SlideShare a Scribd company logo

Restful webservices

Download as PPTX, PDF
Lemberg Solutions
Lemberg Solutions

RESTful webservices: yesterday, today, tomorrow. Lemberg's presentation for Lviv Euro Drupal Camp 2013. For more articles visit blog.lemberg.co.uk

Technology
1 of 27
1
   This presentation is not about Drupal It’s probably a bit boring: no funny images, no code listings and a lot of text Still here? Let’s go! 2
     Brief web APIs history overview What is web API What is REST How to design great web APIs What does Drupal offer for web APIs 3
Web API is a bridge between your application and the rest of the world 4
5
6
Is an architectural style, not a strict standard Offers a lot of flexibility Allows to design best practices Provides interfaces that developers love 7
1. 2. 3. 4. 5. 6. Write documentation Reuse functionality of HTTP protocol Be pragmatic Be consistent Be simple, hide complexity Do not invent custom authorization method 8
    Use single access point, i.e. api.example.com There should be only 2 base URLs per resource: /cats /cats/16 Be consistent: use either singular or plural nouns Avoid extra abstraction, use concrete names, avoid /items, /assets etc 9
    /getCat /createCat /getAllClients /newVehicleCustomer     /cats /clients /customers /vehicles 10
  Verbs are okay: /convert?from=UAH&to=USD&amount=100 Define this “non-resource” behavior explicitly 11
There are plenty of HTTP methods: GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD etc There are 4 basic operations: Create, Read, Update, Delete (CRUD) POST => Create, GET => Read, PUT => Update, DELETE => Delete Resource POST /cats /cats/123 GET PUT DELETE Create a new List cats cat Bulk update cats Delete all cats - If exists, update cat Delete cat Show cat 12
  Deep URLs structure is a bad practice, i.e. avoid long URLs: /client/1/application/2/version/3/terms Use simple approach: /resource/identifier/resource 13
  Keep base URLs structure simple Hide all extra information behind the “?”: ◦ ◦ ◦ ◦ Pagination Search Collection filtering Partial response 14
     Use HTTP status codes Make error messages as verbose as possible Use Warning header for any extra information Provide debug mode (hide under the “?”) Allow for suppressing this behavior (hide under the “?”): /cats?suppress_http_errors=true 15
    API version number is mandatory Use a simple ordinal number, i.e. v1, v2 Maintain at least two versions: current and the previous one Put version in the base URL or in the header 16
     All requests should use pagination Define defaults: number of records and offset Define pagination: limit & offset /cats?limit=10&offset=0 Use the same limit and offset for all resources Allow for a partial response. Hide fields filtering behind the “?” /cats?fields=name,color,weight 17
   Respect Accept header Throw an error, if you cannot deliver response in the expected format (406 Not Acceptable) Use JSON as a default format 18
That’s it. Do not invent custom authorization. Do not use oAuth-like authorization. 19
1. 2. 3. 4. 5. Services (6.x; 7.x): https://drupal.org/project/services RESTful Web Services (7.x): https://drupal.org/project/restws Services Entity API (7.x) http://drupal.org/project/services_entity REST services (7.x) https://drupal.org/sandbox/Taran2L/18073 78 REST in core (8.x) 20
     Relies on the endpoints (custom URLs) Uses drupal_form_submit() for write operations Out of the box covers nodes, comments, users only No default Drupal cookie based authentication (requires explicit authentication with custom hooks) Great integration with other modules (like Views) 21
     Relies on Entity API and metadata about entities No endpoints: uses /entity_type/1.json or /entity_type/1.xml Supports any entity type out of the box Access control on top of Entity API and Field API Standard user authentication over session cookies or HTTP Basic Auth submodule 22
  Combines approaches from Services and RESTWS Configurable endpoints + Entity API for data management 23
? 24
   Hypertext Transfer Protocol -- HTTP/1.1 http://tools.ietf.org/html/rfc2616 Web API Design http://apigee.com/about/content/web-apidesign REST and Serialization in Drupal 8 http://linclark.github.io/d8-rest-slides/ http://www.youtube.com/watch?v=w6dqzDb Y78k 25
Head of Web development @ Lemberg Solutions Taran2L https://drupal.org/user/473438 Roman Paska http://linkedin.com/in/romanpaska/ 26
Thank you! 27

Recommended

Developing on the aloashbei platform
Developing on the aloashbei platformDeveloping on the aloashbei platform
Developing on the aloashbei platform
pycharmer
 
