Upload
benjamin-tan
View
372
Download
2
Embed Size (px)
Citation preview
agenda• Lesson 1
• what?
• why?
• Lesson 2
• how?
• how? in Java(using JAX-RS)
• Lesson 3
• good practice? bad practice?
• more?
3
what?
• Representational state transfer (REST) is a style of software architecture for distributed systems such as the World Wide Web. REST has emerged as a predominant web API design model.
• Representational State Transfer REST Roy Fielding2000
5
key goals
• Scalability of component interactions
• Generality of interfaces
• Independent deployment of components
• Intermediary components to reduce latency, enforce security and encapsulate legacy systems
11
Constraints
• Client–server
• Stateless
• Cacheable
• Layered system
• Code on demand (optional)
• Uniform interface
12
• REST REST HTTPURI XML HTML
• URI
•HTTP GET POST PUT DELETE
•• XML HTML
web web
13
REST Data Elements
• Resource - the intended conceptual target of a hypertext reference
• Resource identifier – URL, URN
• Representation – HTML document, JPEG image
• Representation metadata – media type, last-modified time
• Resource metadata – source link, alternates, vary
• Control data – if-modified-since, cache-control
16
REST Connectors
• Client - libwww, libwww-perl
• Server - libwww, Apache API, NSAPI
• Cache - browser cache, Akamai cache network
• Resolver - bind (DNS lookup library)
• Tunnel - SOCKS, SSL after HTTP CONNECT
17
REST Components
• User Agent – Netscape Navigator, Lynx, MOMspider
• Origin Server – Apache httpd, Microsoft IIS
• Gateway - Squid, CGI, Reverse Proxy
• Proxy - CERN Proxy, Netscape Proxy, Gauntlet
18
REST• Cache
•
•• HTTP REST
••
21
•
• The PUT and DELETE methods are idempotent methods.
• The GET method is a safe method (or nullipotent), meaning that calling it
23
Samples broken Idempotent
• WebScan
• Robot
• http://stackoverflow.com/questions/10519064/why-is-using-a-http-get-to-update-state-on-the-server-in-a-restful-call-incorrec
24
RESTful & Cloud
•• RESTful API
• AWS API
• Twitter API
• http://www.infoq.com/news/2011/01/rest-cloud
25
Guiding principles of the interface
• The uniform interface that any REST interface must provide is considered fundamental to the design of any REST service.
• Identification of resources
• Individual resources are identified in requests, for example using URIs in web-based REST systems. The resources themselves are conceptually separate from the representations that are returned to the client. For example, the server does not send its database, but rather, perhaps, some HTML, XML or JSON that represents some database records expressed, for instance, in Swahili and encoded in UTF-8, depending on the details of the request and the server implementation.
• Manipulation of resources through these representations
• When a client holds a representation of a resource, including any metadata attached, it has enough information to modify or delete the resource on the server, provided it has permission to do so.
• Self-descriptive messages
• Each message includes enough information to describe how to process the message. For example, which parser to invoke may be specified by an Internet media type (previously known as a MIME type). Responses also explicitly indicate their cacheability.[1]
• Hypermedia as the engine of application state (aka HATEOAS)
• Clients make state transitions only through actions that are dynamically identified within hypermedia by the server (e.g., by hyperlinks within hypertext). Except for simple fixed entry points to the application, a client does not assume that any particular action is available for any particular resources beyond those described in representations previously received from the server.
32
in one stentence
• REST is everywhere. It is the part of the web that makes it work well. If you want to build distributed applications that can scale like the web, be resilient to change like the web and promote re-use as the web has done, then follow the same rules they did when building web browsers.
• http://stackoverflow.com/questions/1368014/why-do-we-need-restful-web-services
37
Good Practices
• Map your API model to the way your data is consumed, not your data/object model.
• Meaningful error messages help a lot.
• Providing solid API documentation reduces need for external help.
• Use an appropriate security APIs.
38
bad practices
• Chatty APIs suck.
• Returning HTML in response.
• Failing to realize that a 4xx error means I messed up and a 5xx means you messed up
• Side-effects to 500 errors are evil.
• http://broadcast.oreilly.com/2011/06/the-
39
JAX-RS
• JSR 311: JAX-RS: The Java API for RESTful Web Services
• Java EE 6 JSR-311 JSR-311 Java
REST
• JSR 339: JAX-RS 2.0
• Java EE 7 with JAX-RS 2.0 brings several useful features, which further simplify development and lead to the creation of even more-sophisticated, but lean, Java SE/EE RESTful applications.
41
JAX-RS API<dependency>
<groupId>javax.ws.rs</groupId>
<artifactId>javax.ws.rs-api</artifactId>
<version>2.0</version>
</dependency>
<dependency>
<groupId>javax.ws.rs</groupId>
<artifactId>jsr311-api</artifactId>
<version>1.1.1</version>
</dependency>
42
JAX-RS
• JAX-RS Resource @PathParam @MatrixParam @QueryParam@FormParam @HeaderParam@CookieParam @DefaultValue @Encoded
• @PathParam @Path
44
JAX-RS• Web
Content Negotiation
• Resource @Produces MIME @Consumes
• Accept Content-Type
• JAX-RS MessageBodyReader MessageBodyWriter
XML / Java JAXB
• @Provider MessageBodyProvider
45
how? other languages• Rails(ruby)
• Sinatra(ruby)
• Tornado Web(python)
• Django REST(python)
• spray(scala)
• More RESTful frameworks:
• https://code.google.com/p/implementing-rest/wiki/RESTFrameworks
48
• HTTP
WebSockets REST
• REST
• SSL/TLS REST WS-Sec*
REST SSLREST REST
• REST QoS“ ”
50
reference 11.http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm
2.http://www.redsaga.com/opendoc/REST_cn.pdf
3.https://en.wikipedia.org/wiki/REST
4.https://zh.wikipedia.org/wiki/REST
5.http://www.w3.org/Protocols/rfc2616/rfc2616.html
6.http://www.infoq.com/cn/rest
7.http://www.infoq.com/cn/minibooks/restful-web-services-cookbook-cn
8.https://jax-rs-spec.java.net/
9.http://jcp.org/en/jsr/detail?id=339
10.https://zh.wikipedia.org/wiki/JAX-RS
11.http://www.ibm.com/developerworks/cn/java/j-lo-jaxrs/
12.https://jersey.java.net/
13.http://www.slideshare.net/landlessness/teach-a-dog-to-rest
53
reference 21.http://www.jboss.org/resteasy
2.http://blog.springsource.org/2009/03/08/rest-in-spring-3-mvc/
3.http://restlet.org/
4.http://www.infoq.com/cn/news/2008/10/jaxrs-comparison
5.http://www.infoq.com/news/2013/05/rest-drawbacks
6.http://www.infoq.com/cn/news/2013/06/rest-drawbacks
7.http://www.infoq.com/cn/articles/webber-rest-workflow
8.http://restfulobjects.org/
9.http://www.infoq.com/cn/interviews/robinson-webber-rest-cn
10.http://aws.amazon.com/cn/s3/
11.http://tools.ietf.org/html/rfc2046
12.http://www.iana.org/assignments/media-types
13.http://blog.toright.com/archives/725
54