SlideShare une entreprise Scribd logo

Web Api 2.X - Lattanzi

Codemotion
Codemotion

Slides from Ugo Lattanzi talk @ codemotion roma 2014

Technologie
1  sur  46
Télécharger pour lire hors ligne
WEB API 2.X What’s new and ….. Ugo Lattanzi Head of Technolgies @ Gaia Microsoft MVP, MCP Twitter: @imperugo Blog (en): http://tostring.it Blog (it): http://imperugo.tostring.it E-mail: imperugo@gmail.com
Agenda • Who am I? • What’s ASP.NET Web API? • What’s a RESTfull service?; • Routing old and new; • Global Error Handling; • Help Page; • CORS; • BSON serialization; • Ignore route; • …. caching;
WHO AM I?
Who am I? • Head of Technologies at Gaia (www.gaia.is.it); • Microsoft MVP (ASP.NET / ISS); • Speaker / Trainer; • Book / Article author; • “Opensourcer”; • Github lover; • Everything about Web Dev;
Important message We are looking for some good (and crazy) guys to join our team. Contact me – imperugo@gmail.com
What’s ASP.NET Web API?
Web API and REST • When you speak about Web API, probably you should know REST, but was doesn it mean? • RESTfull= REpresentational State Transfer
RESTfull what????
Web API and REST It is not a WebService (SOAP), a patter or a protocol, but is a style of software architecture for distributed systems such as the World Wide Web
Web API and REST ASP.NET Web API is a framework (FW 4.x) for processing data and returning data, tipically in json or xml (RESTful services); It seems MVC but is not and, if you need both, use both.
What is similar to MVC? • Released with NuGet; • Routing; • Controllers and Actions; • Filters; • ModelBindings; • Dependency Injection;
What is different from MVC? • Dispatching (based on http verbs); • Formatters; • Async everywhere; • Self host (no need IIS); • Content negotiation; • Everything is under System.Web.Http;
RESTfull • Stateless architecture based on HTTP; • Each url is a resources (no transaction between two requests); • Base on HTTP Verbs (GET, POST, PUT, DELETE); • The status of the response is based on HTTP Status code (401, 200, 404 and so on);
DEMO
ROUTING
Attribute Routing Allows you to override the default routing for a single action/controller; /customers/1/orders /api/v1/products /api/v2/products Good Article: http://bit.ly/1dwdc2D
GLOBAL ERROR HANDLING
Global error handling (the problem) There’s no easy way in Web API to log or handle errors globally (prev v2.x); I.E.: • Exceptions thrown from controller constructors • Exceptions thrown from message handlers • Exceptions thrown during routing • Exceptions thrown during response content serialization Good Article: http://bit.ly/1eiUvBB
Global error handling (the solution) WEB API (2.x) provides two new user-replaceable services, IExceptionLogger and IExceptionHandler, to log and handle unhandled exceptions. The services are very similar, with two main differences:
Global error handling (the solution)
Global error handling (CatchBlock)
DOCUMENTATION
There is a specific endpoint to call
API Documentation (thx to @shanselman for that slide)
Is there someone who want to write the API Documentation? (thx to @shanselman for that slide)
Help Page • “Automatic” API Documentation; • Base on MVC (all via nuget); • Template on top of Bootstrap • Support validation attributes; • Code comments; • Support complex types also for GET Methods (new); • Support for Enums;
Help Page (Document your code)
Help Page (Enable the XML output)
Help Page (Specify the documentation file)
Do you know postman?
CORS
CORS - Cross-Origin Resource Sharing - (the problem) By default it's not possible to make HTTP requests using Javascript from a source domain that is different from the called endpoint. For example, this means that it's not possible to call the URL http://mysite.com/api/myrestendpoint from a domain http://yoursite.com This limitation has been introduced for security reasons: in fact, without this protection, a malicious javascript code could get info from another site without noticing the user.
CORS (the problem)
CORS (the problem) Ok, but sometimes we need to do this. How can we do that? • JSONP is easy to use and it's supported by all browsers; the only problem is that the only HTTP VERB supported is GET, which has a limitation on the lenght of the string that can be passed as query parameter. • Otherwise, if you need to send lot of information we can't use this way, so the soulution could be to "proxy" the request locally and forward the data server side or to use CORS.
CORS (the solution) Basically CORS communication allow you to overtake the problem by defining some rules that makes the request more "secure". Of course the first thing we need is a browser that support CORS: fortunately all the latest browsers support it. Anyway, we have to consider that, looking at the real world, there are several clients that are still using Internet Explorer 8 which, among other things, doesn't support CORS.
CORS (the solution) http://caniuse.com/cors •Internet Explorer 10/11 •Chrome (all versions) •Firefox 3.5+ •Safari 4.x
CORS
CORS
CORS
CACHING
CACHING • Do you know the HTTP support caching? • Do we really need to use server side cache? • What I’ve to do in my code?
Caching How does it work? The client will ask the server if it has an updated copy of the resource by sending some information about the cached resources it holds using a request header called ETag If there are no updates, the server return 304 with an empty body, otherwise a 200 with the new data
Caching
Cache Cow It’s an open source library available on nuget (the source code is on github) that allows you to enable caching in you APIs; Support differents providers to store the cache (memcache, ravendb, azure caching, Redis and so on);
Cache cow
GRAZIE! Ugo Lattanzi Head of Technolgies @ Gaia Microsoft MVP, MCP Twitter: @imperugo Blog (en): http://tostring.it Blog (it): http://imperugo.tostring.it E-mail: imperugo@gmail.com

