consuming rest in .net
TRANSCRIPT
![Page 1: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/1.jpg)
CONSUMING REST IN .NETBy Aaron Stannard
http://www.aaronstannard.com/
@Aaronontheweb
Microsoft - Startup Developer Evangelist
![Page 2: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/2.jpg)
Table of Contents• REST 101
• Background of REST• Consuming RESTful APIs• RESTful Principles
• Security• Transport Security• Authentication• Authorization• Anti-Patterns
• REST in .NET• RestSharp• Hammock REST
![Page 3: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/3.jpg)
REST is Everywhere
![Page 4: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/4.jpg)
REST
•Representational•State•Transfer
![Page 5: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/5.jpg)
REST at a Glance
•REST is not a standard•It's an architecture
![Page 6: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/6.jpg)
Consuming RESTful APIs
REST Clients Network REST Endpoint
web method call(HTTP verb + URI)
serialized entity(MIME type)
somethingAWESOME
![Page 7: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/7.jpg)
RESTful Principles
•Identifiable Resources•Manipulation of Resources•Self-Descriptive Messages•Hypermedia is the Engine
![Page 8: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/8.jpg)
RESTful APIs
http:// api.twitter.com/v2/statuses/home_ timeline.json?arg1={...}
Authority
http:// api.twitter.com/
Version
v2/
Method
statuses/home_ timeline.json
Parameters
?arg1={...}
![Page 9: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/9.jpg)
RESTful Resources• Authentication Resources
• Auth Tokens, Username / Password pairs
• Data Resources• Personal Data, Public Data, GeoData, etc...
• Service Resources• API Keys, Endpoints, etc...
![Page 10: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/10.jpg)
Manipulation of Resources
RESTful Web Service HTTP methods
GET PUT POST DELETE
Collection URI , such ashttp:// example.com/resources/
List URIs ofcollection
Replace currentcollection with
another
Add new itemto existingcollection
Delete entirecollection
Element URI , such ashttp:// example.com/resources/142
List givenelement incollection
Update theexisting elementor create it if itdoes not exist.
Treat elementas though it's acollection andadd a newmember.
Delete element
Unapologetically stolen from Wikipedia: http:// en.wikipedia.org/wiki/REST#RESTful_web_services
![Page 11: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/11.jpg)
Self-Descriptive Messages<photos page="2" pages="89" perpage="10" total="881">
<photo id="2636" owner="47058503995@N01"secret="a123456" server="2" title="test_04"ispublic="1" isfriend="0" isfamily="0" />
<photo id="2635" owner="47058503995@N01"secret="b123456" server="2" title="test_03"ispublic="0" isfriend="1" isfamily="1" />
<photo id="2633" owner="47058503995@N01"secret="c123456" server="2" title="test_01"ispublic="1" isfriend="0" isfamily="0" />
<photo id="2610" owner="12037949754@N01"secret="d123456" server="2" title="00_tall"ispublic="1" isfriend="0" isfamily="0" />
</photos>
![Page 12: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/12.jpg)
Security!!
![Page 13: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/13.jpg)
Security in RESTful APIs• Transport Security
• SSL
• Message Security• Encryption (Optional)
• Authentication• Tokens• Signing Messages
• Authorization• Controlled by Service
![Page 14: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/14.jpg)
Authentication FlavorsFlavors of Authentication in REST
No-Auth Basic AuthToken-based
AuthPayola-Auth
ANARCHY!(Public Data)
Store andTransmit
Username +Password
RetrieveToken fromService in
Lieu ofUsername +
Password(OAuth)
API Key only,but app
author getsbilled per use.
![Page 15: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/15.jpg)
Authentication ExamplesExamples of Authentication in REST
No-Auth Basic AuthToken-based
AuthPayola-Auth
Twitter Search,YouTube Search,
SlideShareSearch
SlideShare,del.icio.us (old)
Facebook,Twitter, Flickr,
YouTube
Bing Maps,SimpleGeo
![Page 16: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/16.jpg)
Spot the Anti-Pattern
![Page 17: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/17.jpg)
OAuth 1.0
USER CLIENT SERVICE
User initiatesclient
Client requestsRequest Token from
Service
Service grantsrequest token
Client directs user toservice login page
User providesservice with login
credentials
Service verifieswhether or not theclient's credentials
are valid
Service directs userback to clientresource URI
Client requestsaccess token from
service
Service grantsaccess token
Client and User cannow access protectedresources on Service
(VICTORY!!!)
![Page 18: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/18.jpg)
OAuth 2.0
USER CLIENT SERVICE
User initiatesclient
Client directs user toservice login page
User providesservice with login
credentials
Service verifieswhether or not theclient's credentials
are valid
Service redirects Userto Client URI with
exchange code in querystring parameters
Client initiatesrequest to swap
exchange token foraccess token
Service grantsexchange token
Client and User cannow access protectedresources on Service
(VICTORY!!!)
![Page 19: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/19.jpg)
Consuming REST in .NET• RestSharp
• http://restsharp.org
• Hammock REST• http://hammock.codeplex.com/
![Page 20: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/20.jpg)
Using Wrapper Libaries• Automate Some Tasks
• Deserializing responses into objects• Managing request life-cycles
• Simplify others• OAuth Workflow• Handling service errors
![Page 21: Consuming REST in .NET](https://reader034.vdocument.in/reader034/viewer/2022052321/554f6d77b4c9058a148b5058/html5/thumbnails/21.jpg)
CODE