of the link's context. RFC6903
help Refers to context-sensitive help. HTML5
CL = Link Semantics
<link rel="stylesheet" src="styles.css" />
LE = Link Outbound
"_links": {
"user": {
"href": "/users/7"
}
}
LE = Link Outbound
<a href="/review/1536c64.html">
Shai says "!", rating: 1
</a>
LE = Link Embedded
"_embedded": {
"ratings": [
{ "id": "7", … },
{ "id": "8", … },
]
}
LE = Link Embedded
<img src="/images/cities/tel-aviv.jpg">
LT = Templated Queries
"_links": {
"review-by-id": {
"href": "/reviews{/id}",
"templated": true
}
}
LT = Templated Queries
"_links": {
"reviews": {
"href": "/reviews{?page,size,sort}",
"templated": true
}
}
RFC 6570
LT = Templated Queries
<form method="get" action="/hotels/search">
<input name="query" type="text">
<input type="submit">
</form>
LN = Non-Idemp. Updates
"actions": [
{
"name": "create-review",
"method": "POST",
"href": "/reviews",
"type": "application/json",
"fields": [
{ "name": "user", "type": "text" },
{ "name": "title", "type": "text" },
{ "name": "comment", "type": "text" },
{ "name": "rank", "type": "number" }, …
]
}
]
<form method="post" action="/reviews">
<input name="user" type="text">
<input name="title" type="text">
<input name="comment" type="text">
…
<input type="submit">
</form>
LN = Non-Idemp. Updates
LN = Idempotent Updates
"actions": [
{
"name": "delete-review",
"method": "DELETE",
"href": "/reviews/7"
}
]
CM = Method Modification
"actions": [
{
"name": "delete-rating",
"method": "DELETE",
"href": "/ratings/1"
}
]
CR = Read Modification
"_links": {
"ballot": [
{
"name": "ballot-json",
"href": "/reviews/7",
"type": "application/json"
}
{
"name": "ballot-xml",
"href": "/reviews/7",
"type": "application/xml"
}
]
}
Hypermedia Factors
?What about and
Hypermedia Factors
HTML XML JSON
LE ⩗ ⊗ ⊗
LO ⩗ ⊗ ⊗
LT ⩗ ⊗ ⊗
LN ⩗ ⊗ ⊗
LI ⊗ ⊗ ⊗
CR ⊗ ⊗ ⊗
CU ⩗ ⊗ ⊗
CM ⩗ ⊗ ⊗
CL ⩗ ⊗ ⊗
JSON-based Media Types
JSON-LD JSON API HAL Cj Siren Mason Uber
LE ⩗ ⩗ ⩗ ⩗ ⩗ ⩗ ⩗
LO ⩗ ⩗ ⩗ ⩗ ⩗ ⩗ ⩗
LT ⊗ ⩗ ⩗ ⩗ ⊗ ⩗ ⩗
LN ⊗ ⊗ ⊗ ⩗ ⩗ ⩗ ⩗
LI ⊗ ⊗ ⊗ ⩗ ⩗ ⩗ ⩗
CR ⊗ ⊗ ⩗ ⊗ ⩗ ⩗ ⩗
CU ⊗ ⊗ ⊗ ⊗ ⩗ ⩗ ⩗
CM ⊗ ⊗ ⊗ ⊗ ⩗ ⩗ ⩗
CL ⩗ ⩗ ⩗ ⩗ ⩗ ⩗ ⩗
Before Choosing Media Type
• list information client would want
from the API
• draw state diagram
-think "tasks"
-"(non-)idempotent", "(un-)safe"
{
"@id": "http://trump.feedback/reviews/7",
"@context": "http://trump.feedback/schema/review.jsonld",
"user": "Shai",
"title": "!",
"comment": "oh you s** ** a bi*** ...",
"rank": 1,
…
}
JSON-LD
{
"@context": {
"user": "http://schema.org/name",
"title": "https://schema.org/title",
"comment": "https://schema.org/comment",
"rank": "https://schema.org/ratingValue"
…
}
}
http://trump-feedback/schema/rating.jsonld
{
"@id": "http://trump-feedback/reviews/7",
…
"supportedOperations": [
{
"@type": "ReviewSubmission",
"method": "PUT",
"expects": "#Review"
}
]
}
JSON-LD + Hydra
{
"class": [ "review" ],
"properties": {
"user": "Aviran",
"title": "...",
…
},
"links": …,
