The document provides an overview of Representational State Transfer (REST) architectural style. It defines REST as having six constraints: client-server architecture, stateless, cacheable, uniformly interfaced, layered system, and code-on-demand. Resources are the primary elements and are identified through URIs. Standard HTTP methods like GET, POST, PUT, DELETE are used to manipulate resources. The document uses examples of booking lifecycle to illustrate creating, reading, updating, and deleting resources using RESTful principles.
5. REST
«A software architecture is an abstraction
of the run-time elements of a software
system during some phase of its operation»
Roy T. Fielding, 2000
REpresentational State Transfer 5
6. REST
Architecture Elements
Components
Components
Components
Data
Connectors
REpresentational State Transfer 6
8. REST
«An architectural style is a coordinated set
of architectural constraints that restricts the
roles/features of architectural elements and
the allowed relationships among those
elements within any architecture that
conforms to that style»
Roy T. Fielding, 2000
REpresentational State Transfer 8
9. REST
REST = style
REpresentational State Transfer 9
17. REST
Web < 1994
- Static documents
- CERN libwww common library
- No consistent set of semantics
for all resources
REpresentational State Transfer 17
18. REST
4. Uniform Interface
+ Simplicity - Efficiency
+ Visibility
+ Evolvability
REpresentational State Transfer 18
19. REST
5. Layered System
+ Simplicity - UP Performance
+ Scalability
+ Evolvability
REpresentational State Transfer 19
24. REST
Resources
<a href=’ ’>Winnie</a>
REpresentational State Transfer 23
25. REST
«A resource is a conceptual mapping to a
set of entities, not the entity that
corresponds to the mapping at any
particular point in time.»
Roy T. Fielding, 2000
REpresentational State Transfer 24
26. REST
Resources
=> {}
=> static:
=> dynamic:
REpresentational State Transfer 25
27. REST
Resources
M R(t)={
ids and/or
representations
}
REpresentational State Transfer 26
28. REST
Resources
1.0 1.1 2.0 «latest»
REpresentational State Transfer 27
29. REST
Resources
1.0 1.1 2.0 != «latest»
REpresentational State Transfer 27
30. REST
Resources
+ Generality
+ Late binding of reference to
implementation (request-time)
+ Allows to reference concept, not
some singular representation
REpresentational State Transfer 28
33. REST
Resource IDs
«Since centralized link servers are an
anathema to the immense scale and multi-
organizational domain requirements of the
Web, REST relies instead on the author
choosing a resource identifier that best fits
the nature of the concept being identified.»
Roy T. Fielding, 2000
REpresentational State Transfer 30
34. REST
Resource Representations
Content-Type: text/plain
Thu Jul 05 2012 20:05:15 GMT+0300 (EEST)
Content-Type: text/xml
<current-time>1341095876929</current-time>
REpresentational State Transfer 31
35. REST
Resource Representations
• Data
Thu Jul 05 2012 20:05:15 GMT+0300 (EEST)
• Metadata
Content-Type: text/plain
• [Metadata to describe the
metadata]
REpresentational State Transfer 32
37. REST
Control Data
• Defines purpose of the message
GET
• Used to parameterize request
(e.g. caching)
If-Modified-Since: Sat, 29 Oct 1994
19:43:31 GMT
REpresentational State Transfer 34
38. REST
Media Types
• Data Format = Media Type
• Intention
• Automated processing
• Rendered / viewed by a user
• Both
• Composite Media Types
• Affects Latency
REpresentational State Transfer 35
39. REST
Connectors
• Client
• Server
• Cache
• Shared (Akamai)
• Non-shared (browser)
• Resolver (DNS)
• Tunnel (SSL)
REpresentational State Transfer 36
40. REST
Components
• Origin Server
• Gateway
• Proxy
• User Agent
REpresentational State Transfer 37
41. REST
2
Practice
REpresentational State Transfer 38
48. REST
POST?
• Server determines resource URI
• We are changing server state
(POST is not safe!)
• Resubmitting may create
another booking (POST is non-
idempotent!)
REpresentational State Transfer 43
49. REST
Creation Failure - 400
POST /bookings HTTP/1.1
Host: www.booking-rest.com
Content-Type: application/json
{
...
