Upload
kelly-wells
View
243
Download
1
Tags:
Embed Size (px)
Citation preview
OUTLINE
• What is an API?
• Why are API’s useful?
• What is HTTP? JSON? XML?
• What is a RESTful API?
• How do we consume an API?
• How do we create an API?
API’s are available from many large websites and businesses
WHAT IS AN API?
• API = Application Programming Interface
• You use API’s all the time. Scanner class Java
• Web API: A set of methods exposed over the web via HTTP to allow programmatic access to applications.
• Allows you to quickly add functionality/data that others have created.
• Very similar to how a web page works
WHY API’S ARE USEFUL
• Abstraction / DRY Principle
• Less data transfer
• Can be implemented or consumed in almost any language
• Can expose some methods to public developers
• Allows frontend developers and backend developers to agree on a common interface
HTTP, JSON, XML
• Three important technologies that are often used by API’s
• HTTP: Hyper text transfer protocol, transfers data over a network
• GET : Read
• POST : Create
• PUT : Update
• PATCH : Partial Update
• DELETE : Delete
• JSON: JavaScript Object Notation, a format for data transfer
• {“key”: “value”, “key2”:{“subkey”: 2, “error”: false}}
• XML: EXtensible Markup Language: a format for data transfer
• Designed to be human and machine readable
<?PHP json_decode(‘{“key”:true}’); ?>
WHAT IS A RESTFUL API?• Uniform Interface
• Resources (Nouns) URI’s that HTTP Verbs act on. The uniform interface allows Client / Server to evolve independently.
• Stateless
• Ever have back button issues? Stateless does not care what order requests are made in.
• Cacheable
• Client-Server
• Separation, client should not manage database, server should not manage UI.
• Layered System
• Can uses layered system, cache, middle ware, load balancing, redundancy etc.
https://api.example.com/v1/resource/identifier/relation?filtersortParams=value GitHub's API lets you star a gist with PUT /gists/:id/star and unstar with DELETE /gists/:id/star.
HOW TO CONSUME AN API
• Firefox: RESTClient
• Chrome: Postman
• Online: https://www.hurl.it/
• Examples:
• http://nflarrest.com/api/v1/team
• http://buscentral.herokuapp.com/suggestions POST (Feedback, message) or GET
• https://www.youtube.com/watch?v=suHY8dLKzCU
HOW DO DESIGN AN API• Gather requirements from stakeholders
• Create use cases, and decide the functionality needed
• Think skeptically, make sure you explore your options
• Think ahead, make a flexible system
• Easy To learn and use, even without documentation
• Hard to misuse
• Easy to read and maintain code that uses it
• Sufficiently powerful to satisfy requirements and Appropriate to audience
• Easy to evolve (Use arrays for example)
Rules for a good API
CREATING A SIMPLE API
• You can use any hostable language with a HTTP library (Almost all of them)
• Decide your resources, then decide the verbs.
• Useful to wireframe the UI at this stage
• Connect to persistent data store
• Remember the principles of REST
• Example in Node.JS: https://github.com/PatrickMurphy/VoteSmart
ADVANCED TOPICS
• Use API Keys• pass as a parameter
• Rate Limiting
• Headers
• X-Rate-Limit-Limit - The number of allowed requests in the current period
• X-Rate-Limit-Remaining - The number of remaining requests in the current period
• X-Rate-Limit-Reset - The number of seconds left in the current period
• Authentication
• A REST API should be stateless, send auth with every request
• Use ssl, send auth username and base64 password over authentication header
• Caching
• HTTP Provides this!
• Last-Modified header
• Etag header, hash or checksum, If-None-Match: “etag”
• Errors• { "code" : 1234, "message" : "Something bad happened :
(", "description" : "More details about the error here" }
• Send HTTP Status 400 level• 401 unauthorized
• 403 forbidden
• 404 not found
• 405 method not allowed
• 410 gone (depreciated)
• 422 Unprocessable entity (validation)
• 429 Too many requests (Rate limit)