"actions": [
{
"name": "review-submission",
"href": "/reviews/7",
"method": "PUT",
…
}
]
}
SIREN
CL = Link Semantics
"_links": {
"review": {
"href": "/reviews/7"
}
}
CL = Link Semantics
"_links": {
"http://trump-feedback/rels/review": {
"href": "/reviews/7"
}
}
CL = Link Semantics
"_links": {
"urn:trump-feedback/rels/review": {
"href": "/reviews/1"
}
}
CL = Link Semantics
"_links": {
"trump-feedback:review": {
"href": "/reviews/1"
}
}
CompactURIE
trump-feedback=
http://trump-feedback/rels/{rel}
trump-feedback:review
http://trump-feedback.com/rels/review
DEMO TIME !
Documentation
• no URLs except of the entry point
• resources
• links (namespaces)
• HTTP status codes, verbs
• authentication, rate limiting
• errors
Mason{
"name": "Aviran",
"title": "...",
…
"@namespaces": {
"trump-feedback": { "name": "http://trump-feedback/rels/" }
},
"@controls": {
"trump-feedback:user": { "href": "/users/3" },
"trump-feedback:review-submission": {
"href": "/reviews/7/submission",
"method": "PUT"
}
}
}
Profiles
✓where to go?
✓when?
✓how?
DEMO TIME !
Richardson Maturity Model
References
1. http://www.google.com.ua/trends/explore#q=web%20api%2C%20rest%20api&cmpt=q&tz=
2. http://finance.i.ua/market/
3. http://projects.spring.io/spring-boot/
4. http://projects.spring.io/spring-data/
5. http://docs.spring.io/spring-data/jpa/docs/1.7.2.RELEASE/reference/html/
6. http://projects.spring.io/spring-data-rest/
7. http://docs.spring.io/spring-data/rest/docs/2.3.0.RELEASE/reference/html/
8. https://spring.io/blog/2014/07/14/spring-data-rest-now-comes-with-alps-metadata
9. http://projects.spring.io/spring-hateoas/
10. http://docs.spring.io/spring-hateoas/docs/0.17.0.RELEASE/reference/html/
11. https://github.com/spring-projects/spring-restdocs
12. https://blog.akana.com/hypermedia-apis
13. http://www.apiacademy.co/lessons/api-design/web-api-architectural-styles
14. http://www.programmableweb.com/news/modern-api-architectural-styles-offer-developers-choices/2014/06/13
15. https://en.wikipedia.org/wiki/Hypermedia
16. http://stateless.co/hal_specification.html
17. https://github.com/kevinswiber/siren
18. https://www.mnot.net/blog/2013/06/23/linking_apis
19. http://oredev.org/2010/sessions/hypermedia-apis
20. http://vimeo.com/75106815
21. https://www.innoq.com/blog/st/2012/06/hypermedia-benefits-for-m2m-communication/
22. http://ws-rest.org/2014/sites/default/files/wsrest2014_submission_12.pdf
23. http://www.infoq.com/news/2014/03/ca-api-survey
24. https://twitter.com/hypermediaapis
25. https://www.youtube.com/watch?v=hdSrT4yjS1g
26. https://www.youtube.com/watch?v=mZ8_QgJ5mbs
27. http://nordsc.com/ext/classification_of_http_based_apis.html
28. http://soabits.blogspot.no/2013/12/selling-benefits-of-hypermedia.html
29. https://github.com/mamund/Building-Hypermedia-APIs
30. http://tech.blog.box.com/2013/04/get-developer-hugs-with-rich-error-handling-in-your-api/

