SlideShare a Scribd company logo

Kotlin server side frameworks

Ken Yee
Ken Yee

Short presentation given at a local Kotlin meetup on what to look for in a server framework and pros/cons of Kotlin server frameworks that are available

Software
1 of 32
Download to read offline
Komparing Kotlin Server Frameworks Ken Yee (Android and occasional backend dev)
Agenda - What is a backend? - What to look for in a server framework? - What frameworks are available? - Pros/Cons of each framework
What is a Backend? REST API Web server Chat server
1. Backends are What apps/clients talk to so that users can ➔ Read dynamic data So you can share information ➔ Authenticate Because it’s about user access ➔ Write persistent data Into a DB on the server for interaction
2. Backends must Be reliable ➔ Read dynamic data Scalable ➔ Authenticate Secure ➔ Write persistent data Resilient
What do you look for in a framework? Kotlin, DSL, Websockets, HTTP/2, Non-Blocking, CORS, CSRF, OIDC, OAuth2, Testing, Documentation
1. Kotlin! On the server is: ➔ Familiar Language Closer to Isomorphic ➔ Concise Extension and Higher Order functions, DSLs ➔ Null/Type Safety Compared to Javascript, Python, Ruby
Java (Spring Webflux) Kotlin class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } public class BlogRouter { public RouterFunction<ServerResponse> route(BlogHandler blogHandler) { return RouterFunctions .route(RequestPredicates.GET("/blog").and(RequestPredicat es.accept(MediaType.TEXT_HTML)), blogHandler::findAllBlogs) .route(RequestPredicates.GET("/blog/{slug}").and(RequestPr edicates.accept(MediaType.TEXT_HTML)), blogHandler::findOneBlog) .route(RequestPredicates.GET("/api/blog").and(RequestPredi cates.accept(MediaType.APPLICATION_JSON)),blogHandle r::findOne) .route(RequestPredicates.GET("/api/blog/{id}").and(Request Predicates.accept(MediaType.APPLICATION_JSON)), blogHandler::findOne); } }
Express.js Kotlin class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } var router = express.Router() var blogHandler = BlogHandler() router.get('/blog', function (req, res) { res.send(blogHandler.findAllBlogs()) }) router.get('/blog/:slug', function (req, res) { res.send(blogHandler.findOneBlog(req.params )) }) router.get('/api/blog', function (req, res) { res.send(blogHandler.findAll()) }) router.get('/blog/:id', function (req, res) { res.send(blogHandler.findOne(req.params)) })
2. Speed Efficiency ➔ Non-blocking Reactor or Kotlin Coroutine Event driven w/ Netty vs. threading ➔ Http/2 Formerly Google’s SPDY that uses single connections to grab resources Push resources to clients ➔ Websockets Useful for real-time chat/games
3. CORS Cross Origin Resource Sharing ➔ Browser Javascript security Limits domains web client (Single Page Apps) is allowed access to ➔ Microservices Web clients can call different endpoints for each microservice
4. CSRF Cross Site Request Forgery ➔ Browser form security Prevents other sites from sending in the same form fields for a request ➔ Browser cookie security CSRF can protect cookies that are sent to browsers
5. OIDC/OAuth2 Delegation, not Authentication ➔ Oauth2 Standard refresh tokens and access token that can be revoked ➔ OIDC OpenID Connect; aka, OAuth2 v2 or OpenID v3 JSON Web Token encoded data Auth token and delegation token
6. Testing Bug prevention ➔ Unit Testing Test internal business logic ➔ Integration Testing Test server
7. Documentation How? Help? ➔ Official Documentation Clear documentation for features Useful examples ➔ Community StackOverflow Github stars Real projects ➔ API Swagger/RAML
Which frameworks? Ktor, Http4K Jooby Vert.x, Spring JHipster, ...
Features Age Javalin SparkJava Ktor Jooby Vert.x Spring Http4K
