Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.
Próximo SlideShare
What to Upload to SlideShare
Siguiente
Descargar para leer sin conexión y ver en pantalla completa.

Compartir

Creating an api from design to security.

Descargar para leer sin conexión

Talk to TDC 2020 - Florianópolis by Roan Brasil Monteiro and Otavio Santana

Audiolibros relacionados

Gratis con una prueba de 30 días de Scribd

Ver todo

Creating an api from design to security.

  1. 1. Otavio Santana @otaviojava Creating an API: From Design to Security Roan Brasil @roanbrasil
  2. 2. Otavio Santana @otaviojava DevRel Engineer + Java Champion + JCP-EC-EG-EGL + Apache Committer + Eclipse Committer + Eclipse Project Leader + Book and blog writer Speaker
  3. 3. Roan Brasil @roanbrasil Senior Engineer + JCP-Member + Open Source Contributor + Book and blog writer + Teacher Speaker
  4. 4. 10 commandments 1. API Design 2. Glory of Rest 3. Documentation 4. Versioning 5. DDD 6. Clean Architecture 7. Database 8. CQRS 9. Pagination 10. Security
  5. 5. Ⅰ Api Design ● API ● Contract First ● Contract Last
  6. 6. ⅠⅠ Glory of Rest ● Richardson Maturity Model ○ Model of Restful Maturity ○ Integration Problems
  7. 7. ⅠⅠ Glory of Rest ● Level 0 ○ HTTP - transport system for remote interactions ● Level 1 ○ Individual Resources ● Level 2 ○ POST ○ GET ○ DELETE ○ PATCH / PUT ● Level 3 ○ HATEOAS (Hypertext As The Engine Of Application State)
  8. 8. Ⅲ Documentation ● Swagger ● Language Documentation ● Open-API
  9. 9. ⅠⅤ Versioning 1. URL a. http://yourapi.domain.com/api/v1/doSomething 2. Query Parameters a. http://yourapi.domain.com/api/doSomething?version=1 3. Custom Headers a. Accept-version: v1 4. Content Negotiation a. Accept: application/vnd.domain.v1+json b. Accept: application/vnd.domain+json;version=1.0
  10. 10. Ⅴ DDD ● Ubiquitous Language ● Domain ● Subdomain ● Bounded Context
  11. 11. ⅤⅠ Clean Architecture ● SOLID ● Layers ○ Presentation Layer ■ Controller ○ Application Layer ■ Service Orchestrating ○ Domain Layer ■ DTO/POJO ■ Entities ■ Services ○ Infrastructure Layer ■ Repositories ■ Config
  12. 12. Ⅶ Database ● NoSQL vs SQL ● Encapsulation ● CAP
  13. 13. ⅦⅠ CQRS ● Command Query Responsibility Segregation ○ Greg Young's 2010 essay ○ Write - Command ○ Read - Query
  14. 14. Ⅸ Pagination ● Performance ● HATEOAS
  15. 15. Ⅹ Security ● Basic Authentication ● OAuth 2.0 ○ JWT - JSON Web Tokens (RFC 7519) ■ JWS - JSON Web Signature (RFC 7515) ■ JWE - JSON Web Encryption (RFC 7516) Site: https://jwt.io/
  16. 16. Q&A Thank you
  • niksrn2011

    Sep. 1, 2020
  • glesio

    Jun. 27, 2020
  • boaglio

    Jun. 27, 2020
  • manassessouza12

    Jun. 26, 2020

Talk to TDC 2020 - Florianópolis by Roan Brasil Monteiro and Otavio Santana

Vistas

Total de vistas

321

En Slideshare

0

De embebidos

0

Número de embebidos

6

Acciones

Descargas

6

Compartidos

0

Comentarios

0

Me gusta

4

×