Recommandé

Codemotion Rome 2014
Codemotion Rome 2014Codemotion Rome 2014
Codemotion Rome 2014
Ugo Lattanzi
 
The Once And Future Script Loader (v3)
The Once And Future Script Loader (v3)The Once And Future Script Loader (v3)
The Once And Future Script Loader (v3)
Kyle Simpson
 
OWASP WebGoat and PANTERA Web Assessment Studio Project.
OWASP WebGoat and PANTERA Web Assessment Studio Project.OWASP WebGoat and PANTERA Web Assessment Studio Project.
OWASP WebGoat and PANTERA Web Assessment Studio Project.
Philippe Bogaerts
 
Websocket 101 in Python
Websocket 101 in PythonWebsocket 101 in Python
Websocket 101 in Python
Juti Noppornpitak
 
2019 PHP Serbia - Boosting your performance with Blackfire
2019 PHP Serbia - Boosting your performance with Blackfire2019 PHP Serbia - Boosting your performance with Blackfire
2019 PHP Serbia - Boosting your performance with Blackfire
Marko Mitranić
 
Flask
FlaskFlask
Flask
Glen Zangirolami
 
Cowboy rabbit-websockets
Cowboy rabbit-websocketsCowboy rabbit-websockets
Cowboy rabbit-websockets
Wade Mealing
 
SPDY
SPDY SPDY
SPDY
Rajeev Bharshetty
 

Recommandé

Codemotion Rome 2014
Codemotion Rome 2014Codemotion Rome 2014
Codemotion Rome 2014
Ugo Lattanzi
 
The Once And Future Script Loader (v3)
The Once And Future Script Loader (v3)The Once And Future Script Loader (v3)
The Once And Future Script Loader (v3)
Kyle Simpson
 
OWASP WebGoat and PANTERA Web Assessment Studio Project.
OWASP WebGoat and PANTERA Web Assessment Studio Project.OWASP WebGoat and PANTERA Web Assessment Studio Project.
OWASP WebGoat and PANTERA Web Assessment Studio Project.
Philippe Bogaerts
 
Websocket 101 in Python
Websocket 101 in PythonWebsocket 101 in Python
Websocket 101 in Python
Juti Noppornpitak
 
2019 PHP Serbia - Boosting your performance with Blackfire
2019 PHP Serbia - Boosting your performance with Blackfire2019 PHP Serbia - Boosting your performance with Blackfire
2019 PHP Serbia - Boosting your performance with Blackfire
Marko Mitranić
 
Flask
FlaskFlask
Flask
Glen Zangirolami
 
Cowboy rabbit-websockets
Cowboy rabbit-websocketsCowboy rabbit-websockets
Cowboy rabbit-websockets
Wade Mealing
 
SPDY
SPDY SPDY
SPDY
Rajeev Bharshetty
 
Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016
Ortus Solutions, Corp
 
Dave Orchard - Offline Web Apps with HTML5
Dave Orchard - Offline Web Apps with HTML5Dave Orchard - Offline Web Apps with HTML5
Dave Orchard - Offline Web Apps with HTML5
Web Directions
 
