REST

From HaFrWiki
Revision as of 14:58, 6 December 2014 by Hjmf (talk | contribs) (See also)
Jump to: navigation, search

Representational State Transfer (REST) [1] is a style of software architecture for distributed systems such as the World Wide Web. REST has emerged as a predominant web API design model.

Key goals of REST include:

  • Scalability of component interactions
  • Generality of interfaces
  • Independent deployment of components
  • Intermediary components to reduce latency, enforce security and encapsulate legacy systems

Web API

The following table shows how the HTTP methods are typically used to implement a web API.

RESTful web API HTTP methods
Resource GET PUT POST DELETE
Collection URI, such as http://example.com/resources List the URIs and perhaps other details of the collection's members. Replace the entire collection with another collection. Create a new entry in the collection. The new entry's URI is assigned automatically and is usually returned by the operation. Delete the entire collection.
Element URI, such as http://example.com/resources/item17 Retrieve a representation of the addressed member of the collection, expressed in an appropriate Internet media type. Replace the addressed member of the collection, or if it doesn't exist, create it. Not generally used. Treat the addressed member as a collection in its own right and create a new entry in it. Delete the addressed member of the collection.

Database applications

The acronym CRUD refers to all of the major functions that are implemented in relational database applications. Each letter in the acronym can map to a standard SQL statement and HTTP method:

Operation SQL HTTP
Create INSERT POST
Read (Retrieve) SELECT GET
Update (Modify) UPDATE PUT / PATCH
Delete (Destroy) DELETE DELETE

Making full use of HTTP methods, along with other constraints, is considered "RESTful".

Secure Web Service

Develop a RESTful web API for developers that is secure to use, but doesn’t require the complexity of OAuth and takes a simple “pass the credentials in the query” approach… or something equally-as-easy for people to use, but it needs to be secure [2].

The solution could use 'Amazon Web Services', but maybe 'HMAC' (Hashed-Based Message Authentication) is much easier.

See also

top

  • M. Elkstein, Learn REST: A Tutorial. A fast-training course for REST - Representational State Transfer, a new approach to systems architecture and a lightweight alternative to web services
  • PHP Symfony, REST implementation framework.
  • Net Tuts+, A beginners introduction to http and rest.
  • Webservices, More information on Web Services

Reference

top

  1. REST, Description on Wikipedia.
  2. Riyad Kalla, In programming: Designing a Secure REST (Web) API without OAuth