Embed Size (px)
Citation preview
RESTful ArchBenjamin Tan
1
about
• Benjamin Tan
• @tanbamboo
• github.com/tanbamboo
2
agenda• Lesson 1
• what?
• why?
• Lesson 2
• how?
• how? in Java(using JAX-RS)
• Lesson 3
• good practice? bad practice?
• more?
3
what?
• what is REST? what is RESTful arch?
4
what?
• Representational state transfer (REST) is a style of software architecture for distributed systems such as the World Wide Web. REST has emerged as a predominant web API design model.
• Representational State Transfer REST Roy Fielding2000
5
the Author of REST
• Fielding HTTP 1.01.1 Apache
Apache
•
• REST
6
REST Triangle
• /nouns
• /verbs
• /content types
7
/Resources• REST " " " "
" " Resources " "
• " "
•
• URIURI
• URI URI
8
• HTTP
• GET
• POST
• PUT
• DELETE
• HEAD OPTIONS CONNECTTRACE
9
/Representation• " "
• " " " //Representation"
• txt HTMLXML JSON
JPG PNG
• URI
10
key goals
• Scalability of component interactions
• Generality of interfaces
• Independent deployment of components
• Intermediary components to reduce latency, enforce security and encapsulate legacy systems
11
Constraints
• Client–server
• Stateless
• Cacheable
• Layered system
• Code on demand (optional)
• Uniform interface
12
• REST REST HTTPURI XML HTML
• URI
•HTTP GET POST PUT DELETE
•• XML HTML
web web
13
REST
• HTTP
••
• REST
14
HATEOAS
•
15
REST Data Elements
• Resource - the intended conceptual target of a hypertext reference
• Resource identifier – URL, URN
• Representation – HTML document, JPEG image
• Representation metadata – media type, last-modified time
• Resource metadata – source link, alternates, vary
• Control data – if-modified-since, cache-control
16
REST Connectors
• Client - libwww, libwww-perl
• Server - libwww, Apache API, NSAPI
• Cache - browser cache, Akamai cache network
• Resolver - bind (DNS lookup library)
• Tunnel - SOCKS, SSL after HTTP CONNECT
17
REST Components
• User Agent – Netscape Navigator, Lynx, MOMspider
• Origin Server – Apache httpd, Microsoft IIS
• Gateway - Squid, CGI, Reverse Proxy
• Proxy - CERN Proxy, Netscape Proxy, Gauntlet
18
why?
19
style design
20
REST• Cache
•
•• HTTP REST
••
21
network application style
• / (MQ WebSocket)
• (P2P ZooKeeper)
• /
22
•
• The PUT and DELETE methods are idempotent methods.
• The GET method is a safe method (or nullipotent), meaning that calling it
23
Samples broken Idempotent
• WebScan
• Robot
• http://stackoverflow.com/questions/10519064/why-is-using-a-http-get-to-update-state-on-the-server-in-a-restful-call-incorrec
24
RESTful & Cloud
•• RESTful API
• AWS API
• Twitter API
• http://www.infoq.com/news/2011/01/rest-cloud
25
RESTful & SOA
26
RESTful & RIA
•• RIA+REST
REST
27
RESTful & Mobile
28
Open Question?
• RESTful WAF?
• RESTful LB ?
• RESTful CDN?
29
the philosophy of design
•
30
how?
31
Guiding principles of the interface
• The uniform interface that any REST interface must provide is considered fundamental to the design of any REST service.
• Identification of resources
• Individual resources are identified in requests, for example using URIs in web-based REST systems. The resources themselves are conceptually separate from the representations that are returned to the client. For example, the server does not send its database, but rather, perhaps, some HTML, XML or JSON that represents some database records expressed, for instance, in Swahili and encoded in UTF-8, depending on the details of the request and the server implementation.
• Manipulation of resources through these representations
• When a client holds a representation of a resource, including any metadata attached, it has enough information to modify or delete the resource on the server, provided it has permission to do so.
• Self-descriptive messages
• Each message includes enough information to describe how to process the message. For example, which parser to invoke may be specified by an Internet media type (previously known as a MIME type). Responses also explicitly indicate their cacheability.[1]
• Hypermedia as the engine of application state (aka HATEOAS)
• Clients make state transitions only through actions that are dynamically identified within hypermedia by the server (e.g., by hyperlinks within hypertext). Except for simple fixed entry points to the application, a client does not assume that any particular action is available for any particular resources beyond those described in representations previously received from the server.