More Related Content

What's hot

[DevCrowd] GraphQL - gdy API RESTowe to za mało
[DevCrowd] GraphQL - gdy API RESTowe to za mało[DevCrowd] GraphQL - gdy API RESTowe to za mało
[DevCrowd] GraphQL - gdy API RESTowe to za małoMarcinStachniuk
 
BruJUG Brussels GraphQL when RESR API is to less - lessons learned
BruJUG Brussels GraphQL when RESR API is to less - lessons learnedBruJUG Brussels GraphQL when RESR API is to less - lessons learned
BruJUG Brussels GraphQL when RESR API is to less - lessons learnedMarcinStachniuk
 
GraphQL - gdy API RESTowe to za mało
GraphQL - gdy API RESTowe to za małoGraphQL - gdy API RESTowe to za mało
GraphQL - gdy API RESTowe to za małoMarcinStachniuk
 
The REST And Then Some
The REST And Then SomeThe REST And Then Some
The REST And Then SomeNordic APIs
 
Training and Face Recognition in 5 Easy Steps with VisageCloud
Training and Face Recognition in 5 Easy Steps with VisageCloudTraining and Face Recognition in 5 Easy Steps with VisageCloud
Training and Face Recognition in 5 Easy Steps with VisageCloudBogdan Bocse
 
AMS, API, RAILS and a developer, a Love Story
AMS, API, RAILS and a developer, a Love StoryAMS, API, RAILS and a developer, a Love Story
AMS, API, RAILS and a developer, a Love StoryJoão Moura
 
How to implement email functionalities with Mailjet api
How to implement email functionalities with Mailjet apiHow to implement email functionalities with Mailjet api
How to implement email functionalities with Mailjet apiE Boisgontier
 
GraphQL - when REST API is to less - lessons learned
GraphQL - when REST API is to less - lessons learnedGraphQL - when REST API is to less - lessons learned
GraphQL - when REST API is to less - lessons learnedMarcinStachniuk
 
Web 2.0 Application Kung-Fu - Securing Ajax & Web Services
Web 2.0 Application Kung-Fu - Securing Ajax & Web ServicesWeb 2.0 Application Kung-Fu - Securing Ajax & Web Services
Web 2.0 Application Kung-Fu - Securing Ajax & Web ServicesShreeraj Shah
 
GraphQL - when REST API is to less - lessons learned
GraphQL - when REST API is to less - lessons learnedGraphQL - when REST API is to less - lessons learned
GraphQL - when REST API is to less - lessons learnedMarcinStachniuk
 
Example-driven Web API Specification Discovery
Example-driven Web API Specification DiscoveryExample-driven Web API Specification Discovery
Example-driven Web API Specification DiscoveryJavier Canovas
 

What's hot (12)

[DevCrowd] GraphQL - gdy API RESTowe to za mało
[DevCrowd] GraphQL - gdy API RESTowe to za mało[DevCrowd] GraphQL - gdy API RESTowe to za mało
[DevCrowd] GraphQL - gdy API RESTowe to za mało
 
BruJUG Brussels GraphQL when RESR API is to less - lessons learned
BruJUG Brussels GraphQL when RESR API is to less - lessons learnedBruJUG Brussels GraphQL when RESR API is to less - lessons learned
BruJUG Brussels GraphQL when RESR API is to less - lessons learned
 
GraphQL - gdy API RESTowe to za mało
GraphQL - gdy API RESTowe to za małoGraphQL - gdy API RESTowe to za mało
GraphQL - gdy API RESTowe to za mało
 
The REST And Then Some
The REST And Then SomeThe REST And Then Some
The REST And Then Some
 
Training and Face Recognition in 5 Easy Steps with VisageCloud
Training and Face Recognition in 5 Easy Steps with VisageCloudTraining and Face Recognition in 5 Easy Steps with VisageCloud
Training and Face Recognition in 5 Easy Steps with VisageCloud
 
AMS, API, RAILS and a developer, a Love Story
AMS, API, RAILS and a developer, a Love StoryAMS, API, RAILS and a developer, a Love Story
AMS, API, RAILS and a developer, a Love Story
 
How to implement email functionalities with Mailjet api
How to implement email functionalities with Mailjet apiHow to implement email functionalities with Mailjet api
How to implement email functionalities with Mailjet api
 
GraphQL - when REST API is to less - lessons learned
GraphQL - when REST API is to less - lessons learnedGraphQL - when REST API is to less - lessons learned
GraphQL - when REST API is to less - lessons learned
 
Web 2.0 Application Kung-Fu - Securing Ajax & Web Services
Web 2.0 Application Kung-Fu - Securing Ajax & Web ServicesWeb 2.0 Application Kung-Fu - Securing Ajax & Web Services
Web 2.0 Application Kung-Fu - Securing Ajax & Web Services
 
GraphQL - when REST API is to less - lessons learned
GraphQL - when REST API is to less - lessons learnedGraphQL - when REST API is to less - lessons learned
GraphQL - when REST API is to less - lessons learned
 
