Upgrade to Pro — share decks privately, control downloads, hide ads and more …

REST - Valtech

REST - Valtech

Presentation on REST given at Valtech Stockholm.

Approx 60 minutes.

Mårten Gustafson

March 09, 2012
Tweet

More Decks by Mårten Gustafson

Other Decks in Programming

Transcript

  1. (my DARK and shameful PAST) * 4 years of: **

    IBM WebSphere ** ESB ** SOAP/WSDL ** Enterprisey * REST vs SOAP vs HTTP vs JMS vs WMQ vs PUB/SUB vs EDA vs HA vs D/R
  2. GET PUT POST DELETE - list all foo - 501

    - create a new foo - 501 a/b/c/foo
  3. GET PUT POST DELETE - details of {id} - update

    the {id} - 501 - delete the {id} a/b/c/foo/{id}
  4. safe idempotent unsafe OPTIONS X (x) GET X (x) HEAD

    X (x) POST X PUT X X DELETE X X TRACE X (x) CONNECT
  5. ETag * The most overlooked HTTP header in API design?

    Allows concurrency control * if-match: “<etag>” * if-none-match: “<etag>” * 304 not modified * version number
  6. VARY * Tell clients/caches which headers that forms the response

    (ie what’s the cache-combo) * ie: Vary: Accept ( /foo/bar vs /foo/bar : XML vs JSON)
  7. CLIENTS PROXIES SERVERS LOAD BALANCERS * will all understand and

    act accordingly * in addition cool modern software does HTTP/REST out-of-the-box (CouchDB, Riak)
  8. URLs * What will your URL scheme look like *

    How will it evolve * Identify natural points of extension/evolution
  9. DNS * This is part of your URL * Think

    about partitioning (subdomains) * Think about future transition, separation, isolation * Does Wildcard DNS make sense to you?
  10. SECURITY * HTTPS + basic auth (one stop shop) *

    API auth (client certificates, OAuth) * SSL cookies
  11. CONTRACTS * What do we promise our clients? * Read

    these: - http://martinfowler.com/bliki/TolerantReader.html - http://martinfowler.com/articles/consumerDrivenContracts.html
  12. SCHEMAS * Good for automated testing * If you give

    them away, assume people will generate proxies (and depend on serialized form) * Consider not providing any (or model them loose, xs:any etc - I’m not sure it’s a good idea)
  13. GUARANTEES * Fields annotated with “#userid” will have the following

    form * Attributes named “email” will conform standard X * This document contains one, and only one field annotated “#id”, which is the unique id for Y
  14. ?