REST 从资源的角度来观察整个网络,分布在各处的资源由URI确定,而客户端的应用通过URI来获取资源的表示方式。获得这些表徵致使这些应用程序转变了其状态。随着不断获取资源的表示方式,客户端应用不断地在转变着其状态,所谓表述性状态转移(Representational State Transfer)。
这一观点不是凭空臆造的,而是通过观察当前Web互联网的运作方式而抽象出来的。Roy Fielding 认为,
- 资源是由URI来指定。
- 对资源的操作包括获取、创建、修改和删除资源,这些操作正好对应HTTP协议提供的GET、POST、PUT和DELETE方法。
- 通过操作资源的表现形式来操作资源。
- 资源的表现形式则是XML或者HTML,取决于读者是机器还是人,是消费web服务的客户软件还是web浏览器。当然也可以是任何其他的格式。
- 客户端和服务器结构
- 连接协议具有无状态性
- 能够利用Cache机制增进性能
- 层次化的系统
- 隨需代碼 - Javascript (可選)
RESTful Web 服务
RESTful Web 服务(也称为 RESTful Web API)是一个使用HTTP并遵循REST原则的Web服务。它从以下三个方面资源进行定义:URI,比如:http://example.com/resources/。
§ Web服务接受与返回的互联网媒体类型,比如:JSON,XML ,YAML 等。
§ Web服务在该资源上所支持的一系列请求方法(比如:POST,GET,PUT或DELETE)。
该表列出了在实现RESTful Web 服务时HTTP请求方法的典型用途。
HTTP 请求方法在RESTful Web 服务中的典型应用
资源 | GET | PUT | POST | DELETE |
一组资源的URI,比如http://example.com/resources/ | 列出 URI,以及该资源组中每个资源的详细信息(后者可选)。 | 使用给定的一组资源替换当前整组资源。 | 在本组资源中创建/追加一个新的资源。 该操作往往返回新资源的URL。 | 删除 整组资源。 |
单个资源的URI,比如http://example.com/resources/142 | 获取 指定的资源的详细信息,格式可以自选一个合适的网络媒体类型(比如:XML、JSON等) | 替换/创建 指定的资源。并将其追加到相应的资源组中。 | 把指定的资源当做一个资源组,并在其下创建/追加一个新的元素,使其隶属于当前资源。 | 删除 指定的元素。 |
PUT 和 DELETE 方法是幂等方法。GET方法是安全方法 (不会对服务器端有修改,因此也是幂等的)。
不像基于SOAP的Web服务,RESTful Web服务并没有的“正式”标准。 这是因为REST是一种架构,而SOAP只是一个协议。虽然REST不是一个标准,但在实现RESTful Web服务时可以使用其他各种标准(比如HTTP,URL,XML,PNG等)。
- 可以利用缓存Cache来提高响应速度
- 通讯本身的无状态性可以让不同的服务器的处理一系列请求中的不同请求,提高服务器的扩展性
- 浏览器即可作为客户端,简化软件需求
- 相对于其他叠加在HTTP协议之上的机制,REST的软件依赖性更小
- 不需要额外的资源发现机制
- 在软件技术演进中的长期的兼容性更好
Rest 开发
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 | /// <summary> /// The IRestHandler is an interface which provides Delete,Get,Post and Put methods. /// </summary> public interface IRestHandler : ICloneable { /// <summary> /// Delete method for RestHandler /// </summary> /// <param name="processor">The rest processor.</param> /// <param name="authenticated">if set to <c>true</c> [authenticated].</param> /// <returns>The http response</returns> RestHandlerResponse Delete(IRestProcessor processor, bool authenticated); /// <summary> /// Get method for RestHandler /// </summary> /// <param name="processor">The rest processor.</param> /// <param name="authenticated">if set to <c>true</c> [authenticated].</param> /// <returns>The http response</returns> RestHandlerResponse Get(IRestProcessor processor, bool authenticated); /// <summary> /// Post method for RestHandler /// </summary> /// <param name="processor">The rest processor.</param> /// <param name="authenticated">if set to <c>true</c> [authenticated].</param> /// <returns>The http response</returns> RestHandlerResponse Post(IRestProcessor processor, bool authenticated); /// <summary> /// Put method for RestHandler /// </summary> /// <param name="processor">The rest processor.</param> /// <param name="authenticated">if set to <c>true</c> [authenticated].</param> /// <returns>The http response</returns> RestHandlerResponse Put(IRestProcessor processor, bool authenticated); } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 | /// <summary> /// Listen an ip point and accept connection. /// </summary> public interface IRestListener : IDisposable { /// <summary> /// Gets or sets the max allowed connections to this listener. /// </summary> int MaxConnections { get ; set ; } /// <summary> /// Gets or sets desktop rest manager. /// </summary> DesktopRestManager DesktopRestManager { get ; set ; } /// <summary> /// Gets a value that indicate if it is listening. /// </summary> bool IsRunning { get ; } /// <summary> /// Gets or sets the server address information. /// </summary> IPEndPoint ServerAddress { get ; set ; } string Protocol { get ; set ; } /// <summary> /// Start a listener. /// </summary> /// <returns>The ip end point to listen.