«hotel-id»: «mars:escapism»,
...
}
REpresentational State Transfer 44
50. REST
Creation Failure - 400
POST /bookings HTTP/1.1
Host: www.booking-rest.com
Content-Type: application/json
{
...
«hotel-id»: «mars:escapism»,
...
}
HTTP/1.1 400 Bad Request
Content-Type: application/json
{
«error»: «WTF is your hotel-id?»
}
REpresentational State Transfer 44
51. REST
Creation Failure - 400
POST /bookings HTTP/1.1
Host: www.booking-rest.com
Content-Type: application/json
{
...
«hotel-id»: «mars:escapism»,
...
}
Modify request before resubmitting!!!
REpresentational State Transfer 45
52. REST
Creation Failure - 500
POST /bookings HTTP/1.1
Host: www.booking-rest.com
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true
}
HTTP/1.1 500 Internal Server Error
Content-Type: application/json
{
«error»: «donno what went wrong»
}
REpresentational State Transfer 46
53. REST
Creation Failure - 500
POST /bookings HTTP/1.1
Host: www.booking-rest.com
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true
}
throw new Exception(«donno
what went wrong»)
REpresentational State Transfer 47
54. REST
Creation Failure - 500
• Forward progress is tricky
(booking created or not?)
• Retry
• Recompute state
• Try to be descriptive when
returning 500 or avoid if it is
possible
REpresentational State Transfer 48
55. REST
Creation Failure - 503
POST /bookings HTTP/1.1
Host: www.booking-rest.com
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true
}
HTTP/1.1 503 Service Unavailable
Content-Type: application/json
Retry-After: 60
{
«error»: «Have a headache right now. Please try
again in a minute»
}
REpresentational State Transfer 49
57. REST
Reading Booking
GET /bookings/9111 HTTP/1.1
Host: www.booking-rest.com
HTTP/1.1 200 OK
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true
«state»: «PENDING»
}
REpresentational State Transfer 51
58. REST
GET?
• No side effects (GET is safe!)
• Resubmitting will return the
same result if resource haven’t
changed (GET is idempotent /
nullipotent!)
REpresentational State Transfer 52
59. REST
Reading Booking (Later)
GET /bookings/9111 HTTP/1.1
Host: www.booking-rest.com
HTTP/1.1 200 OK
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true
«state»: «SERVED»
}
REpresentational State Transfer 53
60. REST
Reading Booking - 404
GET /bookings/mars HTTP/1.1
Host: www.booking-rest.com
HTTP/1.1 404 Not Found
REpresentational State Transfer 54
64. REST
PUT?
• Client determines resource URI
• We are changing server state
(PUT is not safe!)
• Resubmitting will result in the
same resource state (PUT is
idempotent!)
REpresentational State Transfer 57
65. REST
Updating Booking - 204
PUT /bookings/9111 HTTP/1.1
Host: www.booking-rest.com
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-22»,
«to»: «2012-07-29»,
«room-type»: «standard-2x»,
«breakfast»: true,
«state»: «PENDING»
}
HTTP/1.1 204 No Content
REpresentational State Transfer 58
66. REST
PUT: 200 or 204?
• 200 more descriptive and
confirms server-side state
• 204 is more efficient
REpresentational State Transfer 59
68. REST
PUT or
POST
for Create/Update?
REpresentational State Transfer 61
69. REST
PUT/POST Guidelines
• Use POST to create a resource identified by
a service-generated URI
• Use POST to append a resource to (or to
update existing resource in) a collection
identified by a service-generated URI
• Use PUT to create or update a resource
identified by a URI computed by the client
sending full content of the specified
resource
REpresentational State Transfer 62
70. REST
Partial / Bulk
Updates?
REpresentational State Transfer 63
71. REST
Partial Update Strategies
1. Encapsulate «partial» into its own sub-resource
and invoke PUT on it
• ... only if this new resource makes sense to
others! Don’t do it just to avoid POST!
2. Use POST for resource or sub-resource
responding with «303 See Other» pointing to
parent resource (Fielding разрешает!)
