SlideShare ist ein Scribd-Unternehmen logo
1 von 140
Downloaden Sie, um offline zu lesen
HATEOAS 101
An Opinionated Introduction




Brian Mulloy                   Apigee
@landlessness                 @apigee
groups.google.com/group/api-craft
youtube.com/apigee
New!

       IRC Channel
         #api-craft
        on freenode
WARNING: The author may betray a bias against
the application of REST constraints to web APIs.
What is HATEOAS?
HATEOAS 101 - Opinionated Introduction to a REST API Style
Hypermedia As The Engine Of Application State
Let’s put HATEOAS in the full context of REST.
The Constraints of REST
1.   Client-server
2.   Stateless server
3.   Cache
4.   Uniform interface
     a.   Identification of resources
     b.   Manipulation of resources through representations
     c.   Self-descriptive messages
     d.   Hypermedia as the engine of application state
5. Layered System
6. Code-On-Demand (optional)
Let’s break it down.
The first three constraints…
1. Client-server
2. Stateless server
3. Cache
…give us the client-cache-stateless-server web architecture.
client



cache
          Each request
          must contain
         all information.     No stored
                            context on the   stateless
                               server.        server

           Client has the
           right to reuse
client    response data.




cache
(we’ll come back to the 4th constraint)
The 5th constraint, Layered System, lets us add
features like a gateway, load balancer and firewall.
Each layer                       Layers can encapsulate
provides services                   legacy services & protect
                                    new services from legacy     stateless
to it’s neighbors.
                                             clients.             server




                                                        load     stateless
  client               firewall     gateway
                                                      balancer    server




                       Each layer cannot                         stateless
                       "see" beyond it’s                          server
                     immediate neighbor.
The optional 6th constraint, Code-on-Demand, allows the
client to request code from the server & execute it.
Add features to a
          deployed client, which
          provides for improved
             extensibility and
              configurability


client

                                   stateless
                                    server
code




         Better user-perceived
           performance and
               efficiency
Now lets tackle the 4 parts of the 4th constraint,
Uniform Interface
With help from the Twitter UI.
a. Resource Identifier identifies the particular resource
involved in an interaction between components.
http://twitter.com/#!/jack/status/20
b. Resource Representation represents the state of a
resource for transfer between components.
<!DOCTYPE html>
<html data-nav-highlight-class-name="highlight-global-nav-home">
  <head>
    <title>Twitter</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta charset="utf-8" />
    <meta name="description" content="Instantly connect to what&#39;s most important to
you. Follow your friends, experts, favorite celebrities, and breaking news." />
  <link rel="dns-prefetch" href="http://a0.twimg.com"/>
  <link rel="dns-prefetch" href="http://api.twitter.com"/>
<script type="text/javascript" charset="utf-8">
  document.domain = 'twitter.com';
  // this will be copied to twttr.appStartTime once our JS has started up
  document.startTime = new Date().getTime();
  var twttr = {};
  twttr.versionName = 'phoenix';
  twttr.isT1 = true;
  twttr.didPingKeynote = false;
  twttr.keynoteTTFTPing = function() {
    if (!twttr.didPingKeynote && window.location.href.indexOf('keynoteTest') > 0) {
      var image = document.createElement('img');
      image.src = '/images/keynote.gif';
      twttr.didPingKeynote = true;
    }
  }
  window.console||function(){var
a=["log","debug","info","warn","error","assert","dir","dirxml","group","groupEnd","time","t
imeEnd","count","trace","profile","profileEnd"];window.console={};for(var
b=0;b<a.length;++b)window.console[a[b]]=function(){}}();
</script>
…
c. Self-descriptive messages contains all the information
necessary to complete transformations.
GET /#!/jack/status/20 HTTP/1.1
User-Agent: Chrome/18.0.1025.11
Host: twitter.com
Accept: text/html
d. Hypermedia as the engine of application state
HATEOAS 101 - Opinionated Introduction to a REST API Style
state                                     state



        transition           transition




                     state


        transition           transition

state                                     state
“   The name „Representational State Transfer‟ is intended
    to evoke an image of how a well-designed Web
    application behaves: a network of web pages (a virtual
    state-machine), where the user progresses through the
    application by selecting links (state transitions),
    resulting in the next page (representing the next state of
    the application) being transferred to the user and
    rendered for their use.
                                                           -Roy Fielding
                                            Architectural Styles and the
                        Design of Network-based Software Architectures
                                                               Chapter 6
States are web pages.
Transitions are hyperlinks.
The key to implementing HATEOAS is pretty simple
In each response message include the links for the next
request message.
REST Interface




App    Browser                                  App
                                  UI Server
User     App                                  Developer
HATEOAS 101 - Opinionated Introduction to a REST API Style
home                   connect        discover     search                my profile           direct messages




                google:                                                                   lists
              jack‟s first           favorite                        about
                 tweet

                                                                                          help
               retweet


               reply to                                                             keyboard
                @jack                                                               shortcuts

                turn off
               retweets                                                               settings

              report @jack
                for spam                                                            sign out



                  add or remove
block @jack                          tweet to @jack   Follow @jack            @jack                  new tweet
                    from lists
1 transition in, 32 transitions out
A quick aside
The three greatest inventions of all time are:
Bicycles
Beer
The Hyperlink
With a browser I can start at http://twitter.com
And navigate my way through every state of the entire
Twitter application.
It’s amazing!
HATEOAS is not scary.
HATEOAS 101 - Opinionated Introduction to a REST API Style
HATEOAS is the key constraint that makes surfing the
web with a browser possible.
Let’s look at HATEOAS and APIs
With help from the Twitter API.
GET /1/statuses/show/20.json
HTTP/1.1
Host: api.twitter.com
{
    "created_at": "Tue Mar 21 20:50:14 +0000 2006",
    "id": 20,
    "id_str": "20",


     "text": "just setting up my twttr",
    "source": "web",
    "truncated": false,
    "in_reply_to_status_id": null,
    "in_reply_to_status_id_str": null,
    "in_reply_to_user_id": null,
    "in_reply_to_user_id_str": null,
    "in_reply_to_screen_name": null,
    "user": {
      "id": 12,
      "id_str": "12",