</returns> bool Start(TcpListener listener, IPEndPoint address); /// <summary> /// Stop the listener. /// </summary> /// <returns>True if successfully, else false.</returns> bool Stop(); } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 | public class HttpListener : IRestListener { public HttpListener(DesktopRestManager drm) { this .desktopRestManager = drm; this .isRunning = false ; MaxConnections = 50; this .serverAddress = new IPEndPoint( new IPAddress( new byte [] { 127, 0, 0, 1 }), 10000); this .Protocol = "Http" ; } #region IRestServer Members //public event ServerStatusChangedHandler ServerStatusChanged; public DesktopRestManager DesktopRestManager { get { return this .desktopRestManager; } set { this .desktopRestManager = value; } } public bool IsRunning { get { return this .isRunning; } } public IPEndPoint ServerAddress { get { return this .serverAddress; } set { this .serverAddress = value; } } public int MaxConnections { get ; set ; } public string Protocol { get ; set ; } public bool Start(TcpListener tcpListener, IPEndPoint address) { this .ServerAddress = address; this .listener = tcpListener; this .isRunning = true ; Thread th = new Thread( new ThreadStart( this .Listening)); th.Start(); return true ; } public bool Stop() { bool success = true ; ; if ( this .isRunning == true ) { try { this .isRunning = false ; if (listener != null ) { listener.Stop(); } } catch (SocketException socketEx) { _traceLog.InfoFormat( "Stop http rest server: {0}" , socketEx.Message); success = false ; } } return success; } #endregion #region IDisposable Members public void Dispose() { this .Stop(); } #endregion #region Private Methods private void Listening() { while ( this .isRunning) { TcpClient tcpClient = null ; try { tcpClient = listener.AcceptTcpClient(); HttpConnection connection = new HttpConnection(tcpClient); RestProcessor rh = new RestProcessor( this .desktopRestManager); Thread processThread = new Thread( new ParameterizedThreadStart(req => connection.SendResponse(rh.HandleRequest(req as RestHandlerRequest)))); processThread.Name = "RestManager_Http_ProcessRequest" ; processThread.Start(connection.GetRequest()); } catch (SocketException socketEx) { if ( this .isRunning) { _traceLog.InfoFormat( "Socket exception: {0}" , socketEx.Message); } else { _traceLog.Info( "The use stop the http listener." ); } if (tcpClient != null && tcpClient.Connected) { tcpClient.Close(); } } catch (System.ArgumentNullException ex) { _traceLog.ErrorFormat( "Error occured: {0}" , ex.Message); } catch (System.OutOfMemoryException ex) { _traceLog.ErrorFormat( "Error occured: {0}" , ex.Message); } catch (System.Threading.ThreadStateException ex) { _traceLog.ErrorFormat( "Error occured: {0}" , ex.Message); } catch (System.InvalidOperationException ex) { _traceLog.ErrorFormat( "Error occured: {0}" , ex.Message); } catch (ApplicationException