Web to App:作業系統革命 Firefox OS
Web to App:作業系統革命 Firefox OSWeb to App:作業系統革命 Firefox OS
Web to App:作業系統革命 Firefox OS
Veck Hsiao
 
10 common cf server challenges
10 common cf server challenges10 common cf server challenges
10 common cf server challenges
ColdFusionConference
 
AS
ASAS
AS
document007
 
Http2: why the web is upgrading? - bdx.io 2015
Http2: why the web is upgrading? - bdx.io 2015Http2: why the web is upgrading? - bdx.io 2015
Http2: why the web is upgrading? - bdx.io 2015
Quentin Adam
 
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystemI can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
Sidu Ponnappa
 
Saving Time By Testing With Jest
Saving Time By Testing With JestSaving Time By Testing With Jest
Saving Time By Testing With Jest
Ben McCormick
 
When you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the massesWhen you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the masses
Michele Orru
 
Building Desktop RIAs with JavaScript and PHP - ZendCon09
Building Desktop RIAs with JavaScript and PHP - ZendCon09Building Desktop RIAs with JavaScript and PHP - ZendCon09
Building Desktop RIAs with JavaScript and PHP - ZendCon09
funkatron
 
Watir
WatirWatir
Watir
Sai Venkat
 
Building iOS Apps With RubyMotion
Building iOS Apps With RubyMotionBuilding iOS Apps With RubyMotion
Building iOS Apps With RubyMotion
Raymond T Hightower
 
Phalcon Framework: San Antonio Web Developers Group
Phalcon Framework: San Antonio Web Developers Group Phalcon Framework: San Antonio Web Developers Group
Phalcon Framework: San Antonio Web Developers Group
jdfreeman11
 
Gatsby intro
Gatsby introGatsby intro
Gatsby intro
Ben McCormick
 
BeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-OrruBeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-Orru
Michele Orru
 
Don't screw it up! How to build durable API
Don't screw it up! How to build durable API Don't screw it up! How to build durable API
Don't screw it up! How to build durable API
Alessandro Cinelli (cirpo)
 
Same-origin Policy (SOP)
Same-origin Policy (SOP)Same-origin Policy (SOP)
Same-origin Policy (SOP)
Netsparker
 
How do I Write Testable Javascript so I can Test my CF API on Server and Client
How do I Write Testable Javascript so I can Test my CF API on Server and ClientHow do I Write Testable Javascript so I can Test my CF API on Server and Client
How do I Write Testable Javascript so I can Test my CF API on Server and Client
ColdFusionConference
 
Browser Performance Tests - Internet Explorer 11 vs Firefox 25 vs Google Chro...
Browser Performance Tests - Internet Explorer 11 vs Firefox 25 vs Google Chro...Browser Performance Tests - Internet Explorer 11 vs Firefox 25 vs Google Chro...
Browser Performance Tests - Internet Explorer 11 vs Firefox 25 vs Google Chro...
MIDAS
 
How to Start Performance Testing?
How to Start Performance Testing?How to Start Performance Testing?
How to Start Performance Testing?
Nebojša Videnov
 
DevTools
DevToolsDevTools
DevTools
boucher
 
Slideshare API
Slideshare APISlideshare API
Slideshare API
boucher
 

Contenu connexe

Tendances

Dave Orchard - Offline Web Apps with HTML5
Dave Orchard - Offline Web Apps with HTML5Dave Orchard - Offline Web Apps with HTML5
Dave Orchard - Offline Web Apps with HTML5
Web Directions
 
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystemI can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
Sidu Ponnappa
 
When you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the massesWhen you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the masses
Michele Orru
 
Building iOS Apps With RubyMotion
Building iOS Apps With RubyMotionBuilding iOS Apps With RubyMotion
Building iOS Apps With RubyMotion
Raymond T Hightower
 

Tendances (20)

Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016
 
Dave Orchard - Offline Web Apps with HTML5
Dave Orchard - Offline Web Apps with HTML5Dave Orchard - Offline Web Apps with HTML5
Dave Orchard - Offline Web Apps with HTML5
 
Web to App:作業系統革命 Firefox OS
Web to App:作業系統革命 Firefox OSWeb to App:作業系統革命 Firefox OS
Web to App:作業系統革命 Firefox OS
 
10 common cf server challenges
10 common cf server challenges10 common cf server challenges
10 common cf server challenges
 
