SlideShare uma empresa Scribd logo

Web Services PHP Tutorial

L
Lorna Mitchell

Web services tutorial slides from my session at DPC 2012 in Amsterdam. In this 3-hour session we built the simplest possible service, and then extended it, looking at RPC, REST and SOAP along the way.

Tecnologia
1 de 78
Baixar para ler offline
Web Services Tutorial
Web Services Tutorial http://bit.ly/oaxVdy (while you’re waiting, download the files!) 2
About Me • Lorna Jane Mitchell • PHP Consultant/Developer • Author • API Specialist • Project Lead on http://joind.in • Twitter: @lornajane • Website: http://lornajane.net 3
The Plan • Talk about web services in general • Build a web service • Consume a web service • Talk about how to make excellent web services 4
The Plan • Talk about web services in general • Build a web service • Consume a web service • Talk about how to make excellent web services • (we’ll hide some actual textbook theory in there somewhere) • Ask questions! 4
Theory and Introduction
What Is A Web Service? • Means of exposing functionality or data • A lot like a web page, but for machines • Integration between applications • Separation within an application 6
Integration Between Applications Common to use an API internally as well as exposing it Website 3rd Party / Apps API Data Store 7
Separation Within an Application Routing Auth Images Products Orders 8
Separation Within an Application Routing Auth Images Products Orders 9
Web Services and You This is not rocket science You already know most of what you need! 10
Let’s Begin
Building Blocks You can make an API from any tools you like • Existing MVC setup • Simple PHP (as in these examples) • Framework modules • Component library 12
My First Web Service • Make a virtual host • e.g. http://api.local • Don’t forget to restart apache • Add an entry to your hosts file <VirtualHost *:80> ServerName api.local ServerAdmin admin@localhost DocumentRoot /var/www/myapi/public <Directory /var/www/myapi/public> AllowOverride All Order deny,allow Allow from All </Directory> </VirtualHost> api.vhost 13
My First Web Service • Create the index.php file • e.g. /var/www/myapi/public/index.php $data = array( 'format' => 'json', 'status' => 'live' ); echo json_encode($data); public/index.php 14
Consume Your Service • Use cURL from the command line • curl http://api.local • For more information about curl: • http://curl.haxx.se/ - curl homepage • http://bit.ly/esqBmz - my cheat sheet 15
JSON JavaScript Object Notation • Originally for JavaScript • Native read/write in most languages • Simple, lightweight format - useful for mobile • In PHP we have json_encode() and json_decode() • These work with arrays and objects Our service returns: {'format':'json','status':'live'} 16
Heartbeat Method • A method which does nothing • No authentication • Requires correct request format • Gives basic feedback • Shows that service is alive 17
Delivering A Web Service • Service • Documentation • Examples • A help point 18
HTTP and Data Formats
HTTP HTTP is Hypertext Transfer Protocol. It is designed to exchange information about a request/response. • Status Codes (e.g. 200, 404) • Headers (e.g. Content-Type, Authorization) • Verbs (e.g GET, POST) 20
Status Codes Win or fail? Some common codes: 200 OK 204 No Content 302 Found 301 Moved Permanently 302 Found 400 Bad Request 401 Not Authorised 403 Forbidden 404 Not Found 500 Internal Server Error For more, see: http://bitly.com/h03Dxe 21
Working with Status Codes in PHP We can observe status codes with curl, passing the -I switch curl -I http://api.local Let’s amend our web service, to return a 302 header header("302 Found", true, 302); $data = array( 'format' => 'json', 'status' => 'live' ); echo json_encode($data); 22
HTTP Verbs • More than GET and POST • PUT and DELETE to update and delete in a RESTful service • HEAD, OPTIONS and others also specified GET Read POST Create In REST, we use: PUT Update DELETE Delete 23
HTTP Headers Headers are the metadata about the content we send/receive Useful headers: • Accept and Content-Type: used for content format negotiation • User-Agent: to identify what made the request • Set-Cookie and Cookie: working with cookie data • Authorization: controlling access 24
Accept Header What type of content can the consumer understand? • -v with curl to see request and response headers • -H to add headers curl -v -H "Accept: text/html" http://api.local Gives the output: * About to connect() to api.local port 80 (#0) * Trying 127.0.0.1... connected * Connected to api.local (127.0.0.1) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.21.0 (i686-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0 > Host: api.local > Accept: text/html > 25
Using the Accept Header We can work out what format the user wanted to see from the Accept header. $data = array( 'status' => 'live', 'now' => time() ); if(false !== strpos($_SERVER['HTTP_ACCEPT'], 'text/html')) { echo "<pre>"; print_r($data); echo "</pre>"; } else { // return json echo json_encode($data); } public/headers.php 26
How to REALLY Handle Accept Headers Example accept header (from my browser) text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 • See a much nicer example of this in headers-accept.php • Taken almost entirely from the source of arbitracker • http://arbitracker.org • src/classes/request/parser.php • Try this from curl, setting your own headers, and from your browser 27
Content-Type Header The Content-Type header: literally labels the contents of the response. We can include these in our examples: $data = array( 'status' => 'live', 'now' => time() ); if(false !== strpos($_SERVER['HTTP_ACCEPT'], 'text/html')) { header('Content-Type: text/html'); echo "<pre>"; print_r($data); echo "</pre>"; } else { // return json header('Content-Type: application/json'); echo json_encode($data); } public/headers.php 28
Handling XML Formats We can work with XML in PHP almost as easily • Content type is text/xml or application/xml • Two XML libraries in PHP • SimpleXML bit.ly/g1xpaP • DOM bit.ly/e0XMzd • Give consumers a choice of formats: HTML, XML, JSON ... 29
Adding XML to Our Service $data = array( 'status' => 'live', 'now' => time() ); $simplexml = simplexml_load_string('<?xml version="1.0" ?><data />'); foreach($data as $key => $value) { $simplexml->addChild($key, $value); } header('Content-Type: text/xml'); echo $simplexml->asXML(); public/headers.php The result is this: <?xml version="1.0"?> <data><status>live</status><now>1302981884</now></data> 30
Versioning • Always include a version parameter or media type http://example.com/api/v4/status http://example.com/api/status Content-Type: application/vnd.myapi.2+json 31
Data Formats • Handle multiple formats, by header or parameter • JSON • XML • ? • Common to detect header, allow parameter override http://example.com/api/v4/status Accept: application/json http://example.com/api/v4/status?format=json Accept: text/html 32
Statelessness • Request alone contains all information needed • No data persistence between requests • Resource does not need to be in known state • Same operation performs same outcome 33
Consuming Services from PHP
Consuming Your First Web Service Three ways to consume web services: • Via streams (e.g. file_get_contents()) • Using the curl extension • http://lrnja.net/I5JD9R • Using Pecl_HTTP • http://lrnja.net/I23yZj 35
Using File_Get_Contents This is the simplest, especially for a GET request $response = file_get_contents('http://api.local/'); var_dump($response); You can set more information in the stream context bit.ly/gxBAgV 36
Using Curl This extension is commonly available $ch = curl_init('http://api.local/'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); var_dump($response); Look out for the CURLOPT_RETURNTRANSFER; without it, this will echo the output 37
Using Pecl_HTTP This is the most powerful and flexible, and can easily be installed from http://pecl.php.net $request = new HTTPRequest('http://api.local/', HTTP_METH_GET); $request->send(); $response = $request->getResponseBody(); var_dump($response); Strongly recommend pecl_http if you are able to install pecl modules on your platform 38
Service Types
Web Service Types There are a few types of web service • RESTful • RPC (Remote Procedure Call) • XML-RPC • JSON-RPC • Soap 40
RPC Services These services typically have: • A single endpoint • Method names • Method parameters • A return value • Often all POST requests A familiar model for us as developers 41
Soap • Not an acronym • (used to stand for Simple Object Access Protocol) • Special case of XML-RPC • VERY easy to do in PHP • Can be used with a WSDL • Web Service Description Language 42
