3. Overview
1. Recap
2. REST Webservice
3. Public REST Webservice
3. REST Callout
4. Test classes for webservices
5. Summary
Presenter: Suryakanta Mekap, Mindfire Solutions
4. Steps for Creation
Step One: Obtain a Salesforce Developer Edition Organization
Step Two: Create class that will work as REST webservice
Step Three: Set Up Authorization
Step Four: Send HTTP Requests
Presenter: Suryakanta Mekap, Mindfire Solutions
5. REST Webservice
1. First, create and define an Apex class as global with keyword
"@RestResource" to signify the class responsible for handling HTTP
requests and act as REST based web service.
@RestResource(urlMapping='/TestREST/')
global with sharing class HelloWorld {
@HttpGet
global static string sayHelloWorld() {{
return 'Hello';
}
}
The global access modifier declares that the class is visible to all Apex
scripts everywhere.
This means the class can be used by any Apex code, not just the Apex in the
same application.
Presenter: Suryakanta Mekap, Mindfire Solutions
6. REST Webservice(Continued...)
2. The urlMapping property allows us to set the endpoint(where the
service will be available) .
Example: https://ap1.salesforce.com/services/apexrest/TestREST/
3. @HttpGet, @HttpPost, @HttpDelete, @HttpPut, @HttpPatch keyword
must be included before the methods to respond on a GET, POST ,
DELETE, PUT and PATCH calls respectively.
4. The methods responsible for handling HTTP requests have global access
specifier and static keyword with them.
5. We can use RestRequest object in a method to pass parameters to the
service.
6. The limitation is that you can declare only one method for each
@HttpGet, @HttpPost, @HttpDelete, @HttpPut, @HttpPatch keyword to
respond for each http type request.
Presenter: Suryakanta Mekap, Mindfire Solutions
7. Oauth 2.0
Salesforce uses authentication to allow users to securely access data
Supported OAuth flows include:
Web server flow, where the server can securely protect the consumer secret.
User-agent flow, used by applications that cannot securely store the consumer
secret.
Username-password flow, where the application has direct access to user
credentials.
After successfully authenticating the user, you’ll receive an access token which can
be used to make authenticated REST API calls.
A remote access/connected app application is an application external to Salesforce
that uses the OAuth protocol to verify both the Salesforce
user and the external application.
Presenter: Suryakanta Mekap, Mindfire Solutions
8. Oauth 2.0 (Continued...)
OAuth endpoints are the URLs you use to make OAuth authentication
requests to Salesforce.
You need to use the correct Salesforce OAuth endpoint when issuing
authentication requests in your application. The primary OAuth endpoints
are:
For authorization: https://login.salesforce.com/services/oauth2/authorize
For token requests: https://login.salesforce.com/services/oauth2/token
For revoking OAuth tokens:
https://login.salesforce.com/services/oauth2/revoke
All endpoints require secure HTTP (HTTPS).
Presenter: Suryakanta Mekap, Mindfire Solutions
9. Public REST Webservice
1) Create a REST webservice.
2) Go to Site > Setup > App Setup > Develop > Sites > Select your Site >
Give access of webservice class to site profile.
Lets say this is the location:
https://ap1.salesforce.com/services/apexrest/TestREST/HelloWorld
And our site URL is
https://mindfire-surya-developer-edition.ap1.force.com/
So our final location will be:
https://mindfire-surya-developeredition.ap1.force.com/services/apexrest/TestREST/HelloWorld
Now you can use this location and there will be no need of getting any
access tokens or session Ids.
Presenter: Suryakanta Mekap, Mindfire Solutions
10. REST Callout
Apex Callouts enable Apex to invoke external web services so that you
connect to third party services.
Before any Apex callout can call an external site, that site must be
registered in the Remote Site Settings page, or the callout fails.
Salesforce prevents calls to unauthorized network addresses.
Skipping this will result in "System.CalloutException: IO Exception:
Unauthorized endpoint, please check Setup->Security->Remote site
settings. endpoint ="...
Presenter: Suryakanta Mekap, Mindfire Solutions
11. REST Callout(Continued...)
1. Apex provides several built-in classes(HTTP, HTTPRequest,
HTTPResponse) to work with HTTP services and create HTTP requests like
GET, POST, PUT, and DELETE.
(It also enables the ability to integrate to SOAP-based web services as an
alternate option to leveraging WSDL2Apex. By using the HTTP classes,
instead of WSDL2Apex, the developer has more responsibility to handling
the construction of the SOAP message both for the request and the response.
)
2. Below is a sample example of Restful callout you can make to know the
location of the IP address sent:
Suppose we want to send HTTP GET requests to:
http://www.freegeoip.net/{format}/{ip_or_hostname}
and the supported response format is csv, xml, json.
Presenter: Suryakanta Mekap, Mindfire Solutions