AS
ASAS
AS
 
Http2: why the web is upgrading? - bdx.io 2015
Http2: why the web is upgrading? - bdx.io 2015Http2: why the web is upgrading? - bdx.io 2015
Http2: why the web is upgrading? - bdx.io 2015
 
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystemI can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
I can haz HTTP - Consuming and producing HTTP APIs in the Ruby ecosystem
 
Saving Time By Testing With Jest
Saving Time By Testing With JestSaving Time By Testing With Jest
Saving Time By Testing With Jest
 
When you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the massesWhen you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the masses
 
Building Desktop RIAs with JavaScript and PHP - ZendCon09
Building Desktop RIAs with JavaScript and PHP - ZendCon09Building Desktop RIAs with JavaScript and PHP - ZendCon09
Building Desktop RIAs with JavaScript and PHP - ZendCon09
 
Watir
WatirWatir
Watir
 
Building iOS Apps With RubyMotion
Building iOS Apps With RubyMotionBuilding iOS Apps With RubyMotion
Building iOS Apps With RubyMotion
 
Phalcon Framework: San Antonio Web Developers Group
Phalcon Framework: San Antonio Web Developers Group Phalcon Framework: San Antonio Web Developers Group
Phalcon Framework: San Antonio Web Developers Group
 
Gatsby intro
Gatsby introGatsby intro
Gatsby intro
 
BeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-OrruBeEF_EUSecWest-2012_Michele-Orru
BeEF_EUSecWest-2012_Michele-Orru
 
Don't screw it up! How to build durable API
Don't screw it up! How to build durable API Don't screw it up! How to build durable API
Don't screw it up! How to build durable API
 
Same-origin Policy (SOP)
Same-origin Policy (SOP)Same-origin Policy (SOP)
Same-origin Policy (SOP)
 
How do I Write Testable Javascript so I can Test my CF API on Server and Client
How do I Write Testable Javascript so I can Test my CF API on Server and ClientHow do I Write Testable Javascript so I can Test my CF API on Server and Client
How do I Write Testable Javascript so I can Test my CF API on Server and Client
 
Browser Performance Tests - Internet Explorer 11 vs Firefox 25 vs Google Chro...
Browser Performance Tests - Internet Explorer 11 vs Firefox 25 vs Google Chro...Browser Performance Tests - Internet Explorer 11 vs Firefox 25 vs Google Chro...
Browser Performance Tests - Internet Explorer 11 vs Firefox 25 vs Google Chro...
 
How to Start Performance Testing?
How to Start Performance Testing?How to Start Performance Testing?
How to Start Performance Testing?
 

En vedette

DevTools
DevToolsDevTools
DevTools
boucher
 
Snam 2016 Interim Results
Snam 2016 Interim ResultsSnam 2016 Interim Results
Snam 2016 Interim Results
Snam
 
RESTful API Design Best Practices Using ASP.NET Web API
RESTful API Design Best Practices Using ASP.NET Web APIRESTful API Design Best Practices Using ASP.NET Web API
RESTful API Design Best Practices Using ASP.NET Web API
💻 Spencer Schneidenbach
 
Design Beautiful REST + JSON APIs
Design Beautiful REST + JSON APIsDesign Beautiful REST + JSON APIs
Design Beautiful REST + JSON APIs
Stormpath
 

En vedette (20)

DevTools
DevToolsDevTools
DevTools
 
Slideshare API
Slideshare APISlideshare API
Slideshare API
 
L’evoluzione dei servizi commerciali nell’offerta di Snam Rete Gas @Forum UNI...
L’evoluzione dei servizi commerciali nell’offerta di Snam Rete Gas @Forum UNI...L’evoluzione dei servizi commerciali nell’offerta di Snam Rete Gas @Forum UNI...
L’evoluzione dei servizi commerciali nell’offerta di Snam Rete Gas @Forum UNI...
 
