REST Principles and Architectural Constraints – REST API Tutorial https://restfulapi.net/rest-architectural-constraints/

REST Architectural Constraints

REST stands for Representational State Transfer, a term coined by Roy Fielding in 2000. It is an architecture style for designing loosely coupled applications over HTTP, that is often used in the development of web services. REST does not enforce any rule regarding how it should be implemented at lower level, it just put high level design guidelines and leave you to think of your own implementation.

In my last employment, I designed RESTful APIs for telecom major company for 2 good years. In this post, we will be sharing my thoughts apart from normal design practices. You may not be agree with me on few points, and that’s perfectly OK. I will be happy to discuss anything from you with open mind.

Let’s start with standard design specific stuff to clear what ‘Roy Fielding’ wants us to build. Then we will discuss my stuff which will be more towards finer points while you design your RESTful APIs.

Architectural Constraints

REST defines 6 architectural constraints which make any web service – a true RESTful API.

  1. Uniform interface
  2. Client–server
  3. Stateless
  4. Cacheable
  5. Layered system
  6. Code on demand (optional)

Uniform interface

As the constraint name itself applies, you MUST decide APIs interface for resources inside system which are exposed to API consumers and follow religiously. A resource in system should have only one logical URI, and then should provide way to fetch related or additional data. It’s always better to synonymise a resource with a web page.

Any single resource should not be too large and contain each and everything in it’s representation. Whenever relevant, a resource should contain links (HATEOAS) pointing to relative URIs to fetch related information.

Also, the resource representations across system should follow certain guidelines such as naming conventions, link formats or data format (xml or/and json).

All resources should be accessible through a common approach such as HTTP GET, and similarly modified using consistent approach.

Once a developer become familiar with one of your API, he should be able to follow similar approach for other APIs.

Client–server

This essentially means that client application and server application MUST be able to evolve separately without any dependency
on each other. Client should know only resource URIs and that’s all. Today, this is normal practice in web development so nothing fancy is required from your side. Keep it simple.

Servers and clients may also be replaced and developed independently, as long as the interface between them is not altered.

Stateless

Roy fielding got inspiration from HTTP, so it reflects in this constraint. Make all client-server interaction stateless. Server will not store anything about latest HTTP request client made. It will treat each and every request as new. No session, no history.

If client application need to be a stateful application for end user, where user logs in once and do other authorized operations thereafter, then each request from the client should contain all the information necessary to service the request – including authentication and authorization details.

No client context shall be stored on the server between requests. Client is responsible for managing the state of application.

Cacheable

In today’s world, caching of data and responses is of utmost important wherever they are applicable/possible. The webpage you are reading here is also a cached version of HTML page. Caching brings performance improvement for client side, and better scope for scalability for server because load has reduced.

In REST, caching shall be applied on resources when applicable and then these resources MUST declare themselves cacheable. Caching can be implemented on server or client side.

Well-managed caching partially or completely eliminates some client–server interactions, further improving scalability and performance.

Layered system

REST allow you to use a layered system architecture where you deploy the APIs on server A, and store data on server B and authenticate requests in Server C, for example. A client cannot ordinarily tell whether it is connected directly to the end server, or to an intermediary along the way.

Code on demand (optional)

Well, this constraint is optional. Most of the time you will be sending the static representations of resources in form of XML or JSON. But when you need to, you are free to return executable code to support a part of your application e.g. clients may call your API to get a UI widget rendering code. It is permitted.

All above constraints helps you build a true RESTful API and you should follow them. Still, at times you may find yourself violating one or two constraints. Do not worry, you are still making a RESTful API – but not “truely RESTful”.

Notice that all above constraints are most closely related to WWW (the web). Using RESTful APIs, you can do the same thing with your web services what you do to web pages.

 
 
 
 

Client should know only resource URIs and that’s all.的更多相关文章

  1. REST Representational state transfer REST Resource Naming Guide Never use CRUD function names in URIs

    怎样用通俗的语言解释什么叫 REST,以及什么是 RESTful? - 知乎  https://www.zhihu.com/question/28557115 大家都知道"古代"网 ...

  2. 基于OWIN WebAPI 使用OAuth授权服务【客户端验证授权(Resource Owner Password Credentials Grant)】

    适用范围 前面介绍了Client Credentials Grant ,只适合客户端的模式来使用,不涉及用户相关.而Resource Owner Password Credentials Grant模 ...

  3. Jersey(1.19.1) - Client API, Uniform Interface Constraint

    The Jersey client API is a high-level Java based API for interoperating with RESTful Web services. I ...

  4. Jersey(1.19.1) - Client API, Testing services

    The Jersey client API was originally developed to aid the testing of the Jersey server-side, primari ...

  5. IdentityServer Resource Owner Password

    Resource Owner Password 模式需要自己实现用户名密码的校验 新增ResourceOwnerPasswordValidator实现IResourceOwnerPasswordVal ...

  6. Spring Cloud(6.2):搭建OAuth2 Client

    配置web.xml 添加spring-cloud-starter-security,spring-security-oauth2-autoconfigure和spring-boot-starter-o ...

  7. SpingMVC 核心技术帮助文档

    声明:本篇文档主要是用于参考帮助文档,没有实例,但几乎包含了SpringMVC 4.2版本的所有核心技术,当前最新版本是4.3,4.2的版本已经经是很新的了,所以非常值得大家一读,对于读完这篇文档感觉 ...

  8. http2协议翻译(转)

    超文本传输协议版本 2 IETF HTTP2草案(draft-ietf-httpbis-http2-13) 摘要 本规范描述了一种优化的超文本传输协议(HTTP).HTTP/2通过引进报头字段压缩以及 ...

  9. The OAuth 2.0 Authorization Framework-摘自https://tools.ietf.org/html/rfc6749

                                                                                  Internet Engineering T ...

随机推荐

  1. 九度oj 题目1450:产生冠军

    题目描述: 有一群人,打乒乓球比赛,两两捉对撕杀,每两个人之间最多打一场比赛. 球赛的规则如下: 如果A打败了B,B又打败了C,而A与C之间没有进行过比赛,那么就认定,A一定能打败C. 如果A打败了B ...

  2. 洛谷P2351 [SDOi2012]吊灯 【数学】

    题目 Alice家里有一盏很大的吊灯.所谓吊灯,就是由很多个灯泡组成.只有一个灯泡是挂在天花板上的,剩下的灯泡都是挂在其他的灯泡上的.也就是说,整个吊灯实际上类似于[b]一棵树[/b].其中编号为 1 ...

  3. 【Luogu】P3387缩点(Tarjan缩点+深搜DP)

    题没什么好说的,因为是模板题.求值我用的是dfs. 不能直接在原图上dfs,因为原图上有环的话会发生一些滑稽的事情.所以我们要用Tarjan缩点.因为此题点权全为正,所以如果在图上走一个环当然可以全走 ...

  4. PC端有什么好用的倍速播放的软件?

    倍速播放的目的是让自己可以以更快的速度去看视频, 加快获取信息的效率 potplay吧,和KMP是一个作者.加速播放快捷键是c,减速时x,z恢复正常.下载官网 Global Potplayer

  5. 常州模拟赛d4t3 字符串划分

    题目描述 给你一串由小写字母组成的字符串,希望你把它划分成一些小段,使得每一小段字符串中的字母 都不相同,并且希望分的段数尽量少. 然后,把这些小段按字典序排序后输出,中间由一个空格分隔. 例如:字符 ...

  6. KVM 网络虚拟化基础

    网络虚拟化是虚拟化技术中最复杂的部分,学习难度最大. 但因为网络是虚拟化中非常重要的资源,所以再硬的骨头也必须要把它啃下来. 为了让大家对虚拟化网络的复杂程度有一个直观的认识,请看下图 这是 Open ...

  7. 建筑抢修 BZOJ 1029

    建筑抢修 [问题描述] 小刚在玩JSOI提供的一个称之为“建筑抢修”的电脑游戏:经过了一场激烈的战斗,T部落消灭了所有z部落的入侵者.但是T部落的基地里已经有N个建筑设施受到了严重的损伤,如果不尽快修 ...

  8. Scrapy学习-8-ItemLoader

    ItemLoader使用 作用 方便管理维护重用xpath或css规则   实例 itemloader+图片处理 # items.py import scrapy from scrapy.loader ...

  9. plsql + 客户端 连接oracle数据库

    一. 目录结构D:\oracle\instantclient_11_2D:\oracle\instantclient_11_2\tnsnames.ora 二. 环境变量 NLS_LANG = SIMP ...

  10. 洛谷 P1710 地铁涨价

    题目背景 本题开O2优化,请注意常数 题目描述 博艾市除了有海底高铁连接中国大陆.台湾与日本,市区里也有很成熟的轨道交通系统.我们可以认为博艾地铁系统是一个无向连通图.博艾有N个地铁站,同时有M小段地 ...