1. and Conquering the World
Andrew Curioso

2.  Cre·ate[kree-eyt] verb
1. to cause to come into being, as something
unique that would not naturally evolve or
that is not made by ordinary processes.
2. to evolve from one's own thought or
imagination, as a work of art or an
invention.
Source: Dictionary.com

3.  Ep·ic [ep-ik] adjective
1. noting or pertaining to a long poetic
composition, usually centered upon a hero, in
which a series of great achievements or events
is narrated in elevated style: Homer's Iliad is an
epic poem.
2. resembling or suggesting such poetry: an epic
novel on the founding of the country.
3. heroic; majestic; impressively great: the epic
events of the war.
4. of unusually great size or extent: a crime wave
of epic proportions.
Source: Dictionary.com

4.  Rest[rest] noun
1. the refreshing quiet or repose of sleep: a good
night's rest.
2. refreshing ease or inactivity after exertion or
labor: to allow an hour for rest.
3. relief or freedom, especially from anything that
wearies, troubles, or disturbs.
4. a period or interval of
inactivity, repose, solitude, or tranquility: to go
away for a rest.
5. mental or spiritual calm; tranquility.
6. Representational State Transfer
Source: Dictionary.com

5.  Rest [rest] noun
1. the refreshing quiet or repose of sleep: a good
night's rest.
2. refreshing ease or inactivity after exertion or
labor: to allow an hour for rest.
3. relief or freedom, especially from anything that
wearies, troubles, or disturbs.
4. a period or interval of
inactivity, repose, solitude, or tranquility: to go
away for a rest.
5. mental or spiritual calm; tranquility.
6. Representational State Transfer
Source: Common Knowledge

6.  A·P·I [ey-pee-ahy] noun
1. Application Programming Interface. A
contract between two applications that
allows them to communicate effectively.
Source: Andrew Curioso

7.  Con·quer[kong-ker] verb
1. to acquire by force of arms; win in war: to
conquer a foreign land.
2. to overcome by force; subdue: to conquer an
enemy.
3. to gain, win, or obtain by effort, personal
appeal, etc.: conquer the hearts of his
audience.
4. to gain a victory over; surmount; master;
overcome: to conquer disease and poverty; to
conquer one's fear.
Source: Andrew Curioso

8.  World [wurld] noun
1. the earth or globe, considered as a planet.
2. ( often initial capital letter ) a particular division
of the earth: the Western world.
3. the earth or a part of it, with its inhabitants,
affairs, etc., during a particular period: the
ancient world.
4. humankind; the human race; humanity: The
world must eliminate war and poverty.
5. the public generally: The whole world knows it.
Source: Andrew Curioso

10.  World [wurld] noun
1. The ecosystem around your startup or cause
into which you drag your
family, friends, investors, and anyone who
will listen.
Source: Andrew Curioso

11.  Internal only (closed)  External (open)
 Multiple consumers  Everything +
 Scalable  Growth
▪ Mash-ups!
 Semi-Private ▪ Innovation
▪ Evangelists
 Partner Integration
 “The Platform Play”

12. PATTERNS PROTOCOLS / FORMATS
 Representation State  XML
Transfer (REST)  JSON
 Remote Procedure Calls  YAML
(RPC)  AMF
 Etc...

13.  Representational State Transfer
 Resource based (nouns)
 5 verbs
 GET

 POST
 DELETE

 Easy in PHP

14. 1. Client / Server
2. Stateless
3. Cacheable
4. Layered
5. Uniform Interface
6. ???

15.  URL shortening website
 User authentication (simple)
 Create, read, update, and delete (CRUD)

16.  id
 user_id
users urls
 url
 created
 modified

17. Verb URL Action
GET /urls.json List URLs
GET /urls/123.json Resource for URL with id 123
POST /urls.json Shorten a new URL
PUT /urls/123.json Edit the URL with the ID 123
DELETE /urls/123.json Delete the URL with the ID 123
POST /urls/123.json Also edit the URL with the ID 123

18. <?php
if ( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
...
}
?>

19.  Only you can prevent CSRF
 Only POST and PUT should write data
 Only POST and DELETE should delete data
 Check Referrer
 Per request tokens