Soap Example: Library Class public function eightBall() { $options = array( "Without a doubt", "As I see it, yes", "Most likely", "Reply hazy, try again", "Better not tell you now", "Concentrate and ask again", "Don't count on it", "Very doubtful"); return $options[array_rand($options)]; } /public/soap/Library.php 43
Soap Server (don’t blink or you will miss it!) include('Library.php'); $options = array('uri' => 'http://api.local/soap'); $server = new SoapServer(NULL, $options); $server->setClass('Library'); $server->handle(); /public/soap/index.php 44
Consuming a Soap Service To call PHP directly, we would do: include('Library.php'); $lib = new Library(); $response = $lib->eightBall(); echo $response; Over Soap: $options = array('uri' => 'http://myapi.local', 'location' => 'http://myapi.local/soap/'); try{ $client = new SoapClient(NULL, $options); $response = $client->eightBall(); echo $response; } catch (SoapFault $e) { echo "ERROR: " . $e->getMessage(); } 45
Pros and Cons of Soap • Many languages have libraries for it • .NET and Java programmers in particular like it 46
Pros and Cons of Soap • Many languages have libraries for it • .NET and Java programmers in particular like it • Weird things happen between languages regarding data types • When it works, it’s marvellous • When it doesn’t work, it’s horrid to debug (so I’ll show you how) 46
Pros and Cons of Soap • Many languages have libraries for it • .NET and Java programmers in particular like it • Weird things happen between languages regarding data types • When it works, it’s marvellous • When it doesn’t work, it’s horrid to debug (so I’ll show you how) • WSDL is complicated! 46
Working with WSDLs WSDL stands for Web Service Description Language • WSDLs were not designed for humans to read • They are written in XML, and are very verbose • If you do need to read one, start at the END and read upwards in sections • Soap uses very strict data typing, which is an unknown concept in PHP Read about WSDLs: bit.ly/eNZOmp 47
Debugging Soap The Soap extension has some debug methods: • Set the options to include trace=1 in the SoapClient • getLastRequest(), getLastRequestHeaders(), getLastResponse(), getLastResponseHeaders() are then available For all web service types, you can use: • I like Wireshark (http://www.wireshark.org) • Others use Charles (http://www.charlesproxy.com) • If you like reading XML then use curl • SoapUI (http://soapui.org) 48
Extending Our Service
Consistency • Important to retain • Naming conventions • Parameter validation rules • Parameter order • Just as you would in library code 50
The Action Parameter As a simple place to start, let’s add an action parameter. // route the request (filter input!) $action = $_GET['action']; $library = new Actions(); $data = $library->$action(); /rpc/index.php Here’s the code for the Actions class class Actions { public function getSiteStatus() { return array('status' => 'healthy', 'time' => date('d-M-Y')); } } /rpc/actions.php So try http://api.local/rpc/index.php?action=getSiteStatus 51
Small APIs • Beware adding new functionality • Simple is maintainable • Easy to use and understand 52
Adding an Action To add a new action, create a new method for the Actions class, returning an array to pass to the output handlers public function addTwoNumbers($params) { return array('result' => ($params['a'] + $params['b'])); } /rpc/actions.php But how do we pass the parameters in? Something like this // route the request (filter input!) $action = $_GET['action']; $library = new Actions(); // OBVIOUSLY you would filter input at this point $data = $library->$action($_GET); /rpc/index.php 53
Access Control A few common ways to identify users • Username and password with every request • Login action and give a token to use • OAuth • For internal applications, firewalls 54
RPC Service Example: Flickr Take a look at http://www.flickr.com/services/api/ • Supports multiple formats (for request and response) • Is well-documented and consistent • Has libraries helping users to consume it • Offers both RPC and RESTful (kind of!) interfaces • Follows true XML-RPC (see http://en.wikipedia.org/wiki/Xml-rpc) Vast numbers of applications using this API to provide flickr functionality elsewhere 55
RPC vs REST We’ve seen an RPC service, but what about REST? The two are quite different • RPC services describe protocols, e.g. XML-RPC • RPC is a familiar: functions and arguments • REST is a set of principles • Takes advantage of HTTP features • Typically has "pretty URLs", e.g. Twitter is mostly RESTful 56
RESTful Web Service
REST • REpresentational State Transfer • URLs are unique resource identifiers • HTTP verbs indicate which operation should happen • We have full CRUD operations on a series of resources Here’s one I prepared earlier: /public/rest/ 58
REST as a Religion Beware publishing a service labelled "RESTful" • Someone will always tell you it isn’t • They are probably right • The strict rules around REST sometimes fit badly around business requirements • Flamewars will ensue Instead: "An HTTP Web Service" 59
Making Our Service Restful We’re aiming for URLs that look something like this: • http://api.local/rest/user • http://api.local/rest/user/3 • http://api.local/rest/user/3/friends A specific item is a resource; where you request a list, e.g. /user, this is called a collection 60
All Requests to index.php We want to push all requests through index.php, there is an .htaccess file that does this <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/$1 [L] </IfModule> /public/rest/.htaccess 61
Routing Within Our App So our routing depends on the URL and on the verb used, so our controllers have a method per verb: • GET /user • Becomes UserController::GETAction() // route the request (filter input!) $verb = $_SERVER['REQUEST_METHOD']; $action_name = strtoupper($verb) . 'Action'; $url_params = explode('/',$_SERVER['PATH_INFO']); $controller_name = ucfirst($url_params[1]) . 'Controller'; $controller = new $controller_name(); $data = $controller->$action_name($url_params); // output appropriately $view->render($data); /public/rest/index.php 62
A Simple Controller Now in UserController we add a GETAction class UsersController { public function GETAction($parameters) { $users = array(); // imagine retreving data from models if(isset($parameters[2])) { return $users[(int)$parameters[2]]; } else { return $users; } } } /public/rest/controllers.php 63
Extending our Service Next we will add something to get the user’s friends http://api.local/users/1/friends class UsersController { public function GETAction($parameters) { $users = array(); $friends = array(); // imagine retreving data from models if(isset($parameters[2])) { if(isset($parameters[3]) && $parameters[3] == 'friends') { return $friends[(int)$parameters[2]]; } else { return $users[(int)$parameters[2]]; } } else { return $users; } } } /public/rest/controllers.php 64
Hypermedia • The items returned are resources with their URLs • This is hypermedia - providing links to related items/collections • Allows a service to be self-documenting • Allows a service to change its URLs - because they’re provided 65
Creating New Records RESTful services use POST for creating data, so we have POSTAction curl -X POST http://api.local/users -d name="Fred Weasley" public function POSTAction() { // sanitise and validate data please! $data = $_POST; // create a user from params $user['name'] = $data['name']; // save the user, return the new id // redirect user header('201 Created', true, 201); header('Location: http://api.local/rest/users/5'); return $user; } /public/rest/controllers.php 66
Updating Records • To create: we used POST • To update: we use PUT The code looks basically the same, apart from: // instead of this: $data = $_POST; // use this: parse_str(file_get_contents('php://input'), $data); 67
Appropriate Status Codes for REST • GET • 200 or maybe 302 if we found it somewhere else • 404 if we can’t find it • POST • 201 and a location header to the new resource • or 400 if we can’t create an item • PUT • 204 for OK (but no content) • 400 if the supplied data was invalid • DELETE • 200 at all times, for idempotency 68
Responding to Failure • Use expected response format • Collate all errors and return • Help users help themselves • Be consistent • Be accurate 69
Delivering Services
Technical Aspects All PHP Best Practices apply equally to APIs • Source control • Unit/Integration testing • Automated deployment • Monitoring Reliability and consistency are key 71
User Aspects Who will use your API? • Offer API Docs • Write a quick start for the impatient • Show examples, as many as possible • Tutorials, blog posts, links to forum answers, anything • Respond to questions 72
Questions?
Resources All links are in the bit.ly bundle bit.ly/emRpYT 74
Thanks https://joind.in/6217 @lornajane http://lornajane.net 75