Ktor Ktor Routing routing { accept(ContentType.Text.Html) { get(“/blog”) { call.respond(blogHandler::findAllBlogs) } get(“/blog/{slug}”) { call.respond(blogHandler.findOneBlog(call.parameters) ) } } accept(ContentType.Application.Json) { get("/api/blog") { call.respond(blogHandler::findAll) } get("/api/blog/{id}") { call.respond(blogHandler.findOne(call.parameters)) } } } ➔ Pros JetBrains’ official server framework Pure Kotlin Kotlin coroutine support ➔ Cons Least mature framework Not much module support but enough Only Freemarker/Velocity templates
Ktor Coroutines get("/{...}") { withContext(CommonPool) { call.slow() } } private suspend fun ApplicationCall.slow() { respondHtml { body { "Slow result" } } }
Web API DB Load Balancers Clients Monolith Architecture
Web Account Load Balancers/ Service Locators Clients Cart Logging (ELK) Gateway Microservice Architecture Tracing (Zipkin)
Http4K Http4K Routing routes( “/blog” bind routes( “/” bind GET to { _ -> bloghandler.findAllBlogs() }, “/{slug}” bind GET to { req -> bloghandler.findOneBlog(req) } ), “/api” bind routes( “/blog” bind GET to { _ -> bloghandler.findAll() }, “/blog/{id}” bind GET to { req -> bloghandler.findOne(req) } ) ).asServer(Jetty(8000)).start() ➔ Pros Pure Kotlin Resilience4J support Can deploy to AWS Lambda Pluggable backends Micrometer support Zipkin support Swagger support OAuth support for Auth0 and Google ➔ Cons No built-in non-blocking support No Kotlin coroutine support Not as mature as other Java frameworks
Jooby Jooby Routing class App: Kooby({ use(Jackson()) get("/blog") { bloghandler.findAllBlogs() } get("/blog/:slug") { req -> bloghandler.findOneBlog(req.param(“slug”).value) } get("/api/blog") { bloghandler.findAll() } get(“/api/blog/:id”) { blogHandler.findOne(req.param<Int>(“id”)) } }) ➔ Pros Pluggable backends Event loop non-blocking Even more modules than Http4K Swagger/RAML Lots of DB support Job scheduling ➔ Cons No Kotlin coroutine support No zipkin or opentracing support
Vert.x Vert.x Routing private val router = Router.router(vertx).apply { get("/blog") .handler(bloghandler::findAllBlogs) get("/blog/:slug") .handler(bloghandler::findOneBlog) get("/api/blog") .handler(bloghandler::findAll) get("/api/blog/:id") .handler (bloghandler::findOne) } ➔ Pros Kotlin coroutine support Event loop non-blocking Near top in TechEmpower benchmarks Micrometer and Hawkular Auto-clustering Polyglot (JS, Python, Clojure, Java, etc.) Redpipe for Reactive Kovert (opinionated Kotlin) Swagger support ➔ Cons A bit more monolith than microservice Not as mainstream in US
Vert.x
Spring Spring Routing class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } ➔ Pros Most popular framework Webflux/Reactor non-blocking Most modules Kitchen sink can be daunting Spring Initializer to autogen microservice Spring Initializer supports Kotlin! JHipster Swagger support ➔ Cons Need kotlin-spring/jpa plugins No official Kotlin coroutine support
Spring WebFlux @GetMapping("/api/blog/{id}") public Mono<ResponseEntity<Blog>> getBlogById(@PathVariable(value = "id") String blogId) { return blogRepository.findById(blogId) .map(savedBlog -> ResponseEntity.ok(savedBlog)) .defaultIfEmpty( ResponseEntity.notFound().build()); }
JHipster JHipster Cmds jhipster --blueprint generator-jhipster-kotlin yo jhipster:import-jdl blog-jdl.jh https://developer.okta.com/blog/2018/03/01 /develop-microservices-jhipster-oauth ➔ Pros Scaffolds Spring/Angular projects Jhipster-kotlin generates Kotlin projects Design data models and autogen CRUD RAILS/GRAILS-like Generates Netflix microservice arch Includes user management (UAA) ➔ Cons Harder to find where to change things Easy to complicate simple projects
zipkin
All The Things! Backends are easy in Kotlin Lots of choices
Further Reading - https://nordicapis.com/api-security-oauth-openid-connect-depth/ - https://ktor.io/ - https://www.http4k.org/ - https://jooby.org/ - https://vertx.io/ - https://github.com/kohesive/kovert - http://redpipe.net/ - https://spring.io/ - https://github.com/konrad-kaminski/spring-kotlin-coroutine - https://www.jhipster.tech/ - https://github.com/jhipster/jhipster-kotlin - https://www.techempower.com/benchmarks/