     "name": "Jack Dorsey",
      "screen_name": "jack",
      "location": "San Francisco",
      "description": "Executive Chairman of Twitter, CEO of Square, a founder of both.",
      "url": null,
      "protected": false,
      "followers_count": 1935426,
      "friends_count": 1148,
      "listed_count": 17312,
      "created_at": "Tue Mar 21 20:50:14 +0000 2006",
      "favourites_count": 988,
      "utc_offset": -28800,
      "time_zone": "Pacific Time (US & Canada)",
      "geo_enabled": true,
      "verified": true,
      "statuses_count": 10894,
      "lang": "en",
      "contributors_enabled": true,
      "is_translator": false,
      "profile_background_color": "EBEBEB",
      "profile_background_image_url": "http://a0.twimg.com/images/themes/theme7/bg.gif",
      "profile_background_image_url_https": "https://si0.twimg.com/images/themes/theme7/bg.gif",
      "profile_background_tile": false,
      "profile_image_url": "http://a0.twimg.com/profile_images/1563216547/image_normal.jpg",
      "profile_image_url_https": "https://si0.twimg.com/profile_images/1563216547/image_normal.jpg",
      "profile_link_color": "990000",
      "profile_sidebar_border_color": "DFDFDF",
      "profile_sidebar_fill_color": "F3F3F3",
      "profile_text_color": "333333",
      "profile_use_background_image": true,
      "show_all_inline_media": true,
      "default_profile": false,
      "default_profile_image": false,
      "following": null,
      "follow_request_sent": null,
      "notifications": null
    },
    "geo": null,
    "coordinates": null,
    "place": null,
    "contributors": null,
    "retweet_count": 5973,
    "favorited": false,
    "retweeted": false
}
Uh oh. There are zero hyperlinks.
How many should there be to respect the HATEOAS
constraint?
At least one.
{
    "created_at": "Tue Mar 21 20:50:14 +0000 2006",
    "id": 20,
    "id_str": "20",


     "text": "just setting up my twttr",
    "source": "web",
    "truncated": false,
    "in_reply_to_status_id": null,
    "in_reply_to_status_id_str": null,
    "in_reply_to_user_id": null,
    "in_reply_to_user_id_str": null,
    "in_reply_to_screen_name": null,
    "user": {
      "id": 12,


     "link": ”http://api.twitter.com/1/users/show.json?user_id=12",
     "id_str": "12",


     "name": "Jack Dorsey",
      "screen_name": "jack",
      "location": "San Francisco",
      "description": "Executive Chairman of Twitter, CEO of Square, a founder of both.",
      "url": null,
      "protected": false,
      "followers_count": 1935426,
      "friends_count": 1148,
      "listed_count": 17312,
      "created_at": "Tue Mar 21 20:50:14 +0000 2006",
      "favourites_count": 988,
      "utc_offset": -28800,
      "time_zone": "Pacific Time (US & Canada)",
      "geo_enabled": true,
      "verified": true,
      "statuses_count": 10894,
      "lang": "en",
      "contributors_enabled": true,
      "is_translator": false,
      "profile_background_color": "EBEBEB",
      "profile_background_image_url": "http://a0.twimg.com/images/themes/theme7/bg.gif",
      "profile_background_image_url_https": "https://si0.twimg.com/images/themes/theme7/bg.gif",
      "profile_background_tile": false,
      "profile_image_url": "http://a0.twimg.com/profile_images/1563216547/image_normal.jpg",
      "profile_image_url_https": "https://si0.twimg.com/profile_images/1563216547/image_normal.jpg",
      "profile_link_color": "990000",
      "profile_sidebar_border_color": "DFDFDF",
      "profile_sidebar_fill_color": "F3F3F3",
      "profile_text_color": "333333",
      "profile_use_background_image": true,
      "show_all_inline_media": true,
      "default_profile": false,
      "default_profile_image": false,
      "following": null,
      "follow_request_sent": null,
      "notifications": null
    },
    "geo": null,
    "coordinates": null,
    "place": null,
    "contributors": null,
    "retweet_count": 5973,
    "favorited": false,
    "retweeted": false
}
A few questions.
Now are we HATEOAS compliant?
If we add another link does it change the consuming
application’s state machine?
Is it ok for the developer to ignore included links?
Can the developer add out-of-band links to her app?
What happens when an app relies on multiple APIs?
Where is the state machine?
If the Twitter API had complied with HATEOAS
When Loren Brichter
HATEOAS 101 - Opinionated Introduction to a REST API Style
Created Tweetie
HATEOAS 101 - Opinionated Introduction to a REST API Style
Would he have been able to decide which user actions to
include in his design?
HATEOAS 101 - Opinionated Introduction to a REST API Style
Or would those decisions have been driven by the links in
the response from the Twitter API?
HATEOAS 101 - Opinionated Introduction to a REST API Style
HATEOAS 101 - Opinionated Introduction to a REST API Style
Nearly all popular web UIs adhere to HATEOAS.
Nearly all popular web APIs violate HATEOAS.
Why?
Let’s examine the two worlds.
I guarantee
                             hypermedia is
                             engine of app
I decide where                    state                    I craft the user
  to click, aka                                            experience, aka
 change state.                                              state diagram.
                            REST Interface




          App     Browser                                  App
                                             UI Server
          User      App                                  Developer
The person who crafts the experience (state diagram)
and the app user have the REST interface between them.
And the hypermedia links are given directly to the app
user at runtime.
So the hypermedia in each response message is
genuinely the engine of application state.
This pattern is not limited to user interfaces.
We see the same pattern for syndication feeds.
I guarantee
                                hypermedia is
                                engine of app
                                     state                  I craft stories,
I decide where
                                                         categories & related
  to click, aka
                                                           media, aka state
 change state.
                                                               diagram.
                           REST Interface




         App      Feed Reader                   Feed        Content
         User         App                       Server     Publisher
But the world of apps and web APIs seems different.
Interface

                  App
       App 1
               Developer 1




App                                      API Server
                  App
User   App 2
               Developer 2




                  App
       App 3
               Developer 3
Interface
                  I craft the user experience,
                                                                        I get no
                       aka state diagram.
                                          App                          HATEOAS
                        App 1
I decide where                         Developer 1                     respect.
  to click, aka
 change state.