Recomendados

jQuery for beginners
jQuery for beginnersjQuery for beginners
jQuery for beginnersArulmurugan Rajaraman
 
JavaScript - An Introduction
JavaScript - An IntroductionJavaScript - An Introduction
JavaScript - An IntroductionManvendra Singh
 
Node.js Express
Node.js ExpressNode.js Express
Node.js ExpressEyal Vardi
 
Ajax
AjaxAjax
AjaxTech_MX
 
Java Presentation
Java PresentationJava Presentation
Java Presentationpm2214
 
ES6 presentation
ES6 presentationES6 presentation
ES6 presentationritika1
 
JavaScript Fetch API
JavaScript Fetch APIJavaScript Fetch API
JavaScript Fetch APIXcat Liu
 
Form Handling using PHP
Form Handling using PHPForm Handling using PHP
Form Handling using PHPNisa Soomro
 

Recomendados

jQuery for beginners
jQuery for beginnersjQuery for beginners
jQuery for beginnersArulmurugan Rajaraman
 
JavaScript - An Introduction
JavaScript - An IntroductionJavaScript - An Introduction
JavaScript - An IntroductionManvendra Singh
 
Node.js Express
Node.js ExpressNode.js Express
Node.js ExpressEyal Vardi
 
Ajax
AjaxAjax
AjaxTech_MX
 
Java Presentation
Java PresentationJava Presentation
Java Presentationpm2214
 
ES6 presentation
ES6 presentationES6 presentation
ES6 presentationritika1
 
JavaScript Fetch API
JavaScript Fetch APIJavaScript Fetch API
JavaScript Fetch APIXcat Liu
 
Form Handling using PHP
Form Handling using PHPForm Handling using PHP
Form Handling using PHPNisa Soomro
 
Php
PhpPhp
Phpsamirlakhanistb
 
Javascript
JavascriptJavascript
JavascriptNagarajan
 
Ruby on Rails Presentation
Ruby on Rails PresentationRuby on Rails Presentation
Ruby on Rails Presentationadamcookeuk
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - APIChetan Gadodia
 
Introduction to JSON & AJAX
Introduction to JSON & AJAXIntroduction to JSON & AJAX
Introduction to JSON & AJAXCollaboration Technologies
 
PHP - Introduction to PHP Forms
PHP - Introduction to PHP FormsPHP - Introduction to PHP Forms
PHP - Introduction to PHP FormsVibrant Technologies & Computers
 
Operators in PHP
Operators in PHPOperators in PHP
Operators in PHPVineet Kumar Saini
 
Understanding REST
Understanding RESTUnderstanding REST
Understanding RESTNitin Pande
 
Php forms
Php formsPhp forms
Php formsAnne Lee
 
Wordpress ppt
Wordpress pptWordpress ppt
Wordpress pptCrest TechnoSoft
 
jQuery
jQueryjQuery
jQueryMostafa Bayomi
 
Database Connectivity in PHP
Database Connectivity in PHPDatabase Connectivity in PHP
Database Connectivity in PHPTaha Malampatti
 
Javascript validating form
Javascript validating formJavascript validating form
Javascript validating formJesus Obenita Jr.
 