3. Use PATCH (once universally deployed)
REpresentational State Transfer 64
72. REST
Partial Update - POST
POST /bookings/9111/dates HTTP/1.1
Host: www.booking-rest.com
Content-Type: application/json
{
«from»: «2012-07-22»,
«to»: «2012-07-29»
}
HTTP/1.1 303 See Other
Location: http://www.booking-rest.com/bookings/9111
GET /bookings/9111 HTTP/1.1
Host: www.booking-rest.com
HTTP/1.1 200 OK
Content-Type: application/json
...
REpresentational State Transfer 65
73. REST
Partial Update - PUT
PUT /bookings/9111/from HTTP/1.1
Host: www.booking-rest.com
Content-Type: text/plain
2012-07-22
HTTP/1.1 200 OK
Content-Type: text/plain
2012-07-22
REpresentational State Transfer 66
75. REST
Bulk Update Strategies
1. HTTP Pipelining
1. Not well supported :(
2. Innappropriate for non-idempotent methods
like POST
2. Well, use POST, as «universal» method. Respond
with «303 See Other»
3. If you need to remove a set of sub-resources
and list is not very long, just issue DELETE
listing ids in the URL
REpresentational State Transfer 67
76. REST
Bulk Update - POST
POST /bookings/cancelled HTTP/1.1
Host: www.booking-rest.com
Content-Type: application/json
{
«ids»: [«9111», «9112», «9113», «9114»]
}
HTTP/1.1 303 See Other
Location: http://www.booking-rest.com/bookings
REpresentational State Transfer 68
90. REST
Level 0
1. Single URI endpoint
2. Single HTTP method
3. Uses HTTP as transport, not app protocol
4. Does not use mechanics of the Web
5. Usually based on RPC
REpresentational State Transfer 80
91. REST
Level 0
1. Single URI endpoint
2. Single HTTP method
3. Uses HTTP as transport, not app protocol
4. Does not use mechanics of the Web
5. Usually based on RPC
Flickr SOAP API,
Google AdSense API
REpresentational State Transfer 80
92. REST
Level 1 - Create
POST /booking HTTP/1.1
Content-Type: application/json
{
«create»: {
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-22»,
«to»: «2012-07-29»,
...
}
}
HTTP/1.1 200 OK
Content-Type: application/json
{
«id»: «9111»
}
REpresentational State Transfer 81
93. REST
Level 1 - Retrieve
POST /booking HTTP/1.1
Content-Type: application/json
{
«retrieve»: {
«id»: «9111»
}
}
HTTP/1.1 200 OK
Content-Type: application/json
{
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-22»,
«to»: «2012-07-29»,
...
}
REpresentational State Transfer 82
94. REST
Level 1 - Confirm
POST /confirmation HTTP/1.1
Content-Type: application/json
{
«create»: {
«id»: «9111»,
«credit-card»: «1111-2222-3333-4444»,
...
}
}
HTTP/1.1 200 OK
Content-Type: application/json
{
«id»: «1234»
}
REpresentational State Transfer 83
96. REST
Level 1
1. Multiple resources
2. Single HTTP method
3. Action in URI or payload
REpresentational State Transfer 84
97. REST
Level 1
1. Multiple resources
2. Single HTTP method
3. Action in URI or payload
Flickr «REST» API,
Amazon SimpleDB
REpresentational State Transfer 84
99. REST
Level 2
1. Many URIs
2. Many verbs
3. We’ve designed it already ;)
REpresentational State Transfer 85
100. REST
Level 2
1. Many URIs
2. Many verbs
3. We’ve designed it already ;)
Amazon S3
Twitter API
Google Calendar API
REpresentational State Transfer 85
101. REST
Level 2 APIs
HTTP-based Type 1 HTTP-based Type 2
Identification of Resources Yes Yes
Manipulation of Resources through
Yes Yes
Representations
Self-Descriptive Messages No Yes
HATEOAS No No
Examples Twitter API Google Calendar API
REpresentational State Transfer 86
102. REST
Level 3?
REpresentational State Transfer 87
103. REST
«If the engine of application state (and
hence the API) is not being driven by
hypertext, then it cannot be RESTful and
cannot be a REST API. Period.»