          App                                                    API Server
                                          App
          User           App 2
                                       Developer 2




                                          App
                         App 3
                                       Developer 3
The person who crafts the experience (state machine)
and the app user do not have the REST interface
between them.
And the hypermedia links are not given directly to the
app user at runtime.
Instead, the hypermedia are given to the developer at
design time.
And the developer decides which states are possible for
the app user at runtime.
We need a Yoda moment.
HATEOAS 101 - Opinionated Introduction to a REST API Style
“ You must unlearn what you have learned.
                                            -Yoda
I used to call the world of popular, non-HATEOAS, non-
SOAP web APIs, Pragmatic REST.
Oops.
How do we answer the questions many API teams are
asking
1. Should we go down the HATEOAS path?
As a practical matter, for many teams that previous
question is the same as the next question.
2. Should we include links in our responses?
But they have different answers.
1. For an API to be HATEOAS-compliant it requires a
client app that is also HATEOAS-compliant.
A user-interface app driven by web APIs would be akin to
a feed reader for syndicated content.
But designed to handle generic web APIs.
I guarantee
                            hypermedia is
                            engine of app
I decide where                   state                      I craft a system of
  to click, aka                                          interrelated resources,
 change state.                                             aka state diagram.

                           REST Interface




         App      RESTful API                                  API
                                            API Server
         User      Client App                                Developer



                     ?
Special thanks to @elasticpath for this metaphor.
There are interesting non-UI applications as well.
“   However, the style does not assume that all applications
    are browsers. In fact, the application details are hidden
    from the server by the generic connector interface, and
    thus a user agent could equally be an automated robot
    performing information retrieval for an indexing service,
    a personal agent looking for data that matches certain
    criteria, or a maintenance spider busy patrolling the
    information for broken references or modified content
    [39].
                                                           -Roy Fielding
                                            Architectural Styles and the
                        Design of Network-based Software Architectures
                                                               Chapter 5
If you’re not going down the HATEOAS client path, should
you include links anyway?
2. If you think including links in the API response will be
helpful for developers at design time, then go for it.
HATEOAS 101 - Opinionated Introduction to a REST API Style
But I wouldn’t call it HATEOAS because those links are
probably not the engine of application state for the app
user at run time.
“   If the engine of application state (and hence the
    API) is not being driven by hypertext, then it
    cannot be RESTful and cannot be a REST API.
    Period. Is there some broken manual
    somewhere that needs to be fixed?
                                                   -Roy Fielding
                            “REST APIs must be hypertext-driven”
                            Untangled: Musings of Roy T. Fielding
HATEOAS 101 - Opinionated Introduction to a REST API Style
Here’s a call to action
We know what REST with the HATEOAS constraint
is and isn’t.
We know what SOAP is and isn’t.
But we don’t have an intellectual framework for
the way so many popular apps and web APIs work
today.
We need a really smart person
Who cares about web APIs
To examine the constraints of REST
The Constraints of REST
1.   Client-server
2.   Stateless server
3.   Cache
4.   Uniform interface
     a.   Identification of resources
     b.   Manipulation of resources through representations
     c.   Self-descriptive messages
     d.   Hypermedia as the engine of application state
5. Layered System
6. Code-On-Demand (optional)
While keeping in mind how custom apps are built
by people using web APIs
Interface

                  App
       App 1
               Developer 1




App                                      API Server
                  App
User   App 2
               Developer 2




                  App
       App 3
               Developer 3
To give us a new foundation
The Constraints of ____
1.   ???
2.   ???
3.   ???
4.   ???
5.   ???
6.   ???
So that we will have a better shared idea of what
we’re really doing
We will be able to communicate more effectively
And we will be able to create more value for the
planet and the people on it.
HATEOAS 101 - Opinionated Introduction to a REST API Style
But please choose a nice, pronounceable acronym.
HATEOAS 101 - Opinionated Introduction to a REST API Style
Further Exploring
• http://steveklabnik.com/
• http://pinboard.in/u:earth2marsh/t:hateoas/
• http://www.ics.uci.edu/~fielding/pubs/dissert
  ation/top.htm
• http://martinfowler.com/articles/richardsonM
  aturityModel.html
• http://timelessrepo.com/haters-gonna-
  hateoas
Questions?
THANK YOU
Subscribe to API webinars at:
youtube.com/apigee
THANK YOU
IRC
#api-craft
on freenode
THANK YOU
Questions and ideas to:
groups.google.com/group/api-craft
THANK YOU
Contact me at:

@landlessness
brian@apigee.com

Weitere ähnliche Inhalte

Was ist angesagt?

Rest api standards and best practices
Rest api standards and best practicesRest api standards and best practices
Rest api standards and best practicesAnkita Mahajan
 
Building Event Driven Architectures with Kafka and Cloud Events (Dan Rosanova...
Building Event Driven Architectures with Kafka and Cloud Events (Dan Rosanova...Building Event Driven Architectures with Kafka and Cloud Events (Dan Rosanova...
Building Event Driven Architectures with Kafka and Cloud Events (Dan Rosanova...confluent
 
Getting up to speed with MirrorMaker 2 | Mickael Maison, IBM and Ryanne Dolan...
Getting up to speed with MirrorMaker 2 | Mickael Maison, IBM and Ryanne Dolan...Getting up to speed with MirrorMaker 2 | Mickael Maison, IBM and Ryanne Dolan...
Getting up to speed with MirrorMaker 2 | Mickael Maison, IBM and Ryanne Dolan...HostedbyConfluent
 
Building a Data Exchange with Spring Cloud Data Flow
Building a Data Exchange with Spring Cloud Data FlowBuilding a Data Exchange with Spring Cloud Data Flow
Building a Data Exchange with Spring Cloud Data FlowVMware Tanzu
 