Json
JsonJson
JsonSteve Fort
 
Web Development Course: PHP lecture 1
Web Development Course: PHP lecture 1Web Development Course: PHP lecture 1
Web Development Course: PHP lecture 1Gheyath M. Othman
 
REST API and CRUD
REST API and CRUDREST API and CRUD
REST API and CRUDPrem Sanil
 
laravel.pptx
laravel.pptxlaravel.pptx
laravel.pptxasif290119
 
Workshop 21: React Router
Workshop 21: React RouterWorkshop 21: React Router
Workshop 21: React RouterVisual Engineering
 
Introduction Django
Introduction DjangoIntroduction Django
Introduction DjangoWade Austin
 
Php functions
Php functionsPhp functions
Php functionsJIGAR MAKHIJA
 
Web Services Tutorial
Web Services TutorialWeb Services Tutorial
Web Services TutorialLorna Mitchell
 
Web services tutorial
Web services tutorialWeb services tutorial
Web services tutorialLorna Mitchell
 

Mais conteúdo relacionado

Mais procurados

Ruby on Rails Presentation
Ruby on Rails PresentationRuby on Rails Presentation
Ruby on Rails Presentationadamcookeuk
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - APIChetan Gadodia
 
Understanding REST
Understanding RESTUnderstanding REST
Understanding RESTNitin Pande
 
Database Connectivity in PHP
Database Connectivity in PHPDatabase Connectivity in PHP
Database Connectivity in PHPTaha Malampatti
 
Web Development Course: PHP lecture 1
Web Development Course: PHP lecture 1Web Development Course: PHP lecture 1
Web Development Course: PHP lecture 1Gheyath M. Othman
 
REST API and CRUD
REST API and CRUDREST API and CRUD
REST API and CRUDPrem Sanil
 
Introduction Django
Introduction DjangoIntroduction Django
Introduction DjangoWade Austin
 

Mais procurados (20)

Php
PhpPhp
Php
 
Javascript
JavascriptJavascript
Javascript
 
Ruby on Rails Presentation
Ruby on Rails PresentationRuby on Rails Presentation
Ruby on Rails Presentation
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - API
 
Introduction to JSON & AJAX
Introduction to JSON & AJAXIntroduction to JSON & AJAX
Introduction to JSON & AJAX
 
PHP - Introduction to PHP Forms
PHP - Introduction to PHP FormsPHP - Introduction to PHP Forms
PHP - Introduction to PHP Forms
 
Operators in PHP
Operators in PHPOperators in PHP
Operators in PHP
 
Understanding REST
Understanding RESTUnderstanding REST
Understanding REST
 
Php forms
Php formsPhp forms
Php forms
 
Wordpress ppt
Wordpress pptWordpress ppt
Wordpress ppt
 
jQuery
jQueryjQuery
jQuery
 
Database Connectivity in PHP
Database Connectivity in PHPDatabase Connectivity in PHP
Database Connectivity in PHP
 
Javascript validating form
Javascript validating formJavascript validating form
Javascript validating form
 
Json
JsonJson
Json
 
Web Development Course: PHP lecture 1
Web Development Course: PHP lecture 1Web Development Course: PHP lecture 1
Web Development Course: PHP lecture 1
 
REST API and CRUD
REST API and CRUDREST API and CRUD
REST API and CRUD
 
laravel.pptx
laravel.pptxlaravel.pptx
laravel.pptx
 
Workshop 21: React Router
Workshop 21: React RouterWorkshop 21: React Router
Workshop 21: React Router
 
Introduction Django
Introduction DjangoIntroduction Django
Introduction Django
 
Php functions
Php functionsPhp functions
Php functions
 

Semelhante a Web Services PHP Tutorial

ASP.NET Mvc 4 web api
ASP.NET Mvc 4 web apiASP.NET Mvc 4 web api
ASP.NET Mvc 4 web apiTiago Knoch
 
Consuming RESTful Web services in PHP
Consuming RESTful Web services in PHPConsuming RESTful Web services in PHP
Consuming RESTful Web services in PHPZoran Jeremic
 
Consuming RESTful services in PHP
Consuming RESTful services in PHPConsuming RESTful services in PHP
Consuming RESTful services in PHPZoran Jeremic
 
An Introduction to Tornado
An Introduction to TornadoAn Introduction to Tornado
An Introduction to TornadoGavin Roy
 
RESTFul Tools For Lazy Experts - CFSummit 2016
RESTFul Tools For Lazy Experts - CFSummit 2016RESTFul Tools For Lazy Experts - CFSummit 2016
RESTFul Tools For Lazy Experts - CFSummit 2016Ortus Solutions, Corp
 
Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1Henry S
 
JAX-RS JavaOne Hyderabad, India 2011
JAX-RS JavaOne Hyderabad, India 2011JAX-RS JavaOne Hyderabad, India 2011
JAX-RS JavaOne Hyderabad, India 2011Shreedhar Ganapathy
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesSam Bowne
 
Angular - Chapter 7 - HTTP Services
Angular - Chapter 7 - HTTP ServicesAngular - Chapter 7 - HTTP Services
Angular - Chapter 7 - HTTP ServicesWebStackAcademy
 
Ch 3: Web Application Technologies
Ch 3: Web Application TechnologiesCh 3: Web Application Technologies
Ch 3: Web Application TechnologiesSam Bowne
 
RESTful web
RESTful webRESTful web
RESTful webAlvin Qi
 
Embracing HTTP in the era of API’s
Embracing HTTP in the era of API’sEmbracing HTTP in the era of API’s
Embracing HTTP in the era of API’sVisug
 