Example-driven Web API Specification Discovery
Example-driven Web API Specification DiscoveryExample-driven Web API Specification Discovery
Example-driven Web API Specification Discovery
 
JSON Injection
JSON InjectionJSON Injection
JSON Injection
 

Similar to Tel Aviv 2017 Hypermedia APIs and HATEOAS REST

Lies you have been told about REST
Lies you have been told about RESTLies you have been told about REST
Lies you have been told about RESTdarrelmiller71
 
Sliding away from Roy Fielding's REST model (Filippos Vasilakis)
Sliding away from Roy Fielding's REST model (Filippos Vasilakis)Sliding away from Roy Fielding's REST model (Filippos Vasilakis)
Sliding away from Roy Fielding's REST model (Filippos Vasilakis)Nordic APIs
 
Cdm mil-18 - hypermedia ap is for headless platforms and data integration
Cdm mil-18 - hypermedia ap is for headless platforms and data integrationCdm mil-18 - hypermedia ap is for headless platforms and data integration
Cdm mil-18 - hypermedia ap is for headless platforms and data integrationDavid Gómez García
 
APIs, Web Services, and Mashups: What they are and how they can be used
APIs, Web Services, and Mashups: What they are and how they can be usedAPIs, Web Services, and Mashups: What they are and how they can be used
APIs, Web Services, and Mashups: What they are and how they can be usedsnackeru
 
The Rest Architectural Style
The Rest Architectural StyleThe Rest Architectural Style
The Rest Architectural StyleRobert Wilson
 
Approaches to machine actionable links
Approaches to machine actionable linksApproaches to machine actionable links
Approaches to machine actionable linksStephen Richard
 
Java Script Based Client Server Webapps 2
Java Script Based Client Server Webapps 2Java Script Based Client Server Webapps 2
Java Script Based Client Server Webapps 2kriszyp
 
Building Ext JS Using HATEOAS - Jeff Stano
Building Ext JS Using HATEOAS - Jeff StanoBuilding Ext JS Using HATEOAS - Jeff Stano
Building Ext JS Using HATEOAS - Jeff StanoSencha
 
API Design, A Quick Guide to REST, SOAP, gRPC, and GraphQL, By Vahid Rahimian
API Design, A Quick Guide to REST, SOAP, gRPC, and GraphQL, By Vahid RahimianAPI Design, A Quick Guide to REST, SOAP, gRPC, and GraphQL, By Vahid Rahimian
API Design, A Quick Guide to REST, SOAP, gRPC, and GraphQL, By Vahid RahimianVahid Rahimian
 
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISGeert Pante
 
One Web (API?) – Alexandre Bertails - Ippevent 10 juin 2014
One Web (API?) – Alexandre Bertails - Ippevent 10 juin 2014One Web (API?) – Alexandre Bertails - Ippevent 10 juin 2014
One Web (API?) – Alexandre Bertails - Ippevent 10 juin 2014Ippon
 
REST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsREST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsyoranbe
 
JSON REST API for WordPress
JSON REST API for WordPressJSON REST API for WordPress
JSON REST API for WordPressTaylor Lovett
 
Spring HATEOAS
Spring HATEOASSpring HATEOAS
Spring HATEOASYoann Buch
 

Similar to Tel Aviv 2017 Hypermedia APIs and HATEOAS REST (20)

Lies you have been told about REST
Lies you have been told about RESTLies you have been told about REST
Lies you have been told about REST
 
Sliding away from Roy Fielding's REST model (Filippos Vasilakis)
Sliding away from Roy Fielding's REST model (Filippos Vasilakis)Sliding away from Roy Fielding's REST model (Filippos Vasilakis)
Sliding away from Roy Fielding's REST model (Filippos Vasilakis)
 
The Glory of Rest
The Glory of RestThe Glory of Rest
The Glory of Rest
 
Cdm mil-18 - hypermedia ap is for headless platforms and data integration
Cdm mil-18 - hypermedia ap is for headless platforms and data integrationCdm mil-18 - hypermedia ap is for headless platforms and data integration
Cdm mil-18 - hypermedia ap is for headless platforms and data integration
 
Modified REST Presentation
Modified REST PresentationModified REST Presentation
Modified REST Presentation
 
APIs, Web Services, and Mashups: What they are and how they can be used
APIs, Web Services, and Mashups: What they are and how they can be usedAPIs, Web Services, and Mashups: What they are and how they can be used
APIs, Web Services, and Mashups: What they are and how they can be used
 