Migrating with Debezium
Migrating with DebeziumMigrating with Debezium
Migrating with DebeziumMike Fowler
 
Distributed Tracing with Jaeger
Distributed Tracing with JaegerDistributed Tracing with Jaeger
Distributed Tracing with JaegerInho Kang
 
Microservices, Containers, Kubernetes, Kafka, Kanban
Microservices, Containers, Kubernetes, Kafka, KanbanMicroservices, Containers, Kubernetes, Kafka, Kanban
Microservices, Containers, Kubernetes, Kafka, KanbanAraf Karsh Hamid
 
Spring Cloud Data Flow Overview
Spring Cloud Data Flow OverviewSpring Cloud Data Flow Overview
Spring Cloud Data Flow OverviewVMware Tanzu
 
Implementing Domain Events with Kafka
Implementing Domain Events with KafkaImplementing Domain Events with Kafka
Implementing Domain Events with KafkaAndrei Rugina
 
Big Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb ShardingBig Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb ShardingAraf Karsh Hamid
 
An Intro to AS4, the Successor of AS2
An Intro to AS4, the Successor of AS2An Intro to AS4, the Successor of AS2
An Intro to AS4, the Successor of AS2BizTalk360
 
Akka-intro-training-public.pdf
Akka-intro-training-public.pdfAkka-intro-training-public.pdf
Akka-intro-training-public.pdfBernardDeffarges
 
The Architecture of an API Platform
The Architecture of an API PlatformThe Architecture of an API Platform
The Architecture of an API PlatformJohannes Ridderstedt
 
Scaling Asterisk with Kamailio
Scaling Asterisk with KamailioScaling Asterisk with Kamailio
Scaling Asterisk with KamailioFred Posner
 
Kafka Streams: What it is, and how to use it?
Kafka Streams: What it is, and how to use it?Kafka Streams: What it is, and how to use it?
Kafka Streams: What it is, and how to use it?confluent
 
Apache Kafka
Apache KafkaApache Kafka
Apache Kafkaemreakis
 
Microservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudMicroservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudEberhard Wolff
 

Was ist angesagt? (20)

Rest api standards and best practices
Rest api standards and best practicesRest api standards and best practices
Rest api standards and best practices
 
Building Event Driven Architectures with Kafka and Cloud Events (Dan Rosanova...
Building Event Driven Architectures with Kafka and Cloud Events (Dan Rosanova...Building Event Driven Architectures with Kafka and Cloud Events (Dan Rosanova...
Building Event Driven Architectures with Kafka and Cloud Events (Dan Rosanova...
 
Apache kafka
Apache kafkaApache kafka
Apache kafka
 
Getting up to speed with MirrorMaker 2 | Mickael Maison, IBM and Ryanne Dolan...
Getting up to speed with MirrorMaker 2 | Mickael Maison, IBM and Ryanne Dolan...Getting up to speed with MirrorMaker 2 | Mickael Maison, IBM and Ryanne Dolan...
Getting up to speed with MirrorMaker 2 | Mickael Maison, IBM and Ryanne Dolan...
 
Building a Data Exchange with Spring Cloud Data Flow
Building a Data Exchange with Spring Cloud Data FlowBuilding a Data Exchange with Spring Cloud Data Flow
Building a Data Exchange with Spring Cloud Data Flow
 
Migrating with Debezium
Migrating with DebeziumMigrating with Debezium
Migrating with Debezium
 
Distributed Tracing with Jaeger
Distributed Tracing with JaegerDistributed Tracing with Jaeger
Distributed Tracing with Jaeger
 
Microservices, Containers, Kubernetes, Kafka, Kanban
Microservices, Containers, Kubernetes, Kafka, KanbanMicroservices, Containers, Kubernetes, Kafka, Kanban
Microservices, Containers, Kubernetes, Kafka, Kanban
 
Springboot Microservices
Springboot MicroservicesSpringboot Microservices
Springboot Microservices
 
Spring Cloud Data Flow Overview
Spring Cloud Data Flow OverviewSpring Cloud Data Flow Overview
Spring Cloud Data Flow Overview
 
Implementing Domain Events with Kafka
Implementing Domain Events with KafkaImplementing Domain Events with Kafka
Implementing Domain Events with Kafka
 
Big Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb ShardingBig Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb Sharding
 
An Intro to AS4, the Successor of AS2
An Intro to AS4, the Successor of AS2An Intro to AS4, the Successor of AS2
An Intro to AS4, the Successor of AS2
 
Akka-intro-training-public.pdf
Akka-intro-training-public.pdfAkka-intro-training-public.pdf
Akka-intro-training-public.pdf
 
The Architecture of an API Platform
The Architecture of an API PlatformThe Architecture of an API Platform
The Architecture of an API Platform
 
Scaling Asterisk with Kamailio
Scaling Asterisk with KamailioScaling Asterisk with Kamailio
Scaling Asterisk with Kamailio
 
Kafka Streams: What it is, and how to use it?
Kafka Streams: What it is, and how to use it?Kafka Streams: What it is, and how to use it?
Kafka Streams: What it is, and how to use it?
 
Apache Kafka
Apache KafkaApache Kafka
Apache Kafka
 
Microservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudMicroservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring Cloud
 
Json Web Token - JWT
Json Web Token - JWTJson Web Token - JWT
Json Web Token - JWT
 

Andere mochten auch

Why APIs? Second Edition - Webcast Slides
Why APIs? Second Edition - Webcast SlidesWhy APIs? Second Edition - Webcast Slides
Why APIs? Second Edition - Webcast SlidesApigee | Google Cloud
 
Rest and the hypermedia constraint
Rest and the hypermedia constraintRest and the hypermedia constraint
Rest and the hypermedia constraintInviqa
 
The Internet as Web Services: introduction to ReST
The Internet as Web Services: introduction to ReSTThe Internet as Web Services: introduction to ReST
The Internet as Web Services: introduction to ReSTBruno Kessler Foundation
 
