A more advanced talk for those developers thinking of making the move from ASMX or WCF-based services to the ASP.NET Web API. RESTful services have their place in the middle tiers and this talk addresses how to make the mental shift toward REST. There's a lot of focus on how to ease the transition from such a complex framework as WCF to something as simplistic as the Web API.
7. The ASMX Experience
• Simple publication model
• HTTP for transport only
• Slow serialization
• Tightly integration with
ASP.NET and IIS
• Difficult to test
• Encourages the RPC
(swamp of POX) model
• A simple, Level 0
experience
Level 3
Level 2
Level 1
Level 0
8. The WCF Experience
• Complex publication model
• Highly configurable transports
• Better serialization
• Well-integrated with IIS
• Also easy to self-host
• Very rich metadata
• Difficult to test
• Rich data contracts hint at
resource-orientation
• A highly-adaptable but
complex Level 1 experience
Level 3
Level 2
Level 1
Level 0
9. From StackOverflow.com
“I am totally confused between WCF and
ASMX web services. I have used a lot of web
services in my earlier stage and now there is
this new thing introduced called WCF. I can
still create WCF that function as a web
service. I think there will be more stuff in
WCF. Can anyone provide me any article or
difference between WCF and Web services
such as which one to use and when?”
Result: many developers stayed with ASMX.
12. The Web API Experience
• Tightly coupled to HTTP
• Content negotiation
• Open-ended formatting
• No reliance on a platform
• (Almost) no metadata
• Solid resource-orientation
• Easy to test
• A simple, HTTP-
centric, Level 2 experience
with nascent hypermedia
support
Level 3
Level 2
Level 1
Level 0
13. H A T E O A S
Hypermedia As
The Engine Of
Application State
H A T E O A S
14. Today, would you design a
web application that requires
proprietary or native, third-
party plug-ins
to run inside the
web browser?
19. Extensions, etc.
• CreateErrorResponse – many overloads
• CreateResponse – many overloads
• GetClientCertificate
• GetProperty<T>
• GetQueryNameValuePairs
• GetUrlHelper
• Properties
Most are in System.Net.Http.dll.
23. Important Attributes
o HttpGet
o HttpPost
o HttpPut
o HttpPatch
o HttpDelete
o HttpHead
o HttpOptions
o AcceptVerbs
o Authorize
o AllowAnonymous
o NonAction
o FromBody
o FromUri
o Queryable
24. Example One
Create a Simple Controller to Fetch Person Entities
Add OData Query Syntax Support
Constrain the Queryable Interface
25. Example One Summary
• Implement a basic controller with actions
• Demonstrate controller selection by convention
• Discuss controller selection by attribution
• Implement OData query parameters and
demonstrate
• Discuss Queryable attribute
26. Where’s my metadata?
• Web API publishes metadata!
• See Yao’s blog:
http://blogs.msdn.com/b/yaohuang1
• IApiExplorer research has yielded
o Web API Help Pages
o Web API Test Client
32. Example Three Summary
• Implement an application key handler
• Discuss the invocation of the InnerHandler
• Demonstrate the creation and return of an error
response
• Discuss why throwing exceptions will always return
an HTTP 500 (Internal Server Error) result
• Demonstrate using the request object to create the
error response instead
• Attach the handler to the pipeline
• Debug with Help & Test
33.
34. Security Tips
• Tunnel via SSL when possible
• Use Thinktecture IdentityModel for authentication
• Use [Authorize] and [AllowAnonymous] for
authentication
• For CORS support:
o ThinkTecture.IdentityModel
o Microsoft ASP.NET Web API Cross-Origin Support (Beta)
• Think PAINT
36. Issues and Missing Stuff
Caching (Safety)
Idempotence
Transaction Enlistment
Concurrency and
Instancing
Message Encryption
One-way APIs
37. Recommendations
• Focus on documentation, media types and
hyperlinking
• Use help pages and the WebApiTestClient
• Define cross-cutting concerns and use message
handlers
• Consider the Katana Project and Open Web
Interface for .NET (OWIN) for self-hosting
• Use the ThinkTecture.Identity Model
• Make testing a central theme in your API
development because it’s so easy