Beginners PHP Tutorial
Beginners PHP TutorialBeginners PHP Tutorial
Beginners PHP Tutorial
alexjones89
 
Php.ppt
Php.pptPhp.ppt
Php.ppt
MAGNA COLLEGE OF ENGINEERING
 
php
phpphp
php
ajeetjhajharia
 
Software Design
Software DesignSoftware Design
Software Design
Spy Seat
 
Criando aplicações RestFul com Zend Framework 2
Criando aplicações RestFul com Zend Framework 2Criando aplicações RestFul com Zend Framework 2
Criando aplicações RestFul com Zend Framework 2
Elton Minetto
 
PHP Tutorials
PHP TutorialsPHP Tutorials
PHP Tutorials
Yuriy Krapivko
 
Flyr PHP micro-framework
Flyr PHP micro-frameworkFlyr PHP micro-framework
Flyr PHP micro-framework
Siro Díaz Palazón
 

Recommended

Developing on the aloashbei platform
Developing on the aloashbei platformDeveloping on the aloashbei platform
Developing on the aloashbei platform
pycharmer
 
Beginners PHP Tutorial
Beginners PHP TutorialBeginners PHP Tutorial
Beginners PHP Tutorial
alexjones89
 
Php.ppt
Php.pptPhp.ppt
Php.ppt
MAGNA COLLEGE OF ENGINEERING
 
php
phpphp
php
ajeetjhajharia
 
Software Design
Software DesignSoftware Design
Software Design
Spy Seat
 
Criando aplicações RestFul com Zend Framework 2
Criando aplicações RestFul com Zend Framework 2Criando aplicações RestFul com Zend Framework 2
Criando aplicações RestFul com Zend Framework 2
Elton Minetto
 
PHP Tutorials
PHP TutorialsPHP Tutorials
PHP Tutorials
Yuriy Krapivko
 
Flyr PHP micro-framework
Flyr PHP micro-frameworkFlyr PHP micro-framework
Flyr PHP micro-framework
Siro Díaz Palazón
 
Lean Php Presentation
Lean Php PresentationLean Php Presentation
Lean Php Presentation
Alan Pinstein
 
RESTful API Design Best Practices Using ASP.NET Web API
RESTful API Design Best Practices Using ASP.NET Web APIRESTful API Design Best Practices Using ASP.NET Web API
RESTful API Design Best Practices Using ASP.NET Web API
💻 Spencer Schneidenbach
 
Apigility – Lightning Fast API Development - OSSCamp 2014
Apigility – Lightning Fast API Development - OSSCamp 2014 Apigility – Lightning Fast API Development - OSSCamp 2014
Apigility – Lightning Fast API Development - OSSCamp 2014
OSSCube
 
Php presentation
Php presentationPhp presentation
Php presentation
Helen Pitlick
 
Introduction to php
Introduction to phpIntroduction to php
Introduction to php
Taha Malampatti
 
Introduction to PHP
Introduction to PHPIntroduction to PHP
Introduction to PHP
Bradley Holt
 
40+ tips to use Postman more efficiently
40+ tips to use Postman more efficiently40+ tips to use Postman more efficiently
40+ tips to use Postman more efficiently
postmanclient
 
[drupalday2017] - REST in pieces
[drupalday2017] - REST in pieces[drupalday2017] - REST in pieces
[drupalday2017] - REST in pieces
DrupalDay
 
PHP in one presentation
PHP in one presentationPHP in one presentation
PHP in one presentation
Milad Rahimi
 
REST API Best Practices & Implementing in Codeigniter
REST API Best Practices & Implementing in CodeigniterREST API Best Practices & Implementing in Codeigniter
REST API Best Practices & Implementing in Codeigniter
Sachin G Kulkarni
 
Php hypertext pre-processor
Php hypertext pre-processorPhp hypertext pre-processor
Php hypertext pre-processor
Siddique Ibrahim
 
Web REST APIs Design Principles
Web REST APIs Design PrinciplesWeb REST APIs Design Principles
Web REST APIs Design Principles
Anji Beeravalli
 
Crafting APIs
Crafting APIsCrafting APIs
Crafting APIs
Tatiana Al-Chueyr
 
The 7 Deadly Sins of API Design
The 7 Deadly Sins of API DesignThe 7 Deadly Sins of API Design
The 7 Deadly Sins of API Design
luisw19
 
