Enterprise Java Development@TOPIC@
Architectural Style for creating web services
Provide interoperability between computer systems on the Internet
Uses a uniform and predefined set of stateless operations
Defined in 2000 by Roy Fielding in his doctoral dissertation that was also used to design HTTP 1.1 [11]
REST officially contains much more than most interface designs use
Leads to some common questions
"What is your definition of REST?"
"How RESTful are you?"
Common "REST-like" architectures are based on a few main principals
HTTP Protocol
Resources
URIs
Standard HTTP Method Vocabulary
Helps leverage HTTP Internet caches
Standard Content Types
Links somewhat used
Rarely opaque and rarely discovered -- especially within payload body
Clients commonly construct URI links from ID responses and knowledge of API
Uncommon REST features adopted
Dynamic discovery of resource capabilities
Level 0 - Using HTTP soley as a transport
Level 1 - Using Resources
Level 2 - Using HTTP Methods
Level 3 - Using Hypermedia Controls
Previous commmunications protocols attempted to be transport agnostic
CORBA mapped to HTTP, JMS, etc.
Everything used an HTTP POST when mapped to HTTP protocol
Other HTTP verbs (e.g., GET, DELETE, PUT, HEAD) not used
Bypassed built-in HTTP capabilities (e.g., caching) of the Internet
REST technically does not exist outside of the HTTP transport protocol
Everything is expressed in HTTP-terms
REST APIs leverage the world's investment into Internet communications
An asset to be exposed to the web
Document
Set of properties
Action or Activity -- even verbs can be treated as nouns
(nearly anything)
Web has limited number of methods but can have an unlimited number of resources
Example Resources
products
categories
customers
todos
Resources can be nested
categories(id).products *
customers(id).purchases *
todos(name).items *
* Conceptual representation
An address (of varying detail) to access a particular resource
Technically, URIs can be either URNs or URLs
Uniform Resource Name [13]
Resource identity
Globally unique
Example:
urn:info.ejava.products:1 <core xmlns="urn:activemq:core">
Uniform Resource Locator [14]
Resource's location on a network
Contains protocol information -- "how to get it"
Example:
http://127.0.0.1/jaxrsInventoryWAR/api/products/1 https://127.0.0.1/jaxrsInventoryWAR/api/products/1 ftp://127.0.0.1/info.ejava.products:1
Commonly -- URIs are a partial URL
Commonly lack protocol and physical location
Relative to some point in the application
Example:
/jaxrsInventoryWAR/api/products/1 /api/products/1 products/1
Example resource collection URI
/api/products /api/categories /api/customers /api/todo_lists
Example individual resource URIs (with mandatory path {parameter}s
/api/products/{productId}
/api/categories/{categoryId}
/api/customers/{customerId}
/api/customers/{customerId}/sales
Example nested resource URIs
/api/products/{productId}/instructions
/api/categories/{categoryId}/products
/api/customers/{customerId}/purchases
/api/todo_lists/{listName}/todo_items
URIs may express variable parameters
Use query parameters for optional variables
http://127.0.0.1:8080/jaxrsInventoryWAR/api/categories?name=&offset=0&limit=0
Nested path parameters may express mandatory variables
http://127.0.0.1:8080/jaxrsInventoryWAR/api/products/{id}
http://127.0.0.1:8080/jaxrsInventoryWAR/api/products/1
id=>1
URI naming conventions
Use a plural name for resource collections
/api/todo_lists
Use an ID below the plural resource collection to refer to a specific resource
/api/todo_lists/{listName}
Bounded Set
provides "uniform interface" across all resources
Primary Set of Methods
GET - non-destructive read
POST - create and other methods
PUT - create or update
DELETE - delete
Secondary Set of Methods
HEAD - a GET without the data - metadata only
OPTIONS - lists which methods supported
Example: Get Product ID=1
GET http://127.0.0.1:8080/jaxrsInventoryWAR/api/products/1
Does the method change the state of the resource?
Safe Methods
GET
HEAD
OPTIONS
Unsafe Methods
POST
PUT
DELETE
Internet communications is based upon the above method saftey expectations, but these are just definitions. You have the power to implement resource methods any way you wish. However, avoid violating these method expectations -- or your API will not be immediately understood and will render built-in Internet capabilities (e.g., caches) useless. The following are examples of what *not* to do:
GET /jaxrsInventoryWAR/api/products/1?command=DELETE
POST /jaxrsInventoryWAR/api/products/1
content: {command:'getProduct'}
Design goal for each method implementation -- regardless of "safety"
Method will result in the same resource ending state no matter how many times executed
POST /api/todo_lists -- create a new and specific TodoList
PUT /api/todo_lists/bills -- update/replace existing TodoList
DELETE /api/todo_lists/bills
Idempotent methods
GET
PUT
DELETE
OPTIONS
HEAD
Non-Idempotent method(s)
POST
The standard convention of Internet protocol is that all methods except for POST are assumed to be idempotent. That means a page refresh for a page obtained from a GET gets immediately refreshed and a warning dialogue is displayed if it was the result of a POST.
Standardized
2xx - success
3xx - success/redirect
4xx - client error
5xx - server error
Common Set
200 - OK
"We achieved what you wanted and might have previously did this"
201 - CREATED
"We did what you asked and a new resource was created"
204 - NO_CONTENT
"Just like a 200 with an empty payload, except the status makes this clear"
400 - BAD_REQUEST
"Your request is invalid and will never be accepted -- stop it"
401 - UNAUTHORIZED
"We need to know who you are before we do this"
403 - FORBIDDEN
"We know who you are and you cannot say what you just said"
500 - INTERNAL_ERROR
"Ouch! Nothing wrong with what you asked for or supplied, but we currently have issues completing. Try again later and we may have this fixed."
REST-like applications likely stop at providing standard links in HTTP headers
POST http://localhost:8080/ejavaTodos/api/todo_lists
{"name":"My First List"}
=>Created/201
Location: http://localhost:8080/ejavaTodos/api/todo_lists/My%20First%20List
Content-Location: http://localhost:8080/ejavaTodos/api/todo_lists/My%20First%20List
Content-Location - direct URL for the data returned in the payload
Location - a re-direct to a new URL
Result of a new resource being created
Terms "REST" and "RESTful" have a specific meaning defined by Roy Fielding
Very few APIs achieve full REST adoption -- but that is OK!!! -- just call it "REST-like" or "HTTP-based"
Most serious REST-like APIs adopt
HTTP
Multiple Resources
URIs
HTTP-compliant use of Methods
Safety
Idempotent
Minor use of opaque links
[11] "Architectural Styles and the Design of Network-based Software Architectures. Doctoral dissertation", Roy Thomas Fielding, University of California, Irvine, 2000 HTML Version