SlideShare une entreprise Scribd logo

What is REST?

Saeid Zebardast
Saeid Zebardast

REpresentational State Transfer (REST) is a style of software architecture for distributed systems such as the World Wide Web. REST has emerged as a predominant web API design model.

Technologie
1  sur  23
Télécharger pour lire hors ligne
REST Saeid Zebardast http://zebardast.com saeid.zebardast@gmail.com
WHAT’S A WEB SERVICE? •A web service is just a web page meant for a computer to request and process. • Web Services require an architectural style to make sense of them, because there’s no smart human being on the client end to keep track. • The pre-Web techniques of computer interaction don't scale on the Internet. • They were designed for small scales and single trust domains. 2
REST • REpresentational State Transfer (REST) is a style of software architecture for distributed systems such as the World Wide Web. REST has emerged as a predominant web API design model. • The term representational state transfer was introduced and defined in 2000 by Roy Fielding in his doctoral dissertation. Fielding is one of the principal authors of the Hypertext Transfer Protocol (HTTP) specification versions 1.0 and 1.1. • REST-style architectures consist of clients and servers. Clients initiate requests to servers; servers process requests and return appropriate responses. Requests and responses are built around the transfer of representations of resources. • REST facilitates the transaction between web servers by allowing loose coupling between different services. The REST language uses nouns and verbs, and has an emphasis on readability. Unlike SOAP, REST does not require XML parsing and does not require a message header to and from a service provider. This ultimately uses less bandwidth. REST error-handling also differs from that used by SOAP. 3
REST DEFINED • Everything is a resource • Resources are just concepts • Resources are manipulated through their representations (HTML, plain text, JPEG, or whatever) • Resources are retrieved not as character strings or BLOBs but as complete representations • Resources are identified by uniform resource identifiers (URIs). URIs tell a client that there's a concept somewhere • Clients can then request a specific representation of the concept from the representations the server makes available • Messages are self-descriptive and stateless • Multiple representations are accepted or sent but most resources have only a single representation • Hypertext (Hypermedia) is the engine of application state 4
REST DEFINED • “State” means application/session state • Maintained as part of the content transferred from client to server back to client • Thus any server can potentially continue transaction from the point where it was left off 5
KEY GOALS OF REST • Scalability of component interactions • Generality of interfaces • Independent deployment of components • Intermediary components to reduce latency, enforce security and encapsulate legacy systems 6
CONSTRAINTS The REST architectural style describes the following six constraints applied to the architecture, while leaving the implementation of the individual components free to design: •Client–server •Stateless •Cacheable •Layered system •Code on demand (optional) •Uniform interface 7
ADVANTAGES OF REST • Separates server implementation from the client's perception of resources (“Cool URIs Don’t Change”) • Scales well to large numbers of clients • Enables transfer of data in streams of unlimited size and type • Supports intermediaries (proxies and gateways) as data transformation and caching components • Concentrates the application state within the user agent components, where the surplus disk and cycles are 8
THE KEY INSIGHTS • Discrete resources should be given their own stable URIs • HTTP, URIs, and the actual data resources acquired from URIs are sufficient to describe any complex transaction, including: • session state • authentication/authorization 9
ARGUMENTS AGAINST NON-REST DESIGNS • They break Web architecture, particularly caching • They don't scale well • They have significantly higher coordination costs 10
SIMPLICITY WINS AGAIN 11
REST AND HTTP • REST is a post hoc description of the Web • HTTP 1.1 was designed to conform to REST • Its methods are defined well enough to get work done • Unsurprisingly, HTTP is the most RESTful protocol • But it's possible to apply REST concepts to other protocols and systems 12