RESTful services
RESTful servicesRESTful services
RESTful servicesgouthamrv
 
Learn REST in 18 Slides
Learn REST in 18 SlidesLearn REST in 18 Slides
Learn REST in 18 SlidesSuraj Gupta
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developersPatrick Savalle
 

Andere mochten auch (9)

Why APIs? Second Edition - Webcast Slides
Why APIs? Second Edition - Webcast SlidesWhy APIs? Second Edition - Webcast Slides
Why APIs? Second Edition - Webcast Slides
 
Rest and the hypermedia constraint
Rest and the hypermedia constraintRest and the hypermedia constraint
Rest and the hypermedia constraint
 
The Internet as Web Services: introduction to ReST
The Internet as Web Services: introduction to ReSTThe Internet as Web Services: introduction to ReST
The Internet as Web Services: introduction to ReST
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web Services
 
RESTful services
RESTful servicesRESTful services
RESTful services
 
Introduction To REST
Introduction To RESTIntroduction To REST
Introduction To REST
 
Learn REST in 18 Slides
Learn REST in 18 SlidesLearn REST in 18 Slides
Learn REST in 18 Slides
 
REST-API introduction for developers
REST-API introduction for developersREST-API introduction for developers
REST-API introduction for developers
 
REST Presentation
REST PresentationREST Presentation
REST Presentation
 

Ähnlich wie HATEOAS 101 - Opinionated Introduction to a REST API Style

Authentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructuresAuthentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructuresCorley S.r.l.
 
Web Apps and more
Web Apps and moreWeb Apps and more
Web Apps and moreYan Shi
 
Web app and more
Web app and moreWeb app and more
Web app and morefaming su
 
Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!QAware GmbH
 
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008IE 8 et les standards du Web - Chris Wilson - Paris Web 2008
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008Association Paris-Web
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesBrad Hill
 
Connect + Docker + AWS = Bitbucket Pipelines
Connect + Docker + AWS = Bitbucket PipelinesConnect + Docker + AWS = Bitbucket Pipelines
Connect + Docker + AWS = Bitbucket PipelinesAtlassian
 
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersWebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersViktor Gamov
 
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docx
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docxCross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docx
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docxmydrynan
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecuritiesamiable_indian
 
Evolving your Data Access with MongoDB Stitch - Drew Di Palma
Evolving your Data Access with MongoDB Stitch - Drew Di PalmaEvolving your Data Access with MongoDB Stitch - Drew Di Palma
Evolving your Data Access with MongoDB Stitch - Drew Di PalmaMongoDB
 
Programming For Google Wave
Programming For Google WaveProgramming For Google Wave
Programming For Google WaveRodrigo Borges
 
How to get along with HATEOAS without letting the bad guys steal your lunch?
How to get along with HATEOAS without letting the bad guys steal your lunch?How to get along with HATEOAS without letting the bad guys steal your lunch?
How to get along with HATEOAS without letting the bad guys steal your lunch?Graham Charters
 
Top 10 Web Hacks 2012
Top 10 Web Hacks 2012Top 10 Web Hacks 2012
Top 10 Web Hacks 2012Matt Johansen
 
Watch How the Giants Fall
Watch How the Giants FallWatch How the Giants Fall
Watch How the Giants Falljtmelton
 
Server side programming bt0083
Server side programming bt0083Server side programming bt0083
Server side programming bt0083Divyam Pateriya
 
GWT Web Socket and data serialization
GWT Web Socket and data serializationGWT Web Socket and data serialization
GWT Web Socket and data serializationGWTcon
 
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan KuskosCONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan KuskosPROIDEA
 

Ähnlich wie HATEOAS 101 - Opinionated Introduction to a REST API Style (20)

Authentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructuresAuthentication and authorization in res tful infrastructures
Authentication and authorization in res tful infrastructures
 
Web Apps and more
Web Apps and moreWeb Apps and more
Web Apps and more
 
Web app and more
Web app and moreWeb app and more
Web app and more
 
Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!Putting Microservices on a Diet: with Istio!
Putting Microservices on a Diet: with Istio!
 
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008IE 8 et les standards du Web - Chris Wilson - Paris Web 2008
IE 8 et les standards du Web - Chris Wilson - Paris Web 2008
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realities
 
Connect + Docker + AWS = Bitbucket Pipelines
Connect + Docker + AWS = Bitbucket PipelinesConnect + Docker + AWS = Bitbucket Pipelines
Connect + Docker + AWS = Bitbucket Pipelines
 
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java DevelopersWebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
WebSockets: The Current State of the Most Valuable HTML5 API for Java Developers
 
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docx
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docxCross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docx
Cross-site scripting (XSS) Attacks Cross-site scripting (XSS) .docx
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
Evolving your Data Access with MongoDB Stitch - Drew Di Palma
Evolving your Data Access with MongoDB Stitch - Drew Di PalmaEvolving your Data Access with MongoDB Stitch - Drew Di Palma
Evolving your Data Access with MongoDB Stitch - Drew Di Palma
 
Api
ApiApi
Api
 
Programming For Google Wave
Programming For Google WaveProgramming For Google Wave
Programming For Google Wave
 
How to get along with HATEOAS without letting the bad guys steal your lunch?
How to get along with HATEOAS without letting the bad guys steal your lunch?How to get along with HATEOAS without letting the bad guys steal your lunch?
How to get along with HATEOAS without letting the bad guys steal your lunch?
 