32
RESTful
•• Resource-based vs. Action-based
••
33
HTTP
34
35
Cache
• Proxy
• Expires Cache-Control
• Last-Modified ETag
• 304 (Not Modified)
36
in one stentence
• REST is everywhere. It is the part of the web that makes it work well. If you want to build distributed applications that can scale like the web, be resilient to change like the web and promote re-use as the web has done, then follow the same rules they did when building web browsers.
• http://stackoverflow.com/questions/1368014/why-do-we-need-restful-web-services
37
Good Practices
• Map your API model to the way your data is consumed, not your data/object model.
• Meaningful error messages help a lot.
• Providing solid API documentation reduces need for external help.
• Use an appropriate security APIs.
38
bad practices
• Chatty APIs suck.
• Returning HTML in response.
• Failing to realize that a 4xx error means I messed up and a 5xx means you messed up
• Side-effects to 500 errors are evil.
• http://broadcast.oreilly.com/2011/06/the-
39
how? in Java (using JAX-RS)
40
JAX-RS
• JSR 311: JAX-RS: The Java API for RESTful Web Services
• Java EE 6 JSR-311 JSR-311 Java
REST
• JSR 339: JAX-RS 2.0
• Java EE 7 with JAX-RS 2.0 brings several useful features, which further simplify development and lead to the creation of even more-sophisticated, but lean, Java SE/EE RESTful applications.
41
JAX-RS API<dependency>
<groupId>javax.ws.rs</groupId>
<artifactId>javax.ws.rs-api</artifactId>
<version>2.0</version>
</dependency>
<dependency>
<groupId>javax.ws.rs</groupId>
<artifactId>jsr311-api</artifactId>
<version>1.1.1</version>
</dependency>
42
JAX-RS
• @POST @GET @PUT @DELETE 4 HTTP
• @Path
43
JAX-RS
• JAX-RS Resource @PathParam @MatrixParam @QueryParam@FormParam @HeaderParam@CookieParam @DefaultValue @Encoded
• @PathParam @Path
44
JAX-RS• Web
Content Negotiation
• Resource @Produces MIME @Consumes
• Accept Content-Type
• JAX-RS MessageBodyReader MessageBodyWriter
XML / Java JAXB
• @Provider MessageBodyProvider
45
JAX-RS
• Spring @MVC
• Restlet
47
how? other languages• Rails(ruby)
• Sinatra(ruby)
• Tornado Web(python)
• Django REST(python)
• spray(scala)
• More RESTful frameworks:
• https://code.google.com/p/implementing-rest/wiki/RESTFrameworks
48
more?
49
• HTTP
WebSockets REST
• REST
• SSL/TLS REST WS-Sec*
REST SSLREST REST
• REST QoS“ ”
50
API versioning
• API REST
51
POST
• post
•
52
reference 11.http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm
2.http://www.redsaga.com/opendoc/REST_cn.pdf
3.https://en.wikipedia.org/wiki/REST
4.https://zh.wikipedia.org/wiki/REST
5.http://www.w3.org/Protocols/rfc2616/rfc2616.html
6.http://www.infoq.com/cn/rest
7.http://www.infoq.com/cn/minibooks/restful-web-services-cookbook-cn
8.https://jax-rs-spec.java.net/
9.http://jcp.org/en/jsr/detail?id=339
10.https://zh.wikipedia.org/wiki/JAX-RS
11.http://www.ibm.com/developerworks/cn/java/j-lo-jaxrs/
12.https://jersey.java.net/
13.http://www.slideshare.net/landlessness/teach-a-dog-to-rest
53
reference 21.http://www.jboss.org/resteasy
2.http://blog.springsource.org/2009/03/08/rest-in-spring-3-mvc/
3.http://restlet.org/
4.http://www.infoq.com/cn/news/2008/10/jaxrs-comparison
5.http://www.infoq.com/news/2013/05/rest-drawbacks
6.http://www.infoq.com/cn/news/2013/06/rest-drawbacks
7.http://www.infoq.com/cn/articles/webber-rest-workflow
8.http://restfulobjects.org/
9.http://www.infoq.com/cn/interviews/robinson-webber-rest-cn
10.http://aws.amazon.com/cn/s3/
11.http://tools.ietf.org/html/rfc2046
12.http://www.iana.org/assignments/media-types
13.http://blog.toright.com/archives/725
54