VERBS • Verbs (loosely) describe actions that are applicable to nouns • Using different verbs for every noun would make widespread communication impossible • In programming we call this “polymorphism” • Some verbs only apply to a few nouns • In REST we use universal verbs only 13
FOUR VERBS FOR EVERY NOUN • GET to retrieve information • POST to add new information, showing its relation to old information • PUT to update information • DELETE to discard information 14
WHAT IF REST IS NOT ENOUGH? • What happens when you need application semantics that don't fit into the GET / PUT / POST / DELETE generic interfaces and representational state model? • If the problem doesn't fit HTTP, build another protocol • Extend HTTP by adding new HTTP methods 15
BUT IN FACT • There are no applications you can think of which cannot be made to fit into the GET / PUT / POST / DELETE resources / representations model of the world! • These interfaces are sufficiently general 16
RESTFUL WEB API HTTP METHODS 17
RESPONSE CODES • 200 OK • 403 Forbidden • 201 Created • 404 Not found • 202 Accepted • 405 Method not allowed • 204 No content • 409 Conflict • 301 Moved permanently • 410 Gone • 400 Bad request • etc 18
GENERAL PRINCIPLES FOR GOOD URI DESIGN • Don't use query parameters to alter state • Don't use mixed-case paths if you can help it; lowercase is best • Don't use implementation-specific extensions in your URIs (.php, .py, .pl, etc.) • Don't fall into RPC with your URIs • Do limit your URI space as much as possible • Do keep path segments short • Do prefer either /resource or /resource/; create 301 redirects from the one you don't use • Do use query parameters for sub-selection of a resource; i.e. pagination, search queries • Do move stuff out of the URI that should be in an HTTP header or a body 19
GENERAL PRINCIPLES FOR HTTP METHOD CHOICE • Don't ever use GET to alter state; this is a great way to have the Googlebot ruin your day • Don't use PUT unless you are updating an entire resource • Don't use PUT unless you can also legitimately do a GET on the same URI • Don't use POST to retrieve information that is long-lived or that might be reasonable to cache • Don't perform an operation that is not idempotent with PUT • Do use GET for as much as possible • Do use POST in preference to PUT when in doubt • Do use POST whenever you have to do something that feels RPC-like • Do use PUT for classes of resources that are larger or hierarchical • Do use DELETE in preference to POST to remove resources • Do use GET for things like calculations, unless your input is large, in which case use POST 20
GENERAL PRINCIPLES OF WEB SERVICE DESIGN WITH HTTP • Don't put metadata in the body of a response that should be in a header • Don't put metadata in a separate resource unless including it would create significant overhead • Do use the appropriate status code • 201 Created after creating a resource; resource must exist at the time the response is sent • 202 Accepted after performing an operation successfully or creating a resource asynchronously • 400 Bad Request when someone does an operation on data that's clearly bogus; for your application this could be a validation error; generally reserve 500 for uncaught exceptions • 401 Unauthorized when someone accesses your API either without supplying a necessary Authorization header or when the credentials within the Authorization are invalid; don't use this response code if you aren't expecting credentials via an Authorization header. • 403 Forbidden when someone accesses your API in a way that might be malicious or if they aren't authorized • 405 Method Not Allowed when someone uses POST when they should have used PUT, etc • 413 Request Entity Too Large when someone attempts to send you an unacceptably large file 21
GENERAL PRINCIPLES OF WEB SERVICE DESIGN WITH HTTP • Do use caching headers whenever you can • ETag headers are good when you can easily reduce a resource to a hash value • Last-Modified should indicate to you that keeping around a timestamp of when resources are updated is a good idea • Cache-Control and Expires should be given sensible values • Do everything you can to honor caching headers in a request (If-None- Modified, If-Modified-Since) • Do use redirects when they make sense, but these should be rare for a web service 22
MORE INFORMATION? • http://www.packetizer.com/ws/rest.html • http://home.ccil.org/~cowan/restws.pdf • https://www.ics.uci.edu/~fielding/pubs/dissertation/abstract.htm 23