REST in pieces
REST in piecesREST in pieces
REST in pieces
sparkfabrik
 
Great APIs - Future of Your Progress App
Great APIs - Future of Your Progress AppGreat APIs - Future of Your Progress App
Great APIs - Future of Your Progress App
Gabriel Lucaciu
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.
Mario Cardinal
 
API Workshop: Deep dive into REST APIs
API Workshop: Deep dive into REST APIsAPI Workshop: Deep dive into REST APIs
API Workshop: Deep dive into REST APIs
Tom Johnson
 
Web Dev 21-01-2024.pptx
Web Dev 21-01-2024.pptxWeb Dev 21-01-2024.pptx
Web Dev 21-01-2024.pptx
PARDHIVANNABATTULA
 
grlc: Bridging the Gap Between RESTful APIs and Linked Data
grlc: Bridging the Gap Between RESTful APIs and Linked Datagrlc: Bridging the Gap Between RESTful APIs and Linked Data
grlc: Bridging the Gap Between RESTful APIs and Linked Data
Albert Meroño-Peñuela
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developers
Patrick Savalle
 
The future of server side JavaScript
The future of server side JavaScriptThe future of server side JavaScript
The future of server side JavaScript
Oleg Podsechin
 

More Related Content

What's hot

RESTful API Design Best Practices Using ASP.NET Web API
RESTful API Design Best Practices Using ASP.NET Web APIRESTful API Design Best Practices Using ASP.NET Web API
RESTful API Design Best Practices Using ASP.NET Web API
💻 Spencer Schneidenbach
 
Php hypertext pre-processor
Php hypertext pre-processorPhp hypertext pre-processor
Php hypertext pre-processor
Siddique Ibrahim
 
Web REST APIs Design Principles
Web REST APIs Design PrinciplesWeb REST APIs Design Principles
Web REST APIs Design Principles
Anji Beeravalli
 

What's hot (12)

Lean Php Presentation
Lean Php PresentationLean Php Presentation
Lean Php Presentation
 
RESTful API Design Best Practices Using ASP.NET Web API
RESTful API Design Best Practices Using ASP.NET Web APIRESTful API Design Best Practices Using ASP.NET Web API
RESTful API Design Best Practices Using ASP.NET Web API
 
Apigility – Lightning Fast API Development - OSSCamp 2014
Apigility – Lightning Fast API Development - OSSCamp 2014 Apigility – Lightning Fast API Development - OSSCamp 2014
Apigility – Lightning Fast API Development - OSSCamp 2014
 
Php presentation
Php presentationPhp presentation
Php presentation
 
Introduction to php
Introduction to phpIntroduction to php
Introduction to php
 
Introduction to PHP
Introduction to PHPIntroduction to PHP
Introduction to PHP
 
40+ tips to use Postman more efficiently
40+ tips to use Postman more efficiently40+ tips to use Postman more efficiently
40+ tips to use Postman more efficiently
 
[drupalday2017] - REST in pieces
[drupalday2017] - REST in pieces[drupalday2017] - REST in pieces
[drupalday2017] - REST in pieces
 
PHP in one presentation
PHP in one presentationPHP in one presentation
PHP in one presentation
 
REST API Best Practices & Implementing in Codeigniter
REST API Best Practices & Implementing in CodeigniterREST API Best Practices & Implementing in Codeigniter
REST API Best Practices & Implementing in Codeigniter
 
Php hypertext pre-processor
Php hypertext pre-processorPhp hypertext pre-processor
Php hypertext pre-processor
 
Web REST APIs Design Principles
Web REST APIs Design PrinciplesWeb REST APIs Design Principles
Web REST APIs Design Principles
 

Similar to Restful webservices

The 7 Deadly Sins of API Design
The 7 Deadly Sins of API DesignThe 7 Deadly Sins of API Design
The 7 Deadly Sins of API Design
luisw19
 
The future of server side JavaScript
The future of server side JavaScriptThe future of server side JavaScript
The future of server side JavaScript
Oleg Podsechin
 
Php Asp Net Interoperability Rc Jao
Php Asp Net Interoperability Rc JaoPhp Asp Net Interoperability Rc Jao
Php Asp Net Interoperability Rc Jao
jedt
 
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystemI can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
Sidu Ponnappa
 

Similar to Restful webservices (20)

Crafting APIs
Crafting APIsCrafting APIs
Crafting APIs
 
The 7 Deadly Sins of API Design
The 7 Deadly Sins of API DesignThe 7 Deadly Sins of API Design
The 7 Deadly Sins of API Design
 
REST in pieces
REST in piecesREST in pieces
REST in pieces
 
Great APIs - Future of Your Progress App
Great APIs - Future of Your Progress AppGreat APIs - Future of Your Progress App
Great APIs - Future of Your Progress App
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.
 
