asp.net web api training
TRANSCRIPT
ASP.NET WEB API (ADVANCED COURSE)
Trainer: Chalermpon Areepong
Microsoft MVP : ASP.NET
ASP.NET & MVC THAI DEVELOPERS GROUP
www.fb.com/groups/mvcthaidev
ABOUT ME
CHALERMPON AREEPONG : Nine (นาย)
I’m a web developer
Microsoft MVP ASP.NET for 7 years
Founders in ASP.NET & MVC Developers Thailand (MVCTHAIDEV)
AGENDA I
Web Technology Introduce
ASP.NET WEB API Introduct
ModelBinder and Custom
Formatter and Custom
ODATA
Async Operation
Performance Improvement
AGENDA II (OPTIONAL)
Async Operation
Performance Improvement
WEB TECHNOLOGYINTRODUCE
HTTP
URI : [scheme]: [port]: //[host] /[path] [? query] Representation : Content or Data Media Type : application/json, application/xml, image/png
HTTP : Hypertext Transfer Protocol HTTP Messages
HTTP Request HTTP Response
HTTP Method GET, POST, PUT, DELETE, HEAD, OPTIONS, PATCH and TRACE
HTTP METHOD
Method Objection
GET Retrieves information from a resource. return 200 (OK)
POST Requests the server to create new one of entity without duplicate object. Return code 201 (Created) or 202 (Accepted)
PUT Requests the server to replace the state of the target resource at the specified URI with the enclosed entity. If an existing resource exists for the current representation, it should return a 200(OK) ,204 (No Content) ,201 (Created).
DELETE Requests the server to remove the entity located at the specified URI. Return code 200(completed), 202 (Accepted) or 204 (No Content).
PATCH Requests the server to do a partial update of the the entity at the specified URI. The content of the patch should have enough information that the server can use to apply the update. If the resource exists the server and can be updated, return 200(OK), 204 (No Content),201 (Created).
HTTP METHOD
Method Objection
HEAD Identical to a GET only it returns headers and not the body.
OPTIONS Requests the server to return information about it’s capabilities. Most commonly it returns an Allow header specifying which HTTP methods are supported, though the spec leaves it completely open ended. For example it is entirely feasible to list which media types the server supports. OPTIONS can also return a body supplying further information that cannot be represented in the headers.
TRACE Requests the server to return back the request it received. The server will return the entire request message in the body with a Content-Type of "message/http". This is useful for diagnostics as clients can see which proxies the request passed through and how the request may have been modified by intermediaries.
CONNECT
Converts the request connection to a TCP Tunnel (HTTPS, websokets)
WEB COMMUNICATION
Web Server
GET
Response
GET https://www.facebook.com/groups/mvcthaidev HTTP/1.1method: GETaccept-encoding: gzip,deflate,sdchurl: /groups/mvcthaidevhost: www.facebook.comaccept-language: en-US,en;q=0.8user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.94 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8version: HTTP/1.1scheme: https
HTTP/1.1 200 OKcache-control: private, no-cache, no-store, must-revalidatecontent-encoding: gzipcontent-type: text/html; charset=utf-8date: Sat, 25 May 2013 08:21:01 GMTexpires: Sat, 01 Jan 2000 00:00:00 GMTp3p: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"pragma: no-cacheset-cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponlystatus: 200strict-transport-security: max-age=60version: HTTP/1.1x-content-type-options: nosniffx-fb-debug: ERdqB2SxAcgCR0CJZG4+D200CnnoJPJV8k+R1bKkdi0=x-frame-options: DENYx-xss-protection: 0
Output : <!DOCTYPE html><html lang="en" id="facebook" class="no_js"> …………………………
WEB COMMUNICATION
Web Server
POST
Response
POST https://www.facebook.com/ajax/chat/imps_logging.php HTTP/1.1origin: https://www.facebook.commethod: POSTaccept-encoding: gzip,deflate,sdchurl: /ajax/chat/imps_logging.phphost: www.facebook.comaccept-language: en-US,en;q=0.8user-agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.94 Safari/537.36content-type: application/x-www-form-urlencodedaccept: */*referer: https://www.facebook.com/groups/mvcthaidevx-svn-rev: 826852version: HTTP/1.1content-length: 242scheme: https
HTTP/1.1 200 OKcache-control: private, no-cache, no-store, must-revalidatecontent-encoding: gzipcontent-type: application/x-javascript; charset=utf-8date: Sat, 25 May 2013 08:21:05 GMTexpires: Sat, 01 Jan 2000 00:00:00 GMTpragma: no-cachestatus: 200strict-transport-security: max-age=60version: HTTP/1.1x-content-type-options: nosniffx-fb-debug: IPFu6HhUMaNDxBAvHb94M96B0QjjrZ7YeMdmBL4ArLQ=x-frame-options: DENYx-xss-protection: 0
Input: Form datasource: periodical_impssorted_list: 1321490013,1059545685,100000164752579,1093746402,100000165125475list_availability: 2,2,3,2,2__user: 712879509__a: 1__dyn: 7n8ahyj35CFwXAw__req: 1fb_dtsg: AQD81QbAphstamp: 16581685649819865213
HTTP STATUS CODE
Range Definition Ref Link
1xx The request has been received and processing is continuing.
