api chaining(tm)

RestFest 2017

orubel@gmail.comOwen Rubel

API Chaining™& API Abstraction

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

What is API Chaining™?

“ API Chaining is a monad allowing a series of api calls to be passed and processed using one REQUEST/RESPONSE.”

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

• Abstraction of Communication Logic/Data from Biz Logic• Internal Redirect Handling in API Service• Separated Communication Data from Communication Logic

Requirements for API Chaining™

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

Understanding API Abstraction

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

“ An API is Standardized Input/Output (I/O) to/from a Separation of Concern (usually being Business Logic).”

In Short :

What Is An API? (1 OF 2)

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

What Is An API? (2 OF 2)

owenr@uw.edu

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

What Is Separation of Concern? (2 of 2)

Bound SecondaryConcern

(Communication Logic)

PrimaryConcern

(Business Logic)

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

“ In computer science, separation of concerns (SoC) is a design principle for separating a computer program into distinct sections, such that each section addresses a separate concern. A concern is a set of information that affects the code of a computer program” (ex HTML, CSS, JS)

- Source : Separation Of Concern, Wikipedia

What Is Separation of Concern?

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

API Pattern in Distributed Architecture

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

API Pattern in Distributed Architecture

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

API Pattern in Distributed Architecture

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

“Cross-cutting concerns can be directly responsible for tangling, or system inter-dependencies, within a program. Because procedural and functional language constructs consist entirely of procedure calling, there is no semantic through where two goals (the capability to be implemented and the related cross-cutting concern) can be addressed simultaneously.[3] As a result, the code addressing the cross-cutting concern must be scattered, or duplicated, across the various related locations, resulting in a loss of modularity.[2]”

- Source : Cross Cutting Concern, Wikipedia

What is a Cross Cutting Concern?

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

• Synchronization • Real-time constraints• Error detection and correction• Product features• Memory management• Data validation • Persistence • Transaction processing• Internationalization and localization which includes

Language localisation• Information security• Caching• Logging • Monitoring• Business rules • Code mobility• Domain-specific optimizations

Issues of a Cross Cutting Concern

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

This is The API Patterns Brick Wall

Brick Wall

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

So How Do We Fix?

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

Old API Pattern in MVC

redirect/response

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

New API Pattern in MVC

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

Shared I/O State In Distributed Architecture

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

This handles the Redirect and allows communication to take place internally when

needed…

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

This allows:

• Central Piece of architecture (where REQUEST AND RESPONSE are handled) to be ‘Single Version of Truth’ (SOV) called ‘IO State’

• All services can sync data from SOV • Failure of SOV DOES NOT affect synchronization of data • Reload state on the fly at SOV and update ALL subscribed services

Shared IO State

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

So What Is IO State?

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

What is IO State?

• Caches Communications Data • Synchronizes Architectural Props (distribute rules of communication) • Handles API Authorizations (access for communication) • Api Docs Definitions (how to communicate)

I/O State is data directly related to a request/response, normally separated from functionality. Handles all data associated with communication and communication access

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

What Does IO State Contain

•Data specifically related to I/O (request/response); not data related to function (ie, errors, how to process, etc).all the data contained in annotations act as rules associated with the URI endpoint (not URL or the FQDN)

•by containing all those rules in one file and caching that data, we can share it with the other architectural components (and abstract data from functionality)

• this enables us to change it on the fly and reload without having to restart any services allowing subscribed services to get changes pushed to them through web hooks

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

I/O State : Communications Properties

Shared I/O State is ‘IO State’ data unbound from functionality so that it can be shared across architectural components. This is the approach used by distributed architectures.

Bound I/O State is ‘I/O State’ data bound to functionality which cannot be shared or synchronized with additional architectural components creating an ‘architectural cross cutting concern’. This is commonly found in centralized architectures.

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

So How Do We Fix?

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

Shared I/O State

• DOESN’T bind to the application• DOESN’T bind to functionality• DOESN’T bind to a resource

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

What Does It Look Like?

Title Text

https://gist.github.com/orubel/7c4d0290c7b8896667a3

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

• RAML, OpenAPI, Swagger, API BluePrint• not role based; endpoints need to be checked via token roles• limited to CRUD-based REST of 4 calls per class• duplicitous; lack of separation• Confuses API data with functionality

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

• Dramatic Code reduction By Reducing Duplication • Automation of nearly all aspects of API • 0% downtime for changes to endpoint data and rules • New API Patterns (ie API Chaining (tm) )

What Does It Improve?

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

Code Reduction (1 of 2)

Controller : Mixed Concerns (Duplication)@Secured(['ROLE_ADMIN', ‘ROLE_USER'])@RequestMapping(value="/create", method=RequestMethod.POST)@ResponseBodypublic ModelAndView createAddress(){ List authorities = springSecurityService.getPrincipal().getAuthorities() User user if(authorities.contains(‘ROLE_ADMIN’)){

if(params.id){ user = User.get(params.id.toLong())

}else{ render(status:HttpServletResponse.SC_BAD_REQUEST)

} }else if(authorities.contains(‘ROLE_USER’)){

user = User.get(principal.id) } Address address = new Address(params) … address.user = user …

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

Code Reduction (2 of 2)

Controller : Single Concernpublic ModelAndView createAddress(){ User user= (params.id)?User.get(params.id.toLong()): User.get(principal.id) Address address = new Address(params) address.user = user … }

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

This allows for new Patterns like API Chaining™…

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

• Post Chain• GET > GET > (PUT/POST/DELETE)

• Pre Chain• (PUT/POST/DELETE) > GET > GET

• Blank Chain• GET > GET > GET

Three types of Chains

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

What data is sent for a chain

API Chain Data

{ <put/post data (if applicable)>, chain:{ key:dept_id, combine:'false', type:'postchain', order:{dept/show:company_id,company/update:return} } }

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

Chain Examples

GET Chain Example

PUT Chain Examplecurl -v -i -H "Content-Type: application/json" -H "Authorization: Bearer <token>" --request PUT -d " {'testdata':'testamundo','chain':{'key':'sectionId','combine':'false','type':'postchain','order':{'section/get':'id','section/update':'return'}}}" "http://localhost:8080/c0.1/post/show/1"

curl -v -i -H "Content-Type: application/json" -H "Authorization: Bearer <token>" --request GET -d " {'chain':{'key':'Id','combine':'false','type':'blankchain','order':{'postTopic/showByTopic':'postId','post/show':'return'}}}" "http://localhost:8080/c0.1/topic/show/1"

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

More documentation on API Chaining

API Chaining™ Documentation

http://orubel.github.io/Beapi-API-Framework/chain.html

Title Text

RestFest 2017

orubel@gmail.comOwen Rubel

DEMO

RestFest 2017

orubel@gmail.comOwen Rubel

Questions?

(please contact for business opportunities or hiring)