CNIT 129S - Ch 3: Web Application Technologies
CNIT 129S - Ch 3: Web Application TechnologiesCNIT 129S - Ch 3: Web Application Technologies
CNIT 129S - Ch 3: Web Application TechnologiesSam Bowne
 
Resting on your laurels will get you powned
Resting on your laurels will get you pownedResting on your laurels will get you powned
Resting on your laurels will get you pownedDinis Cruz
 

Semelhante a Web Services PHP Tutorial (20)

Web Services Tutorial
Web Services TutorialWeb Services Tutorial
Web Services Tutorial
 
Web services tutorial
Web services tutorialWeb services tutorial
Web services tutorial
 
ASP.NET Mvc 4 web api
ASP.NET Mvc 4 web apiASP.NET Mvc 4 web api
ASP.NET Mvc 4 web api
 
Consuming RESTful Web services in PHP
Consuming RESTful Web services in PHPConsuming RESTful Web services in PHP
Consuming RESTful Web services in PHP
 
Consuming RESTful services in PHP
Consuming RESTful services in PHPConsuming RESTful services in PHP
Consuming RESTful services in PHP
 
Php reports sumit
Php reports sumitPhp reports sumit
Php reports sumit
 
An Introduction to Tornado
An Introduction to TornadoAn Introduction to Tornado
An Introduction to Tornado
 
Rest ful tools for lazy experts
Rest ful tools for lazy expertsRest ful tools for lazy experts
Rest ful tools for lazy experts
 
RESTFul Tools For Lazy Experts - CFSummit 2016
RESTFul Tools For Lazy Experts - CFSummit 2016RESTFul Tools For Lazy Experts - CFSummit 2016
RESTFul Tools For Lazy Experts - CFSummit 2016
 
Codeigniter
CodeigniterCodeigniter
Codeigniter
 
Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1
 
JAX-RS JavaOne Hyderabad, India 2011
JAX-RS JavaOne Hyderabad, India 2011JAX-RS JavaOne Hyderabad, India 2011
JAX-RS JavaOne Hyderabad, India 2011
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application Technologies
 
Angular - Chapter 7 - HTTP Services
Angular - Chapter 7 - HTTP ServicesAngular - Chapter 7 - HTTP Services
Angular - Chapter 7 - HTTP Services
 
Ch 3: Web Application Technologies
Ch 3: Web Application TechnologiesCh 3: Web Application Technologies
Ch 3: Web Application Technologies
 
RESTful web
RESTful webRESTful web
RESTful web
 
Facebook & Twitter API
Facebook & Twitter APIFacebook & Twitter API
Facebook & Twitter API
 
Embracing HTTP in the era of API’s
Embracing HTTP in the era of API’sEmbracing HTTP in the era of API’s
Embracing HTTP in the era of API’s
 
CNIT 129S - Ch 3: Web Application Technologies
CNIT 129S - Ch 3: Web Application TechnologiesCNIT 129S - Ch 3: Web Application Technologies
CNIT 129S - Ch 3: Web Application Technologies
 
Resting on your laurels will get you powned
Resting on your laurels will get you pownedResting on your laurels will get you powned
Resting on your laurels will get you powned
 

Mais de Lorna Mitchell

Best Practice in API Design
Best Practice in API DesignBest Practice in API Design
Best Practice in API DesignLorna Mitchell
 
Git, GitHub and Open Source
Git, GitHub and Open SourceGit, GitHub and Open Source
Git, GitHub and Open SourceLorna Mitchell
 
Business 101 for Developers: Time and Money
Business 101 for Developers: Time and MoneyBusiness 101 for Developers: Time and Money
Business 101 for Developers: Time and MoneyLorna Mitchell
 
Things I wish web graduates knew
Things I wish web graduates knewThings I wish web graduates knew
Things I wish web graduates knewLorna Mitchell
 
Teach a Man To Fish (phpconpl edition)
Teach a Man To Fish (phpconpl edition)Teach a Man To Fish (phpconpl edition)
Teach a Man To Fish (phpconpl edition)Lorna Mitchell
 
Tool Up Your LAMP Stack
Tool Up Your LAMP StackTool Up Your LAMP Stack
Tool Up Your LAMP StackLorna Mitchell
 
Understanding Distributed Source Control
Understanding Distributed Source ControlUnderstanding Distributed Source Control
Understanding Distributed Source ControlLorna Mitchell
 
Best Practice in Web Service Design
Best Practice in Web Service DesignBest Practice in Web Service Design
Best Practice in Web Service DesignLorna Mitchell
 
Coaching Development Teams: Teach A Man To Fish
Coaching Development Teams: Teach A Man To FishCoaching Development Teams: Teach A Man To Fish
Coaching Development Teams: Teach A Man To FishLorna Mitchell
 
Zend Certification Preparation Tutorial
Zend Certification Preparation TutorialZend Certification Preparation Tutorial
Zend Certification Preparation TutorialLorna Mitchell
 
Implementing OAuth with PHP
Implementing OAuth with PHPImplementing OAuth with PHP
Implementing OAuth with PHPLorna Mitchell
 
Object Oriented Programming in PHP
Object Oriented Programming in PHPObject Oriented Programming in PHP
Object Oriented Programming in PHPLorna Mitchell
 
Could You Telecommute?
Could You Telecommute?Could You Telecommute?
Could You Telecommute?Lorna Mitchell
 
Running a Project with Github
Running a Project with GithubRunning a Project with Github
Running a Project with GithubLorna Mitchell
 
27 Ways To Be A Better Developer
27 Ways To Be A Better Developer27 Ways To Be A Better Developer
27 Ways To Be A Better DeveloperLorna Mitchell
 

Mais de Lorna Mitchell (20)

OAuth: Trust Issues
OAuth: Trust IssuesOAuth: Trust Issues
OAuth: Trust Issues
 
Best Practice in API Design
Best Practice in API DesignBest Practice in API Design
Best Practice in API Design
 
Git, GitHub and Open Source
Git, GitHub and Open SourceGit, GitHub and Open Source
Git, GitHub and Open Source
 
Business 101 for Developers: Time and Money
Business 101 for Developers: Time and MoneyBusiness 101 for Developers: Time and Money
Business 101 for Developers: Time and Money
 
