RESTful
Web Services API
by
D34dMan
Shibin Das
Resources
Glossary
- REST - An architecture
- RESTful - Something that uses REST architecture
- Protocol - Rules of engagement
- Resource - Text, Files, images, (and even actions)
- Methods - Verbs/actions GET, PUT, POST, DELETE
- Resource Format - XML, JSON, YAML
- Resource Authentication - Basic Auth, Cookie, OAuth
Goals
- performance
- scalability,
- simplicity,
- modifiability,
- visibility,
- portability, and
- reliability
Constraints
- Client-server architecture
- Statelessness
- Cacheability
- Layered System
- Code on demand (optional)
- Uniform interface
Types of
Web Services
REST and everything else
aka
REST and rest
Representation
The representation is what a client "sees"
The mechanism that might be used on the server to store, generate, or retrieve the content of that representation can be different (and mostly is).
Stateless
...
Cache
..
Layered
..
- Client controls how the data must be structured
- For traffic/payload optimization
- Versioning
- For frequent and demanding customization
- For "Actions". Excluding CRUD operations on passive data structures.
- Security (for custom resources)
- Through obscurity
- Zero-day tolerant
- Minimal Attack Vectors
Advantages
https://shields.io/endpoint
The Good
Example A : Shields.io
https://bo.wsd.factorial.io/status/df053c72-c6ec-49a0-8a4f-60577c9224f3&style=flat-square&format=percent
The Good
Example A : Shields.io
{
schemaVersion: 1,
label: "WSD Project",
message: "Not Found",
isError: true
}https://bo.wsd.factorial.io/status/df053c72-c6ec-49a0-8a4f-60577c9224f3&style=flat-square&format=percent
The Good
Example A : Shields.io
{
schemaVersion: 1,
label: "WSD Project",
message: "Not Found",
isError: true
}Not so good at...
- For creating generic API's adhering to some open specifications
- For serving multiple clients
- Auto-generating Documentation
- Overhead incurred in maintaining custom implementation