Recommandé

REST API Design
REST API DesignREST API Design
REST API DesignDevi Kiran G
 
REST - Representational state transfer
REST - Representational state transferREST - Representational state transfer
REST - Representational state transferTricode (part of Dept)
 
Rest API
Rest APIRest API
Rest APIRohana K Amarakoon
 
Soap and restful webservice
Soap and restful webserviceSoap and restful webservice
Soap and restful webserviceDong Ngoc
 
RESTful Web Services
RESTful Web ServicesRESTful Web Services
RESTful Web ServicesChristopher Bartling
 
ReST (Representational State Transfer) Explained
ReST (Representational State Transfer) ExplainedReST (Representational State Transfer) Explained
ReST (Representational State Transfer) ExplainedDhananjay Nene
 
What is REST API? REST API Concepts and Examples | Edureka
What is REST API? REST API Concepts and Examples | EdurekaWhat is REST API? REST API Concepts and Examples | Edureka
What is REST API? REST API Concepts and Examples | EdurekaEdureka!
 
REST API
REST APIREST API
REST APITofazzal Ahmed
 

Recommandé

REST API Design
REST API DesignREST API Design
REST API DesignDevi Kiran G
 
REST - Representational state transfer
REST - Representational state transferREST - Representational state transfer
REST - Representational state transferTricode (part of Dept)
 
Rest API
Rest APIRest API
Rest APIRohana K Amarakoon
 
Soap and restful webservice
Soap and restful webserviceSoap and restful webservice
Soap and restful webserviceDong Ngoc
 
RESTful Web Services
RESTful Web ServicesRESTful Web Services
RESTful Web ServicesChristopher Bartling
 
ReST (Representational State Transfer) Explained
ReST (Representational State Transfer) ExplainedReST (Representational State Transfer) Explained
ReST (Representational State Transfer) ExplainedDhananjay Nene
 
What is REST API? REST API Concepts and Examples | Edureka
What is REST API? REST API Concepts and Examples | EdurekaWhat is REST API? REST API Concepts and Examples | Edureka
What is REST API? REST API Concepts and Examples | EdurekaEdureka!
 
REST API
REST APIREST API
REST APITofazzal Ahmed
 
Understanding REST
Understanding RESTUnderstanding REST
Understanding RESTNitin Pande
 
Web API 2 Token Based Authentication
Web API 2 Token Based AuthenticationWeb API 2 Token Based Authentication
Web API 2 Token Based Authenticationjeremysbrown
 
REST-API overview / concepts
REST-API overview / conceptsREST-API overview / concepts
REST-API overview / conceptsPatrick Savalle
 
Expose your data as an api is with oracle rest data services -spoug Madrid
Expose your data as an api is with oracle rest data services -spoug MadridExpose your data as an api is with oracle rest data services -spoug Madrid
Expose your data as an api is with oracle rest data services -spoug MadridVinay Kumar
 
Soap and Rest
Soap and RestSoap and Rest
Soap and RestEdison Lascano
 
REST API and CRUD
REST API and CRUDREST API and CRUD
REST API and CRUDPrem Sanil
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web ServicesHalil Burak Cetinkaya
 
Building Automated REST APIs with Python
Building Automated REST APIs with PythonBuilding Automated REST APIs with Python
Building Automated REST APIs with PythonJeff Knupp
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developersPatrick Savalle
 
Web API authentication and authorization
Web API authentication and authorization Web API authentication and authorization
Web API authentication and authorization Chalermpon Areepong
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsTessa Mero
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - APIChetan Gadodia
 
Introduction to WSO2 ESB
Introduction to WSO2 ESB Introduction to WSO2 ESB
Introduction to WSO2 ESB WSO2
 
RESTful Web Services
RESTful Web ServicesRESTful Web Services
RESTful Web ServicesImran M Yousuf
 
ORDS - Oracle REST Data Services
ORDS - Oracle REST Data ServicesORDS - Oracle REST Data Services
ORDS - Oracle REST Data ServicesJustin Michael Raj
 
FIWARE Wednesday Webinars - Introduction to NGSI-LD
FIWARE Wednesday Webinars - Introduction to NGSI-LDFIWARE Wednesday Webinars - Introduction to NGSI-LD
FIWARE Wednesday Webinars - Introduction to NGSI-LDFIWARE
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuthDan Brinkmann
 
Actuation, Federation and Interoperability of Context Brokers
Actuation, Federation and Interoperability of Context BrokersActuation, Federation and Interoperability of Context Brokers
Actuation, Federation and Interoperability of Context BrokersFIWARE
 
Overview of Rest Service and ASP.NET WEB API
Overview of Rest Service and ASP.NET WEB APIOverview of Rest Service and ASP.NET WEB API
Overview of Rest Service and ASP.NET WEB APIPankaj Bajaj
 
Restful web services ppt
Restful web services pptRestful web services ppt
Restful web services pptOECLIB Odisha Electronics Control Library
 
What is good design?
What is good design?What is good design?
What is good design?Saeid Zebardast
 
How to be different?
How to be different?How to be different?
How to be different?Saeid Zebardast
 