API Workshop: Deep dive into REST APIs
API Workshop: Deep dive into REST APIsAPI Workshop: Deep dive into REST APIs
API Workshop: Deep dive into REST APIs
 
Web Dev 21-01-2024.pptx
Web Dev 21-01-2024.pptxWeb Dev 21-01-2024.pptx
Web Dev 21-01-2024.pptx
 
grlc: Bridging the Gap Between RESTful APIs and Linked Data
grlc: Bridging the Gap Between RESTful APIs and Linked Datagrlc: Bridging the Gap Between RESTful APIs and Linked Data
grlc: Bridging the Gap Between RESTful APIs and Linked Data
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developers
 
The future of server side JavaScript
The future of server side JavaScriptThe future of server side JavaScript
The future of server side JavaScript
 
Web services - REST and SOAP
Web services - REST and SOAPWeb services - REST and SOAP
Web services - REST and SOAP
 
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data... Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
 
Guidelines php 8 gig
Guidelines php 8 gigGuidelines php 8 gig
Guidelines php 8 gig
 
Rest applied
Rest appliedRest applied
Rest applied
 
The ultimate api checklist by Blendr.io
The ultimate api checklist by Blendr.ioThe ultimate api checklist by Blendr.io
The ultimate api checklist by Blendr.io
 
Php Asp Net Interoperability Rc Jao
Php Asp Net Interoperability Rc JaoPhp Asp Net Interoperability Rc Jao
Php Asp Net Interoperability Rc Jao
 
Survival Strategies for API Documentation: Presentation to Southwestern Ontar...
Survival Strategies for API Documentation: Presentation to Southwestern Ontar...Survival Strategies for API Documentation: Presentation to Southwestern Ontar...
Survival Strategies for API Documentation: Presentation to Southwestern Ontar...
 
apidays LIVE Paris - Potential of API integrations, common traps and advices ...
apidays LIVE Paris - Potential of API integrations, common traps and advices ...apidays LIVE Paris - Potential of API integrations, common traps and advices ...
apidays LIVE Paris - Potential of API integrations, common traps and advices ...
 
2022 APIsecure_Securing APIs with Open Standards
2022 APIsecure_Securing APIs with Open Standards2022 APIsecure_Securing APIs with Open Standards
2022 APIsecure_Securing APIs with Open Standards
 
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystemI can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
 

More from Lemberg Solutions

More from Lemberg Solutions (12)

`People Management` by Roman Paska
`People Management` by Roman Paska`People Management` by Roman Paska
`People Management` by Roman Paska
 
Connfa! Progressive web app
Connfa! Progressive web appConnfa! Progressive web app
Connfa! Progressive web app
 
Common iPhone Mistakes. An Efficient Guide for QA's and iOS Developers.
Common iPhone Mistakes. An Efficient Guide for QA's and iOS Developers.Common iPhone Mistakes. An Efficient Guide for QA's and iOS Developers.
Common iPhone Mistakes. An Efficient Guide for QA's and iOS Developers.
 
Open Social
Open Social Open Social
Open Social
 
Drupal services - Lemberg Solutions
Drupal services - Lemberg SolutionsDrupal services - Lemberg Solutions
Drupal services - Lemberg Solutions
 
Connected car
Connected carConnected car
Connected car
 
'What is iBeacon?' by Roman Malinovskyi
'What is iBeacon?' by Roman Malinovskyi'What is iBeacon?' by Roman Malinovskyi
'What is iBeacon?' by Roman Malinovskyi
 
`From Prototype to Drupal` by Andrew Ivasiv
`From Prototype to Drupal` by Andrew Ivasiv`From Prototype to Drupal` by Andrew Ivasiv
`From Prototype to Drupal` by Andrew Ivasiv
 
Drush deploy presentation by Goruachev Mikhail
Drush deploy presentation by Goruachev MikhailDrush deploy presentation by Goruachev Mikhail
Drush deploy presentation by Goruachev Mikhail
 
Tips On Getting Everything You Can Out of Drupal Form API'
Tips On Getting Everything You Can Out of Drupal Form API' Tips On Getting Everything You Can Out of Drupal Form API'
Tips On Getting Everything You Can Out of Drupal Form API'
 