Top 10 Web Hacks 2012
Top 10 Web Hacks 2012Top 10 Web Hacks 2012
Top 10 Web Hacks 2012
 
Google Web Toolkit
Google Web ToolkitGoogle Web Toolkit
Google Web Toolkit
 
Watch How the Giants Fall
Watch How the Giants FallWatch How the Giants Fall
Watch How the Giants Fall
 
Server side programming bt0083
Server side programming bt0083Server side programming bt0083
Server side programming bt0083
 
GWT Web Socket and data serialization
GWT Web Socket and data serializationGWT Web Socket and data serialization
GWT Web Socket and data serialization
 
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan KuskosCONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
CONFidence 2015: The Top 10 Web Hacks of 2014 - Matt Johansen, Johnathan Kuskos
 

Mehr von Apigee | Google Cloud

Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs Apigee | Google Cloud
 
AccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First WorldAccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First WorldApigee | Google Cloud
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Apigee | Google Cloud
 
The Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management MarketThe Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management MarketApigee | Google Cloud
 
Managing the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsManaging the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsApigee | Google Cloud
 
Microservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices SuccessMicroservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices SuccessApigee | Google Cloud
 
Adapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet KapoorAdapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet KapoorApigee | Google Cloud
 
Adapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg BrailAdapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg BrailApigee | Google Cloud
 
Adapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant JhingranAdapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant JhingranApigee | Google Cloud
 
London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!Apigee | Google Cloud
 

Mehr von Apigee | Google Cloud (20)

How Secure Are Your APIs?
How Secure Are Your APIs?How Secure Are Your APIs?
How Secure Are Your APIs?
 
Magazine Luiza at a glance (1)
Magazine Luiza at a glance (1)Magazine Luiza at a glance (1)
Magazine Luiza at a glance (1)
 
Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs Monetization: Unlock More Value from Your APIs
Monetization: Unlock More Value from Your APIs
 
Apigee Demo: API Platform Overview
Apigee Demo: API Platform OverviewApigee Demo: API Platform Overview
Apigee Demo: API Platform Overview
 
Ticketmaster at a glance
Ticketmaster at a glanceTicketmaster at a glance
Ticketmaster at a glance
 
AccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First WorldAccuWeather: Recasting API Experiences in a Developer-First World
AccuWeather: Recasting API Experiences in a Developer-First World
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?
 
Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2
 
The Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management MarketThe Four Transformative Forces of the API Management Market
The Four Transformative Forces of the API Management Market
 
Walgreens at a glance
Walgreens at a glanceWalgreens at a glance
Walgreens at a glance
 
Apigee Edge: Intro to Microgateway
Apigee Edge: Intro to MicrogatewayApigee Edge: Intro to Microgateway
Apigee Edge: Intro to Microgateway
 
Managing the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsManaging the Complexity of Microservices Deployments
Managing the Complexity of Microservices Deployments
 
Pitney Bowes at a glance
Pitney Bowes at a glancePitney Bowes at a glance
Pitney Bowes at a glance
 
Microservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices SuccessMicroservices Done Right: Key Ingredients for Microservices Success
Microservices Done Right: Key Ingredients for Microservices Success
 
Adapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet KapoorAdapt or Die: Opening Keynote with Chet Kapoor
Adapt or Die: Opening Keynote with Chet Kapoor
 
Adapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg BrailAdapt or Die: Keynote with Greg Brail
Adapt or Die: Keynote with Greg Brail
 
Adapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant JhingranAdapt or Die: Keynote with Anant Jhingran
Adapt or Die: Keynote with Anant Jhingran
 
London Adapt or Die: Opening Keynot
London Adapt or Die: Opening KeynotLondon Adapt or Die: Opening Keynot
London Adapt or Die: Opening Keynot
 
London Adapt or Die: Lunch keynote
London Adapt or Die: Lunch keynoteLondon Adapt or Die: Lunch keynote
London Adapt or Die: Lunch keynote
 
London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!London Adapt or Die: Closing Keynote — Adapt Now!
London Adapt or Die: Closing Keynote — Adapt Now!
 

Kürzlich hochgeladen

UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 

Kürzlich hochgeladen (20)

UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 

HATEOAS 101 - Opinionated Introduction to a REST API Style

  • 1. HATEOAS 101 An Opinionated Introduction Brian Mulloy Apigee @landlessness @apigee
  • 4. New! IRC Channel #api-craft on freenode
  • 5. WARNING: The author may betray a bias against the application of REST constraints to web APIs.
  • 8. Hypermedia As The Engine Of Application State
  • 9. Let’s put HATEOAS in the full context of REST.
  • 10. The Constraints of REST 1. Client-server 2. Stateless server 3. Cache 4. Uniform interface a. Identification of resources b. Manipulation of resources through representations c. Self-descriptive messages d. Hypermedia as the engine of application state 5. Layered System 6. Code-On-Demand (optional)
  • 12. The first three constraints…
  • 13. 1. Client-server 2. Stateless server 3. Cache
  • 14. …give us the client-cache-stateless-server web architecture.
  • 15. client cache Each request must contain all information. No stored context on the stateless server. server Client has the right to reuse client response data. cache
  • 16. (we’ll come back to the 4th constraint)
  • 17. The 5th constraint, Layered System, lets us add features like a gateway, load balancer and firewall.
  • 18. Each layer Layers can encapsulate provides services legacy services & protect new services from legacy stateless to it’s neighbors. clients. server load stateless client firewall gateway balancer server Each layer cannot stateless "see" beyond it’s server immediate neighbor.
  • 19. The optional 6th constraint, Code-on-Demand, allows the client to request code from the server & execute it.
  • 20. Add features to a deployed client, which provides for improved extensibility and configurability client stateless server code Better user-perceived performance and efficiency
  • 21. Now lets tackle the 4 parts of the 4th constraint, Uniform Interface
  • 22. With help from the Twitter UI.
  • 23. a. Resource Identifier identifies the particular resource involved in an interaction between components.
  • 25. b. Resource Representation represents the state of a resource for transfer between components.
  • 26. <!DOCTYPE html> <html data-nav-highlight-class-name="highlight-global-nav-home"> <head> <title>Twitter</title> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta charset="utf-8" /> <meta name="description" content="Instantly connect to what&#39;s most important to you. Follow your friends, experts, favorite celebrities, and breaking news." /> <link rel="dns-prefetch" href="http://a0.twimg.com"/> <link rel="dns-prefetch" href="http://api.twitter.com"/> <script type="text/javascript" charset="utf-8"> document.domain = 'twitter.com'; // this will be copied to twttr.appStartTime once our JS has started up document.startTime = new Date().getTime(); var twttr = {}; twttr.versionName = 'phoenix'; twttr.isT1 = true; twttr.didPingKeynote = false; twttr.keynoteTTFTPing = function() { if (!twttr.didPingKeynote && window.location.href.indexOf('keynoteTest') > 0) { var image = document.createElement('img'); image.src = '/images/keynote.gif'; twttr.didPingKeynote = true; } } window.console||function(){var a=["log","debug","info","warn","error","assert","dir","dirxml","group","groupEnd","time","t imeEnd","count","trace","profile","profileEnd"];window.console={};for(var b=0;b<a.length;++b)window.console[a[b]]=function(){}}(); </script> …
  • 27. c. Self-descriptive messages contains all the information necessary to complete transformations.
  • 28. GET /#!/jack/status/20 HTTP/1.1 User-Agent: Chrome/18.0.1025.11 Host: twitter.com Accept: text/html
  • 29. d. Hypermedia as the engine of application state
  • 31. state state transition transition state transition transition state state
  • 32. The name „Representational State Transfer‟ is intended to evoke an image of how a well-designed Web application behaves: a network of web pages (a virtual state-machine), where the user progresses through the application by selecting links (state transitions), resulting in the next page (representing the next state of the application) being transferred to the user and rendered for their use. -Roy Fielding Architectural Styles and the Design of Network-based Software Architectures Chapter 6
  • 33. States are web pages.
  • 35. The key to implementing HATEOAS is pretty simple
  • 36. In each response message include the links for the next request message.
  • 37. REST Interface App Browser App UI Server User App Developer
  • 39. home connect discover search my profile direct messages google: lists jack‟s first favorite about tweet help retweet reply to keyboard @jack shortcuts turn off retweets settings report @jack for spam sign out add or remove block @jack tweet to @jack Follow @jack @jack new tweet from lists
  • 40. 1 transition in, 32 transitions out
  • 42. The three greatest inventions of all time are:
  • 44. Beer
  • 46. With a browser I can start at http://twitter.com
  • 47. And navigate my way through every state of the entire Twitter application.
  • 49. HATEOAS is not scary.
  • 51. HATEOAS is the key constraint that makes surfing the web with a browser possible.
  • 52. Let’s look at HATEOAS and APIs
  • 53. With help from the Twitter API.
  • 55. { "created_at": "Tue Mar 21 20:50:14 +0000 2006", "id": 20, "id_str": "20", "text": "just setting up my twttr", "source": "web", "truncated": false, "in_reply_to_status_id": null, "in_reply_to_status_id_str": null, "in_reply_to_user_id": null, "in_reply_to_user_id_str": null, "in_reply_to_screen_name": null, "user": { "id": 12, "id_str": "12", "name": "Jack Dorsey", "screen_name": "jack", "location": "San Francisco", "description": "Executive Chairman of Twitter, CEO of Square, a founder of both.", "url": null, "protected": false, "followers_count": 1935426, "friends_count": 1148, "listed_count": 17312, "created_at": "Tue Mar 21 20:50:14 +0000 2006", "favourites_count": 988, "utc_offset": -28800, "time_zone": "Pacific Time (US & Canada)", "geo_enabled": true, "verified": true, "statuses_count": 10894, "lang": "en", "contributors_enabled": true, "is_translator": false, "profile_background_color": "EBEBEB", "profile_background_image_url": "http://a0.twimg.com/images/themes/theme7/bg.gif", "profile_background_image_url_https": "https://si0.twimg.com/images/themes/theme7/bg.gif", "profile_background_tile": false, "profile_image_url": "http://a0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_image_url_https": "https://si0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_link_color": "990000", "profile_sidebar_border_color": "DFDFDF", "profile_sidebar_fill_color": "F3F3F3", "profile_text_color": "333333", "profile_use_background_image": true, "show_all_inline_media": true, "default_profile": false, "default_profile_image": false, "following": null, "follow_request_sent": null, "notifications": null }, "geo": null, "coordinates": null, "place": null, "contributors": null, "retweet_count": 5973, "favorited": false, "retweeted": false }
  • 56. Uh oh. There are zero hyperlinks.
  • 57. How many should there be to respect the HATEOAS constraint?