Recommended

What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?Derek Edwards
 
Authentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongAuthentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongDerek Perkins
 
Flask jwt authentication tutorial
Flask jwt authentication tutorialFlask jwt authentication tutorial
Flask jwt authentication tutorialKaty Slemon
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorizationGiulio De Donato
 
ASP.NET MVC Workshop for Women in Technology
ASP.NET MVC Workshop for Women in TechnologyASP.NET MVC Workshop for Women in Technology
ASP.NET MVC Workshop for Women in TechnologyMałgorzata Borzęcka
 
JavaOne 2014 - Securing RESTful Resources with OAuth2
JavaOne 2014 - Securing RESTful Resources with OAuth2JavaOne 2014 - Securing RESTful Resources with OAuth2
JavaOne 2014 - Securing RESTful Resources with OAuth2Rodrigo Cândido da Silva
 
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -Naoki Nagazumi
 
Using Play Framework 2 in production
Using Play Framework 2 in productionUsing Play Framework 2 in production
Using Play Framework 2 in productionChristian Papauschek
 

Recommended

What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?What are JSON Web Tokens and Why Should I Care?
What are JSON Web Tokens and Why Should I Care?Derek Edwards
 
Authentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongAuthentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongDerek Perkins
 
Flask jwt authentication tutorial
Flask jwt authentication tutorialFlask jwt authentication tutorial
Flask jwt authentication tutorialKaty Slemon
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorizationGiulio De Donato
 
ASP.NET MVC Workshop for Women in Technology
ASP.NET MVC Workshop for Women in TechnologyASP.NET MVC Workshop for Women in Technology
ASP.NET MVC Workshop for Women in TechnologyMałgorzata Borzęcka
 
JavaOne 2014 - Securing RESTful Resources with OAuth2
JavaOne 2014 - Securing RESTful Resources with OAuth2JavaOne 2014 - Securing RESTful Resources with OAuth2
JavaOne 2014 - Securing RESTful Resources with OAuth2Rodrigo Cândido da Silva
 
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -
アプリ開発で知っておきたい認証技術 - OAuth 1.0 + OAuth 2.0 + OpenID Connect -Naoki Nagazumi
 
Using Play Framework 2 in production
Using Play Framework 2 in productionUsing Play Framework 2 in production
Using Play Framework 2 in productionChristian Papauschek
 
Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWTTuyen Vuong
 
JWT Authentication with AngularJS
JWT Authentication with AngularJSJWT Authentication with AngularJS
JWT Authentication with AngularJSrobertjd
 
Entity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applicationsEntity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applicationsMikhail Egorov
 
Super Fast Application development with Mura CMS
Super Fast Application development with Mura CMSSuper Fast Application development with Mura CMS
Super Fast Application development with Mura CMSColdFusionConference
 
Play Framework 2.5
Play Framework 2.5Play Framework 2.5
Play Framework 2.5m-kurz
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and PracticesPrabath Siriwardena
 
In-browser storage and me
In-browser storage and meIn-browser storage and me
In-browser storage and meJason Casden
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPRafal Gancarz
 
Drupal, Android and iPhone
Drupal, Android and iPhoneDrupal, Android and iPhone
Drupal, Android and iPhoneAlexandru Badiu
 
REST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsREST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsJon Todd
 
Hey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the ProblemHey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the ProblemColdFusionConference
 
Android and REST
Android and RESTAndroid and REST
Android and RESTRoman Woźniak
 
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRFOWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRFPaul Mooney
 
2016 pycontw web api authentication
2016 pycontw web api authentication 2016 pycontw web api authentication
2016 pycontw web api authentication Micron Technology
 
Octopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EEOctopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EERudy De Busscher
 
Keycloak Single Sign-On
Keycloak Single Sign-OnKeycloak Single Sign-On
Keycloak Single Sign-OnRavi Yasas
 
RESTEasy
RESTEasyRESTEasy
RESTEasyKhushbu Joshi
 
What is the taste of the Selenide
What is the taste of the SelenideWhat is the taste of the Selenide
What is the taste of the SelenideRoman Marinsky
 
HTML5 Real-Time and Connectivity
HTML5 Real-Time and ConnectivityHTML5 Real-Time and Connectivity
HTML5 Real-Time and ConnectivityPeter Lubbers
 
CQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and DeploymentCQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and Deploymentklcodanr
 
How to debug IoT Agents
How to debug IoT AgentsHow to debug IoT Agents
How to debug IoT AgentsFernando Lopez Aguilar
 
Top 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersTop 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersBrian Huff
 

More Related Content

What's hot

Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWTTuyen Vuong
 
JWT Authentication with AngularJS
JWT Authentication with AngularJSJWT Authentication with AngularJS
JWT Authentication with AngularJSrobertjd
 
Entity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applicationsEntity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applicationsMikhail Egorov
 
Super Fast Application development with Mura CMS
Super Fast Application development with Mura CMSSuper Fast Application development with Mura CMS
Super Fast Application development with Mura CMSColdFusionConference
 
Play Framework 2.5
Play Framework 2.5Play Framework 2.5
Play Framework 2.5m-kurz
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and PracticesPrabath Siriwardena
 
In-browser storage and me
In-browser storage and meIn-browser storage and me
In-browser storage and meJason Casden
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPRafal Gancarz
 
Drupal, Android and iPhone
Drupal, Android and iPhoneDrupal, Android and iPhone
Drupal, Android and iPhoneAlexandru Badiu
 
REST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsREST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsJon Todd
 
Hey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the ProblemHey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the ProblemColdFusionConference
 
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRFOWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRFPaul Mooney
 
2016 pycontw web api authentication
2016 pycontw web api authentication 2016 pycontw web api authentication
2016 pycontw web api authentication Micron Technology
 
Octopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EEOctopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EERudy De Busscher
 
Keycloak Single Sign-On
Keycloak Single Sign-OnKeycloak Single Sign-On
Keycloak Single Sign-OnRavi Yasas
 
What is the taste of the Selenide
What is the taste of the SelenideWhat is the taste of the Selenide
What is the taste of the SelenideRoman Marinsky
 
HTML5 Real-Time and Connectivity
HTML5 Real-Time and ConnectivityHTML5 Real-Time and Connectivity
HTML5 Real-Time and ConnectivityPeter Lubbers
 
CQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and DeploymentCQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and Deploymentklcodanr
 

What's hot (20)

Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWT
 
JWT Authentication with AngularJS
JWT Authentication with AngularJSJWT Authentication with AngularJS
JWT Authentication with AngularJS
 
Entity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applicationsEntity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applications
 
Super Fast Application development with Mura CMS
Super Fast Application development with Mura CMSSuper Fast Application development with Mura CMS
Super Fast Application development with Mura CMS
 
Play Framework 2.5
Play Framework 2.5Play Framework 2.5
Play Framework 2.5
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and Practices
 
In-browser storage and me
In-browser storage and meIn-browser storage and me
In-browser storage and me
 
Securing Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTPSecuring Microservices using Play and Akka HTTP
Securing Microservices using Play and Akka HTTP
 