Contenu connexe

Tendances

Understanding REST
Understanding RESTUnderstanding REST
Understanding RESTNitin Pande
 
Web API 2 Token Based Authentication
Web API 2 Token Based AuthenticationWeb API 2 Token Based Authentication
Web API 2 Token Based Authenticationjeremysbrown
 
REST-API overview / concepts
REST-API overview / conceptsREST-API overview / concepts
REST-API overview / conceptsPatrick Savalle
 
Expose your data as an api is with oracle rest data services -spoug Madrid
Expose your data as an api is with oracle rest data services -spoug MadridExpose your data as an api is with oracle rest data services -spoug Madrid
Expose your data as an api is with oracle rest data services -spoug MadridVinay Kumar
 
REST API and CRUD
REST API and CRUDREST API and CRUD
REST API and CRUDPrem Sanil
 
Building Automated REST APIs with Python
Building Automated REST APIs with PythonBuilding Automated REST APIs with Python
Building Automated REST APIs with PythonJeff Knupp
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developersPatrick Savalle
 
Web API authentication and authorization
Web API authentication and authorization Web API authentication and authorization
Web API authentication and authorization Chalermpon Areepong
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsTessa Mero
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - APIChetan Gadodia
 
Introduction to WSO2 ESB
Introduction to WSO2 ESB Introduction to WSO2 ESB
Introduction to WSO2 ESB WSO2
 
ORDS - Oracle REST Data Services
ORDS - Oracle REST Data ServicesORDS - Oracle REST Data Services
ORDS - Oracle REST Data ServicesJustin Michael Raj
 
FIWARE Wednesday Webinars - Introduction to NGSI-LD
FIWARE Wednesday Webinars - Introduction to NGSI-LDFIWARE Wednesday Webinars - Introduction to NGSI-LD
FIWARE Wednesday Webinars - Introduction to NGSI-LDFIWARE
 
Actuation, Federation and Interoperability of Context Brokers
Actuation, Federation and Interoperability of Context BrokersActuation, Federation and Interoperability of Context Brokers
Actuation, Federation and Interoperability of Context BrokersFIWARE
 
Overview of Rest Service and ASP.NET WEB API
Overview of Rest Service and ASP.NET WEB APIOverview of Rest Service and ASP.NET WEB API
Overview of Rest Service and ASP.NET WEB APIPankaj Bajaj
 

Tendances (20)

Understanding REST
Understanding RESTUnderstanding REST
Understanding REST
 
Web API 2 Token Based Authentication
Web API 2 Token Based AuthenticationWeb API 2 Token Based Authentication
Web API 2 Token Based Authentication
 
REST-API overview / concepts
REST-API overview / conceptsREST-API overview / concepts
REST-API overview / concepts
 
Expose your data as an api is with oracle rest data services -spoug Madrid
Expose your data as an api is with oracle rest data services -spoug MadridExpose your data as an api is with oracle rest data services -spoug Madrid
Expose your data as an api is with oracle rest data services -spoug Madrid
 
Soap and Rest
Soap and RestSoap and Rest
Soap and Rest
 
REST API and CRUD
REST API and CRUDREST API and CRUD
REST API and CRUD
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web Services
 
Building Automated REST APIs with Python
Building Automated REST APIs with PythonBuilding Automated REST APIs with Python
Building Automated REST APIs with Python
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developers
 
Web API authentication and authorization
Web API authentication and authorization Web API authentication and authorization
Web API authentication and authorization
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple Steps
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - API
 
Introduction to WSO2 ESB
Introduction to WSO2 ESB Introduction to WSO2 ESB
Introduction to WSO2 ESB
 
RESTful Web Services
RESTful Web ServicesRESTful Web Services
RESTful Web Services
 
ORDS - Oracle REST Data Services
ORDS - Oracle REST Data ServicesORDS - Oracle REST Data Services
ORDS - Oracle REST Data Services
 
FIWARE Wednesday Webinars - Introduction to NGSI-LD
FIWARE Wednesday Webinars - Introduction to NGSI-LDFIWARE Wednesday Webinars - Introduction to NGSI-LD
FIWARE Wednesday Webinars - Introduction to NGSI-LD
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuth
 
Actuation, Federation and Interoperability of Context Brokers
Actuation, Federation and Interoperability of Context BrokersActuation, Federation and Interoperability of Context Brokers
Actuation, Federation and Interoperability of Context Brokers
 
Overview of Rest Service and ASP.NET WEB API
Overview of Rest Service and ASP.NET WEB APIOverview of Rest Service and ASP.NET WEB API
Overview of Rest Service and ASP.NET WEB API
 
Restful web services ppt
Restful web services pptRestful web services ppt
Restful web services ppt
 

En vedette

معرفی سیستم‌های توکار در دانشگاه صنعتی شریف
معرفی سیستم‌های توکار در دانشگاه صنعتی شریفمعرفی سیستم‌های توکار در دانشگاه صنعتی شریف
معرفی سیستم‌های توکار در دانشگاه صنعتی شریفnumb95
 
مستندات رفتاری در انجمنهای نرم افزار های آزاد
مستندات رفتاری در انجمنهای نرم افزار های آزادمستندات رفتاری در انجمنهای نرم افزار های آزاد
مستندات رفتاری در انجمنهای نرم افزار های آزادnumb95
 
Web Components Revolution
Web Components RevolutionWeb Components Revolution
Web Components RevolutionSaeid Zebardast
 

En vedette (8)

What is good design?
What is good design?What is good design?
What is good design?
 
How to be different?
How to be different?How to be different?
How to be different?
 
Introduction to Redis
Introduction to RedisIntroduction to Redis
Introduction to Redis
 
MySQL for beginners
MySQL for beginnersMySQL for beginners
MySQL for beginners
 
معرفی سیستم‌های توکار در دانشگاه صنعتی شریف
معرفی سیستم‌های توکار در دانشگاه صنعتی شریفمعرفی سیستم‌های توکار در دانشگاه صنعتی شریف
معرفی سیستم‌های توکار در دانشگاه صنعتی شریف
 
مستندات رفتاری در انجمنهای نرم افزار های آزاد
مستندات رفتاری در انجمنهای نرم افزار های آزادمستندات رفتاری در انجمنهای نرم افزار های آزاد
مستندات رفتاری در انجمنهای نرم افزار های آزاد
 
Web Components Revolution
Web Components RevolutionWeb Components Revolution
Web Components Revolution
 
Java for beginners
Java for beginnersJava for beginners
Java for beginners
 

Similaire à What is REST?

Best Practices in Web Service Design
Best Practices in Web Service DesignBest Practices in Web Service Design
Best Practices in Web Service DesignLorna Mitchell
 
Алексей Веркеенко "Symfony2 & REST API"
Алексей Веркеенко "Symfony2 & REST API" Алексей Веркеенко "Symfony2 & REST API"
Алексей Веркеенко "Symfony2 & REST API" Fwdays
 
REST API Recommendations
REST API RecommendationsREST API Recommendations
REST API RecommendationsJeelani Shaik
 
Pragmatic REST APIs
Pragmatic REST APIsPragmatic REST APIs
Pragmatic REST APIsamesar0
 
Overview of REST - Raihan Ullah
Overview of REST - Raihan UllahOverview of REST - Raihan Ullah
Overview of REST - Raihan UllahCefalo
 
Mark Little R E S Tand W S Star
Mark Little R E S Tand W S StarMark Little R E S Tand W S Star
Mark Little R E S Tand W S StarSOA Symposium
 
Best Practice in Web Service Design
Best Practice in Web Service DesignBest Practice in Web Service Design
Best Practice in Web Service DesignLorna Mitchell
 
Introduction to Restful Web Services
Introduction to Restful Web ServicesIntroduction to Restful Web Services
Introduction to Restful Web Servicesweili_at_slideshare
 
Understanding REST-Based Services: Simple, Scalable, and Platform Independent
Understanding REST-Based Services: Simple, Scalable, and Platform IndependentUnderstanding REST-Based Services: Simple, Scalable, and Platform Independent
Understanding REST-Based Services: Simple, Scalable, and Platform IndependentCharles Knight
 
Restful风格ž„web服务架构
Restful风格ž„web服务架构Restful风格ž„web服务架构
Restful风格ž„web服务架构Benjamin Tan
 
RESTful web
RESTful webRESTful web
RESTful webAlvin Qi
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesSam Bowne
 
API Testing Using REST Assured with TestNG
API Testing Using REST Assured with TestNGAPI Testing Using REST Assured with TestNG
API Testing Using REST Assured with TestNGSiddharth Sharma
 

Similaire à What is REST? (20)

RESTful Services
RESTful ServicesRESTful Services
RESTful Services
 
RESTful services
RESTful servicesRESTful services
RESTful services
 
Rest APIs Training
Rest APIs TrainingRest APIs Training
Rest APIs Training
 
Best Practices in Web Service Design
Best Practices in Web Service DesignBest Practices in Web Service Design
Best Practices in Web Service Design
 
Алексей Веркеенко "Symfony2 & REST API"
Алексей Веркеенко "Symfony2 & REST API" Алексей Веркеенко "Symfony2 & REST API"
Алексей Веркеенко "Symfony2 & REST API"
 
REST API Recommendations
REST API RecommendationsREST API Recommendations
REST API Recommendations
 
Pragmatic REST APIs
Pragmatic REST APIsPragmatic REST APIs
Pragmatic REST APIs
 
Overview of REST - Raihan Ullah
Overview of REST - Raihan UllahOverview of REST - Raihan Ullah
Overview of REST - Raihan Ullah
 
Mark Little R E S Tand W S Star
Mark Little R E S Tand W S StarMark Little R E S Tand W S Star
Mark Little R E S Tand W S Star
 
Best Practice in Web Service Design
Best Practice in Web Service DesignBest Practice in Web Service Design
Best Practice in Web Service Design
 
Introduction to Restful Web Services
Introduction to Restful Web ServicesIntroduction to Restful Web Services
Introduction to Restful Web Services
 
Understanding REST-Based Services: Simple, Scalable, and Platform Independent
Understanding REST-Based Services: Simple, Scalable, and Platform IndependentUnderstanding REST-Based Services: Simple, Scalable, and Platform Independent
Understanding REST-Based Services: Simple, Scalable, and Platform Independent
 
Api Design
Api DesignApi Design
Api Design
 
RESTful APIs
RESTful APIsRESTful APIs
RESTful APIs
 
Restful风格ž„web服务架构
Restful风格ž„web服务架构Restful风格ž„web服务架构
Restful风格ž„web服务架构
 
RESTful web
RESTful webRESTful web
RESTful web
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application Technologies
 
Mini-Training: Let's have a rest
Mini-Training: Let's have a restMini-Training: Let's have a rest
Mini-Training: Let's have a rest
 
API Testing Using REST Assured with TestNG
API Testing Using REST Assured with TestNGAPI Testing Using REST Assured with TestNG
API Testing Using REST Assured with TestNG
 
WebDev Crash Course
WebDev Crash CourseWebDev Crash Course
WebDev Crash Course
 

Plus de Saeid Zebardast

An Introduction to Apache Cassandra
An Introduction to Apache CassandraAn Introduction to Apache Cassandra
An Introduction to Apache CassandraSaeid Zebardast
 
An overview of Scalable Web Application Front-end
An overview of Scalable Web Application Front-endAn overview of Scalable Web Application Front-end
An overview of Scalable Web Application Front-endSaeid Zebardast
 
Developing Applications with MySQL and Java for beginners
Developing Applications with MySQL and Java for beginnersDeveloping Applications with MySQL and Java for beginners
Developing Applications with MySQL and Java for beginnersSaeid Zebardast
 
هفده اصل افراد موثر در تیم
هفده اصل افراد موثر در تیمهفده اصل افراد موثر در تیم
هفده اصل افراد موثر در تیمSaeid Zebardast
 
معرفی گنو/لینوکس و سیستم عامل های متن باز و آزاد
معرفی گنو/لینوکس و سیستم عامل های متن باز و آزادمعرفی گنو/لینوکس و سیستم عامل های متن باز و آزاد
معرفی گنو/لینوکس و سیستم عامل های متن باز و آزادSaeid Zebardast
 

Plus de Saeid Zebardast (7)

An Introduction to Apache Cassandra
An Introduction to Apache CassandraAn Introduction to Apache Cassandra
An Introduction to Apache Cassandra
 
An overview of Scalable Web Application Front-end
An overview of Scalable Web Application Front-endAn overview of Scalable Web Application Front-end
An overview of Scalable Web Application Front-end
 
