A few of our friends have been asking us what are some of the best practices we learnt over the last two years designing and implementing RESTful Web Services as the back-end of the feedly service. Here is a quick/high level brain dump:
Phase 1 – Defining a simple resource/service | Take a sample resource such as Customer Information, model it as JSON. Build a simple servlet where PUT creates a new customer, GET returns the customer information based on the customer key, DELETE deletes the customer and POST updates the customer information. Make sure that PUT returns the right information regarding the URL of the newly created resource. In our case, we have a framework which maps JSON to our Java Model and use hibernate to persist that model in a MySQL database. The important things for this phase are to the JSON representation right and the base url formatting simple and clean. [Update: see some additional clarification regarding the use of PUT versus POST for creation and update at the end of this document]
Phase 2 – Implementing a client | Learn how to build a simple Javascript client which interacts with the service you built in phase one. This is AJAX 101. There are hundreds of libraries which help you abstract XMLHTTPRequest. Pick one that is cross browser. Pick one that is transparent enough to let you see the GET, POST, PUT and DELETE operations you are calling. JQuery is a great candidate. Some servers do not allow DELETE, in that case you need to learn how to do POST with an method overwrite.
Phase 3 – Adding validation | Change your service implementation to add some data validation to the JSON resource which is being received during PUT and POST. Learn how to use HTTP error code to define and transfer exception information. Learn how to handle those exceptions on the client side. The important thing for this phase is to make sure that you know the existing HTTP error codes, reuse them when it makes sense and create new one which are compliant with HTTP when needed.
Phase 4 – Complex resources | More services evolve over time into resources which are more complex/composite. This will have impact on your URL hierarchy. It will also have impact on the way you marshal those composite JSON resources into domain objects. Try extending the customer resource to include [1...N] address resources. Make sure that the new “service” allows you to get a customer with all its addresses but also allows you to get one address or add/edit/delete an address.
Phase 5 – Adding caching | The web infrastructure offers rich caching mechanisms (last modified information, cache duration, eTag). Learn about those mechanism and see if you can leverage them to improve the performance and scalability of your service. In the back end, learn about Memcached and see how you can leverage it to reduce the load on our service. This is all the more important when you start dealing with sets of large composite resources which are expensive database-wise to build but are not updated often (in those cases, it might be worth to building the resource once and asking the client to cache it if you know when it is going to expire or ask memcached to cache it you do not.
Phase 6 – Adding Authentication | Learn who to leverage your existing web authentication frameworks to for the user to login and validate credential before the service is accessed. Look at how you could use Open Id and OAuth if you are building a consumer centric service. Here again use existing HTTP error codes when possible.
Phase 7 – Publishing Business Events | Often, changes to resource require different types of back end processing. When possible try to avoid creating a monolithic service, instead, save the resource and fire a business event. Defining the right granularity for the business event and the right typing is hard. You might have to iterate a few time to get this right. My advice is to not over engineer it: keep it as simple as possible and re-factor as new use cases appear. For example, if you want to have some processing to send a new welcome email to each customer, define a ON_NEW_CUSTOMER event with a payload which includes the customer URI and instrument our service to fire that event each time a new customer is created.
Phase 7 – Adding Lifecycle | If your resource includes a life-cycle (example Order), your can model that life-cycle as part of the resource and use the state for the the validation in phase 3 and the published business events (state transitions are usually good candidates for business events).
We will try to add more as our back end evolves. We are also looking at taking some of our back-end infrastructure and open sourcing it. We should know more in the next few months. If you have any suggestions you would like to share please post them in the comments or send me an email to edwink@devhd.com and I will update this list. Thanks!
Update/May 27th, 2009: There has been some great comments regarding the use of PUT versus POST. So I did some additional research and found this interesting post.
The crux of the issue comes down to a concept known as idempotency. An operation is idempotent if a sequence of two or more of the same operation results in the same resource state as would a single instance of that operation. According to the HTTP 1.1 specification, GET, HEAD, PUT and DELETE are idempotent, while POST is not. That is, a sequence of multiple attempts to PUT data to a URL will result in the same resource state as a single attempt to PUT data to that URL, but the same cannot be said of a POST request.
After that discussion, a more realistic mapping would seem to be:
- Create = PUT iff you are sending the full content of the specified resource (URL).
- Create = POST if you are sending a command to the server to create a subordinate of the specified resource, using some server-side algorithm.
- Retrieve = GET.