Drupal, Android and iPhone
Drupal, Android and iPhoneDrupal, Android and iPhone
Drupal, Android and iPhone
 
REST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTsREST Service Authetication with TLS & JWTs
REST Service Authetication with TLS & JWTs
 
Hey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the ProblemHey My Web App is Slow Where is the Problem
Hey My Web App is Slow Where is the Problem
 
Android and REST
Android and RESTAndroid and REST
Android and REST
 
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRFOWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
OWASP Ireland June Chapter Meeting - Paul Mooney on ARMOR & CSRF
 
2016 pycontw web api authentication
2016 pycontw web api authentication 2016 pycontw web api authentication
2016 pycontw web api authentication
 
Octopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EEOctopus framework; Permission based security framework for Java EE
Octopus framework; Permission based security framework for Java EE
 
Keycloak Single Sign-On
Keycloak Single Sign-OnKeycloak Single Sign-On
Keycloak Single Sign-On
 
RESTEasy
RESTEasyRESTEasy
RESTEasy
 
What is the taste of the Selenide
What is the taste of the SelenideWhat is the taste of the Selenide
What is the taste of the Selenide
 
HTML5 Real-Time and Connectivity
HTML5 Real-Time and ConnectivityHTML5 Real-Time and Connectivity
HTML5 Real-Time and Connectivity
 
CQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and DeploymentCQ5 Development Setup, Maven Build and Deployment
CQ5 Development Setup, Maven Build and Deployment
 

Similar to Kotlin server side frameworks

Top 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersTop 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersBrian Huff
 
FIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE
 
Building APIs with NodeJS on Microsoft Azure Websites - Redmond
Building APIs with NodeJS on Microsoft Azure Websites - RedmondBuilding APIs with NodeJS on Microsoft Azure Websites - Redmond
Building APIs with NodeJS on Microsoft Azure Websites - RedmondRick G. Garibay
 
SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!Wayne Williams
 
Simple REST with Dropwizard
Simple REST with DropwizardSimple REST with Dropwizard
Simple REST with DropwizardAndrei Savu
 
Real-Time Communication Testing Evolution with WebRTC
Real-Time Communication Testing Evolution with WebRTCReal-Time Communication Testing Evolution with WebRTC
Real-Time Communication Testing Evolution with WebRTCAlexandre Gouaillard
 
Getting Started with API Management – Why It's Needed On-prem and in the Cloud
Getting Started with API Management – Why It's Needed On-prem and in the CloudGetting Started with API Management – Why It's Needed On-prem and in the Cloud
Getting Started with API Management – Why It's Needed On-prem and in the CloudRevelation Technologies
 
SOLID Programming with Portable Class Libraries
SOLID Programming with Portable Class LibrariesSOLID Programming with Portable Class Libraries
SOLID Programming with Portable Class LibrariesVagif Abilov
 
How to Use Stormpath in angular js
How to Use Stormpath in angular jsHow to Use Stormpath in angular js
How to Use Stormpath in angular jsStormpath
 
Building APIs in an easy way using API Platform
Building APIs in an easy way using API PlatformBuilding APIs in an easy way using API Platform
Building APIs in an easy way using API PlatformAntonio Peric-Mazar
 
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)Richard Bullington-McGuire
 
DreamFactory Essentials Webinar
DreamFactory Essentials WebinarDreamFactory Essentials Webinar
DreamFactory Essentials WebinarDreamFactory
 
web2py:Web development like a boss
web2py:Web development like a bossweb2py:Web development like a boss
web2py:Web development like a bossFrancisco Ribeiro
 
Seattle StrongLoop Node.js Workshop
Seattle StrongLoop Node.js WorkshopSeattle StrongLoop Node.js Workshop
Seattle StrongLoop Node.js WorkshopJimmy Guerrero
 
“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with EverythingDave Hay
 
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systemsDEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systemsFelipe Prado
 
