rest – theory vs practicejaoo.dk/dl/jaoo-aarhus-2009/slides/mikeamundsen_and_subbuallam… ·...
TRANSCRIPT
10/06/2009 1
REST–TheoryvsPractice
SubbuAllamarajuMikeAmundsen
AbouttheSpeakers
SubbuAllamaraju Architect,Yahoo! Webservicesstandards/practicesatYahoo! Builtwebportals,andweb/WSservices(SOAPkind)frameworks(BEASystems)
MikeAmundsen IndependentConsultant .NET Long‐timeRESTafarian
10/06/2009 2
10/06/2009 3
RESTfulWebServicesCookbookO’Reilly,March2010
Objectives
RESTissetofconstraintsandnotrules Knowinglyrelaxconstraints Workwiththeplumbing Applysoundsoftwareengineering
10/06/2009 4
RESTasExplained
1. Identifyresources2. GiveaURItoeveryresource3. Designrepresentationsforresources4. Operateusingauniforminterface5. Usehypermediaastheengineofapplication
state
10/06/2009 5
10/06/2009 6
AddressBook1.0
BuildaRESTfuladdressbook
GET /user/subbu/address/{id}Host: ex.org
200 OK ...PUT /user/subbu/address/{id}Host: ex.orgIf-Match: xyz
200 OK ...
POST /user/subbu/address-bookHost: ex.org
201 Created ...
Address Collection Resource
Address Resource
DELETE /user/subbu/address/{id}Host: ex.orgIf-Match: xyz
200 OK ...
10/06/2009 7
<address> <link rel=“http://ex.org/rel/person” href=“http://ex.org/mike”/> <street>...</street> <city>...</city> ...</address>
10/06/2009 8
<address-book> <link rel=“http://ex.org/rel/owner” href=“http://ex.org/subbu”/> <link rel=“next” href=“http://ex.org/subbu/address-book?p=2/”/> <address>...</address> <address>...</address> ...</address-book>
GET /user/subbu/address/{id}Host: ex.org
200 OK ...PUT /user/subbu/address/{id}Host: ex.orgIf-Match: xyz
200 OK ...
POST /user/subbu/address-bookHost: ex.org
201 Created ...
Address Collection Resource
Address Resource
DELETE /user/subbu/address/{id}Host: ex.orgIf-Match: xyz
200 OK ...
ResourcesURIs
Uniforminterface
10/06/2009 9
✔
✔
✔
<address> <link rel=“http://ex.org/rel/person” href=“http://ex.org/subbu”/> <street>...</street> <city>...</city> ...</address>
10/06/2009 10
<address-book> <link rel=“self” href=“http://ex.org/subbu/address-book”/> <link rel=“next” href=“http://ex.org/subbu/address-book?p=2/”/> <address>...</address> <address>...</address> ...</address-book>
4 Representations
5 Applicationstate
10/06/2009 11
Visibility
StatelessInteractions
UniformInterface
Self‐Describing
HTTPgoodies–caching,optimisticconcurrency,conneg,monitoring,analytics+others
10/06/2009 12
AddressBook1.1
[UC]Supportaddressbooksyncformobileusers
GET /user/subbu/address-book
ForeachaddressinthecollectionComparelocalcopy
PUT if different
DELETE if missing
POST if new
Address Collection Resource
Address Resource
Address Collection Resource
10/06/2009 13
10/06/2009 14
Visibility
SeparationofconcernsNetworkefficiency
10/06/2009 15
POST /user/subbu/address-book/mergeHost: ex.orgContent-Length: xxxContent-Type: application/xml;charset=UTF-8
<address-book> <address>...</address> <address>...</address> ...</address-book>
303 See OtherLocation: http://ex.org/user/subbu/address-book
BetterMerge
10/06/2009 16
POST /user/subbu/address-book/mergeHost: ex.orgContent-Type: application/xml;charset=UTF-8
<address-book> <address>...</address> <address>...</address> ...</address-book>
303 See OtherLocation: http://ex.org/user/subbu/address-book
? Reducedvisibility
✔ Betterseparationofconcerns
✔ Efficientnetworkuse
NetworkEfficiency
SeparationofConcerns
AtomicityandConcurrency
Protocol‐levelVisibility
Infrastructuresupport
Tradeoffs
10/06/2009 17
10/06/2009 18
TakeaStepBack
1.EverythingattheendofaURIisaresource
Some“things”
“person”, “address book”
andsomenon‐“things”
“merge address book”, “reserve”, “cancel”, “compute distance”, “reimage the virtual machine”
10/06/2009 19
2.UsePOSTwhenindoubt
10/06/2009 20
GET Safe +IdempotentPUT Unsafe +IdempotentDELETE Unsafe +IdempotentPOST Unsafe +Non‐Idempotent
AllbetsareoffwithPOSTPOSTlimitsdamage
3.Don’ttunnelusingPOST
10/06/2009 21
POST /address-book
Mergeanaddressbook?Fixduplicates?Orsomethingelse?
Tunneling=Backtodarkages
10/06/2009 22
ProxyServer
WebServer
Browser(JSClient)
Dev:“WeshouldfindawaytomakeREST'faster'and/orprovidebatchingsupport”
Thisisnota“pedantic”pointofview
10/06/2009 23
ProxyServer
WebServer
Browser(JSClient)
Batch“endpoint”
POST /batchHost: ex.orgContent-Length: xxxContent-Type: application/xml;charset=UTF-8
<batch> <request method=“PUT” uri=“/addr”>...</request> <request method=“GET” uri=“/poi”>...</request> <request method=“GET” uri=“/deals”>...</request> </batch>
Abenignsolution?