The Rest Architectural Style
The Rest Architectural StyleThe Rest Architectural Style
The Rest Architectural Style
 
Introduction to Hydra
Introduction to HydraIntroduction to Hydra
Introduction to Hydra
 
REST Presentation
REST PresentationREST Presentation
REST Presentation
 
Approaches to machine actionable links
Approaches to machine actionable linksApproaches to machine actionable links
Approaches to machine actionable links
 
Java Script Based Client Server Webapps 2
Java Script Based Client Server Webapps 2Java Script Based Client Server Webapps 2
Java Script Based Client Server Webapps 2
 
Building Ext JS Using HATEOAS - Jeff Stano
Building Ext JS Using HATEOAS - Jeff StanoBuilding Ext JS Using HATEOAS - Jeff Stano
Building Ext JS Using HATEOAS - Jeff Stano
 
Salesforce REST API
Salesforce  REST API Salesforce  REST API
Salesforce REST API
 
API Design, A Quick Guide to REST, SOAP, gRPC, and GraphQL, By Vahid Rahimian
API Design, A Quick Guide to REST, SOAP, gRPC, and GraphQL, By Vahid RahimianAPI Design, A Quick Guide to REST, SOAP, gRPC, and GraphQL, By Vahid Rahimian
API Design, A Quick Guide to REST, SOAP, gRPC, and GraphQL, By Vahid Rahimian
 
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
 
One Web (API?) – Alexandre Bertails - Ippevent 10 juin 2014
One Web (API?) – Alexandre Bertails - Ippevent 10 juin 2014One Web (API?) – Alexandre Bertails - Ippevent 10 juin 2014
One Web (API?) – Alexandre Bertails - Ippevent 10 juin 2014
 
REST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsREST APIs in the context of single-page applications
REST APIs in the context of single-page applications
 
JSON REST API for WordPress
JSON REST API for WordPressJSON REST API for WordPress
JSON REST API for WordPress
 
How RESTful Is Your REST?
How RESTful Is Your REST?How RESTful Is Your REST?
How RESTful Is Your REST?
 
Spring HATEOAS
Spring HATEOASSpring HATEOAS
Spring HATEOAS
 

More from Vladimir Tsukur

GraphQL APIs in Scala with Sangria
GraphQL APIs in Scala with SangriaGraphQL APIs in Scala with Sangria
GraphQL APIs in Scala with SangriaVladimir Tsukur
 
GraphQL - APIs The New Way
GraphQL - APIs The New WayGraphQL - APIs The New Way
GraphQL - APIs The New WayVladimir Tsukur
 
Hot and spicy Java with Lombok. Live!
Hot and spicy Java with Lombok. Live!Hot and spicy Java with Lombok. Live!
Hot and spicy Java with Lombok. Live!Vladimir Tsukur
 
Law of Demeter & Objective Sense of Style
Law of Demeter & Objective Sense of StyleLaw of Demeter & Objective Sense of Style
Law of Demeter & Objective Sense of StyleVladimir Tsukur
 
Abstraction Classes in Software Design
Abstraction Classes in Software DesignAbstraction Classes in Software Design
Abstraction Classes in Software DesignVladimir Tsukur
 
Acceptance Testing of Web UI
Acceptance Testing of Web UIAcceptance Testing of Web UI
Acceptance Testing of Web UIVladimir Tsukur
 
REpresentational State Transfer
REpresentational State TransferREpresentational State Transfer
REpresentational State TransferVladimir Tsukur
 

More from Vladimir Tsukur (8)

GraphQL APIs in Scala with Sangria
GraphQL APIs in Scala with SangriaGraphQL APIs in Scala with Sangria
GraphQL APIs in Scala with Sangria
 
GraphQL - APIs The New Way
GraphQL - APIs The New WayGraphQL - APIs The New Way
GraphQL - APIs The New Way
 
Hot and spicy Java with Lombok. Live!
Hot and spicy Java with Lombok. Live!Hot and spicy Java with Lombok. Live!
Hot and spicy Java with Lombok. Live!
 
Take a REST!
Take a REST!Take a REST!
Take a REST!
 