http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-21#section-7.2
2xx The request has been accepted, received and understood.
http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-21#section-7.3
3xx Further action is required to complete the request.
http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-21#section-7.4
4xx The request is invalid and cannot be completed.
http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-21#section-7.5
5xx he server has failed trying to complete the request
http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-21#section-7.6
HTTP MEDIA FORMATS
JSON
XML
Form Data
Image
Others https://en.wikipedia.org/wiki/Internet_media_type
JSON (JAVASCRIPT OBJECT NOTATION)
Open standard
Text Based format
Lightweight than XML
Human readable
Derived from JavaScript object
Content Type = application/json
Extension *.json
JSON (JAVASCRIPT OBJECT NOTATION)
JavaScript object
JSON
var customer = { fullname : “PeeMark PraKhaNhong”, age : 500 , contacts : [ { mobileno: “025329000”, email : “[email protected]” } ] }
{ “fullname” : “PeeMark PraKhaNhong”, “age” : 500 , “contacts” : [ { “mobileno”: “025329000”, “email” : “[email protected]” } ] }
XML (EXTENSIBLE MARKUP LANGUAGE)
Unicode Support
Human and Machine Readable
Markup language like HTML <name>…</name>
Content Type = text/xml, application/xml text/xml if not specified encode will use ASCII is default application/xml used encode in document
<Person> <FullName>PeeMark PraKhaNhong</FullName> <Age>500</Age> <Contacts> <Contact MobileNo=“025329000” Email= “[email protected]” ></Contact> </Contacts></Person>
FORM DATA
Content-Type : application/x-www-form-urlencoded
Send by Form Submit
Format as Url Encode
Encoded : FullName=PeeMark%20PraKhaNhong&Age=500&MobileNo=025329000&Email=mark%40gmail.com
Decoded:FullName=PeeMark PraKhaNhong&Age=500&MobileNo=025329000&[email protected]
ASP.NET WEB API INTRODUCE
WHAT’S ASP.NET WEB API
HTTP Service
Service based on HTTP Protocol GET, POST, PUT, DELETE
No Proxy Class for client
Support Data Format : Form Data, JSON, XML and Custom
Support all clients are based on HTTP
Combine ASP.NET
WHY ASP.NET WEB API?
If we need a Web Service and don’t need SOAP, then ASP.Net Web API is very useful.
Web API - Used to build simple, non-SOAP-based HTTP Services on top of existing WCF message pipeline.
Web API - No need for configurable like WCF REST services
Web API - No need for Data contracts
Web API - Could create fully blown REST Services
Simple service creation with Web API.
Web API is focused at one thing, being easy to define and expose and consume, while also facilitating doing things in a RESTful way.
Web API is light weight architecture.
