The Ruby ecosystem is pretty awesome when it comes to developing or consuming HTTP APIs. On the publishing front, the Rails framework is an attractive option because it supports publishing what are popularly (but inaccurately) referred to as 'RESTful' APIs quickly and effortlessly. On the consumer side, the Ruby ecosystem provides several very fluent and powerful libraries that make it easy to consume HTTP based APIs. Since a significant proportion of projects today require that APIs be both published and consumed, many of them wind up choosing Ruby as a platform for the reasons mentioned above. This talk is targeted at folks that are currently on such projects, or anticipate being on such projects in the future. We will cover: Consuming HTTP APIs: 1) The basics of making HTTP calls with Ruby 2) The strengths and weaknesses of Ruby's Net::HTTP across 1.8, 1.9 and JRuby (possibly Rubinius if we have the time to do research) 3) Popular HTTP libraries that either make it easier to do HTTP by providing better APIs, make it faster by using libCurl or both 4) Different approaches to deserializing popular encoding formats such as XML and JSON and the pitfalls thereof Producing HTTP APIs using Rails: 1) The basics of REST 2) What Rails gives you out of the box - content-type negotiation, deserialization etc. and the limitations thereof 3) What Rails fails to give you out of the box - hypermedia controls etc. 4) What Rails does wrong - wrong PUT semantics, no support for PATCH, error handling results in responses that violate the clients Accepts header constraints etc. 4) How one can achieve Level 2 on the Richardson Maturity Model of REST using Rails 5) Writing tests for all of this At the end of this, our audience will understand how you can both consume and produce HTTP APIs in the Ruby ecosystem. They will also have a clear idea of what the limitations of such systems are and what the can do to work around the limitations.

1. I can haz HTTP
Consuming and producing HTTP APIs in the
Ruby ecosystem

2. sidu ponnappa

3. kaiwren

4. @ponnappa

5. niranjan paranjape

6. achamian

7. @niranjan_p

8. Engineering
http://github.com/c42

9. Open Source
(gem install) wrest
(gem install) pox_paginate

10. Not about HTTP libs
not per se...

11. More about...

12. REST

13. caching

14. serialisation & deserialisation

15. authentication

16. stuff like that...

17. Producer / Consumer

18. Producer

21. digression

22. RESTful?

23. Leonard Richardson

24. L0: Plain Old Xml

25. L1: Resources
L0: Plain Old Xml

26. L2: HTTP Verbs
L1: Resources
L0: Plain Old Xml

27. L3: Hypermedia
L2: HTTP Verbs
L1: Resources
L0: Plain Old Xml

28. reasonable compliance?

29. L2 is achievable with minimal
effort in Rails

30. getting back to the point

31. Don’t mix machine stuff with
human stuff

32. APIs are for machines

33. mixing the two causes trouble

37. basically, doing this causes
trouble
def index
respond_to do |format|
e
format.html
format.json { render :json => Project.all.to_json }
end
end

38. because, people like usable
apps

39. separate API controllers from
website controllers

40. or beyond even that...

41. your app only exposes APIs
your website is a separate application
that consumes these APIs; think NewTwitter

42. don’t design exclusively for
ActiveResource
it isn’t a standard

43. HTTP status codes

44. rails has nice defaults
201 for creates
401 for auth violations
405 for L2 violations
406 for Content-Type violations
422 for invalid data
500 for server faults
200 for everything else

45. let rails help you

46. what they missed

47. 404

48. 409

49. assert on status codes
gem install rspec-http
response.should be_im_a_teapot

50. Authentication

51. OAuth 2 is nice

52. be an OAuth provider
consistency makes life easier

53. https://

54. Caching

55. go beyond Rails’ local caches

56. the Cache-Control header is
your friend

57. Versioning

58. successful APIs change

59. good versioning is critical
publish clear roadmaps and deprecate sensibly

60. Content Types

61. don’t tunnel
application/x-www-form-urlencoded

62. Accept headers

63. “http://localhost:3000/user.xml”

64. “http://localhost:3000/user.xml”

65. rails respects it
you should use it

66. Important stuff that we’ve
never done

67. Throttling
https://github.com/dambalah/api-throttling
(thanks @godfoca)

68. Metering

69. Consumer

70. rails API vs. everything else

71. ActiveResource

72. 60:40

73. the rest of the time you
monkeypatch
but that isn’t so easy, so be careful

74. ActiveResource works best
inside a walled garden
(IMHO)

75. Producer maturity

76. some APIs are weird

77. everyone’s standardizing on
REST
but it’s what they call REST

78. suffice to say, one size doesn’t
fit all
except for OAuth 2, which everyone’s adopting

79. building a clean domain model
for the API is key

80. OAuth 2 is ridiculously easy to
write a client for
#justSaying
https://github.com/kaiwren/wrest/tree/master/
examples/facebook_auth

81. authorisation on the other
hand still has no standard
implementation

82. What should a good HTTP
client do for you?

83. this one needs bullets
• Verbs - should support GET, POST, PUT & DELETE.
• If it supports PATCH & OPTIONS, epic.
• Transparent deserialization of XML and JSON, with the option to easily add more
• HTTP caching (RFC 2616)
• Keep-alive connections (because negotiating SSL can get expensive)
• Thread safety
• Transparent compression/decompression using Accept-Encoding
• A fluent, easy to use API

84. most importantly...

85. verbs

86. serialization
I rather like ActiveSupport

87. caching
RFC 2616

88. thread safety

89. fluent api
is it easy to work with uris, because you’ll do a fair bit of
that when building domains

90. is it easy to build a domain
model using it?

91. logging/debugging

92. Shared stuff

93. serialization/deserialization

94. libxml
ActiveSupport::XmlMini.backend = 'Nokogiri'

95. Builder
Pure Ruby XML serializer. Pretty Fast.
Just does String concats.

96. gotcha

97. no DOM for Builder
so no guarantee that you get valid XML

98. testing
this can be tricky

99. Conclusion

100. respect HTTP

101. respect REST constraints

102. spend less time messing with
plumbing

103. focus on building a clean
domain model

104. Photo credits
David Blackwell, Elephant in Room: http://www.flickr.com/photos/mobilestreetlife

105. Funny picture?
cat with mausambi hat

106. 42
Sidu Ponnappa Niranjan Paranjape
http://twitter.com/ponnappa http://twitter.com/niranjan_p
https://github.com/kaiwren https://github.com/achamian