rest in a nutshell 2014_05_27
DESCRIPTION
See some quick patterns and anti-patterns for RESTful web services.TRANSCRIPT
![Page 1: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/1.jpg)
REST in a Nutshell
By Derrick Isaacson
![Page 2: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/2.jpg)
Can I get that
without the bacon?
Said no one ever
http://www.food.com/photo-finder/all/bacon?photog=1072593
![Page 3: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/3.jpg)
http://baconipsum.com/?paras=1&type=all-meat&start-with-lorem=1
![Page 4: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/4.jpg)
http://www.someecards.com/usercards/viewcard/MjAxMi03YWZiMjJiMTg3NDFhYTUy
![Page 5: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/5.jpg)
Simplicity of Single Component Services
• I can’t remember if that getter function takes 100ns or 100ms. - Said no engineer ever• Should I try to model this server request as a “remote procedure call”?• 6 orders of magnitude difference!
•My front-side bus fails for only 1 second every 17 minutes! - Said no engineer ever• 99.9% availability
•Our internet only supports .NET. - Said no engineer ever• Do we need an SDK?
![Page 6: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/6.jpg)
"A distributed system is at best a necessary evil, evil because of the extra complexity...An application is rarely, if ever, intrinsically distributed. Distribution is just the lesser of the many evils, or perhaps better put, a sensible engineering decision given the trade-offs involved."
-David Cheriton, Distributed Systems Lecture Notes, ch. 1
![Page 7: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/7.jpg)
Distributed System ArchitecturesDoes it have to be “Service-oriented”?
![Page 8: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/8.jpg)
http://upload.wikimedia.org/wikipedia/commons/d/da/KL_CoreMemory.jpg
Distributed Memory
![Page 9: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/9.jpg)
RPC
<I’m> <not> <making> <a> <service> <request>
<I’m> <just> <calling> <a> <procedure>
![Page 10: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/10.jpg)
Distributed File System
mount -t nfs -o proto=tcp,port=2049 nfs-server:/ /mnt
![Page 11: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/11.jpg)
Distributed Data Stores
• Replated MySQL• Mongo• S3• RDS• BigTable• Cassandra…
![Page 12: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/12.jpg)
P2P
![Page 13: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/13.jpg)
Streaming Media
![Page 14: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/14.jpg)
The hourglass model
![Page 15: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/15.jpg)
“There is no magic dust that makes an HTTP request a web
service request.”
-Leonard Richardson & Sam Ruby, RESTful Web Services
![Page 16: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/16.jpg)
Representational State TransferAn Observation by Roy Fielding
![Page 17: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/17.jpg)
![Page 18: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/18.jpg)
Which Architectures Featured…
1. Low entry-barrier2. High performance in the face of distributed
state3. Huge (Internet) scale4. Extensibility/evolvability (backwards
compatibility)
![Page 19: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/19.jpg)
Uniform Interface
1. Uniform identification of resources2. Uniform resource manipulation3. Representation separate from the identity4. Hypermedia as the engine of application state5. Self-descriptive messages
![Page 20: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/20.jpg)
HTTP Request
![Page 21: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/21.jpg)
HTTP Response
![Page 22: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/22.jpg)
URI Anti-patterns
•http://example.com/foo/addBar•http://example.com/foo/bar?auth=123abc•http://example.com/foo/current•http://example.com/a.12@b1oc
![Page 23: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/23.jpg)
Hypermedia
GET /users/123
What would Roy say about this design?
roy.gbiv.com
{
id : "123",
name : "John Smith",
phone : "303-404-5050",
email : "[email protected]",
photo : "YWZzYSAyMzR2NQzJ2dzLmZhc20uLC8uLA==",
groups : [
{
name: "Super Friends"
members: [
...
]
}
],
books : [
{
name : "RESTful Web Services",
description : "Fun times",
publishDate : "2013-01-01 13:05:06"
},
...
]
}
![Page 24: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/24.jpg)
Hypermedia{
id : "123",
name : "John Smith",
phone : "303-404-5050",
email : "[email protected]",
photo : "YWZzYSAyMzR2NQzJ2dzLmZhc20uLC8uLA==",
groups : [
{
name: "Super Friends"
members: [
...
]
}
],
books : [
{
name : "RESTful Web Services",
description : "Fun times",
publishDate : "2013-01-01 13:05:06"
},
...
]
}
{
id : "http://example.com/users/123",
name : "John Smith",
phone : "303-404-5050",
email : "[email protected]",
photo : "http://flickr.com/photos/12345",
groups : [
"http://facebook.com/groups/abc",
...
],
books : [
"http://goodreads.com/books/4567",
"http://example.com/manuscripts/123",
...
]
}
![Page 25: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/25.jpg)
SDK Anti-pattern
Where's my SDK?