20.  HTTP Accepts
 Mime Types

21.  Simple
 Fast
 Wide-spread
 Mime: application/json
<?php
echo json_encode( $urlObject);
?>

22.  P w/ padding
 Uses callback
 Cross domain
 Mime: application/javascript
if ( array_key_exists('callback’, $_GET) )
$callbackFunc = $_GET['callback'];
else
$callbackFunc = false;
if ( $callbackFunc !== false )
echo $callbackFunc.'(';
echojson_encode( $urlObject );
if ( $callbackFunc )
echo ')';
?>

23.  Strongly Typed
 Human readable
 Lots of existing tools
 Mime: application/xml
<?php
...
?>

24. HUMAN READABLE BINARY
  AMF
  Microsoft Excel
 HTML  PDF
 YAML  JPEG / PNG
 CSV  Etc…
 Serialized PHP
 Etc…

25. Create
curl –d “url=www.example.com” http://tinyr.me/urls.json
Read
curl http://tinyr.me/urls/123.json
Update
curl –d “url=www.example.com/foo” http://tinyr.me/urls/123.json
Delete
curl –X DELETE http://tinyr.me/urls/123.json

26. WE HAVE WE’RE MISSING
 Request handling  Error handling
 RESTful Output Formats  Pagination
 XML  Authentication
 Json / JsonP  Authorization
 Documentation

27.  Success  Error (continued)
 200 OK *  405 Method Not Allowed *
 201 Created *  409 Conflict
 303 See Other *  410 Gone
 500 Internal Server Error *
 Error  501 Not Implemented
 401 Unauthorized *  503 Service Unavailable
 402 Payment Required
 403 Forbidden *
 404 Not Found *

28.  If not a POST request
 405 Method Not Allowed
 Already existed
 303 See Other
 Save success
 201 Created
 Failure
 500 Internal Server Error with explanation

29.  If not a POST or PUT request
 405 Method Not Allowed
 Invalid ID
 404 File Not Found
 Success
 200 OK
 Failure
 500 Internal Server Error with explanation

30.  If not a POST or DELETE request
 405 Method Not Allowed
 Invalid ID
 404 File Not Found
 Success
 200 OK
 Failure
 500 Internal Server Error with explanation

31.  User is not allowed to access resource
 403 Forbidden
 User is not logged in
 401 Unauthorized

32.  Same format
 Descriptive
 Human
 Computer
 Comprehensive

33. {"Error": {
"code" : 404,
"description" : "File Not Found"
}}

34.  Return meta-information
 Rate limiting
 Pagination
 Expiration / cache
 Etc.

35.  Uses HTTP headers
 App defined “used to” start with “X-”
header(“X-Current-Page:”.$currentPage);
header(“X-Total: ”.$total);
header(“X-Per-Page: ”.$perPage);

36. SOME PLATFORMS (LIKE MANY
WEB BROWSERS) FORTUNATELY…
 Do not support:  You can/should do this:
 DELETE
 PUT _method=DELETE

37. DELETE /urls/123.json HTTP1.1 POST /urls/123.json HTTP1.1
Host: www.example.com Host: www.example.com
_method=DELETE

38. BAD
No Authentication
GOOD
Basic
BETTER
Form and Cookie Digest
BEST
Oauth Shared Secret

39.  There are no shortcuts
 One or more:
 All Users (public)
 Owner
 Shared User
 Moderator
 Administrator

40.  Vocabularies / Schemas
 DTD or schema files
 Examples
 Code
 I/O
 Community
 Feedback
 WSDL 2.0

41.  PHP rocks with REST
 SOAP is heavy
 AMF is light but requires Flash
 But, if you still want to, you can

42. User Gateway REST API
POST
REST request
REST request
Response
Aka the Façade Pattern

44.  Built-in to HTTP
 Expires
 Last-Modified
 Cache-Control
 Etag
▪ If-None-Match
 Stateless

45.  Hypermedia as the Engine of Application
State
Roy Thomas Fielding

48.  REST constraints
 Documentation
 Security
 Unit tests

49.  Contact:
 www.AndrewCurioso.com/contact
 @AndrewCurioso on Twitter
 Careers.FreePriceAlerts.com