Things I wish web graduates knew
Things I wish web graduates knewThings I wish web graduates knew
Things I wish web graduates knew
 
Teach a Man To Fish (phpconpl edition)
Teach a Man To Fish (phpconpl edition)Teach a Man To Fish (phpconpl edition)
Teach a Man To Fish (phpconpl edition)
 
Join In With Joind.In
Join In With Joind.InJoin In With Joind.In
Join In With Joind.In
 
Tool Up Your LAMP Stack
Tool Up Your LAMP StackTool Up Your LAMP Stack
Tool Up Your LAMP Stack
 
Going Freelance
Going FreelanceGoing Freelance
Going Freelance
 
Understanding Distributed Source Control
Understanding Distributed Source ControlUnderstanding Distributed Source Control
Understanding Distributed Source Control
 
Best Practice in Web Service Design
Best Practice in Web Service DesignBest Practice in Web Service Design
Best Practice in Web Service Design
 
Coaching Development Teams: Teach A Man To Fish
Coaching Development Teams: Teach A Man To FishCoaching Development Teams: Teach A Man To Fish
Coaching Development Teams: Teach A Man To Fish
 
Zend Certification Preparation Tutorial
Zend Certification Preparation TutorialZend Certification Preparation Tutorial
Zend Certification Preparation Tutorial
 
Implementing OAuth with PHP
Implementing OAuth with PHPImplementing OAuth with PHP
Implementing OAuth with PHP
 
Object Oriented Programming in PHP
Object Oriented Programming in PHPObject Oriented Programming in PHP
Object Oriented Programming in PHP
 
Example Presentation
Example PresentationExample Presentation
Example Presentation
 
Could You Telecommute?
Could You Telecommute?Could You Telecommute?
Could You Telecommute?
 
Design Patterns
Design PatternsDesign Patterns
Design Patterns
 
Running a Project with Github
Running a Project with GithubRunning a Project with Github
Running a Project with Github
 
27 Ways To Be A Better Developer
27 Ways To Be A Better Developer27 Ways To Be A Better Developer
27 Ways To Be A Better Developer
 

