Post on 05-Jul-2015
description
WebApp : A Beginner's Guide to REST API
0. HTTP
HTTP ?
L'HyperText Transfer Protocol, plus connu sous l'abréviation HTTP est un protocole de communication client-serveur développé pour le World Wide Web.Source : wikipedia.org
Requête HTTP ?
Méthode + UrlGET
POST PUT DELETE
http://www.google.fr
Url ?
Le sigle URL (Uniform Resource Locator) désigne une chaîne de caractères utilisée pour adresser les ressources du World Wide Web : document HTML, image, sons .…Source : wikipedia.org
Url ?
http://www.thecorneliusclub.com/app/courses/developpeur-web-101
Protocole
Sous-domaine
Nom de domaine
Nom de la ressource
Client HTTP ?
WGETcURL
Serveurs HTTP ?
1. HTTP & WebApp
Application web classique
Utilisateur InternetClient http
Serveur physique
http://thecorneliusclub.com Requête http
Requête http
SQL Document
Données
WebApp & backend (1)
App mobile
Website
Service tiers
Requête http
Backend 1
Backend 2
Backend 3
Requête http
JSON / XML
Requête http
JSON / XML
WebApp & backend (1)
App mobile
Website
Service tiers
Requête http
Backend 1
Backend 2
Backend 3
Requête http
JSON / XML
Requête http
JSON / XML
Impossible à
maintenir !
WebApp & backend (2)
App mobile
Website
Service tiers
Requête http
Backend
Requête http
JSON / XML
Requête http
JSON / XML
WebApp & backend (2)
App mobile
Website
Service tiers
Requête http
Backend
Requête http
JSON / XML
Requête http
JSON / XML
Architecture trop
complexe !
WebApp & backend (3)
App mobile
Website
Service tiers
Requête http
API
Requête http
JSON / XML
Requête http
JSON / XML
JSON / XML
API ?
An API, or Application Programming Interface, at its most fundamental level, is how software applications to talk to each other using the Internet. An API allows you to open up data and other digital resources, to public developers, businesses, or even between departments and locations within a company.Source : http://apievangelist.com
2. REST
REST ?
Representational state transfer (REST) is an abstraction of the architecture of the World Wide Web; more precisely, REST is an architectural style consisting of a coordinated set of architectural constraints applied to components, connectors, and data elements, within a distributed hypermedia system. REST ignores the details of component implementation and protocol syntax in order to focus on the roles of components, the constraints upon their interaction with other components, and their interpretation of significant data elements.Source : http://en.wikipedia.org
Client–server-
Stateless-
Cacheable-
Layered system-
Uniform interface
Architectural constraints
Uniform interface (1)
Identification of resourcesIndividual resources are identified in requests, for example
using URIs in web-based REST systems.
Manipulation of resourcesWhen a client holds a representation of a resource, including any metadata attached, it has enough information to modify
or delete the resource.
Uniform interface (2)
Self-descriptive messagesEach message includes enough information to describe how to
process the message.
HATEOASA REST client needs no prior knowledge about how to interact
with any particular application or server beyond a generic understanding of hypermedia.
3. Mise en pratique
REST & URLs (1)
/coursCollection d’éléments
REST & URLs (2)
/cours/webdesignElément d’une collection
REST & HTTP methods (1)
POSTGETPUTDELETE
CréerLireModifierSupprimer
REST & HTTP methods (2)
Ressource POST GET PUT DELETE
/cours Créer un nouveau cours
Liste de tous les cours
Modifier tous les cours
Supprimer tous les cours
/cours/webdesign ERROR
Afficher le cours
webdesign
Modifier le cours
webdesign
Supprimer le cours
webdesign
HATEOAS
/cours/webdesign/chapitresAssociations
Paramètres (1)
/cours?limit=10&offset=50Pagination
Paramètres (2)
/search?q=uxRecherche
4. Tools & Best Practices
Versioning
/v1/cours
Limiter les champs
/cours?fields=id,name
Format
JSON
HTTP codes (1)
200 OKResponse to a successful GET, PUT, PATCH or DELETE.
201 CreatedResponse to a POST that results in a creation. Should be combined with a
Location header pointing to the location of the new resource
204 No ContentResponse to a successful request that won't be returning a body (like a
DELETE request)
Source : http://www.vinaysahni.com/best-practices-for-a-pragmatic-restful-api
HTTP codes (2)
400 Bad Request The request is malformed, such as if the body does not parse
401 UnauthorizedWhen no or invalid authentication details are provided. Also useful to trigger an auth
popup if the API is used from a browser
403 ForbiddenWhen authentication succeeded but authenticated user doesn't have access to the
resource
404 Not FoundWhen a non-existent resource is requested
405 Method Not Allowed When an HTTP method is being requested that isn't allowed for the authenticated user
Source : http://www.vinaysahni.com/best-practices-for-a-pragmatic-restful-api
Error
HTTP Code AND message
Debug
https://chrome.google.com/webstore/detail/advanced-rest-client/
hgmloofddffdnphfgcellkdfbfbjeloo
5. Security
Merci pour votre attention.
Bibliographie (1)
Demystifying REST - Jeffrey Way http://code.tutsplus.com/tutorials/demystifying-rest--pre-58000
A Beginner's Guide to HTTP and REST - Ludovico Fischer http://code.tutsplus.com/tutorials/a-beginners-guide-to-http-and-rest--net-16340
RESTful API Design: Teach a Dog to REST - Brian Mulloy https://blog.apigee.com/detail/restful_api_design
Best Practices for Designing a Pragmatic RESTful API - Vinay Sahni http://www.vinaysahni.com/best-practices-for-a-pragmatic-restful-api
RESTful Web APIs - Sam Ruby, Michael Amundsen & Leonard Richardson http://www.amazon.fr/RESTful-Web-APIs-Leonard-Richardson-ebook/dp/B00F5BS966/ref=sr_1_5?