A short guide breaking down the key components of RESTful architecture
So until last week, I had thought I understood REST. I thought that for an app to be RESTFUL, all an app had to do was have logical URIs*. Although this is a big part of it, there is so much more to it. Roy Fielding, the man who introduced REST, wrote a 168 page dissertation (link) explaining REST. Although that is a good read in itself, the main concepts of REST can be explained in something much shorter and I hope to do that in this blog post.
So let’s talk about why REST is important.
Back when the web was new, web apps didn’t talk to each other much. It was mainly humans who talked to a web app. Times have changed. Web apps need to talk to each other. They talk to each other through APIs. An API is the interface implemented by an application which allows other applications to communicate with it.
For web apps to have a smooth transition in talking to each other, the APIs of web apps need to follow some sort of architectural pattern. REST is just one of these patterns that is extremely popular and it makes app to app communication easy.
Need an example of app to app communication?
Think of how a lot of apps are just mashups that incorporate various APIs like those of Youtube, Google Maps, Twitter or Facebook and then integrate them to do amazing things.
Let’s say you want to create an app where you use Facebook’s api to get “likes” data on different categories, then use that information to find areas that you might like around your area. This app wouldn’t be very difficult to execute because Facebook and Google follow RESTful conventions so it is easy to talk with data. You can just get a json object from a get request and then use specific properties of that json object to then talk to the Google Maps API.
So what are some of the guidelines of REST?
(I am going to assume the usage of the http/https protocol, for simplicity’s sake and the fact that it is by far the most common protocol today)
You have Resources and URIs that make sense
You should have resources and those resources should be properly named and represented with the URI. This is probably best explained with examples.
example1 http://nbastalk.com is a prolific and dynamic web site where you can view a nba player’s recent social media feed (twitter/facebook), youtube videos, and recent sports statistics. To view a certain player’s (players is a resource) profile, all you would need to go is http://nbastalk.com/carmelo-anthony That is very logical and makes sense, while http://nbastalk.com/fasfs1/ssdfas3434/155 to view Carmelo’s profile does not. Try them both, you may be in for a fun surprise.
example2 If you have nested resources, the same rule applies. If you have states with different political groups and you wanted to see all the political groups for NY, the URL of the listing of the political groups resource should look something like this:
http://fake-political-data-api-website.com/ny/political-groupsUniform Interface (Correct usage of the HTTP verbs get, post, put, delete)
- get requests are expected to retrieve information
- post requests are expected to create new data
- put requests are expected to update data
- delete requests are expected to delete data
- (fyi head requests are just like get requests except that the server returns an empty body (just returns the header information))
Using these requests, the server is able to deliver and receive information without the client having to know how the information is being constructed. This is encapsulation at its best. Through a uniform interface, the server abstracts away the inner complexities of the application.
Stateless, Hypertext As The Engine Of Application State (HATEOAS)
Every individual request from the client to the server must contain all the information necessary information to understand the request. Everything necessary should be in the response body and head. You cannot rely on a server to store context (think sessions, cookies and pstore as things that shouldn’t be relied on). Each individual response from the server should have links with what you can do with that resource.Request GET / Accept: application/json+userdb Response 200 OK Content-Type: application/json+userdb { "version": "1.0", "links": [ { "href": "/user", "rel": "list", "method": "GET" }, { "href": "/user", "rel": "create", "method": "POST" } ] }Cacheable
Resources should be cachable when possible as this decreases response time from server to client. The protocol should specify which resources can be cached and for how long.Free format/Does not specify implementation details
Let the user dictate what kind of mime the info is passed in. Don’t force a user to have to parse your xml into json. Worse, imagine if the user is forced to change his app to handle specific data just to use your api. If your api is set up correctly, the client should be able to specify what kind of response they want.
Try submitting a GET request to (or just go to the following urls) the following:
http://www.reddit.com/.json
http://www.reddit.com/.xml
See below how the Rails framework does this for us:
1 2 3 4 5 6 7 8 | |
CONCLUSION
So next time you build an API, don’t rest until you make sure your API is RESTful. Or you can always go the SOAP (a well engineered, but much more complex architectural pattern) route but be prepared to your hands dirty first as it is a lot more complex.
THIS IS AN EXAMPLE OF A SOAP REQUEST <?xml version=“1.0”?> <soap:Envelope xmlns:soap=“http://www.w3.org/2001/12/soap-envelope” soap:encodingStyle=“http://www.w3.org/2001/12/soap-encoding”> <soap:body pb=“http://www.nbastalk.com/carmelo-anthony”> <pb:GetUserDetails> <pb:UserID>12345</pb:UserID> </pb:GetUserDetails> </soap:Body> </soap:Envelope>
THIS IS REST
http://nbastalk.com/carmelo-anthony/UserDetails/12345
Good links to checkout if you want to learn more about REST:
1. Stackoverflow thread
2. Roy Fielding’s Dissertation
3. Steve Klabnik’s post on REST
4. Pretty good post explaining APIs