eBook - ePub
Hands-On RESTful API Design Patterns and Best Practices
Design, develop, and deploy highly adaptable, scalable, and secure RESTful web APIs
Harihara Subramanian, Pethuru Raj
This is a test
Share book
- 378 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Hands-On RESTful API Design Patterns and Best Practices
Design, develop, and deploy highly adaptable, scalable, and secure RESTful web APIs
Harihara Subramanian, Pethuru Raj
Book details
Book preview
Table of contents
Citations
About This Book
Build effective RESTful APIs for enterprise with design patterns and REST framework's out-of-the-box capabilities
Key Features
- Understand advanced topics such as API gateways, API securities, and cloud
- Implement patterns programmatically with easy-to-follow examples
- Modernize legacy codebase using API connectors, layers, and microservices
Book Description
This book deals with the Representational State Transfer (REST) paradigm, which is an architectural style that allows networked devices to communicate with each other over the internet. With the help of this book, you'll explore the concepts of service-oriented architecture (SOA), event-driven architecture (EDA), and resource-oriented architecture (ROA). This book covers why there is an insistence for high-quality APIs toward enterprise integration.
It also covers how to optimize and explore endpoints for microservices with API gateways and touches upon integrated platforms and Hubs for RESTful APIs. You'll also understand how application delivery and deployments can be simplified and streamlined in the REST world. The book will help you dig deeper into the distinct contributions of RESTful services for IoT analytics and applications.
Besides detailing the API design and development aspects, this book will assist you in designing and developing production-ready, testable, sustainable, and enterprise-grade APIs. By the end of the book, you'll be empowered with all that you need to create highly flexible APIs for next-generation RESTful services and applications.
What you will learn
- Explore RESTful concepts, including URI, HATEOAS, and Code on Demand
- Study core patterns like Statelessness, Pagination, and Discoverability
- Optimize endpoints for linked microservices with API gateways
- Delve into API authentication, authorization, and API security implementations
- Work with Service Orchestration to craft composite and process-aware services
- Expose RESTful protocol-based APIs for cloud computing
Who this book is for
This book is primarily for web, mobile, and cloud services developers, architects, and consultants who want to build well-designed APIs for creating and sustaining enterprise-class applications. You'll also benefit from this book if you want to understand the finer details of RESTful APIs and their design techniques along with some tricks and tips.
Frequently asked questions
How do I cancel my subscription?
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlegoâs features. The only differences are the price and subscription period: With the annual plan youâll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weâve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Hands-On RESTful API Design Patterns and Best Practices an online PDF/ePUB?
Yes, you can access Hands-On RESTful API Design Patterns and Best Practices by Harihara Subramanian, Pethuru Raj in PDF and/or ePUB format, as well as other popular books in Computer Science & Web Services & APIs. We have over one million books available in our catalogue for you to explore.
Information
RESTful Services API Testing and Security
Any software that claims to be enterprise-ready must have gone through rigorous testing cycles, be quality assurance certified, and have met several quality measures so that it gets used on production servers. The security of a software application is another critical aspect that determines whether or not it will be used on production servers.
To equip readers with an understanding of different aspects of production and enterprise-ready RESTful APIs, this chapter will discuss various aspects of those quality and security measures.
This chapter's intention is to take readers on an API testing journey. These are the milestones or topics we will cover as we go along:
- Types of API tests
- Challenges in API testing
- Security in API testing
- In addition, we will give you a glimpse of various API testing tools, API security tools, and frameworks
Midway through the API testing journey, readers will be taken on a detour to be introduced to some security issues and API vulnerabilities and learn how to expose them as part of API testing.
An overview of software testing
Any product, be it simple safety pins or majestic airplanes, needs to go through a process to ensure that it solves the purpose of its creation, and so does software, too. Software testing is a process to confirm the accuracy and quality of software through the verification and validation of its purpose, end-to-end.
So, the primary focus of any software product or application is verification (checks for consistency and alignment according to the documented requirements) and validation (checks the accuracy of the system and validates the end user's needs versus the actual outcome).
Let's list a few essential outcomes of software testing and move on to focus more on API testing in the upcoming sections:
- Assert and ensure that there are no differences between the realities and the expectations of the requirements
- Assert and ensure software product continuity and availability, regardless of the amount of end users
- Foresee and uncover concealed problems
- Assert and ensure that offerings function seamlessly with anticipated end user platforms, browsers, and so on
RESTful APIs and testing
As this book deals with RESTful APIs, this chapter is intended to take readers through a few essential best practices and API testing principles, along with a couple of testing frameworks. With integration tests (both manual and automated), we can accomplish most critical API testing strategies for distributed applications and help those applications to be production-ready, deployable, and part of CI/CD, as well as to assert their scalability and stability for every release.
The following section introduces the basics of API testing, API testing approaches, their types, and so on.
Basics of API testing
A software application product, that we discussed in an earlier section, has various software layers such, as the user interface (UI), the business logic layer, middleware, and a database. API testing and certification primarily focuses on data integration tests on the Business layer. API testing is software testing that involves direct API testing, unlike other generic tests, which primarily involve the UI:
The preceding diagram depicts the typical layers of software, with API testing on the Business layer and the functional or UI testing on the Presentation layer.
Understanding API testing approaches
Agreeing on an approach for API testing when beginning API development is an essential API strategy. Let's look at a few principles of API testing:
- Clear definition of the scope and a good understanding of the functionality of the API
- Common testing methodologies such as boundary analysis and equivalence classes are part of API test cases
- Plan, define, and be ready with input parameters, zero, and sample data for the API
- Determine and compare expected and actual results, and ensure that there are no differences
API testing types
In this section, we will review the various categories of API testing and move on to best practices as well.
Unit tests
Tests that involves the validation of individual operations are unit tests. In our investor services API examples in Chapter 4, Advanced RESTful API Patterns, we covered numerous unit test cases, and the following is one of the sample code snippets of a specific unit test case that validates getting all the investors from the API:
@Test public void fetchAllInvestors() throws Exception{ RequestBuilder requestBuilder = MockMvcRequestBuilders.get( "/investors").accept( MediaType.APPLICATION_JSON); MvcResult result = mockMvc.perform(requestBuilder).andReturn(); MockHttpServletResponse response = result.getResponse(); } API validation tests
All software needs quick evaluation and to assert its purpose of creation. The validation tests need to be run for every function that is developed, at the end of the development process. Unlike unit tests, which focus on particular pieces or functions of the API, validation tests are a higher-level consideration, answering a set of questions so that the development can move on to the next phase.
A set of questions for validation tests could be the following:
- A product-specific question, such as, is it the necessary function that is asked for?
- A behavioral question, such as, is the developed function doing what is intended?
- An efficiency-related question, such as, is the intended function using the necessary code, in an independent and optimized manner?
All of these questions, in essence, serve to validate the API in line with the agreed acceptance criteria and also to ensure its adherence to standards regarding the delivery of expected end goals and meeting user needs and requirements flawlessly.
Functional tests
Tests that involve specific functions of the APIs and their code base are functional tests. Validating the count of active users through the API, regression tests and test case execution come under functional tests. We saw many examples of functional tests executed with the Postman tool earlier, in Chapter 3, Essential RESTful API Patterns, and Chapter 4, Advanced RESTful API Patterns. The following screenshot may refresh your memory of one such functional testing example of investor service validation for user authentication:
