Hands-On RESTful API Design Patterns and Best Practices (java)(true pdf)

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

true pdf.

Author(s): Harihara Subramanian, Raj Pethuru
Edition: 1
Publisher: Packt
Year: 2019

Language: English
Pages: 365

Cover
Title Page
Copyright and Credits
About Packt
Contributors
Table of Contents
Preface
Chapter 1: Introduction to the Basics of RESTful Architecture
Technical requirements
Evolution of web technologies
Learning about Web 3.0
Learning about web service architecture
Discussing the web API
Learning about service-oriented architecture
Learning about resource-oriented architecture
Resource-oriented design
The benefits of ROA
Beginning with REST
REST architecture style constraints
Beginning with client-server
The client in client-server architecture
The service in client-server architecture
Understanding statelessness
Advantages and disadvantages of statelessness
Caching constraint in REST
Benefits of caching
Understanding the uniform interface
Identification of resources
Manipulation of resources
Self-descriptive messages
Hypermedia as the Engine of Application State
Layered systems
Code on demand
RESTful service mandates
Architectural goals of REST
Summary
Chapter 2: Design Strategy, Guidelines, and Best Practices
Technical requirements
Learning about REST API and its importance
Goals of RESTful API design
Affordance
Loosely coupled
Leverage web architecture
API designer roles and responsibilities 
API design best practices
API design principles
Ubiquitous web standards
Flexibility
Granularity
Optimized APIs
Functionality
Learning about unusual circumstances
Community standardization
API playgrounds
RESTful API design rules
Learning about Uniform Resource Identifiers
URI formats
REST API URI authority
Resource modelling
Resource archetypes
URI path
URI query
HTTP interactions
Request methods
Response status codes
Metadata design
HTTP headers
Media types and media type design rules
Representations
Message body format
Hypermedia representation
Media type representation
Errors representation
Client concerns
Versioning
Security
Response representation composition
Processing hypermedia
JavaScript clients
Summary
Further reading
Chapter 3: Essential RESTful API Patterns
Technical requirements
Beginning with the installations
Beginning with RESTful API patterns – part I
Statelessness
Content negotiation
Content negotiation with HTTP headers
URI templates
Design for intent
Pagination
Discoverability
Error and exception logging
Unicode
Summary
Chapter 4: Advanced RESTful API Patterns
Technical requirements
RESTful API advanced patterns
Versioning
Versioning through the URI path
Versioning through query parameters
Versioning through custom headers
Versioning through content-negotiation
Authorization
Authorization with the default key
Authorization with credentials
Uniform contract
Entity endpoints
Endpoint redirection
Idempotent
Bulk operation
Circuit breaker
Combining the circuit pattern and the retry pattern
API facade
Backend for frontend
Summary
Further reading
Chapter 5: Microservice API Gateways
Technical requirements
About microservice architecture
The prominent infrastructure modules in microservice-centric applications
Service registry 
Service discovery
Composition/orchestration 
Transformation 
Monitoring 
Load balancing and scaling 
High availability and failover 
HA and failover guidelines
Governance 
About API gateway solutions
API gateways for microservice-centric applications
The issues with microservice API gateways
Security features of API gateways
Prominent API gateway solutions
Service mesh versus API gateway
Summary
Chapter 6: RESTful Services API Testing and Security
An overview of software testing 
RESTful APIs and testing
Basics of API testing
Understanding API testing approaches
API testing types
Unit tests
API validation tests
Functional tests
UI or end-to-end tests
Load testing
Runtime error detection tests
Monitoring APIs
Execution errors
Resource leaks
Error detection
REST API security vulnerabilities
Exposing sensitive data
Understanding authentication and authentication attacks
Understanding authorization and OAuth2 schemes
Cross-site scripting
Reflected XSS
Stored XSS
DOM XSS
Cross-site request forgery
Denial-of-service attack
Distributed denial of service
Injection attacks
Insecure direct object references
Missing function-level access control
Man-in-the-middle attacks
Common types of MITM attacks and protection measures
Replay attacks and spoofing
Causes of vulnerabilities
Poor system configuration
Human error
Internal and external connectivity
Security tests
Penetration tests or pen tests
Importance of penetration tests
Pen testing lifecycle
Preparation, planning, and reconnaissance
Scanning
Gaining access
Maintaining access
Analysis
Pen testing types for API testing
White-box penetration testing
Fuzz tests
The life cycle of fuzz tests
Fuzz testing strategy
Mutation-based fuzz tests
Generation-based fuzz tests
Advantages and disadvantages of fuzz tests
Back to API testing
API test cases
Essential aspects of API test cases and test case preparation
API testing challenges
Initial setup
API schema updates for testing
Testing parameter combinations
API call sequence
Validating parameters
Tracking system integration
API testing best practices
API testing tools
CQRS
Summary
Further reading
Chapter 7: RESTful Service Composition for Smart Applications
Technical requirements
Briefing RESTful microservices