Module 3 - How SWORD Works
Module 3 - How SWORD WorksModule 3 - How SWORD Works
Module 3 - How SWORD WorksSWORD Project
 
REST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsREST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsyoranbe
 

Similar to Kotlin server side frameworks (20)

How to debug IoT Agents
How to debug IoT AgentsHow to debug IoT Agents
How to debug IoT Agents
 
Top 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud DevelopersTop 10 HTML5 Features for Oracle Cloud Developers
Top 10 HTML5 Features for Oracle Cloud Developers
 
FIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT Agents
 
Building APIs with NodeJS on Microsoft Azure Websites - Redmond
Building APIs with NodeJS on Microsoft Azure Websites - RedmondBuilding APIs with NodeJS on Microsoft Azure Websites - Redmond
Building APIs with NodeJS on Microsoft Azure Websites - Redmond
 
SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!
 
Simple REST with Dropwizard
Simple REST with DropwizardSimple REST with Dropwizard
Simple REST with Dropwizard
 
Real-Time Communication Testing Evolution with WebRTC
Real-Time Communication Testing Evolution with WebRTCReal-Time Communication Testing Evolution with WebRTC
Real-Time Communication Testing Evolution with WebRTC
 
API SECURITY
API SECURITYAPI SECURITY
API SECURITY
 
Getting Started with API Management – Why It's Needed On-prem and in the Cloud
Getting Started with API Management – Why It's Needed On-prem and in the CloudGetting Started with API Management – Why It's Needed On-prem and in the Cloud
Getting Started with API Management – Why It's Needed On-prem and in the Cloud
 
SOLID Programming with Portable Class Libraries
SOLID Programming with Portable Class LibrariesSOLID Programming with Portable Class Libraries
SOLID Programming with Portable Class Libraries
 
How to Use Stormpath in angular js
How to Use Stormpath in angular jsHow to Use Stormpath in angular js
How to Use Stormpath in angular js
 
Building APIs in an easy way using API Platform
Building APIs in an easy way using API PlatformBuilding APIs in an easy way using API Platform
Building APIs in an easy way using API Platform
 
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
 
DreamFactory Essentials Webinar
DreamFactory Essentials WebinarDreamFactory Essentials Webinar
DreamFactory Essentials Webinar
 
web2py:Web development like a boss
web2py:Web development like a bossweb2py:Web development like a boss
web2py:Web development like a boss
 
Seattle StrongLoop Node.js Workshop
Seattle StrongLoop Node.js WorkshopSeattle StrongLoop Node.js Workshop
Seattle StrongLoop Node.js Workshop
 
“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything
 
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systemsDEF CON 24 - workshop - Craig Young - brainwashing embedded systems
DEF CON 24 - workshop - Craig Young - brainwashing embedded systems
 
Module 3 - How SWORD Works
Module 3 - How SWORD WorksModule 3 - How SWORD Works
Module 3 - How SWORD Works
 
REST APIs in the context of single-page applications
REST APIs in the context of single-page applicationsREST APIs in the context of single-page applications
REST APIs in the context of single-page applications
 

Recently uploaded

Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 

Recently uploaded (20)

Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 

Kotlin server side frameworks

  • 1. Komparing Kotlin Server Frameworks Ken Yee (Android and occasional backend dev)
  • 2. Agenda - What is a backend? - What to look for in a server framework? - What frameworks are available? - Pros/Cons of each framework
  • 3. What is a Backend? REST API Web server Chat server
  • 4. 1. Backends are What apps/clients talk to so that users can ➔ Read dynamic data So you can share information ➔ Authenticate Because it’s about user access ➔ Write persistent data Into a DB on the server for interaction
  • 5. 2. Backends must Be reliable ➔ Read dynamic data Scalable ➔ Authenticate Secure ➔ Write persistent data Resilient
  • 6. What do you look for in a framework? Kotlin, DSL, Websockets, HTTP/2, Non-Blocking, CORS, CSRF, OIDC, OAuth2, Testing, Documentation
  • 7. 1. Kotlin! On the server is: ➔ Familiar Language Closer to Isomorphic ➔ Concise Extension and Higher Order functions, DSLs ➔ Null/Type Safety Compared to Javascript, Python, Ruby
  • 8. Java (Spring Webflux) Kotlin class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } public class BlogRouter { public RouterFunction<ServerResponse> route(BlogHandler blogHandler) { return RouterFunctions .route(RequestPredicates.GET("/blog").and(RequestPredicat es.accept(MediaType.TEXT_HTML)), blogHandler::findAllBlogs) .route(RequestPredicates.GET("/blog/{slug}").and(RequestPr edicates.accept(MediaType.TEXT_HTML)), blogHandler::findOneBlog) .route(RequestPredicates.GET("/api/blog").and(RequestPredi cates.accept(MediaType.APPLICATION_JSON)),blogHandle r::findOne) .route(RequestPredicates.GET("/api/blog/{id}").and(Request Predicates.accept(MediaType.APPLICATION_JSON)), blogHandler::findOne); } }
  • 9. Express.js Kotlin class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } var router = express.Router() var blogHandler = BlogHandler() router.get('/blog', function (req, res) { res.send(blogHandler.findAllBlogs()) }) router.get('/blog/:slug', function (req, res) { res.send(blogHandler.findOneBlog(req.params )) }) router.get('/api/blog', function (req, res) { res.send(blogHandler.findAll()) }) router.get('/blog/:id', function (req, res) { res.send(blogHandler.findOne(req.params)) })
  • 10. 2. Speed Efficiency ➔ Non-blocking Reactor or Kotlin Coroutine Event driven w/ Netty vs. threading ➔ Http/2 Formerly Google’s SPDY that uses single connections to grab resources Push resources to clients ➔ Websockets Useful for real-time chat/games
  • 11. 3. CORS Cross Origin Resource Sharing ➔ Browser Javascript security Limits domains web client (Single Page Apps) is allowed access to ➔ Microservices Web clients can call different endpoints for each microservice
  • 12. 4. CSRF Cross Site Request Forgery ➔ Browser form security Prevents other sites from sending in the same form fields for a request ➔ Browser cookie security CSRF can protect cookies that are sent to browsers
  • 13. 5. OIDC/OAuth2 Delegation, not Authentication ➔ Oauth2 Standard refresh tokens and access token that can be revoked ➔ OIDC OpenID Connect; aka, OAuth2 v2 or OpenID v3 JSON Web Token encoded data Auth token and delegation token
  • 14. 6. Testing Bug prevention ➔ Unit Testing Test internal business logic ➔ Integration Testing Test server
  • 15. 7. Documentation How? Help? ➔ Official Documentation Clear documentation for features Useful examples ➔ Community StackOverflow Github stars Real projects ➔ API Swagger/RAML
  • 18. Ktor Ktor Routing routing { accept(ContentType.Text.Html) { get(“/blog”) { call.respond(blogHandler::findAllBlogs) } get(“/blog/{slug}”) { call.respond(blogHandler.findOneBlog(call.parameters) ) } } accept(ContentType.Application.Json) { get("/api/blog") { call.respond(blogHandler::findAll) } get("/api/blog/{id}") { call.respond(blogHandler.findOne(call.parameters)) } } } ➔ Pros JetBrains’ official server framework Pure Kotlin Kotlin coroutine support ➔ Cons Least mature framework Not much module support but enough Only Freemarker/Velocity templates
