2. Overview
1. RESTful Drupal: the building blocks
2. Setting up a Drupal REST web server
3. Verbalizing REST
4. Resource plugins
3. 1. RESTful Drupal
• Drupal 8 REST out of the box:
• RESTful web services module
• Serialization
• HAL module: Hypertext Application
Language
• HTTP basic authentication
7. 2. Setting up a Drupal
REST WS
• Enable modules
• Configuration: generated
sites/default/files/config_XXXX/active/rest.settings.yml
• Set permissions
• Helper module: REST UI
https://drupal.org/project/restui
8. 3. Verbalizing REST
• Resources and operations
• Authentication and access control
• Example requests
9. 3.1 Resources and
operations
• Resource: the data structure that the
service is acting on (e.g. an entity)
• Operation: the specific action (HTTP
method)
11. 3.1 Plug and use
• Entity API with field metadata
• All properties and fields of an entity are described
• Any available entity can have REST API support
enabled
• Each entity plugin has its own plugin
• Access control enforced:
• on the entity level
• on the field level
12. 3.2 Authentication and
access control
• Handler by HTTP Basic Auth module
• AuthenticationProviderInterface in Drupal core
• Pluggable authentication providers:
• Standard Drupal session cookie (Drupal core)
• Basic HTTP Authentication (Drupal core)
• OAuth (Contrib)
• Provides user permissions to authorize web service
operations
• Each resource plugin provides own supplementary access
control (example: entity and field access in the entity plugin)
13. 3.3 Example requests
• GET entity/node/1
• CSRF tokens: GET rest/session/token
• POST entity/node
• PATCH entity/node
14. 4. Resource plugins
• Based on Drupal 8 plugin API
• Default plugin exposes all entities
• Contributed modules can override/
extend/provide plugins
• Example: dblog plugin