Demystifying the MSA style
The advantages of microservices
The emergence of cloud-native applications
The growing ecosystem of IoT device services
The changing application ecosystem
Tending toward the API-driven world
The Representational State Transfer service paradigm
API design best practices
Learning about service-composition methods
Service orchestration and choreography
Beginning with service orchestration
The shortcomings of service orchestration
Applying orchestration-based composition
Beginning with service choreography
The shortcomings of service choreography
Applying choreography-based composition
The hybridization of orchestration and choreography
Another example of the hybridization of orchestration and choreography
Choreography
Service choreography using the message broker
Service orchestration
Service orchestration using BPMN and REST
The hybridization – event-driven service orchestration
Data management 
Thinking in REST
Discarding SQL join
Eventual consistency
Polyglot persistence
Summary
Chapter 8: RESTful API Design Tips
Technical requirements
Beginning with APIs
Learning about application programming interfaces
APIs have become indispensable
Learning about the major types of APIs
Describing API platforms
Creating API development platforms
API-integration platforms
Legacy integration
API management platforms
Demystifying the RESTful services paradigm
Characterizing the REST architecture style
REST Resource Representation Compression
Idempotent REST APIs
REST API design considerations
Enumerating RESTful API design patterns
Media types
API security design patterns
Whitelist allowable methods
Summary
Further reading
Chapter 9: A More In-depth View of the RESTful Services Paradigm
Technical requirements
Tending toward the software-defined and software-driven world
Software-enabled clouds for the digital intelligence era
The IoT applications and services
Cloud-enabled applications
Cloud-native applications
Mobile, handheld, and wearable applications
Transactional, operational, and analytical applications
Knowledge visualization applications
Social applications 
Scientific and technical applications 
Centralized and distributed applications
Decentralized and intelligent applications with blockchain technology 
Composite and multi-container applications 
Event-driven applications 
High-quality applications
Resilient applications 
The REST paradigm for application modernization and integration
Application programming interfaces
Public APIs for external integration and innovation
Private APIs for internal purposes 
APIs for IoT devices
APIs for application integration
Describing the RESTful services paradigm
REST architectural constraints
The advantages of REST
Self-descriptive messages
SOAP versus REST
When to use REST versus SOAP
Best practices for REST-based microservices
The API-first approach
Developing API-first
Building services API-first
Summary
Further reading
Chapter 10: Frameworks, Standard Languages, and Toolkits
Technical requirements
Core features of a framework
Spring Boot
Core features of Spring
Database integration with Spring data
Messaging integration
Extending Spring with auto-configuration
Writing unit tests and integration test cases
Benefits of Spring Boot
Drawbacks of Spring Boot
Beginning about Light 4j
Core features of Light 4j
Learning about Light Rest 4j
Light-code-gen
Choosing Light 4j over the rest
Spark Framework
Core features of Spark Framework
Creating an API with fewer lines
Benefits of Spark
Drawbacks of Spark
Dropwizard
Overview
Core features of Dropwizard
Jetty for HTTP
Jersey for REST
Jackson
Metrics
Liquibase
Other noteworthy features
Benefits of Dropwizard
Drawbacks of Dropwizard
Understanding Go framework for the RESTful API
An overview
Gin-gonic
Core features
HttpRouter
Http2 server push
Multi-template
Upload files
Other noteworthy features
Benefits of Gin-Gonic
Drawbacks of Gin-Gonic
Revel
Core features
Router
Server engine
Controllers
Handlers
Interceptors
Filters
Cache
Other noteworthy features
Benefits of Revel
Drawbacks of Revel
Python RESTful API frameworks
Overview of Python
Django
Django Rest Framework
Core features
Web-browsable API
Authentication
Serialization and deserialization
Other noteworthy features
Benefits of the DRF
Drawbacks of the DRF
Flask
Flask-RESTful
Core features of Flask-RESTful
Resourceful routing
Restful request parsing
Output fields
Other noteworthy features
Benefits of the Flask framework
Drawbacks of Flask
Frameworks – a table of reference 
Summary
Further reading
Chapter 11: Legacy Modernization to Microservices-Centric Apps
Technical requirements
A preview of containers and microservices
Introducing the microservices architecture
Why legacy modernization?
Legacy-to-digital application modernization
Accomplishing modernization
Approaching legacy application modernization
Microservices-centric legacy application modernization
Service extraction 
Service composition 
Service migration
Container-centric legacy application modernization
Refactoring and rewriting
Modernization technique terms
Legacy modernization through microservices
The distinctions of microservices
The code samples
The major hurdles to overcome
Modernizing and migrating legacy applications – the role of cloud environments
The need for cloud environments
A case study for legacy modernization and migration
The combination of microservices and serverless computing speeds up legacy modernization
Summary
Other Books You May Enjoy
Index