An application programming interface (API) enables data exchange in systems such as web applications, microservices, and IoT devices. In this hands-on book, authors Lukasz Dynowski and Marcin Dulak show software developers and architects how to design and implement REST, GraphQL, gRPC, webhooks, WebSocket, messaging APIs, and more.

This book looks at the most popular API styles from a network, application, and architecture perspective. You'll learn how to determine the appropriate type of API for your application use case and how to tackle design decisions along the way. You'll also learn the trade-offs between various APIs and acquire practical knowledge of how to implement them.

• Explore the origins and evolution of API styles
• Learn network protocols that various APIs use
• Understand the trade-offs of each API style
• Select an appropriate API style
• Learn how to implement, secure, and document the APIs

Osoby które kupowały "Learning API Styles. Understanding the Trade-Offs of Common APIs and Choosing the Correct Solutions", wybierały także:

• Jak zhakowa 125,00 zł, (10,00 zł -92%)
• Windows Media Center. Domowe centrum rozrywki 66,67 zł, (8,00 zł -88%)
• Ruby on Rails. Ćwiczenia 18,75 zł, (3,00 zł -84%)
• Efekt piaskownicy. Jak szefować żeby roboty nie zabrały ci roboty 59,50 zł, (11,90 zł -80%)
• Przywództwo w świecie VUCA. Jak być skutecznym liderem w niepewnym środowisku 58,64 zł, (12,90 zł -78%)

Spis treści

Learning API Styles. Understanding the Trade-Offs of Common APIs and Choosing the Correct Solutions eBook -- spis treści

• Foreword
• Preface
  • Why We Wrote This Book
  • Who Should Read This Book
  • Whats in This Book
  • Whats Not in This Book
  • Weather Forecast Service
  • Conventions Used in This Book
  • Using Code Examples
  • OReilly Online Learning
  • How to Contact Us
  • Acknowledgments
    • Acknowledgments from Lukasz Dynowski
    • Acknowledgments from Marcin Dulak
• 1. API Concepts
  • What Is an API?
  • Network-Based APIs
  • Concepts of API Communication
    • Message
    • Transmission Modes
    • Synchronous and Asynchronous Communication Types
  • History of APIs
  • Why APIs?
  • What Are API Styles?
  • API as a Product
  • API Lifecycle
    • Planning
    • Design
    • Implementation
    • Testing
      • Integration testing
      • Contract testing and fuzzing
      • End-to-end testing
      • Agile testing quadrants
    • Deployment
    • Maintenance
    • Retirement
  • API Governance, Management, and Platform
  • Future of APIs
  • Summary
• 2. API Design Patterns
  • Examples of API Design Patterns
    • API Language
    • API Naming
    • Evolving APIs
    • API Versioning
    • Encoding
    • Filtering
    • Counting and Sorting
    • Pagination
      • Offset-based pagination
      • Cursor-based pagination
    • Long-Running Tasks
    • Request Deduplication
    • Request Retry
    • Rate Limiting
    • Caching
    • Deletion
  • API Security
    • OWASP Top 10 API Security
  • Examples of API Security Patterns
    • Encryption, Authentication, and Authorization
    • Sanitization and Validation
    • Scraping Mitigation
  • API Design Best Practices
  • Summary
• 3. Network
  • Network Protocols
  • Socket API
  • TCP/IP and the OSI Model
  • Implementing TCP ECHO Service
    • Network Lab Setup
    • TCP ECHO Service
    • TCP ECHO Server
    • TCP ECHO Client with Netcat
    • TCP ECHO Client with Scapy
  • Security
    • TCP ECHO Client with OpenSSL
  • Exercises
  • Summary
• 4. Web Protocols
  • What Is Hypertext?
  • HTTP Lab Setup
  • HTTP/0.9
    • HTTP and HTML in Action
  • HTTP/1.0
    • HTTP Message Headers and Body
  • HTTP in a Browser
    • How DNS Affects Browser Connections
    • Parallel TCP Connections in a Browser
  • Limitations of TCP
    • TCP Head-of-Line Blocking
    • TCP Slow Start and Congestion Avoidance
  • HTTP/1.1
    • HTTP Connection Persistence
  • HTTP/2
    • HTTP/2 Frames and Streams
  • HTTP/3
    • QUIC 1-RTT Connection Establishment
  • Exercises
  • Summary
• 5. REST
  • HTTP, Resource, and URI
  • Client-Server Communication
  • Origins of REST
  • API Maturity Models
  • RESTful, RESTless, or REST
  • Is Being RESTless Good Enough?
  • Implementation
    • API Endpoints
    • API Versioning
    • CRUD
      • Create
      • Read
      • Delete
    • Pagination
    • Rate Limiting
    • Caching
  • Security
    • JSON Web Token
    • Transport Layer Security
  • Documentation
    • OpenAPI Specification
    • Three Approaches to API Specification
  • Trade-Offs
  • When to Use REST
  • Exercises
  • Summary
• 6. GraphQL
  • Problems with REST
  • Thinking in Graphs
  • Origins of GraphQL
  • GraphQL Versus REST
  • GraphQL Constructs
  • How GraphQL Works
  • Implementation
    • GraphiQL
    • Executing Mutations
  • CRUD
    • Read
    • Create, Update, Delete
  • Security
    • Attacking GraphQL
      • Introspection abuse attack
      • Undesirable query attack
      • Recursive query attack
      • Batch query attack
    • Authentication
  • Documentation
  • Trade-Offs
  • When to Use GraphQL
  • Exercises
  • Summary
• 7. Web Feeds
  • What Is a Web Feed?
  • Why Web Feeds?
  • Evolution of Web Feeds
  • What Is Atom Feed?
  • Implementation
  • Reading Feeds
  • Security
  • Trade-Offs
  • Exercises
  • Summary
• 8. gRPC
  • Remote Procedure Call
  • Origins of gRPC
  • Protobuf Serialization
  • Code Generation
  • gRPC ECHO Server and Client
  • The Four RPC Types
  • Protobuf Wire Format
  • Implementation
    • gRPC Atom Feed Enricher Service
  • Security
  • Documentation
  • Trade-Offs
  • When to Use gRPC
  • Exercises
  • Summary
• 9. Webhooks
  • What Are Webhooks?
  • Origins of Webhooks
  • Incoming and Outgoing Webhooks
  • Integration and Data Flow
  • Implementation
  • Security
  • Documentation
  • Trade-Offs
  • When to Use Webhooks
  • Exercises
  • Summary
• 10. WebSocket
  • WebSocket and WebSocket API
  • WebSocket Opening Handshake
  • Implementation
    • WebSocket ECHO Client and Server
    • WebSocket Protocol
    • WebSocket Weather Alert Server
    • WebSocket Weather Alert Client
  • Security
    • Origin Validation
    • Trusted Host Security
    • JSON Web Token
    • Transport Layer Security
  • Documentation
  • Trade-Offs
  • When to Use WebSocket
  • Exercises
  • Summary
• 11. Messaging
  • What Is Messaging?
  • What Is a Queue?
  • Messaging Patterns
    • Work Queue Pattern
    • Publish-Subscribe Pattern
    • Routing Pattern
    • Topics Pattern
    • Request-Response Pattern
  • Implementation
    • Work Queue
  • Security
    • Unencrypted Messages in Transit
    • Messages Encrypted in Transit
    • Authentication and Authorization
  • Documentation
    • AsyncAPI Specification
    • AsyncAPI Documentation
    • Message Versioning
  • Trade-Offs
  • When to Use Messaging
  • Exercises
  • Summary
• Index