  • 59. { "created_at": "Tue Mar 21 20:50:14 +0000 2006", "id": 20, "id_str": "20", "text": "just setting up my twttr", "source": "web", "truncated": false, "in_reply_to_status_id": null, "in_reply_to_status_id_str": null, "in_reply_to_user_id": null, "in_reply_to_user_id_str": null, "in_reply_to_screen_name": null, "user": { "id": 12, "link": ”http://api.twitter.com/1/users/show.json?user_id=12", "id_str": "12", "name": "Jack Dorsey", "screen_name": "jack", "location": "San Francisco", "description": "Executive Chairman of Twitter, CEO of Square, a founder of both.", "url": null, "protected": false, "followers_count": 1935426, "friends_count": 1148, "listed_count": 17312, "created_at": "Tue Mar 21 20:50:14 +0000 2006", "favourites_count": 988, "utc_offset": -28800, "time_zone": "Pacific Time (US & Canada)", "geo_enabled": true, "verified": true, "statuses_count": 10894, "lang": "en", "contributors_enabled": true, "is_translator": false, "profile_background_color": "EBEBEB", "profile_background_image_url": "http://a0.twimg.com/images/themes/theme7/bg.gif", "profile_background_image_url_https": "https://si0.twimg.com/images/themes/theme7/bg.gif", "profile_background_tile": false, "profile_image_url": "http://a0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_image_url_https": "https://si0.twimg.com/profile_images/1563216547/image_normal.jpg", "profile_link_color": "990000", "profile_sidebar_border_color": "DFDFDF", "profile_sidebar_fill_color": "F3F3F3", "profile_text_color": "333333", "profile_use_background_image": true, "show_all_inline_media": true, "default_profile": false, "default_profile_image": false, "following": null, "follow_request_sent": null, "notifications": null }, "geo": null, "coordinates": null, "place": null, "contributors": null, "retweet_count": 5973, "favorited": false, "retweeted": false }
  • 61. Now are we HATEOAS compliant?
  • 62. If we add another link does it change the consuming application’s state machine?
  • 63. Is it ok for the developer to ignore included links?
  • 64. Can the developer add out-of-band links to her app?
  • 65. What happens when an app relies on multiple APIs? Where is the state machine?
  • 66. If the Twitter API had complied with HATEOAS
  • 71. Would he have been able to decide which user actions to include in his design?
  • 73. Or would those decisions have been driven by the links in the response from the Twitter API?
  • 76. Nearly all popular web UIs adhere to HATEOAS.
  • 77. Nearly all popular web APIs violate HATEOAS.
  • 78. Why?
  • 79. Let’s examine the two worlds.
  • 80. I guarantee hypermedia is engine of app I decide where state I craft the user to click, aka experience, aka change state. state diagram. REST Interface App Browser App UI Server User App Developer
  • 81. The person who crafts the experience (state diagram) and the app user have the REST interface between them.
  • 82. And the hypermedia links are given directly to the app user at runtime.
  • 83. So the hypermedia in each response message is genuinely the engine of application state.
  • 84. This pattern is not limited to user interfaces.
  • 85. We see the same pattern for syndication feeds.
  • 86. I guarantee hypermedia is engine of app state I craft stories, I decide where categories & related to click, aka media, aka state change state. diagram. REST Interface App Feed Reader Feed Content User App Server Publisher
  • 87. But the world of apps and web APIs seems different.
  • 88. Interface App App 1 Developer 1 App API Server App User App 2 Developer 2 App App 3 Developer 3
  • 89. Interface I craft the user experience, I get no aka state diagram. App HATEOAS App 1 I decide where Developer 1 respect. to click, aka change state. App API Server App User App 2 Developer 2 App App 3 Developer 3
  • 90. The person who crafts the experience (state machine) and the app user do not have the REST interface between them.
  • 91. And the hypermedia links are not given directly to the app user at runtime.
  • 92. Instead, the hypermedia are given to the developer at design time.
  • 93. And the developer decides which states are possible for the app user at runtime.
  • 94. We need a Yoda moment.
  • 96. “ You must unlearn what you have learned. -Yoda
  • 97. I used to call the world of popular, non-HATEOAS, non- SOAP web APIs, Pragmatic REST.
  • 98. Oops.
  • 99. How do we answer the questions many API teams are asking
  • 100. 1. Should we go down the HATEOAS path?
  • 101. As a practical matter, for many teams that previous question is the same as the next question.
  • 102. 2. Should we include links in our responses?
  • 103. But they have different answers.
  • 104. 1. For an API to be HATEOAS-compliant it requires a client app that is also HATEOAS-compliant.
  • 105. A user-interface app driven by web APIs would be akin to a feed reader for syndicated content.
  • 106. But designed to handle generic web APIs.
  • 107. I guarantee hypermedia is engine of app I decide where state I craft a system of to click, aka interrelated resources, change state. aka state diagram. REST Interface App RESTful API API API Server User Client App Developer ?
  • 108. Special thanks to @elasticpath for this metaphor.
  • 109. There are interesting non-UI applications as well.
  • 110. However, the style does not assume that all applications are browsers. In fact, the application details are hidden from the server by the generic connector interface, and thus a user agent could equally be an automated robot performing information retrieval for an indexing service, a personal agent looking for data that matches certain criteria, or a maintenance spider busy patrolling the information for broken references or modified content [39]. -Roy Fielding Architectural Styles and the Design of Network-based Software Architectures Chapter 5
  • 111. If you’re not going down the HATEOAS client path, should you include links anyway?
  • 112. 2. If you think including links in the API response will be helpful for developers at design time, then go for it.
  • 114. But I wouldn’t call it HATEOAS because those links are probably not the engine of application state for the app user at run time.
  • 115. If the engine of application state (and hence the API) is not being driven by hypertext, then it cannot be RESTful and cannot be a REST API. Period. Is there some broken manual somewhere that needs to be fixed? -Roy Fielding “REST APIs must be hypertext-driven” Untangled: Musings of Roy T. Fielding
  • 117. Here’s a call to action
  • 118. We know what REST with the HATEOAS constraint is and isn’t.
  • 119. We know what SOAP is and isn’t.
  • 120. But we don’t have an intellectual framework for the way so many popular apps and web APIs work today.
  • 121. We need a really smart person
  • 122. Who cares about web APIs
  • 123. To examine the constraints of REST
  • 124. The Constraints of REST 1. Client-server 2. Stateless server 3. Cache 4. Uniform interface a. Identification of resources b. Manipulation of resources through representations c. Self-descriptive messages d. Hypermedia as the engine of application state 5. Layered System 6. Code-On-Demand (optional)
  • 125. While keeping in mind how custom apps are built by people using web APIs
  • 126. Interface App App 1 Developer 1 App API Server App User App 2 Developer 2 App App 3 Developer 3
  • 127. To give us a new foundation
  • 128. The Constraints of ____ 1. ??? 2. ??? 3. ??? 4. ??? 5. ??? 6. ???
  • 129. So that we will have a better shared idea of what we’re really doing
  • 130. We will be able to communicate more effectively
  • 131. And we will be able to create more value for the planet and the people on it.
  • 133. But please choose a nice, pronounceable acronym.
  • 135. Further Exploring • http://steveklabnik.com/ • http://pinboard.in/u:earth2marsh/t:hateoas/ • http://www.ics.uci.edu/~fielding/pubs/dissert ation/top.htm • http://martinfowler.com/articles/richardsonM aturityModel.html • http://timelessrepo.com/haters-gonna- hateoas
  • 137. THANK YOU Subscribe to API webinars at: youtube.com/apigee
  • 139. THANK YOU Questions and ideas to: groups.google.com/group/api-craft
  • 140. THANK YOU Contact me at: @landlessness brian@apigee.com

Hinweis der Redaktion

  1. Creative Commons Attribution-Share Alike 3.0 United States License
  2. http://www.flickr.com/photos/kmakice/2478522449/
  3. http://www.flickr.com/photos/kmakice/2478522449/