Post on 14-Jul-2015
transcript
Services in Drupal 8 using Drupal as data storage for mobile apps, web
apps and websites
05 March 2015DrupalSouth Melbourne
WEB ENGINEERS
Who we are
http://www.technocrat.com.au/
JAy Vladimir
@jayturn28 @Vladimiraus
www.Jayturn.com tomato-elephant-studio.com
Wayback machine
Internet back in 90s and early 00s
- Page by page navigation
http://web.archive.org/web/20020122183251/http://www.drupal.org/
web services
conversation between two computers
- strict requirements
- hypertext transfer protocol (HTTP)
- format vary
- application programming interface (API)
web services - History
- Communication between two machines
Electronic Data Interchange (EDI)
- documented in 1996, used as early as 60s
- strictly formatted messages
- designed for large-scale e-commerce
web services - History
Remote Procedure Call (RPC)
- based on DCE protocol
- call functions on remote computers
- Popular on UNIX
- Microsoft to follow
- MSRPC, COM OLE architecture, Dcom
web services - History
CORBA
- Common Object Request Broker Architecture
- powerful but complex
- number of efforts to simplify
- e.g. Java's RMI with inter-ORB protocol
- one of many
web services - History
Extensible Markup Language (XML)
- Standard Generalized Markup Language
- goals
- simplicity
- readability
- generality
web services - XML
- multiple uses
- ideal for data exchange
- easy to validate
- one of the most common web service
messages formats
web services - XML
Emerging standards & Languages
- XMLRPC
- Atom and RSS
- SOAP (simple object access protocol)
web services - JSON
JavaScript Object Notation (JSON)
- Introduced early 2000’s
- Became popular due to
mobile revolution
- more compact than XML
web services in Drupal 8
Use cases
- Website: bypass theming layer
- Web applications
- Mobile Applications
web service API - Structure
Request Syntax
- named methods
- Uniform Resource Identifier (URI)
- parameter names and data types
web serviceS ACTIONS
GET
- Requests and returns data from a resource
- Used only to retrieve data
- query strings are sent in the url which means
a limit of 2048 characters
web serviceS ACTIONS
POST
- Sends new data in its complete form to the
resource
- query strings are sent in the HTTP message
body
web serviceS ACTIONS
PUT
- complete update or replacement of a
resource
- sends request to update a resource
- creates a snapshot (copies resource) before
updating
Example: Dream Factory
Open source REST API platform
- built with php and apache
- Uses mysql as the default database
- automatically generates RESTful services
- http://www.dreamfactory.com/
Drupal 8 - web services
Headless Drupal
D8 core Web Services Initiative (WSCCI)
- Context
- Plugins
- REST Services
- Layouts
Drupal 8 - COre
RESTful Web Services (rest)
- exposes entities via a RESTful web API
- can expose other resources
- depends on the Serialization module
Drupal 8 - COre
Hypertext Application Language (hal)
- Extends the Serialization module
- HAL: primary format in Drupal 8 Core
- can be encoded in both JSON and XML
- 2 reserved keywords ‘_links’ ‘_embedded’
Drupal 8 - COre
HTTP Basic Authentication (basic_auth)
- implements basic user authentication
- cookies
- configure SSL if you use it in production.
- more secure: OAuth module
- /rest/session/token
Drupal 8 - REST in ViewS
Views
- Visual query builder
- Export lists of data
- REST export as JSON or XML
Drupal 8 - REST UI
- https://www.drupal.org/project/restui
- user interface for enabling and disabling
resources, serialization formats, and
authentication providers.
- admin/config/services/rest
Drupal 8 - Authentication
oAuth
- for server side authentication
- https://www.drupal.org/project/oauth
Guzzle Oauth Plugin
- For sign requests with OAuth Credentials
- https://www.drupal.org/project/guzzle_oauth
Drupal 8 - Silex
- PHP micro-framework (Symfony2 based)
- Request - response framework
- part of Drupal 8 core
- Has events similar to drupal hooks
- http://silex.sensiolabs.org/
Cross origin access
- prevents communication between two
sites with different domains
- Put in place to help prevent cross site
scripting
Cors - w3c standard
Cross origin resource sharing
- w3c recommend standardising Cors
http://www.w3.org/TR/cors
- website-A <- website-b
website-b needs the following header:
Access-Control-Allow-Origin : http://website-A.com
Drupal 8 - Cors
Bad news
- cors not supported in drupal 8 for initial
release
Good news - it’s coming!
QUESTIONS?
http://www.technocrat.com.au/
http://www.slideshare.net/TechnocratAu
JAy Vladimir
@jayturn28 @Vladimiraus
www.Jayturn.com tomato-elephant-studio.com
References
- Lynda.com web services
- D8 core Web Services Initiative (WSCCI)
- Blog: web services initiative
- Safari books: RESTful web services
- Blog: Rest export in Drupal 8 Views
References
Spotify
- https://developer.spotify.com/web-api
- https://developer.spotify.com/web-api/endpoint-reference
Dreamfactory
- https://www.dreamfactory.com
- https://bitnami.com/stack/dreamfactory
- http://swagger.io/
- https://www.drupal.org/sandbox/mmillford/2402571
cors
- http://www.w3.org/TR/cors
- http://enable-cors.org
- https://www.drupal.org/node/1869548#comment-9365043
References