- Update = PUT iff you are updating the full content of the specified resource.
- Update = POST if you are requesting the server to update one or more subordinates of the specified resource.
- Delete = DELETE.
Update July 8th 2009. Here is a great presentation from LinkedIn on how they use RESTful APIs for high performance integration. Great watch.
设计时注意以下非功能性需求:安全验证,数据校验,并发处理 和 可管理性(错误诊断等)
分享到:
相关推荐
因此,深入探讨REST的最佳实践,不仅有助于澄清概念,还能促进更高效、更符合REST原则的服务设计。 #### REST的核心概念与架构 REST服务的核心在于其遵循的一组架构约束条件,这些约束条件确保了REST服务的轻量级...
RESTful API 设计最佳实践是构建可扩展、高效且易于使用的Web服务的关键。遵循REST(Representational State Transfer)原则,可以确保API与Web的核心概念——HTTP协议紧密结合,从而实现资源的透明操作。以下是对...
本文主要介绍了浅谈Spring Boot 开发REST接口最佳实践,涵盖了RESTful API的设计原则、HTTP动词与SQL命令对应、URL中的约定、版本控制、查询字符串、分页信息、响应结果、Spring MVC开发REST接口常用注解等方面的...
这是一篇深入了解`RestTemplate`用法和最佳实践的重要资源。 总结,学习REST服务意味着理解REST原则并掌握如何在Spring框架中应用这些原则。`RestTemplate`作为Spring提供的实用工具,大大简化了与REST服务的交互。...
综合这三份文档,我们可以系统地学习REST的基本理论,了解RESTful设计的最佳实践,并掌握将其应用于实际项目中的技巧。这些知识对于任何需要构建Web服务或者API的开发者来说都是至关重要的,无论是新手还是经验丰富...
- **最佳实践**:本书还总结了一系列最佳实践,帮助开发者避免常见的陷阱,确保服务的安全性和性能。 #### 七、REST与Big Web Services的对比 - **资源导向与过程导向**:REST倾向于资源导向,而Big Web Services...
微服务架构是一种分布式系统设计模式,旨在...通过这些最佳实践,LinkedIn展示了如何通过微服务架构来提升系统的可维护性、可扩展性和弹性。这不仅对其他企业提供了宝贵的经验,也对微服务架构的设计和实施提供了指导。
本白皮书的目的是了解创建 RESTful API 涉及哪些约束以及 Web REST API 的最佳实践是什么。 REST 约束 客户端服务器 无国籍 缓存 统一界面 分层系统 按需代码(可选) 客户端服务器 客户端-服务器约束侧重于关注点...
在压缩包中的"1.rtf"文件可能是对RESTful客户端更深入的解释,包括最佳实践、安全考虑、API设计指导等。而"基于REST的Web服务客户端下载"可能是一个示例代码包,供开发者参考和学习如何实现自己的REST客户端。 总之...
RESTful API 设计最佳实践是构建高效、直观且易于使用的Web服务接口的关键。这一实践源自Roy Fielding在其论文“基于网络的软件架构”中的第五章,他提出了REST(Representational State Transfer)架构风格,用于...
REST是设计分布式网络服务或API时遵循的架构原则以及设计风格, 前后端分离最佳实践的开发标准或规范。本文为资料收藏的.md笔记,选取比较重要的资料,收集了以下内容: 重要概念介绍,如前述的第2-第4个关键词。 ...
这本书“REST in Practice”深入探讨了REST原则和最佳实践,旨在帮助开发者更好地理解和实施RESTful服务。 REST的核心概念是资源(Resource)、URI(统一资源标识符)和表现层(Representation)。资源是REST架构中...
8. **RESTful最佳实践**:如何设计可扩展、易于理解和维护的REST API,如保持接口一致、避免过度设计等。 9. **客户端库**:了解如何使用Java的HTTP客户端库(如HttpURLConnection、Apache HttpClient或OkHttp)来...
### 使用WCF开发REST服务:全面解析与实践指南 #### 关于HTTP与REST的初步探讨 REST(Representational State ...通过这些资源,开发者可以持续提升自己的技能,掌握WCF开发RESTful服务的最新动态和最佳实践。
《REST在实践中》并非仅停留在理论层面,而是提供了丰富的实战案例和最佳实践,让读者能够在真实场景下学习和应用REST原则。书中涵盖了从设计到实现、测试直至部署的全过程,指导开发者如何构建稳定、高性能的...