Último

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 

Último (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 

Web Services PHP Tutorial

  • 2. Web Services Tutorial http://bit.ly/oaxVdy (while you’re waiting, download the files!) 2
  • 3. About Me • Lorna Jane Mitchell • PHP Consultant/Developer • Author • API Specialist • Project Lead on http://joind.in • Twitter: @lornajane • Website: http://lornajane.net 3
  • 4. The Plan • Talk about web services in general • Build a web service • Consume a web service • Talk about how to make excellent web services 4
  • 5. The Plan • Talk about web services in general • Build a web service • Consume a web service • Talk about how to make excellent web services • (we’ll hide some actual textbook theory in there somewhere) • Ask questions! 4
  • 7. What Is A Web Service? • Means of exposing functionality or data • A lot like a web page, but for machines • Integration between applications • Separation within an application 6
  • 8. Integration Between Applications Common to use an API internally as well as exposing it Website 3rd Party / Apps API Data Store 7
  • 9. Separation Within an Application Routing Auth Images Products Orders 8
  • 10. Separation Within an Application Routing Auth Images Products Orders 9
  • 11. Web Services and You This is not rocket science You already know most of what you need! 10
  • 13. Building Blocks You can make an API from any tools you like • Existing MVC setup • Simple PHP (as in these examples) • Framework modules • Component library 12
  • 14. My First Web Service • Make a virtual host • e.g. http://api.local • Don’t forget to restart apache • Add an entry to your hosts file <VirtualHost *:80> ServerName api.local ServerAdmin admin@localhost DocumentRoot /var/www/myapi/public <Directory /var/www/myapi/public> AllowOverride All Order deny,allow Allow from All </Directory> </VirtualHost> api.vhost 13
  • 15. My First Web Service • Create the index.php file • e.g. /var/www/myapi/public/index.php $data = array( 'format' => 'json', 'status' => 'live' ); echo json_encode($data); public/index.php 14
  • 16. Consume Your Service • Use cURL from the command line • curl http://api.local • For more information about curl: • http://curl.haxx.se/ - curl homepage • http://bit.ly/esqBmz - my cheat sheet 15
  • 17. JSON JavaScript Object Notation • Originally for JavaScript • Native read/write in most languages • Simple, lightweight format - useful for mobile • In PHP we have json_encode() and json_decode() • These work with arrays and objects Our service returns: {'format':'json','status':'live'} 16
  • 18. Heartbeat Method • A method which does nothing • No authentication • Requires correct request format • Gives basic feedback • Shows that service is alive 17
  • 19. Delivering A Web Service • Service • Documentation • Examples • A help point 18
  • 20. HTTP and Data Formats
  • 21. HTTP HTTP is Hypertext Transfer Protocol. It is designed to exchange information about a request/response. • Status Codes (e.g. 200, 404) • Headers (e.g. Content-Type, Authorization) • Verbs (e.g GET, POST) 20
  • 22. Status Codes Win or fail? Some common codes: 200 OK 204 No Content 302 Found 301 Moved Permanently 302 Found 400 Bad Request 401 Not Authorised 403 Forbidden 404 Not Found 500 Internal Server Error For more, see: http://bitly.com/h03Dxe 21
  • 23. Working with Status Codes in PHP We can observe status codes with curl, passing the -I switch curl -I http://api.local Let’s amend our web service, to return a 302 header header("302 Found", true, 302); $data = array( 'format' => 'json', 'status' => 'live' ); echo json_encode($data); 22
  • 24. HTTP Verbs • More than GET and POST • PUT and DELETE to update and delete in a RESTful service • HEAD, OPTIONS and others also specified GET Read POST Create In REST, we use: PUT Update DELETE Delete 23
  • 25. HTTP Headers Headers are the metadata about the content we send/receive Useful headers: • Accept and Content-Type: used for content format negotiation • User-Agent: to identify what made the request • Set-Cookie and Cookie: working with cookie data • Authorization: controlling access 24
  • 26. Accept Header What type of content can the consumer understand? • -v with curl to see request and response headers • -H to add headers curl -v -H "Accept: text/html" http://api.local Gives the output: * About to connect() to api.local port 80 (#0) * Trying 127.0.0.1... connected * Connected to api.local (127.0.0.1) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.21.0 (i686-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0 > Host: api.local > Accept: text/html > 25
  • 27. Using the Accept Header We can work out what format the user wanted to see from the Accept header. $data = array( 'status' => 'live', 'now' => time() ); if(false !== strpos($_SERVER['HTTP_ACCEPT'], 'text/html')) { echo "<pre>"; print_r($data); echo "</pre>"; } else { // return json echo json_encode($data); } public/headers.php 26
  • 28. How to REALLY Handle Accept Headers Example accept header (from my browser) text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 • See a much nicer example of this in headers-accept.php • Taken almost entirely from the source of arbitracker • http://arbitracker.org • src/classes/request/parser.php • Try this from curl, setting your own headers, and from your browser 27
  • 29. Content-Type Header The Content-Type header: literally labels the contents of the response. We can include these in our examples: $data = array( 'status' => 'live', 'now' => time() ); if(false !== strpos($_SERVER['HTTP_ACCEPT'], 'text/html')) { header('Content-Type: text/html'); echo "<pre>"; print_r($data); echo "</pre>"; } else { // return json header('Content-Type: application/json'); echo json_encode($data); } public/headers.php 28
  • 30. Handling XML Formats We can work with XML in PHP almost as easily • Content type is text/xml or application/xml • Two XML libraries in PHP • SimpleXML bit.ly/g1xpaP • DOM bit.ly/e0XMzd • Give consumers a choice of formats: HTML, XML, JSON ... 29
  • 31. Adding XML to Our Service $data = array( 'status' => 'live', 'now' => time() ); $simplexml = simplexml_load_string('<?xml version="1.0" ?><data />'); foreach($data as $key => $value) { $simplexml->addChild($key, $value); } header('Content-Type: text/xml'); echo $simplexml->asXML(); public/headers.php The result is this: <?xml version="1.0"?> <data><status>live</status><now>1302981884</now></data> 30
  • 32. Versioning • Always include a version parameter or media type http://example.com/api/v4/status http://example.com/api/status Content-Type: application/vnd.myapi.2+json 31
  • 33. Data Formats • Handle multiple formats, by header or parameter • JSON • XML • ? • Common to detect header, allow parameter override http://example.com/api/v4/status Accept: application/json http://example.com/api/v4/status?format=json Accept: text/html 32
  • 34. Statelessness • Request alone contains all information needed • No data persistence between requests • Resource does not need to be in known state • Same operation performs same outcome 33
  • 36. Consuming Your First Web Service Three ways to consume web services: • Via streams (e.g. file_get_contents()) • Using the curl extension • http://lrnja.net/I5JD9R • Using Pecl_HTTP • http://lrnja.net/I23yZj 35
  • 37. Using File_Get_Contents This is the simplest, especially for a GET request $response = file_get_contents('http://api.local/'); var_dump($response); You can set more information in the stream context bit.ly/gxBAgV 36
  • 38. Using Curl This extension is commonly available $ch = curl_init('http://api.local/'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); var_dump($response); Look out for the CURLOPT_RETURNTRANSFER; without it, this will echo the output 37
  • 39. Using Pecl_HTTP This is the most powerful and flexible, and can easily be installed from http://pecl.php.net $request = new HTTPRequest('http://api.local/', HTTP_METH_GET); $request->send(); $response = $request->getResponseBody(); var_dump($response); Strongly recommend pecl_http if you are able to install pecl modules on your platform 38
  • 41. Web Service Types There are a few types of web service • RESTful • RPC (Remote Procedure Call) • XML-RPC • JSON-RPC • Soap 40
  • 42. RPC Services These services typically have: • A single endpoint • Method names • Method parameters • A return value • Often all POST requests A familiar model for us as developers 41
  • 43. Soap • Not an acronym • (used to stand for Simple Object Access Protocol) • Special case of XML-RPC • VERY easy to do in PHP • Can be used with a WSDL • Web Service Description Language 42
  • 44. Soap Example: Library Class public function eightBall() { $options = array( "Without a doubt", "As I see it, yes", "Most likely", "Reply hazy, try again", "Better not tell you now", "Concentrate and ask again", "Don't count on it", "Very doubtful"); return $options[array_rand($options)]; } /public/soap/Library.php 43