Presentazione Snam
Presentazione SnamPresentazione Snam
Presentazione Snam
 
Connecting to a REST API in iOS
Connecting to a REST API in iOSConnecting to a REST API in iOS
Connecting to a REST API in iOS
 
Snam 2016 3Q results
Snam 2016 3Q resultsSnam 2016 3Q results
Snam 2016 3Q results
 
Get started with Listly - A beginners guide to social list making
Get started with Listly - A beginners guide to social list makingGet started with Listly - A beginners guide to social list making
Get started with Listly - A beginners guide to social list making
 
2016-2020 Strategy & Targets
2016-2020 Strategy & Targets2016-2020 Strategy & Targets
2016-2020 Strategy & Targets
 
Snam 2016 Interim Results
Snam 2016 Interim ResultsSnam 2016 Interim Results
Snam 2016 Interim Results
 
Snam 2016 1Q results
Snam 2016 1Q resultsSnam 2016 1Q results
Snam 2016 1Q results
 
2016 Full-Year Results and Plan Update
2016 Full-Year Results and Plan Update2016 Full-Year Results and Plan Update
2016 Full-Year Results and Plan Update
 
Salesforce REST API
Salesforce REST API Salesforce REST API
Salesforce REST API
 
REST: From GET to HATEOAS
REST: From GET to HATEOASREST: From GET to HATEOAS
REST: From GET to HATEOAS
 
Rest API Security
Rest API SecurityRest API Security
Rest API Security
 
Usare (al meglio) le immagini nelle slide.
Usare (al meglio) le immagini nelle slide. Usare (al meglio) le immagini nelle slide.
Usare (al meglio) le immagini nelle slide.
 
RESTful API Design Best Practices Using ASP.NET Web API
RESTful API Design Best Practices Using ASP.NET Web APIRESTful API Design Best Practices Using ASP.NET Web API
RESTful API Design Best Practices Using ASP.NET Web API
 
Understanding REST
Understanding RESTUnderstanding REST
Understanding REST
 
Design Beautiful REST + JSON APIs
Design Beautiful REST + JSON APIsDesign Beautiful REST + JSON APIs
Design Beautiful REST + JSON APIs
 
Secure Your REST API (The Right Way)
Secure Your REST API (The Right Way)Secure Your REST API (The Right Way)
Secure Your REST API (The Right Way)
 
JSON and REST
JSON and RESTJSON and REST
JSON and REST
 

Similaire à Web Api 2.X - Lattanzi

Programming Server side with Sevlet
Programming Server side with Sevlet Programming Server side with Sevlet
Programming Server side with Sevlet
backdoor
 
Netbeans65 Osum Slides
Netbeans65 Osum SlidesNetbeans65 Osum Slides
Netbeans65 Osum Slides
Abhishek Gupta
 

Similaire à Web Api 2.X - Lattanzi (20)

An Introduction to Microservices
An Introduction to MicroservicesAn Introduction to Microservices
An Introduction to Microservices
 
HTML5 Webinar - Mind Storm Software
HTML5 Webinar - Mind Storm SoftwareHTML5 Webinar - Mind Storm Software
HTML5 Webinar - Mind Storm Software
 
WebRTC Status Update - 2017Q2
WebRTC Status Update - 2017Q2WebRTC Status Update - 2017Q2
WebRTC Status Update - 2017Q2
 
Universal apps lightning talk
Universal apps lightning talk Universal apps lightning talk
Universal apps lightning talk
 
Intro to Perfect - LA presentation
Intro to Perfect - LA presentationIntro to Perfect - LA presentation
Intro to Perfect - LA presentation
 
Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1
 
Project Timbit
Project TimbitProject Timbit
Project Timbit
 
JS digest. Decemebr 2017
JS digest. Decemebr 2017JS digest. Decemebr 2017
JS digest. Decemebr 2017
 
HTML5: the new frontier of the web
HTML5: the new frontier of the webHTML5: the new frontier of the web
HTML5: the new frontier of the web
 
Programming Server side with Sevlet
Programming Server side with Sevlet Programming Server side with Sevlet
Programming Server side with Sevlet
 
A Beginner's Guide to Client Side Development with Javascript
A Beginner's Guide to Client Side Development with JavascriptA Beginner's Guide to Client Side Development with Javascript
A Beginner's Guide to Client Side Development with Javascript
 
Crafting APIs
Crafting APIsCrafting APIs
Crafting APIs
 
HTML 5
HTML 5HTML 5
HTML 5
 
Ultra-modern Front-end Dev & Introducing Spar
Ultra-modern Front-end Dev & Introducing SparUltra-modern Front-end Dev & Introducing Spar
Ultra-modern Front-end Dev & Introducing Spar
 
Workshop HTML5+PhoneGap by Ivano Malavolta
Workshop HTML5+PhoneGap by Ivano Malavolta Workshop HTML5+PhoneGap by Ivano Malavolta
Workshop HTML5+PhoneGap by Ivano Malavolta
 