  • 19. Ktor Coroutines get("/{...}") { withContext(CommonPool) { call.slow() } } private suspend fun ApplicationCall.slow() { respondHtml { body { "Slow result" } } }
  • 22. Http4K Http4K Routing routes( “/blog” bind routes( “/” bind GET to { _ -> bloghandler.findAllBlogs() }, “/{slug}” bind GET to { req -> bloghandler.findOneBlog(req) } ), “/api” bind routes( “/blog” bind GET to { _ -> bloghandler.findAll() }, “/blog/{id}” bind GET to { req -> bloghandler.findOne(req) } ) ).asServer(Jetty(8000)).start() ➔ Pros Pure Kotlin Resilience4J support Can deploy to AWS Lambda Pluggable backends Micrometer support Zipkin support Swagger support OAuth support for Auth0 and Google ➔ Cons No built-in non-blocking support No Kotlin coroutine support Not as mature as other Java frameworks
  • 23. Jooby Jooby Routing class App: Kooby({ use(Jackson()) get("/blog") { bloghandler.findAllBlogs() } get("/blog/:slug") { req -> bloghandler.findOneBlog(req.param(“slug”).value) } get("/api/blog") { bloghandler.findAll() } get(“/api/blog/:id”) { blogHandler.findOne(req.param<Int>(“id”)) } }) ➔ Pros Pluggable backends Event loop non-blocking Even more modules than Http4K Swagger/RAML Lots of DB support Job scheduling ➔ Cons No Kotlin coroutine support No zipkin or opentracing support
  • 24. Vert.x Vert.x Routing private val router = Router.router(vertx).apply { get("/blog") .handler(bloghandler::findAllBlogs) get("/blog/:slug") .handler(bloghandler::findOneBlog) get("/api/blog") .handler(bloghandler::findAll) get("/api/blog/:id") .handler (bloghandler::findOne) } ➔ Pros Kotlin coroutine support Event loop non-blocking Near top in TechEmpower benchmarks Micrometer and Hawkular Auto-clustering Polyglot (JS, Python, Clojure, Java, etc.) Redpipe for Reactive Kovert (opinionated Kotlin) Swagger support ➔ Cons A bit more monolith than microservice Not as mainstream in US
  • 26. Spring Spring Routing class BlogRouter(private val blogHandler: BlogHandler) { fun router() = router { ("/blog" and accept(TEXT_HTML)).nest { GET("/", blogHandler::findAllBlogs) GET("/{slug}", blogHandler::findOneBlog) } ("/api/blog" and accept(APPLICATION_JSON)).nest { GET("/", blogHandler::findAll) GET("/{id}", blogHandler::findOne) } } } ➔ Pros Most popular framework Webflux/Reactor non-blocking Most modules Kitchen sink can be daunting Spring Initializer to autogen microservice Spring Initializer supports Kotlin! JHipster Swagger support ➔ Cons Need kotlin-spring/jpa plugins No official Kotlin coroutine support
  • 27. Spring WebFlux @GetMapping("/api/blog/{id}") public Mono<ResponseEntity<Blog>> getBlogById(@PathVariable(value = "id") String blogId) { return blogRepository.findById(blogId) .map(savedBlog -> ResponseEntity.ok(savedBlog)) .defaultIfEmpty( ResponseEntity.notFound().build()); }
  • 28. JHipster JHipster Cmds jhipster --blueprint generator-jhipster-kotlin yo jhipster:import-jdl blog-jdl.jh https://developer.okta.com/blog/2018/03/01 /develop-microservices-jhipster-oauth ➔ Pros Scaffolds Spring/Angular projects Jhipster-kotlin generates Kotlin projects Design data models and autogen CRUD RAILS/GRAILS-like Generates Netflix microservice arch Includes user management (UAA) ➔ Cons Harder to find where to change things Easy to complicate simple projects
  • 29.
  • 31. All The Things! Backends are easy in Kotlin Lots of choices
  • 32. Further Reading - https://nordicapis.com/api-security-oauth-openid-connect-depth/ - https://ktor.io/ - https://www.http4k.org/ - https://jooby.org/ - https://vertx.io/ - https://github.com/kohesive/kovert - http://redpipe.net/ - https://spring.io/ - https://github.com/konrad-kaminski/spring-kotlin-coroutine - https://www.jhipster.tech/ - https://github.com/jhipster/jhipster-kotlin - https://www.techempower.com/benchmarks/