CLIENTS
WEB SERVICE TECHNOLOGY COMPARISON
Abilities ASP.NET WEB API WCF
Transport Channel HTTP(s) TCP, UDP, MSMQ, NamedPipes, HTTP(s), Custom
Protocol HTTP WS-*
Types CLR Types DataContract
Message format Text (xml, json) SOAP+XML
Service Interface HttpMethod, UrlPattern Service Contract
State management Stateless Stateless with per call
Cache Built-n to HTTP Prefer application control
Handled by application
Error Handling Exceptions, HTTP Status codes filters
Faults, Behaviors
Hosting IIS, Self Host IIS, Self Host
Client IApiExplorerShared Libraries
Proxy ClassShared Libraries
WCF => ASP.NET WEB API
WCF Web API ASP.NET Web API
Service => Web API controller
Operation => Action
Service contract => n/a
Endpoint => n/a
URI Template => ASP.NET Routing
Message handlers => Same
Formatters => Same
Operation handlers => Filters, model binders
LAB1BASIC ASP.NET WEB API
ASP.NET WEB API
LAB1BASICS
HTTP METHOD
HTTP MESSAGE
ROUTE
HTTP METHODS
Test the API from JavaScript client
HTTP MESSAGE
Request : HttpRequestMessage : represent for http request message information
Response HttpResponseMessage : return data and managed http header
information Object/Value : return data and when error will throw the exception. HttpResponseException : Http response message with 404(default)
HTTP MESSAGE
Open fiddler and click Composer Tab
1. GET http://localhost:7415/api/HttpMessages and Execute
2. route to GetAll() action
3. Test other method Get/Id, Post, Put, Delete
ROUTE
Like MVC App
Default route is api/{controller}/{id}
Add action to route like a MVC App api/{controller}/{action}/{id}
Force Action name with [ActionName(“name”)] to support {action}
LAB2PIPELINE PROCESS
Message handler
PIPELINE PROCESS
Message Handler is pre-post processing for Http Request and Response
Changing the request HTTP method
Adding a response header
Logging, Tracing
PIPELINE PROCESS TEST
LAB3FORMATTER AND MODEL BINDING
ASP.NET WEB API
FORMATTER AND MODEL BINDING
URI => ModelBinder, ValueBinder
Entity-Body => Formatter
URI, HEADER, Entity-body => custom format
TEST MODELBINDER
TEST MODEL VALIDATE
LAB4ODATA
ASP.NET WEB API
ODATA OPTION QUERY
Option Description
$filter Filters the results, based on a Boolean condition.
$inlinecount Tells the server to include the total count of matching entities in the response. (Useful for server-side paging.)
$orderby Sorts the results.
$skip Skips the first n results.
$top Returns only the first n the results.
ODATA QUERY TEST
http://localhost:24556/api/meetings
http://localhost:24556/api/meetings?$filter=Leader%20eq%20%27Mark%20Nichols%27 (Leader eq ‘Mark Nichols’)
http://localhost:24556/api/meetings?$top=2
http://localhost:24556/api/meetings?$filter=MeetingDate%20eq%20datetime%272013-01-17%27 MeetingDate eq datetime’2013-01-17′
ODATA QUERY RESULT
LAB6ASYNC OPERATION
ASP.NET WEB API
ASYNC IN WEB API
async = Asynchronous in easy way
async requires await
async support in .NET 4.5 only
.NET 4.5 provides a lot of new asynchronous methods
ASYNC RESULT
LAB7SECURITY
Token Validation
AUTHENTICATION SECURITY
SSL
All of IIS authentications
OAuth2.0
OpenID
Certificate’s Client Request
FormAuthentication
BASIC AUTHENTICATION SECURITY
Easy solution for internet application SSL + Basic Authentication + ASP.NET MembershipProvider
Pros Easy
Cons Username/Password encode to based 64
BASIC AUTHENTICATION SECURITY
TOKEN VALIDATION
Token Validation = AntiForgery
DEMO TOKEN VALIDATION
LAB7PERFORMANCE IMPOVEMENT
Message Compression
HiPerf JavaScript Serializer
MESSAGE COMPRESSION
You can enable this feature in IIS7 or later
HI-PERFORMANCE JAVASCRIPT SERIALIZER
ServiceStack.Text is best of faster javascriptserializer
Create our new Custom Json Formatter and replace old
HI-PERFORMANCE JAVASCRIPT SERIALIZER
CONCLUSION
New way for WEB Service based on HTTP
Best the way for HTTP Service
Support all of the HTTP Clients
Extensibility, we able to customize all of the modules
Closely with ASP.NET MVC
It’s OPENSOURCE http://aspnetwebstack.codeplex.com/
Official site http://www.asp.net/web-api
THANK YOU
REAL WORLD IMPLEMENTATION BY
CASE STUDYASP.NET WEB API Advanced course II
soon…