10/06/2009 24
WebServer
Browser(JSClient)
ProxyServer
WebServer
Browser(JSClient)
BadGuy
Batch“endpoint”
ProxyServer
10/06/2009 25
POST /updateAddressGetPoiDealsHost: ex.orgContent-Length: xxxContent-Type: application/xml;charset=UTF-8
<address> ...</address>
CreateapplicationspecificresourceswithdistinctURIs
POST /batchHost: ex.orgContent-Length: xxxContent-Type: application/xml;charset=UTF-8
<batch>...</batch>✗
✓
4.BecreativewithURIs
FixedandknownURIs(CoolURIs)http://ex.org/user/subbu
ResourceswithmanyURIshttp://ex.org/user/1234/profile;t=3231231dasdhttp://ex.org/user/1234/profile;t=3da8432stgs
EphemeralURIs(UncoolURIs)http://ex.org/act/4567/status;t=rfdsf3adsd23dashttp://ex.org/act/transfer?f=12&t=32&sig=a359d72d424cbd913686435bc6e7e372
10/06/2009 26
5.IDsarenotbad,butURIsarebetter
10/06/2009 27
Howmuch“hyper”media?Shouldyoucare?
PerformanceLoosecoupling
Separationofconcerns
Appcomplexity
10/06/2009 28
<album>
<photoid=“1234”>...</photo>
<photoid=“5678”>…</photo></album>
<albumxml:base=“http://ex.org”>
<photo>
<linkhref=“/photo/1234”/>...</photo>
<photo>
<linkhref=“/photo/5678”/>...
</photo>
</album>
Bad?
Good?
10/06/2009 29
Scheduleinterview
Enterfeedback
Hire
Nohire
Enterreferencechecks
Candidate
Candidate
Candidate
10/06/2009 30
GET /transfer/token?from=1234&to=5678Host: ex.org
200 OK Content-Type: application/xml;charset=UTF-8
<token> <link rel=“http://ex.org/rels/transfer” href=“http://ex.org/transfer;9ihrdsadas”/> <from> <balance>...</balance> </from> <to> <balance>...</balance> </to> </token>
10/06/2009 31
URIdecoupling *****
Applicationflow *****
Opaqueapplicationstate *****
6.Managingconcurrency
10/06/2009 32
GET /subbu/address/1
200 OK Date: Mon, 28 Sep 2009 14:30:53 GMT Etag: “8cf498a1ca3ceb67fe50d401d4759e34” Last-Modified: Mon, 28 Sep 2009 01:30:53 GMT Cache-Control: public,max-age=3600
<address>...</address>
PUT /subbu/address/1If-Unmodified-Since: Mon, 28 Sep 2009 14:30:53 GMTIf-Match: “8cf498a1ca3ceb67fe50d401d4759e34”
412 Precondition Failed
10/06/2009 33
GET /acct/1234
200 OK ETag: "f091aae21b44c71:6b9" Content-Type: application/xml;charset=UTF-8
<account> ... </address>
GET /acct/5678
...
POST /transferHost: ex.orgContent-Type: application/x-www-form-urlencoded
amount=1000&from=1234&to=5678...
10/06/2009 34
GET /acct/1234
200 OK ETag: "f091aae21b44c71:6b9" Content-Type: application/xml;charset=UTF-8
<account> ... </address>
GET /acct/5678
...
POST /transferHost: ex.orgContent-Type: application/x-www-form-urlencoded
amount=1000&from=1234&to=5678...
✗ Noconcurrencycontrol
GET /transfer/token?from=1234&to=5678Host: ex.org
200 OK Content-Type: application/xml;charset=UTF-8
<token> <link rel=“http://ex.org/rels/transfer” href=“http://ex.org/transfer;9ihrdsadas”/> <from> <balance>...</balance> </from> <to> <balance>...</balance> </to> </token>
10/06/2009 35
POST /transfer/token;9ihrdsadasHost: ex.orgContent-Type: application/x-www-form-urlencoded
amount=1000
201 Created Location: http://ex.org/transfer/1234 Content-Type: application/xml;charset=UTF-8
<transfer> <created>2009‐09‐30T15:00:00Z</created> <from> <balance>...</balance> </from> <to> <balance>...</balance> </to> </transfer>
10/06/2009 36
✔ Concurrencycontrol
7.Cachingisnotperfect
10/06/2009 37
HTTPServerCacheClient Data
Ideal–perfectlyvisible
10/06/2009 38
Otherapps
HTTPServerCacheClient
Data
Data
Data
Client
CacheClient Cache
10/06/2009 39
Everyrowisaresource
10/06/2009 40
Overlappingdata
10/06/2009 41
Someresourcesarelikehomepages
10/06/2009 42
Noconditionalreads
Nowritesonoverlappingresources
Acceptstaleness
Conclusion
Focusontradeoffs Relaxconstraintsjudiciously,butnotaccidentallyorbyignorance
PutHTTPanditsplumbingtogooduse
10/06/2009 43
8.URIsforExtensibilityandVersioning
10/06/2009 44
HTTPmethodsarefixed
Newheadersmaygetdropped
Plumbingmaynotdifferentiatebetweenmediatypes
URIsareyourbestbet
9.FocusonDesignTimeDiscovery
Runtimediscoveryworksgreatforbrowsers+humans,notformachineclients
Developersneeddesign‐timeinformation LeverageOPTIONSandconventionswheneverpossible
10/06/2009 45
Developersneeddesign‐timeinfo
Allresourcesandmethodssupportedforeach Mediatypesandrepresentationsforrequestsandresponses
Linkrelations,descriptions,expectedresources,mediatypes
AnyfixedURIsnotavailablevialinks QueryparametersforfixedURIs URItemplatesandtokenparsingrules
10/06/2009 46