Law of Demeter & Objective Sense of Style
Law of Demeter & Objective Sense of StyleLaw of Demeter & Objective Sense of Style
Law of Demeter & Objective Sense of Style
 
Abstraction Classes in Software Design
Abstraction Classes in Software DesignAbstraction Classes in Software Design
Abstraction Classes in Software Design
 
Acceptance Testing of Web UI
Acceptance Testing of Web UIAcceptance Testing of Web UI
Acceptance Testing of Web UI
 
REpresentational State Transfer
REpresentational State TransferREpresentational State Transfer
REpresentational State Transfer
 

Recently uploaded

[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 

Recently uploaded (20)

[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 

Tel Aviv 2017 Hypermedia APIs and HATEOAS REST

  • 1. Tel Aviv, 2017Volodymyr Tsukur @ Engineering Meetup Hypermedia APIs and <HATEOAS>
  • 2. REST Volodymyr Tsukur partner @ software engineer @ flushdia vtsukur program committee @
  • 5.
  • 6. 6 { "user": "Noah", "title": "Meets expectations", "comment": "hey dude, you make America Great Again!", "rank": 10 } Trump Feedback API
  • 7. 7 { "user": "Shai", "title": "!", "comment": "oh you s** ** a bi***, how could people elect someone like you, ******* ******* ???", "rank": 1 } Trump Feedback API
  • 9. 9 Method URL Task POST /reviews Create GET /reviews View all GET /reviews/{id} Get PATCH / PUT /reviews/{id} Update DELETE /reviews/{id} Delete CRUD Style API
  • 10.
  • 11. if (status == Status.NEW) { submittedAt = LocalDateTime.now() status = Status.SUBMITTED } … CRUD is NOT enough create submit accept update delete NEW DELETED SUBMITTED ACCEPTED
  • 12. 12 Method URL Task PUT /reviews/{id}/submission Submit PUT /reviews/{id}/acceptance Accept GET /reviews/search/accepted Get accepted reviews API Changes
  • 16.
  • 17. 17 Task Method URL Update PATCH /reviews/{id} Delete DELETE /reviews/{id} Submit PUT /reviews/{id}/submission Accept PUT /reviews/{id}/acceptance URL Binding & Construction
  • 19. URL Change Drivers • monolith → micro-services • deployment requirements / proxies • resource renaming • optimization by client proximity • caching • …
  • 20. 20 Task Method URL Update (only if NEW) PATCH /reviews/{id} Delete (only if NEW) DELETE /reviews/{id} Submit (only if NEW) PUT /reviews/{id}/submission Accept (only if SUBMITTED) PUT /reviews/{id}/acceptance "Figuring" Out the Flow
  • 22. 22 Task Method URL Update (only if NEW and user has permissions) PATCH /reviews/{id} Delete (only if NEW and user has permissions) DELETE /reviews/{id} Submit (only if NEW and user has permissions) PUT /reviews/{id}/submission Accept (only if SUBMITTED and user has permissions) PUT /reviews/{id}/acceptance Security!
  • 23.
  • 24.
  • 25. "Hypermedia" = { "user": "Aviran", "title": "...", … } data { … "_links": { "submission": { "href": "/reviews/7/submission" }, "update": { "href": "/reviews/7" }, "deletion": { "href": "/reviews/7" } } } link +
  • 26. 26 Link Relation Task Method update Update PATCH deletion Delete DELETE submission Submit PUT acceptance Accept PUT Hypermedia API
  • 31. "Simple" Hypermedia ✓where to go? ✓when? - how?
  • 32. "I want hypermedia!" (2014) 0 % 7 % 14 % 21 % 28 % Hypermedia SOAP CRUD
  • 34.
  • 35.
  • 36. «A REST API should spend almost all of its descriptive effort in defining the media type(s) used for representing resources and driving application state, or in defining extended relation names and/or hypertext-enabled mark-up for existing standard media types.» Roy T. Fielding, 2008
  • 38. Mason{ "name": "Aviran", "title": "…", … "@controls": { "user": { "href": "/users/3" }, "review-submission": { "href": "/reviews/7/submission", "method": "PUT" } } }
  • 39. Hypermedia Factors level of hypermedia support