Web Portfolio
Web PortfolioWeb Portfolio
Web Portfolio
 
Introducing Lemberg
Introducing LembergIntroducing Lemberg
Introducing Lemberg
 

Recently uploaded

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Recently uploaded (20)

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

Restful webservices

  • 1. 1
  • 2.    This presentation is not about Drupal It’s probably a bit boring: no funny images, no code listings and a lot of text Still here? Let’s go! 2
  • 3.      Brief web APIs history overview What is web API What is REST How to design great web APIs What does Drupal offer for web APIs 3
  • 4. Web API is a bridge between your application and the rest of the world 4
  • 5. 5
  • 6. 6
  • 7. Is an architectural style, not a strict standard Offers a lot of flexibility Allows to design best practices Provides interfaces that developers love 7
  • 8. 1. 2. 3. 4. 5. 6. Write documentation Reuse functionality of HTTP protocol Be pragmatic Be consistent Be simple, hide complexity Do not invent custom authorization method 8
  • 9.     Use single access point, i.e. api.example.com There should be only 2 base URLs per resource: /cats /cats/16 Be consistent: use either singular or plural nouns Avoid extra abstraction, use concrete names, avoid /items, /assets etc 9
  • 11.   Verbs are okay: /convert?from=UAH&to=USD&amount=100 Define this “non-resource” behavior explicitly 11
  • 12. There are plenty of HTTP methods: GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD etc There are 4 basic operations: Create, Read, Update, Delete (CRUD) POST => Create, GET => Read, PUT => Update, DELETE => Delete Resource POST /cats /cats/123 GET PUT DELETE Create a new List cats cat Bulk update cats Delete all cats - If exists, update cat Delete cat Show cat 12
  • 13.   Deep URLs structure is a bad practice, i.e. avoid long URLs: /client/1/application/2/version/3/terms Use simple approach: /resource/identifier/resource 13
  • 14.   Keep base URLs structure simple Hide all extra information behind the “?”: ◦ ◦ ◦ ◦ Pagination Search Collection filtering Partial response 14
  • 15.      Use HTTP status codes Make error messages as verbose as possible Use Warning header for any extra information Provide debug mode (hide under the “?”) Allow for suppressing this behavior (hide under the “?”): /cats?suppress_http_errors=true 15
  • 16.     API version number is mandatory Use a simple ordinal number, i.e. v1, v2 Maintain at least two versions: current and the previous one Put version in the base URL or in the header 16
  • 17.      All requests should use pagination Define defaults: number of records and offset Define pagination: limit & offset /cats?limit=10&offset=0 Use the same limit and offset for all resources Allow for a partial response. Hide fields filtering behind the “?” /cats?fields=name,color,weight 17
  • 18.    Respect Accept header Throw an error, if you cannot deliver response in the expected format (406 Not Acceptable) Use JSON as a default format 18
  • 19. That’s it. Do not invent custom authorization. Do not use oAuth-like authorization. 19
  • 20. 1. 2. 3. 4. 5. Services (6.x; 7.x): https://drupal.org/project/services RESTful Web Services (7.x): https://drupal.org/project/restws Services Entity API (7.x) http://drupal.org/project/services_entity REST services (7.x) https://drupal.org/sandbox/Taran2L/18073 78 REST in core (8.x) 20
  • 21.      Relies on the endpoints (custom URLs) Uses drupal_form_submit() for write operations Out of the box covers nodes, comments, users only No default Drupal cookie based authentication (requires explicit authentication with custom hooks) Great integration with other modules (like Views) 21
  • 22.      Relies on Entity API and metadata about entities No endpoints: uses /entity_type/1.json or /entity_type/1.xml Supports any entity type out of the box Access control on top of Entity API and Field API Standard user authentication over session cookies or HTTP Basic Auth submodule 22
  • 23.   Combines approaches from Services and RESTWS Configurable endpoints + Entity API for data management 23
  • 24. ? 24
  • 25.    Hypertext Transfer Protocol -- HTTP/1.1 http://tools.ietf.org/html/rfc2616 Web API Design http://apigee.com/about/content/web-apidesign REST and Serialization in Drupal 8 http://linclark.github.io/d8-rest-slides/ http://www.youtube.com/watch?v=w6dqzDb Y78k 25
  • 26. Head of Web development @ Lemberg Solutions Taran2L https://drupal.org/user/473438 Roman Paska http://linkedin.com/in/romanpaska/ 26