Duration
1 Day
Outline for Designing REST Services for Architects Training
Chapter 1. REST Services
- Many Flavors of Services
- Understanding REST
- Principles of RESTful Services
- REST Example – Create
- REST Example – Retrieve
- REST Example – Update
- REST Example – Delete
- REST Example – Client Generated ID
- SOAP Equivalent Examples
- REST Example – JSON
- REST vs SOAP Communication
- More REST vs SOAP
- REST vs SOAP Summary
- Famous RESTful Services
- Additional Resources
- Summary
Chapter 2. JSON
- Introduction
- JavaScript Object Notation (JSON)
- JSON Syntax
- How Does JSON Based Communication Work?
- JSON API in HTML5
- How Does JSON Based Communication Work?
- JSON: Server Side
- JSON: Client Side
- JSON-Schema – Introduction
- JSON-Schema – Keywords
- JSON-Schema – Data Types
- JSON – Example
- JSON-Schema – Example
- JSON-Schema – Runtime Usage (Java)
- JSON-Schema Runtime Usage – Node.js
- Summary
Chapter 3. Security for REST Services
- RESTful Web Service API Refresher
- Securing REST Services
- Basic API Authentication w/ TLS
- OAuth1.0a
- OAuth2
- Custom Protocols
- Why use API Keys vs. Username/Password Authentication
- Storing your API Security Key
- Using IDs
- Sessions and URLs
- OAuth2 Overview
- OAuth – Facebook Sample Flow
- OAuth Versions
- OAuth2 Components
- OAuth2 – End Points
- OAuth2 – Tokens
- OAuth – Grants
- Authenticating Against an OAuth2 API
- Authentication using Node.js
- Authentication using Node.js (Contd.)
- OAuth2 Support in Spring Boot
- JSON Web Tokens
- JSON Web Token Architecture
- How JWT Works
- JWT Header
- JWT Payload
- JWT Example Payload
- JWT Example Signature
- How JWT Tokens are Used
- Adding JWT to HTTP Header
- How The Server Makes Use of JWT Tokens
- What are “Scopes”?
- Using JWT with Node.js – Installing and Importing JWT
- Using JWT with Node.js – Sample Service Method
- Using JWT with Node.js – Sample Middleware Method
- Summary
Chapter 4. Designing a RESTful Service
- Introduction
- The Design Methodology
- Ingredients of a Service Operation Interface
- REST Resource
- What Constitutes a REST Resource
- Resource Identifiers
- REST Resource Naming Best Practices
- Parameters
- HTTP Methods
- HTTP Headers
- MIME Types
- API Response Codes
- Example Operation Interface Document
- Formal (Machine-Readable) Specifications
- Formal (Machine-Readable) Specifications (cont'd)
- Data Modeling - BEFE
- Data Modeling (cont'd)
- Data Modeling - Back-End
- Canonical Data Model
- Canonical Data Model vs. Message Model
- RESTful Message Model
- Practicality of the Canonical Data Model
- Developing the Message Model
- Summary
Chapter 5. Soft Considerations in API Design
- Introduction
- Beyond Technical Issues
- Design Considerations for RESTful API
- Design Considerations for RESTful API (cont'd)
- Working on a Network is Different
- The Eight Fallacies of Distributed Computing
- The Eight Fallacies of Distributed Computing (cont'd)
- The Network is Not Reliable
- Latency is Not Zero
- Latency Varies Inside the Architecture
- Latency Impact on API Design
- The Network is Not Secure
- Bandwidth is Not Infinite
- Other Considerations - The Consumer
- Example: A Project Time Tracker
- Example 1
- Example 2
- Ease of Using the Message Data
- Usability vs Extensibility
- Going Too Far for the Client
- Other Considerations - Extensibility
- YAGNI
- Other Considerations - Error Handling and Idempotency
- HTTP and Idempotency
- Universally Unique Identifiers
- Bulk Operations and Large Responses
- Bulk Operations
- Bulk Operations (cont'd)
- Batch Protocols
- Large Queries
- Large Queries (cont'd )
- Summary
Chapter 6. Swagger
- Swagger / OpenAPI
- Swagger / OpenAPI Tools
- Swagger Editor
- YAML Basics
- OpenAPI Specification – Minimal Specification
- Operation Specification - Example
- Adding Parameters to the Operation
- Adding a Path Parameter to the Operation
- Defining a body Parameter
- Creating Reusable Data Model
- Reusing the Data Model
- Creating Reusable Parameters
- Reusing the Parameters
- Generating Server / Client Code
- Swagger UI – Introduction
- Swagger UI - Generating REST API Documentation
- Summary
Chapter 7. Manually Test REST API
- Introduction to RESTful Testing
- API Testing Tools
- API Testing with Postman
- Postman – Posting Data
- Postman – Response
- API Testing with cURL
- Using cURL - Basics
- Curl – POST
- Performing PUT & DELETE Operations
- Introduction to Advanced REST Client
- Summary
Lab Exercises
Lab 1. A Simple RESTful API in Spring Boot
Lab 2. JSON
Lab 3. OAuth2
Lab 4. Swagger / OpenAPI Specification
Lab 5. Manually Test an API