  • 40. CL = Link Semantics "_links": { "review": { "href": "/reviews/7" } }
  • 41. IANA Link Relations Name Description RFC self Conveys an identifier for the link's context. RFC4287 first An IRI that refers to the furthest preceding resource in a series of resources. RFC5988 last An IRI that refers to the furthest following resource in a series of resources. RFC5988 up Refers to a parent document in a hierarchy of documents. RFC5988 item The target IRI points to a resource that is a member of the collection represented by the context IRI. RFC6573 collection The target IRI points to a resource which represents the collection resource for the context IRI. RFC6573 edit Refers to a resource that can be used to edit the link's context. RFC5023 prev/previous Indicates that the link's context is a part of a series, and that the previous in the series is the link target. HTML5 next Indicates that the link's context is a part of a series, and that the next in the series is the link target. HTML5
  • 42. IANA Link Relations Name Description RFC create-form The target IRI points to a resource where a submission form can be obtained. RFC6861 edit-form The target IRI points to a resource where a submission form for editing associated resource can be obtained. RFC6861 payment Indicates a resource where payment is accepted RFC5988 latest-version Points to a resource containing the latest (e.g., current) version of the context. RFC5829 profile Identifying that a resource representation conforms to a certain profile, without affecting the non-profile semantics of the resource representation. RFC6906 search Refers to a resource that can be used to search through the link's context and related resources. OpenSearch index Refers to an index. HTML4 about Refers to a resource that is the subject of the link's context. RFC6903 help Refers to context-sensitive help. HTML5
  • 43. CL = Link Semantics <link rel="stylesheet" src="styles.css" />
  • 44. LE = Link Outbound "_links": { "user": { "href": "/users/7" } }
  • 45. LE = Link Outbound <a href="/review/1536c64.html"> Shai says "!", rating: 1 </a>
  • 46. LE = Link Embedded "_embedded": { "ratings": [ { "id": "7", … }, { "id": "8", … }, ] }
  • 47. LE = Link Embedded <img src="/images/cities/tel-aviv.jpg">
  • 48. LT = Templated Queries "_links": { "review-by-id": { "href": "/reviews{/id}", "templated": true } }
  • 49. LT = Templated Queries "_links": { "reviews": { "href": "/reviews{?page,size,sort}", "templated": true } }
  • 51. LT = Templated Queries <form method="get" action="/hotels/search"> <input name="query" type="text"> <input type="submit"> </form>
  • 52. LN = Non-Idemp. Updates "actions": [ { "name": "create-review", "method": "POST", "href": "/reviews", "type": "application/json", "fields": [ { "name": "user", "type": "text" }, { "name": "title", "type": "text" }, { "name": "comment", "type": "text" }, { "name": "rank", "type": "number" }, … ] } ]
  • 53. <form method="post" action="/reviews"> <input name="user" type="text"> <input name="title" type="text"> <input name="comment" type="text"> … <input type="submit"> </form> LN = Non-Idemp. Updates
  • 54. LN = Idempotent Updates "actions": [ { "name": "delete-review", "method": "DELETE", "href": "/reviews/7" } ]
  • 55. CM = Method Modification "actions": [ { "name": "delete-rating", "method": "DELETE", "href": "/ratings/1" } ]
  • 56. CR = Read Modification "_links": { "ballot": [ { "name": "ballot-json", "href": "/reviews/7", "type": "application/json" } { "name": "ballot-xml", "href": "/reviews/7", "type": "application/xml" } ] }
  • 58. Hypermedia Factors HTML XML JSON LE ⩗ ⊗ ⊗ LO ⩗ ⊗ ⊗ LT ⩗ ⊗ ⊗ LN ⩗ ⊗ ⊗ LI ⊗ ⊗ ⊗ CR ⊗ ⊗ ⊗ CU ⩗ ⊗ ⊗ CM ⩗ ⊗ ⊗ CL ⩗ ⊗ ⊗