ex) { _traceLog.ErrorFormat( "Error occured: {0}" , ex.Message); } } this .Stop(); } #endregion #region Private Members private DesktopRestManager desktopRestManager; private bool isRunning; private IPEndPoint serverAddress; private TcpListener listener; private static LogManager _traceLog = new LogManager( "RestManager-HttpListener" ); #endregion } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 | /// <summary> /// Handles an http request for an Api call. /// </summary> public RestHandlerResponse HandleRequest(RestHandlerRequest rhr) { RestHandlerResponse res; // 50 Requests in maximum if (! this .restProcessorSemaphore.WaitOne(0)) { res = new RestHandlerResponse(503); } else { try { // There is no need decode the url here, since the address will be decoded when it is parsed. //rhr.Address = System.Web.HttpUtility.UrlDecode(rhr.Address); res = this .process(rhr); } catch (RestManagerException ex) { traceLog.ErrorFormat( "Error happened while processing request\n{1}.\nException info:\n{0} " ,ex.Message); res = new RestHandlerResponse(500); } try { this .restProcessorSemaphore.Release(); } catch (System.Threading.SemaphoreFullException) { traceLog.ErrorFormat( "Error happened while processing Semaphore.Release" ); } catch (System.IO.IOException) { traceLog.ErrorFormat( "Error happened while processing Semaphore.Release" ); } catch (System.UnauthorizedAccessException) { traceLog.ErrorFormat( "Error happened while processing Semaphore.Release" ); } } return res; } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 | private JObject MakeRequest( string url) { var subsequentRequest = WebRequest.Create(url) as HttpWebRequest; subsequentRequest.Timeout = 30000; subsequentRequest.Headers.Add( "Authorization" , "OAuth " + TestToken); subsequentRequest.Headers.Add( "App-User" , TestUserName); WebResponse subsequentResponse; try { subsequentResponse = subsequentRequest.GetResponse(); Stream stream = subsequentResponse.GetResponseStream(); StreamReader sr = new StreamReader(stream); string output = sr.ReadToEnd(); JObject jsonStr = JObject.Parse(output); return jsonStr; } catch (WebException ex) { if (ex.Response != null ) { HttpWebResponse errorResponse = (HttpWebResponse)ex.Response; StreamReader reader = new StreamReader(errorResponse.GetResponseStream()); string output = reader.ReadToEnd(); JObject jsonStr = JObject.Parse(output); return jsonStr; } else { return null ; } } } |
1 | [{ "CreatedDate" : "//Date(1299687080328+0800)//" , "Detail" : "Do Something 1" , "Title" : "Task1" },{ "CreatedDate" : "//Date(1299687080328+0800)//" , "Detail" : "Do Something 5" , "Title" : "Task5" }] |
REST vs SOAP 成熟度:
SOAP虽然发展到现在已经脱离了初衷,但是对于异构环境服务发布和调用,以及厂商的支持都已经达到了较为成熟的情况。不同平台,开发语言之间通过SOAP来交互的web service都能够较好的互通(在部分复杂和特殊的参数和返回对象解析上,协议没有作很细致的规定,导致还是需要作部分修正)REST国外很多大网站都发布了自己的开发API,很多都提供了SOAP和REST两种Web Service,根据调查部分网站的REST风格的使用情况要高于SOAP。但是由于REST只是一种基于Http协议实现资源操作的思想,因此各个网站的REST实现都自有一套,在后面会讲诉各个大网站的REST API的风格。也正是因为这种各自实现的情况,在性能和可用性上会大大高于SOAP发布的web service,但统一通用方面远远不及SOAP。由于这些大网站的SP往往专注于此网站的API开发,因此通用性要求不高。
这点其实可以放入到成熟度中,不过在当前的互联网应用和平台开发设计过程中,安全已经被提到了很高的高度,特别是作为外部接口给第三方调用,安全性可能会高过业务逻辑本身。SOAP在安全方面是通过使用XML-Security和XML-Signature两个规范组成了WS-Security来实现安全控制的,当前已经得到了各个厂商的支持,.net ,php ,java 都已经对其有了很好的支持(虽然在一些细节上还是有不兼容的问题,但是互通基本上是可以的)。