Roy T. Fielding, 2008
REpresentational State Transfer 88
104. REST
HATEOAS
REpresentational State Transfer 89
105. REST
Browsing
Follow links
Change application state
Move towards your goal
REpresentational State Transfer 90
106. REST
Interaction
GET /bookings/9111 HTTP/1.1
Host: www.booking-rest.com
HTTP/1.1 200 OK
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true
«state»: «PENDING»
}
REpresentational State Transfer 91
107. REST
Interaction
GET /bookings/9111 HTTP/1.1
Host: www.booking-rest.com
HTTP/1.1 200 OK
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true
«state»: «PENDING»
}
Exchange of resource state,
not application state
REpresentational State Transfer 91
108. REST
Resource State
1. Information belonging to the resource
2. Links to related resources
3. Possible transition(s) to a future state(s) of the
resource
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true
«state»: «PENDING»
}
REpresentational State Transfer 92
109. REST
Domain Application Protocol
Legal interactions between consumer and a set
of resources involved in a business process
update cancel
Cancelled
create confirmed
Pending Confirmed
"live"
rejected Served
update
Rejected delete
REpresentational State Transfer 93
110. REST
HTTP/1.1 200 OK
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true
«state»: «PENDING»
}
REpresentational State Transfer 94
111. REST
HTTP/1.1 200 OK
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true
«state»: «PENDING»
}
What’s next?
REpresentational State Transfer 94
112. REST
URI Templates
- Service is bound to honoring
these templates forever (and URIs
do change!)
- You’re exposing too much detail
about implementation
REpresentational State Transfer 95
113. REST
Single entry-
point URI(s)
REpresentational State Transfer 96
114. REST
Single entry-
point URI(s)
http://www.booking-rest.com/bookings
REpresentational State Transfer 96
115. REST
Loose Coupling
Understanding of specific URI structure
‣ Change URI shapes
‣ Relocate resources to
different servers (partitioning)
REpresentational State Transfer 97
116. REST
Loose Coupling
Semantics of a «link»!!!
REpresentational State Transfer 98
117. REST
Loose Coupling
Semantics of a «link»!!!
«link» = hypermedia control
REpresentational State Transfer 98
118. REST
Hypermedia Control
HTTP/1.1 200 OK
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true,
«state»: «PENDING»,
«confirmation»: «http://www.booking-rest.com/confirmation/9111»
}
REpresentational State Transfer 99
119. REST
Hypermedia Control
{
...
«confirmation»: «http://www.booking-rest.com/confirmation/9111»,
«cancellation»: «http://www.booking-rest.com/cancellation/9111»,
...
}
REpresentational State Transfer 100
120. REST
Hypermedia Control
{
...
«confirmation»: «http://www.booking-rest.com/confirmation/9111»,
«cancellation»: «http://www.booking-rest.com/cancellation/9111»,
...
}
Elements have different protocol
semantics, but identical link semantics
REpresentational State Transfer 100
121. REST
Better Hyperm Control
HTTP/1.1 200 OK
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true,
«state»: «PENDING»,
«link»: {
«rel»: «confirmation»
«href»: «http://www.booking-rest.com/confirmation/9111»
}
}
REpresentational State Transfer 101
122. REST
Media Type
HTTP/1.1 200 OK
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true,
«state»: «PENDING»,
«link»: {
«rel»: «confirmation»,
«href»: «http://www.booking-rest.com/confirmation/9111»
}
}
REpresentational State Transfer 102
123. REST
Media Type
HTTP/1.1 200 OK
Content-Type: application/json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true,
«state»: «PENDING»,
«link»: {
«rel»: «confirmation»,
«href»: «http://www.booking-rest.com/confirmation/9111»
}
}
Should it be interpreted as plain vanilla JSON?
REpresentational State Transfer 102
124. REST
Content-Type drives
processing of the
payload,
NOT the payload itself
REpresentational State Transfer 103
125. REST
Media Type
HTTP/1.1 200 OK
Content-Type: application/json
{
«hotel-id»: «paris:bergere-opera-hotel-3»,
...
«link»: {
«rel»: «confirmation»,
«href»: «http://www.booking-rest.com/confirmation/9111»
}
}
Interpretative scheme for each format
includes hypermedia control definitions
REpresentational State Transfer 104
126. REST
Media Type
HTTP/1.1 200 OK
Content-Type: application/json
{
«hotel-id»: «paris:bergere-opera-hotel-3»,
...