Decoupled Architecture and WordPress
Decoupled Architecture and WordPressDecoupled Architecture and WordPress
Decoupled Architecture and WordPress
 
AD113 Speed Up Your Applications w/ Nginx and PageSpeed
AD113 Speed Up Your Applications w/ Nginx and PageSpeedAD113 Speed Up Your Applications w/ Nginx and PageSpeed
AD113 Speed Up Your Applications w/ Nginx and PageSpeed
 
Angular jS Introduction by Google
Angular jS Introduction by GoogleAngular jS Introduction by Google
Angular jS Introduction by Google
 
Thadomal IEEE-HTML5-Workshop
Thadomal IEEE-HTML5-WorkshopThadomal IEEE-HTML5-Workshop
Thadomal IEEE-HTML5-Workshop
 
Netbeans65 Osum Slides
Netbeans65 Osum SlidesNetbeans65 Osum Slides
Netbeans65 Osum Slides
 

Plus de Codemotion

Plus de Codemotion (20)

Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
Fuzz-testing: A hacker's approach to making your code more secure | Pascal Ze...
 
Pompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending storyPompili - From hero to_zero: The FatalNoise neverending story
Pompili - From hero to_zero: The FatalNoise neverending story
 
Pastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storiaPastore - Commodore 65 - La storia
Pastore - Commodore 65 - La storia
 
Pennisi - Essere Richard Altwasser
Pennisi - Essere Richard AltwasserPennisi - Essere Richard Altwasser
Pennisi - Essere Richard Altwasser
 
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
Michel Schudel - Let's build a blockchain... in 40 minutes! - Codemotion Amst...
 
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
Richard Süselbeck - Building your own ride share app - Codemotion Amsterdam 2019
 
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
Eward Driehuis - What we learned from 20.000 attacks - Codemotion Amsterdam 2019
 
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 - Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
Francesco Baldassarri - Deliver Data at Scale - Codemotion Amsterdam 2019 -
 
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
Martin Förtsch, Thomas Endres - Stereoscopic Style Transfer AI - Codemotion A...
 
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
Melanie Rieback, Klaus Kursawe - Blockchain Security: Melting the "Silver Bul...
 
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
 
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
 
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
Sascha Wolter - Conversational AI Demystified - Codemotion Amsterdam 2019
 
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
Michele Tonutti - Scaling is caring - Codemotion Amsterdam 2019
 
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
Pat Hermens - From 100 to 1,000+ deployments a day - Codemotion Amsterdam 2019
 
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
James Birnie - Using Many Worlds of Compute Power with Quantum - Codemotion A...
 
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
Don Goodman-Wilson - Chinese food, motor scooters, and open source developmen...
 
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
Pieter Omvlee - The story behind Sketch - Codemotion Amsterdam 2019
 
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
Dave Farley - Taking Back “Software Engineering” - Codemotion Amsterdam 2019
 
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
Joshua Hoffman - Should the CTO be Coding? - Codemotion Amsterdam 2019
 