  • 45. Soap Server (don’t blink or you will miss it!) include('Library.php'); $options = array('uri' => 'http://api.local/soap'); $server = new SoapServer(NULL, $options); $server->setClass('Library'); $server->handle(); /public/soap/index.php 44
  • 46. Consuming a Soap Service To call PHP directly, we would do: include('Library.php'); $lib = new Library(); $response = $lib->eightBall(); echo $response; Over Soap: $options = array('uri' => 'http://myapi.local', 'location' => 'http://myapi.local/soap/'); try{ $client = new SoapClient(NULL, $options); $response = $client->eightBall(); echo $response; } catch (SoapFault $e) { echo "ERROR: " . $e->getMessage(); } 45
  • 47. Pros and Cons of Soap • Many languages have libraries for it • .NET and Java programmers in particular like it 46
  • 48. Pros and Cons of Soap • Many languages have libraries for it • .NET and Java programmers in particular like it • Weird things happen between languages regarding data types • When it works, it’s marvellous • When it doesn’t work, it’s horrid to debug (so I’ll show you how) 46
  • 49. Pros and Cons of Soap • Many languages have libraries for it • .NET and Java programmers in particular like it • Weird things happen between languages regarding data types • When it works, it’s marvellous • When it doesn’t work, it’s horrid to debug (so I’ll show you how) • WSDL is complicated! 46
  • 50. Working with WSDLs WSDL stands for Web Service Description Language • WSDLs were not designed for humans to read • They are written in XML, and are very verbose • If you do need to read one, start at the END and read upwards in sections • Soap uses very strict data typing, which is an unknown concept in PHP Read about WSDLs: bit.ly/eNZOmp 47
  • 51. Debugging Soap The Soap extension has some debug methods: • Set the options to include trace=1 in the SoapClient • getLastRequest(), getLastRequestHeaders(), getLastResponse(), getLastResponseHeaders() are then available For all web service types, you can use: • I like Wireshark (http://www.wireshark.org) • Others use Charles (http://www.charlesproxy.com) • If you like reading XML then use curl • SoapUI (http://soapui.org) 48
  • 53. Consistency • Important to retain • Naming conventions • Parameter validation rules • Parameter order • Just as you would in library code 50
  • 54. The Action Parameter As a simple place to start, let’s add an action parameter. // route the request (filter input!) $action = $_GET['action']; $library = new Actions(); $data = $library->$action(); /rpc/index.php Here’s the code for the Actions class class Actions { public function getSiteStatus() { return array('status' => 'healthy', 'time' => date('d-M-Y')); } } /rpc/actions.php So try http://api.local/rpc/index.php?action=getSiteStatus 51
  • 55. Small APIs • Beware adding new functionality • Simple is maintainable • Easy to use and understand 52
  • 56. Adding an Action To add a new action, create a new method for the Actions class, returning an array to pass to the output handlers public function addTwoNumbers($params) { return array('result' => ($params['a'] + $params['b'])); } /rpc/actions.php But how do we pass the parameters in? Something like this // route the request (filter input!) $action = $_GET['action']; $library = new Actions(); // OBVIOUSLY you would filter input at this point $data = $library->$action($_GET); /rpc/index.php 53
  • 57. Access Control A few common ways to identify users • Username and password with every request • Login action and give a token to use • OAuth • For internal applications, firewalls 54
  • 58. RPC Service Example: Flickr Take a look at http://www.flickr.com/services/api/ • Supports multiple formats (for request and response) • Is well-documented and consistent • Has libraries helping users to consume it • Offers both RPC and RESTful (kind of!) interfaces • Follows true XML-RPC (see http://en.wikipedia.org/wiki/Xml-rpc) Vast numbers of applications using this API to provide flickr functionality elsewhere 55
  • 59. RPC vs REST We’ve seen an RPC service, but what about REST? The two are quite different • RPC services describe protocols, e.g. XML-RPC • RPC is a familiar: functions and arguments • REST is a set of principles • Takes advantage of HTTP features • Typically has "pretty URLs", e.g. Twitter is mostly RESTful 56
  • 61. REST • REpresentational State Transfer • URLs are unique resource identifiers • HTTP verbs indicate which operation should happen • We have full CRUD operations on a series of resources Here’s one I prepared earlier: /public/rest/ 58
  • 62. REST as a Religion Beware publishing a service labelled "RESTful" • Someone will always tell you it isn’t • They are probably right • The strict rules around REST sometimes fit badly around business requirements • Flamewars will ensue Instead: "An HTTP Web Service" 59
  • 63. Making Our Service Restful We’re aiming for URLs that look something like this: • http://api.local/rest/user • http://api.local/rest/user/3 • http://api.local/rest/user/3/friends A specific item is a resource; where you request a list, e.g. /user, this is called a collection 60
  • 64. All Requests to index.php We want to push all requests through index.php, there is an .htaccess file that does this <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/$1 [L] </IfModule> /public/rest/.htaccess 61
  • 65. Routing Within Our App So our routing depends on the URL and on the verb used, so our controllers have a method per verb: • GET /user • Becomes UserController::GETAction() // route the request (filter input!) $verb = $_SERVER['REQUEST_METHOD']; $action_name = strtoupper($verb) . 'Action'; $url_params = explode('/',$_SERVER['PATH_INFO']); $controller_name = ucfirst($url_params[1]) . 'Controller'; $controller = new $controller_name(); $data = $controller->$action_name($url_params); // output appropriately $view->render($data); /public/rest/index.php 62
  • 66. A Simple Controller Now in UserController we add a GETAction class UsersController { public function GETAction($parameters) { $users = array(); // imagine retreving data from models if(isset($parameters[2])) { return $users[(int)$parameters[2]]; } else { return $users; } } } /public/rest/controllers.php 63
  • 67. Extending our Service Next we will add something to get the user’s friends http://api.local/users/1/friends class UsersController { public function GETAction($parameters) { $users = array(); $friends = array(); // imagine retreving data from models if(isset($parameters[2])) { if(isset($parameters[3]) && $parameters[3] == 'friends') { return $friends[(int)$parameters[2]]; } else { return $users[(int)$parameters[2]]; } } else { return $users; } } } /public/rest/controllers.php 64
  • 68. Hypermedia • The items returned are resources with their URLs • This is hypermedia - providing links to related items/collections • Allows a service to be self-documenting • Allows a service to change its URLs - because they’re provided 65
  • 69. Creating New Records RESTful services use POST for creating data, so we have POSTAction curl -X POST http://api.local/users -d name="Fred Weasley" public function POSTAction() { // sanitise and validate data please! $data = $_POST; // create a user from params $user['name'] = $data['name']; // save the user, return the new id // redirect user header('201 Created', true, 201); header('Location: http://api.local/rest/users/5'); return $user; } /public/rest/controllers.php 66
  • 70. Updating Records • To create: we used POST • To update: we use PUT The code looks basically the same, apart from: // instead of this: $data = $_POST; // use this: parse_str(file_get_contents('php://input'), $data); 67
  • 71. Appropriate Status Codes for REST • GET • 200 or maybe 302 if we found it somewhere else • 404 if we can’t find it • POST • 201 and a location header to the new resource • or 400 if we can’t create an item • PUT • 204 for OK (but no content) • 400 if the supplied data was invalid • DELETE • 200 at all times, for idempotency 68
  • 72. Responding to Failure • Use expected response format • Collate all errors and return • Help users help themselves • Be consistent • Be accurate 69
  • 74. Technical Aspects All PHP Best Practices apply equally to APIs • Source control • Unit/Integration testing • Automated deployment • Monitoring Reliability and consistency are key 71
  • 75. User Aspects Who will use your API? • Offer API Docs • Write a quick start for the impatient • Show examples, as many as possible • Tutorials, blog posts, links to forum answers, anything • Respond to questions 72
  • 77. Resources All links are in the bit.ly bundle bit.ly/emRpYT 74
  • 78. Thanks https://joind.in/6217 @lornajane http://lornajane.net 75