  • 59. JSON-based Media Types JSON-LD JSON API HAL Cj Siren Mason Uber LE ⩗ ⩗ ⩗ ⩗ ⩗ ⩗ ⩗ LO ⩗ ⩗ ⩗ ⩗ ⩗ ⩗ ⩗ LT ⊗ ⩗ ⩗ ⩗ ⊗ ⩗ ⩗ LN ⊗ ⊗ ⊗ ⩗ ⩗ ⩗ ⩗ LI ⊗ ⊗ ⊗ ⩗ ⩗ ⩗ ⩗ CR ⊗ ⊗ ⩗ ⊗ ⩗ ⩗ ⩗ CU ⊗ ⊗ ⊗ ⊗ ⩗ ⩗ ⩗ CM ⊗ ⊗ ⊗ ⊗ ⩗ ⩗ ⩗ CL ⩗ ⩗ ⩗ ⩗ ⩗ ⩗ ⩗
  • 60. Before Choosing Media Type • list information client would want from the API • draw state diagram -think "tasks" -"(non-)idempotent", "(un-)safe"
  • 61. { "@id": "http://trump.feedback/reviews/7", "@context": "http://trump.feedback/schema/review.jsonld", "user": "Shai", "title": "!", "comment": "oh you s** ** a bi*** ...", "rank": 1, … } JSON-LD
  • 62. { "@context": { "user": "http://schema.org/name", "title": "https://schema.org/title", "comment": "https://schema.org/comment", "rank": "https://schema.org/ratingValue" … } } http://trump-feedback/schema/rating.jsonld
  • 63. { "@id": "http://trump-feedback/reviews/7", … "supportedOperations": [ { "@type": "ReviewSubmission", "method": "PUT", "expects": "#Review" } ] } JSON-LD + Hydra
  • 64. { "class": [ "review" ], "properties": { "user": "Aviran", "title": "...", … }, "links": …, "actions": [ { "name": "review-submission", "href": "/reviews/7", "method": "PUT", … } ] } SIREN
  • 65. CL = Link Semantics "_links": { "review": { "href": "/reviews/7" } }
  • 66. CL = Link Semantics "_links": { "http://trump-feedback/rels/review": { "href": "/reviews/7" } }
  • 67. CL = Link Semantics "_links": { "urn:trump-feedback/rels/review": { "href": "/reviews/1" } }
  • 68. CL = Link Semantics "_links": { "trump-feedback:review": { "href": "/reviews/1" } }
  • 71. Documentation • no URLs except of the entry point • resources • links (namespaces) • HTTP status codes, verbs • authentication, rate limiting • errors
  • 72. Mason{ "name": "Aviran", "title": "...", … "@namespaces": { "trump-feedback": { "name": "http://trump-feedback/rels/" } }, "@controls": { "trump-feedback:user": { "href": "/users/3" }, "trump-feedback:review-submission": { "href": "/reviews/7/submission", "method": "PUT" } } }
  • 76.
  • 77. References 1. http://www.google.com.ua/trends/explore#q=web%20api%2C%20rest%20api&cmpt=q&tz= 2. http://finance.i.ua/market/ 3. http://projects.spring.io/spring-boot/ 4. http://projects.spring.io/spring-data/ 5. http://docs.spring.io/spring-data/jpa/docs/1.7.2.RELEASE/reference/html/ 6. http://projects.spring.io/spring-data-rest/ 7. http://docs.spring.io/spring-data/rest/docs/2.3.0.RELEASE/reference/html/ 8. https://spring.io/blog/2014/07/14/spring-data-rest-now-comes-with-alps-metadata 9. http://projects.spring.io/spring-hateoas/ 10. http://docs.spring.io/spring-hateoas/docs/0.17.0.RELEASE/reference/html/ 11. https://github.com/spring-projects/spring-restdocs 12. https://blog.akana.com/hypermedia-apis 13. http://www.apiacademy.co/lessons/api-design/web-api-architectural-styles 14. http://www.programmableweb.com/news/modern-api-architectural-styles-offer-developers-choices/2014/06/13 15. https://en.wikipedia.org/wiki/Hypermedia 16. http://stateless.co/hal_specification.html 17. https://github.com/kevinswiber/siren 18. https://www.mnot.net/blog/2013/06/23/linking_apis 19. http://oredev.org/2010/sessions/hypermedia-apis 20. http://vimeo.com/75106815 21. https://www.innoq.com/blog/st/2012/06/hypermedia-benefits-for-m2m-communication/ 22. http://ws-rest.org/2014/sites/default/files/wsrest2014_submission_12.pdf 23. http://www.infoq.com/news/2014/03/ca-api-survey 24. https://twitter.com/hypermediaapis 25. https://www.youtube.com/watch?v=hdSrT4yjS1g 26. https://www.youtube.com/watch?v=mZ8_QgJ5mbs 27. http://nordsc.com/ext/classification_of_http_based_apis.html 28. http://soabits.blogspot.no/2013/12/selling-benefits-of-hypermedia.html 29. https://github.com/mamund/Building-Hypermedia-APIs 30. http://tech.blog.box.com/2013/04/get-developer-hugs-with-rich-error-handling-in-your-api/