«link»: {
«rel»: «confirmation»,
«href»: «http://www.booking-rest.com/confirmation/9111»
}
}
Interpretative scheme for each format
includes hypermedia control definitions
JSON doesn’t define a «link»
REpresentational State Transfer 104
127. REST
Better Media Type
HTTP/1.1 200 OK
Content-Type: application/vnd.booking+json
{
«user-id»: «anonymous-developer»,
«hotel-id»: «paris:bergere-opera-hotel-3»,
«from»: «2012-07-20»,
«to»: «2012-07-27»,
«room-type»: «standard-2x»,
«breakfast»: true,
«state»: «PENDING»,
«link»: {
«rel»: «confirmation»
«href»: «http://www.booking-rest.com/confirmation/9111»
}
}
REpresentational State Transfer 105
128. REST
Should we give
each representation
a media type?
REpresentational State Transfer 106
129. REST
Media Types /
Representations
‣ Usually there is NO 1:1 relationship between
media type and representation
‣ Usually having one single monolithic media type is
too bulky
‣ One media type per application domain context is
usually OK
REpresentational State Transfer 107
131. REST
«link»
‣ URI - identifies a resource with which the
consumer can interact to progress the application
protocol
‣ rel - contains semantic markup (=> verb, headers,
structure of the payload)
‣ [mediaType] - format of the request payload
REpresentational State Transfer 109
133. REST
«REST doesn’t eliminate the need for a
clue. What REST does is concentrate that
need for prior knowledge into readily
standardizable forms. That is the essential
distinction between data-oriented and
control-oriented integration.»
Roy T. Fielding, 2008
REpresentational State Transfer 111
134. REST
«... It has value because it is far easier to
standardize representation and relation
types than it is to standardize objects
and object-specific interfaces ...»
Roy T. Fielding, 2008
REpresentational State Transfer 112
135. REST
Versioning
REpresentational State Transfer 113
137. REST
1. Version in URI
http://www.booking-rest.com/v1/bookings
REpresentational State Transfer 114
138. REST
1. Version in URI
http://www.booking-rest.com/v1/bookings
• /v1/bookings/9111 != /v2/bookings/9111?
Not necessarily
• Should client support both /v1 and /v2?
Maintenance nightmare
• Should client start constructing URIs then?
Breaks HATEOAS
REpresentational State Transfer 114
140. REST
2. Version in Media Type
• Another representation of /bookings/9111?
Yes!
• Should client support both /v1 and /v2?
Client chooses which version to support
through «Accept»
• No need to construct URIs
HATEOAS preserved
REpresentational State Transfer 115
141. REST
2. Version in Media Type
application/vnd.booking.v2+json
application/vnd.booking+json; version=2.0
• Another representation of /bookings/9111?
Yes!
• Should client support both /v1 and /v2?
Client chooses which version to support
through «Accept»
• No need to construct URIs
HATEOAS preserved
REpresentational State Transfer 115
143. REST
3. Version in Header
X-REST-API-Version: 2.0
REpresentational State Transfer 116
144. REST
3. Version in Header
X-REST-API-Version: 2.0
Also fine but can be filtered out by
proxies or intermediaries
REpresentational State Transfer 116
145. REST
Transactions
REpresentational State Transfer 117
146. REST
Transactions
1. If you need transactions, treat them as
corresponding resources
1. Create transaction as POST
2. Fill it with data and initiate by issuing PUT
2. There is no concept of «distributed transaction»
in REST. Treat «distributed» nature of the
transaction as implementation detail
REpresentational State Transfer 118
147. REST
Transaction
POST /transfer HTTP/1.1
Host: www.money-rest.com
HTTP/1.1 201 Created
Location: http://www.money-rest.com/transfer/9111
PUT /transfer/9111 HTTP/1.1
Host: www.money-rest.com
Content-Type: application/json
{
«from»: «husband»,
«to»: «wife»,
«amount»: «1000.00»,
«amount»: «UAH»,
«description»: «fitness»
}
HTTP/1.1 204 No Content
REpresentational State Transfer 119
148. REST
Frameworks
(Java)
REpresentational State Transfer 120