Dernier

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 

Dernier (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

Web Api 2.X - Lattanzi

  • 1. WEB API 2.X What’s new and ….. Ugo Lattanzi Head of Technolgies @ Gaia Microsoft MVP, MCP Twitter: @imperugo Blog (en): http://tostring.it Blog (it): http://imperugo.tostring.it E-mail: imperugo@gmail.com
  • 2. Agenda • Who am I? • What’s ASP.NET Web API? • What’s a RESTfull service?; • Routing old and new; • Global Error Handling; • Help Page; • CORS; • BSON serialization; • Ignore route; • …. caching;
  • 4. Who am I? • Head of Technologies at Gaia (www.gaia.is.it); • Microsoft MVP (ASP.NET / ISS); • Speaker / Trainer; • Book / Article author; • “Opensourcer”; • Github lover; • Everything about Web Dev;
  • 5. Important message We are looking for some good (and crazy) guys to join our team. Contact me – imperugo@gmail.com
  • 7. Web API and REST • When you speak about Web API, probably you should know REST, but was doesn it mean? • RESTfull= REpresentational State Transfer
  • 9. Web API and REST It is not a WebService (SOAP), a patter or a protocol, but is a style of software architecture for distributed systems such as the World Wide Web
  • 10. Web API and REST ASP.NET Web API is a framework (FW 4.x) for processing data and returning data, tipically in json or xml (RESTful services); It seems MVC but is not and, if you need both, use both.
  • 11. What is similar to MVC? • Released with NuGet; • Routing; • Controllers and Actions; • Filters; • ModelBindings; • Dependency Injection;
  • 12. What is different from MVC? • Dispatching (based on http verbs); • Formatters; • Async everywhere; • Self host (no need IIS); • Content negotiation; • Everything is under System.Web.Http;
  • 13. RESTfull • Stateless architecture based on HTTP; • Each url is a resources (no transaction between two requests); • Base on HTTP Verbs (GET, POST, PUT, DELETE); • The status of the response is based on HTTP Status code (401, 200, 404 and so on);
  • 14. DEMO
  • 16. Attribute Routing Allows you to override the default routing for a single action/controller; /customers/1/orders /api/v1/products /api/v2/products Good Article: http://bit.ly/1dwdc2D
  • 18. Global error handling (the problem) There’s no easy way in Web API to log or handle errors globally (prev v2.x); I.E.: • Exceptions thrown from controller constructors • Exceptions thrown from message handlers • Exceptions thrown during routing • Exceptions thrown during response content serialization Good Article: http://bit.ly/1eiUvBB
  • 19. Global error handling (the solution) WEB API (2.x) provides two new user-replaceable services, IExceptionLogger and IExceptionHandler, to log and handle unhandled exceptions. The services are very similar, with two main differences:
  • 20. Global error handling (the solution)
  • 21. Global error handling (CatchBlock)
  • 23. There is a specific endpoint to call
  • 24. API Documentation (thx to @shanselman for that slide)
  • 25. Is there someone who want to write the API Documentation? (thx to @shanselman for that slide)
  • 26. Help Page • “Automatic” API Documentation; • Base on MVC (all via nuget); • Template on top of Bootstrap • Support validation attributes; • Code comments; • Support complex types also for GET Methods (new); • Support for Enums;
  • 27. Help Page (Document your code)
  • 28. Help Page (Enable the XML output)
  • 29. Help Page (Specify the documentation file)
  • 30. Do you know postman?
  • 31. CORS
  • 32. CORS - Cross-Origin Resource Sharing - (the problem) By default it's not possible to make HTTP requests using Javascript from a source domain that is different from the called endpoint. For example, this means that it's not possible to call the URL http://mysite.com/api/myrestendpoint from a domain http://yoursite.com This limitation has been introduced for security reasons: in fact, without this protection, a malicious javascript code could get info from another site without noticing the user.
  • 34. CORS (the problem) Ok, but sometimes we need to do this. How can we do that? • JSONP is easy to use and it's supported by all browsers; the only problem is that the only HTTP VERB supported is GET, which has a limitation on the lenght of the string that can be passed as query parameter. • Otherwise, if you need to send lot of information we can't use this way, so the soulution could be to "proxy" the request locally and forward the data server side or to use CORS.
  • 35. CORS (the solution) Basically CORS communication allow you to overtake the problem by defining some rules that makes the request more "secure". Of course the first thing we need is a browser that support CORS: fortunately all the latest browsers support it. Anyway, we have to consider that, looking at the real world, there are several clients that are still using Internet Explorer 8 which, among other things, doesn't support CORS.
  • 36. CORS (the solution) http://caniuse.com/cors •Internet Explorer 10/11 •Chrome (all versions) •Firefox 3.5+ •Safari 4.x
  • 37. CORS
  • 38. CORS
  • 39. CORS
  • 41. CACHING • Do you know the HTTP support caching? • Do we really need to use server side cache? • What I’ve to do in my code?
  • 42. Caching How does it work? The client will ask the server if it has an updated copy of the resource by sending some information about the cached resources it holds using a request header called ETag If there are no updates, the server return 304 with an empty body, otherwise a 200 with the new data
  • 44. Cache Cow It’s an open source library available on nuget (the source code is on github) that allows you to enable caching in you APIs; Support differents providers to store the cache (memcache, ravendb, azure caching, Redis and so on);
  • 46. GRAZIE! Ugo Lattanzi Head of Technolgies @ Gaia Microsoft MVP, MCP Twitter: @imperugo Blog (en): http://tostring.it Blog (it): http://imperugo.tostring.it E-mail: imperugo@gmail.com