MySQL Cheat Sheet
MySQL Cheat SheetMySQL Cheat Sheet
MySQL Cheat Sheet
 
Java Cheat Sheet
Java Cheat SheetJava Cheat Sheet
Java Cheat Sheet
 
Developing Applications with MySQL and Java for beginners
Developing Applications with MySQL and Java for beginnersDeveloping Applications with MySQL and Java for beginners
Developing Applications with MySQL and Java for beginners
 
هفده اصل افراد موثر در تیم
هفده اصل افراد موثر در تیمهفده اصل افراد موثر در تیم
هفده اصل افراد موثر در تیم
 
معرفی گنو/لینوکس و سیستم عامل های متن باز و آزاد
معرفی گنو/لینوکس و سیستم عامل های متن باز و آزادمعرفی گنو/لینوکس و سیستم عامل های متن باز و آزاد
معرفی گنو/لینوکس و سیستم عامل های متن باز و آزاد
 

Dernier

Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 

Dernier (20)

Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 

What is REST?

  • 2. WHAT’S A WEB SERVICE? •A web service is just a web page meant for a computer to request and process. • Web Services require an architectural style to make sense of them, because there’s no smart human being on the client end to keep track. • The pre-Web techniques of computer interaction don't scale on the Internet. • They were designed for small scales and single trust domains. 2
  • 3. REST • REpresentational State Transfer (REST) is a style of software architecture for distributed systems such as the World Wide Web. REST has emerged as a predominant web API design model. • The term representational state transfer was introduced and defined in 2000 by Roy Fielding in his doctoral dissertation. Fielding is one of the principal authors of the Hypertext Transfer Protocol (HTTP) specification versions 1.0 and 1.1. • REST-style architectures consist of clients and servers. Clients initiate requests to servers; servers process requests and return appropriate responses. Requests and responses are built around the transfer of representations of resources. • REST facilitates the transaction between web servers by allowing loose coupling between different services. The REST language uses nouns and verbs, and has an emphasis on readability. Unlike SOAP, REST does not require XML parsing and does not require a message header to and from a service provider. This ultimately uses less bandwidth. REST error-handling also differs from that used by SOAP. 3
  • 4. REST DEFINED • Everything is a resource • Resources are just concepts • Resources are manipulated through their representations (HTML, plain text, JPEG, or whatever) • Resources are retrieved not as character strings or BLOBs but as complete representations • Resources are identified by uniform resource identifiers (URIs). URIs tell a client that there's a concept somewhere • Clients can then request a specific representation of the concept from the representations the server makes available • Messages are self-descriptive and stateless • Multiple representations are accepted or sent but most resources have only a single representation • Hypertext (Hypermedia) is the engine of application state 4
  • 5. REST DEFINED • “State” means application/session state • Maintained as part of the content transferred from client to server back to client • Thus any server can potentially continue transaction from the point where it was left off 5
  • 6. KEY GOALS OF REST • Scalability of component interactions • Generality of interfaces • Independent deployment of components • Intermediary components to reduce latency, enforce security and encapsulate legacy systems 6
  • 7. CONSTRAINTS The REST architectural style describes the following six constraints applied to the architecture, while leaving the implementation of the individual components free to design: •Client–server •Stateless •Cacheable •Layered system •Code on demand (optional) •Uniform interface 7
  • 8. ADVANTAGES OF REST • Separates server implementation from the client's perception of resources (“Cool URIs Don’t Change”) • Scales well to large numbers of clients • Enables transfer of data in streams of unlimited size and type • Supports intermediaries (proxies and gateways) as data transformation and caching components • Concentrates the application state within the user agent components, where the surplus disk and cycles are 8
  • 9. THE KEY INSIGHTS • Discrete resources should be given their own stable URIs • HTTP, URIs, and the actual data resources acquired from URIs are sufficient to describe any complex transaction, including: • session state • authentication/authorization 9
  • 10. ARGUMENTS AGAINST NON-REST DESIGNS • They break Web architecture, particularly caching • They don't scale well • They have significantly higher coordination costs 10