"A REST API should spend almost all of its descriptive effort in defining the media type(s) used for representing resources and driving application state... [Failure here implies that out-of-band information is driving interaction instead of hypertext.]" - Roy Fielding
![Page 26: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/26.jpg)
Casserole Anti-patternPOST /groups HTTP/1.1
Content-Length: 1234
ObjectType: json
{
method : "UPDATE",
id : "123"
authToken : "abc123",
object : {
group : {
...
}
}
}
HTTP/1.1 500 Internal Server Error
Content-Length: 456
{
cacheTime : 0,
status : "authorization failed"
}
![Page 27: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/27.jpg)
Uniform Interface:Methods
Method Safe Idempotent
OPTIONS
GET
HEAD
POST
PUT
DELETE
TRACE
PATCH
CONNECT*
* Reserved for use of SSL tunneling
![Page 28: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/28.jpg)
GET /service/customers/123 HTTP 1.1
Host: example.com
User-Agent: XYZ 1.1
Accept: text/html, application/xhtml+xml,application/xml
Keep-Alive: 300
Connection: keep-alive
If-Modified-Since: Fri, 02 Oct 2013 16:47:31 GMT
If-None-Match: "600028c-59fb-474f6852c9dab"
Cache-Control: max-age=60
HTTP/1.1 200 OK
Date: Sun, 04 Oct 2013 19:36:25 GMT
Server: Apache/2.2.11 (Debian)
Last-Modified:Fri, 02 Oct 2013 16:48:39 GMT
Etag: "600028c-59fb-474f6852c9dab"
Cache-Control: max-age=300
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7160
Keep-Alive: timeout=15,max=91
Connection: Keep-Alive
Content-Type: application/xml
Uniform Interface:Headers(self-descriptive messages)
![Page 29: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/29.jpg)
My pizza has too
much cheese and
toppings
Said no one ever
http://upload.wikimedia.org/wikipedia/commons/6/60/Pizza_Hut_Meat_Lover's_pizza_3.JPG
![Page 30: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/30.jpg)
GET /service/customers/123 HTTP 1.1
Host: example.com
User-Agent: XYZ 1.1
Accept: text/html, application/xhtml+xml,application/xml
Keep-Alive: 300
Connection: keep-alive
If-Modified-Since: Fri, 02 Oct 2013 16:47:31 GMT
If-None-Match: "600028c-59fb-474f6852c9dab"
Cache-Control: max-age=60
HTTP/1.1 200 OK
Date: Sun, 04 Oct 2013 19:36:25 GMT
Server: Apache/2.2.11 (Debian)
Last-Modified:Fri, 02 Oct 2013 16:48:39 GMT
Etag: "600028c-59fb-474f6852c9dab"
Cache-Control: max-age=300
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7160
Keep-Alive: timeout=15,max=91
Connection: Keep-Alive
Content-Type: application/xml
My message is
too self-descriptive
Said no one ever
![Page 31: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/31.jpg)
Uniform Interface:Status
Status-Code Reason-Phrase
200 OK
201 Created
202 Accepted
301 Moved Permanently
400 Bad Request
403 Forbidden
404 Not Found
405 Method Not Allowed
500 Internal Server Error
![Page 32: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/32.jpg)
Uniform Interface: Error Codes
• 400s vs 500s• Safe to retry?• Cacheable (if no Cache-Control header present)?• Does the client need to modify the request?
![Page 33: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/33.jpg)
Inaccurate Status Codes
HTTP/1.1 200 OK
{ error: true}
![Page 34: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/34.jpg)
Uniform Interface: Content-Type Negotiation
Request header: AcceptContent-Types accepted by client
Accept: text/*, text/html, text/x-vcard, application/json
More specific types take precedence.
Server responds with 406 Not Acceptable if it does not support the requested media type(s).
Server responds with 415 Unsupported Media Type if it does not support the request entity’s media type.
![Page 35: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/35.jpg)
Uniform Interface: Authentication
How does a server prevent unauthorized access?1.Authorization: Fooauth abc123=
2.Authentication-Info: mytype
RFC 2617Over-engineered narrowly-defined mumbo jumbo?
![Page 36: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/36.jpg)
“The central feature that distinguishes the REST architectural style from other network-based styles is its emphasis on a uniform interface between components.”
![Page 37: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/37.jpg)
![Page 38: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/38.jpg)
“WOWMy system has
too muchuniformity,
loose coupling, and
performance.”
-said no one ever
![Page 39: Rest in a Nutshell 2014_05_27](https://reader035.vdocuments.site/reader035/viewer/2022062405/554f6e1cb4c905bb178b4fd4/html5/thumbnails/39.jpg)
Questions?
golucid.co
http://www.slideshare.net/DerrickIsaacson