  • 12. REST AND HTTP • REST is a post hoc description of the Web • HTTP 1.1 was designed to conform to REST • Its methods are defined well enough to get work done • Unsurprisingly, HTTP is the most RESTful protocol • But it's possible to apply REST concepts to other protocols and systems 12
  • 13. VERBS • Verbs (loosely) describe actions that are applicable to nouns • Using different verbs for every noun would make widespread communication impossible • In programming we call this “polymorphism” • Some verbs only apply to a few nouns • In REST we use universal verbs only 13
  • 14. FOUR VERBS FOR EVERY NOUN • GET to retrieve information • POST to add new information, showing its relation to old information • PUT to update information • DELETE to discard information 14
  • 15. WHAT IF REST IS NOT ENOUGH? • What happens when you need application semantics that don't fit into the GET / PUT / POST / DELETE generic interfaces and representational state model? • If the problem doesn't fit HTTP, build another protocol • Extend HTTP by adding new HTTP methods 15
  • 16. BUT IN FACT • There are no applications you can think of which cannot be made to fit into the GET / PUT / POST / DELETE resources / representations model of the world! • These interfaces are sufficiently general 16
  • 17. RESTFUL WEB API HTTP METHODS 17
  • 18. RESPONSE CODES • 200 OK • 403 Forbidden • 201 Created • 404 Not found • 202 Accepted • 405 Method not allowed • 204 No content • 409 Conflict • 301 Moved permanently • 410 Gone • 400 Bad request • etc 18
  • 19. GENERAL PRINCIPLES FOR GOOD URI DESIGN • Don't use query parameters to alter state • Don't use mixed-case paths if you can help it; lowercase is best • Don't use implementation-specific extensions in your URIs (.php, .py, .pl, etc.) • Don't fall into RPC with your URIs • Do limit your URI space as much as possible • Do keep path segments short • Do prefer either /resource or /resource/; create 301 redirects from the one you don't use • Do use query parameters for sub-selection of a resource; i.e. pagination, search queries • Do move stuff out of the URI that should be in an HTTP header or a body 19
  • 20. GENERAL PRINCIPLES FOR HTTP METHOD CHOICE • Don't ever use GET to alter state; this is a great way to have the Googlebot ruin your day • Don't use PUT unless you are updating an entire resource • Don't use PUT unless you can also legitimately do a GET on the same URI • Don't use POST to retrieve information that is long-lived or that might be reasonable to cache • Don't perform an operation that is not idempotent with PUT • Do use GET for as much as possible • Do use POST in preference to PUT when in doubt • Do use POST whenever you have to do something that feels RPC-like • Do use PUT for classes of resources that are larger or hierarchical • Do use DELETE in preference to POST to remove resources • Do use GET for things like calculations, unless your input is large, in which case use POST 20
  • 21. GENERAL PRINCIPLES OF WEB SERVICE DESIGN WITH HTTP • Don't put metadata in the body of a response that should be in a header • Don't put metadata in a separate resource unless including it would create significant overhead • Do use the appropriate status code • 201 Created after creating a resource; resource must exist at the time the response is sent • 202 Accepted after performing an operation successfully or creating a resource asynchronously • 400 Bad Request when someone does an operation on data that's clearly bogus; for your application this could be a validation error; generally reserve 500 for uncaught exceptions • 401 Unauthorized when someone accesses your API either without supplying a necessary Authorization header or when the credentials within the Authorization are invalid; don't use this response code if you aren't expecting credentials via an Authorization header. • 403 Forbidden when someone accesses your API in a way that might be malicious or if they aren't authorized • 405 Method Not Allowed when someone uses POST when they should have used PUT, etc • 413 Request Entity Too Large when someone attempts to send you an unacceptably large file 21
  • 22. GENERAL PRINCIPLES OF WEB SERVICE DESIGN WITH HTTP • Do use caching headers whenever you can • ETag headers are good when you can easily reduce a resource to a hash value • Last-Modified should indicate to you that keeping around a timestamp of when resources are updated is a good idea • Cache-Control and Expires should be given sensible values • Do everything you can to honor caching headers in a request (If-None- Modified, If-Modified-Since) • Do use redirects when they make sense, but these should be rare for a web service 22
  • 23. MORE INFORMATION? • http://www.packetizer.com/ws/rest.html • http://home.ccil.org/~cowan/restws.pdf • https://www.ics.uci.edu/~fielding/pubs/dissertation/abstract.htm 23