Three years ago, with the release of the GraphQL specification, Facebook took a fresh stab at the topic of "API design between remote services and applications." The key aspects of GraphQL provide a common, schema-based, domain-specific language and flexible, dynamic queries at interface boundaries.
In the talk, I'd like to compare GraphQL and REST and showcase benefits for developers and architects using a concrete example in application and API development, data source and system integration.
3. I'm no expert in RESTful API design,
development and deployment.
If in doubt ask the experts, like Stefan, Oliver,
Jim, Ian, ...
I did a decent share of GraphQL though.
4. You ?
Have you heard of GraphQL?
Have you used GraphQL?
Did you attend the talks from Lars Röwekamp
or Manuel Mauky at OOP?
5. Some wise Words on Choosing an API Style
• Context matters
• API design styles are just tools
• Make an informed choice
• Choice will affect many aspects
(impl, dev-experience, lifecycle)
https://apihandyman.io/and-graphql-for-all-a-few-things-to-think-about-before-blindly-dumping-rest-for-graphql/
10. What is GraphQL ?
GraphQL is an API query language
The "Graph" is the application domain model
Specification & Reference Implementation
Expressive, extensible nested expressions
11. What is GraphQL not?
GraphQL is not a (graph) database query language
GraphQL is not a RESTful API
GraphQL is not a Silver Bullet
13. Why GraphQL?
We were frustrated with the differences between the data we
wanted to use in our apps and the server queries they
required.
GraphQL was our opportunity to rethink mobile app data-
fetching from the perspective of product designers and
developers.
It moved the focus of development to the client apps, where
designers and developers spend their time and attention.
GraphQL, a data query language. Post by Lee Byron
15. GraphQL - Origins?
•Facebook 2012
• efficient queries for
mobile clients
• minimize latency &
roundtrips
• "get what you need"
• pragmatic development
• Open Sourced 2015
• Language Specificiation
• Reference Implementation
• Quickly Growing Community
• esp. in Javascript (React)
• but also in backends
• Developer Tooling
• Working Group for Spec
32. What issues wants GraphQL to solve?
• one shape of resource vs. many different needs
• custom shape of data query
• type safe and valid
• latency & roundtrips
• updates as commands, http verbs not expressive enough
• language for communication between teams
• front-end & back-end can develop independently
• better developer tooling
35. Design Principles
• a language used to query application servers that have
capabilities defined in this specification
• does not mandate a particular programming language
or storage system
• map capabilities to a uniform language, type system, and philosophy
• unified interface friendly to product development
and a powerful platform for tool‐building
37. What is GraphQL Spec ?
• Formal language specification for schema & operations
• Developed by Working Group
• at Facebook
• collaborates with community
• Published (regularly) after updates
• Reference Implementation (JavaScript)
http://facebook.github.io/graphql/ http://graphql.org/learn/
38. What is in the GraphQL Spec ?
• Schema
• Types
• Query Language
• Mutations
• Subscriptons
• Extensibility
• Parameters
• Expected behavior
• Fragments
• Results & Errors
• No prescribed transport
• Mostly HTTP (GET or POST)
http://facebook.github.io/graphql/ http://graphql.org/learn/
54. GraphQL Transport
• Not prescribed
• Most often HTTP on /graphql
• POST or GET
• Hard to cache
• HTTP 200 with inline errors
• Monitoring / Tracing by middleware
55. GraphQL Auth
• In GraphQL server
• In Middleware before
• In Field resolver
• Use of directives @allowed(roles: [Admin])
58. GraphQL Development
1. Schema First – Agree on first iteration of schema
2. Register Schema
3. Implement Type Resolver
4. Fetch Data (static, db, api)
5. Implement Client App view with GraphQL client library
6. Iterate
60. GraphQL Uses
Larger Companies
• Consolidate sprawling APIs
• API domain language
• API Facades (Schema stitching)
• Wrap data sources & APIs
• Automatic API documentation
• API monitoring
• API evolution
Anyone (esp. Startups)
• Webapp development
• Mobile app development
• Quick Prototyping
• GraphQL as a service
66. Introspection
{ __type(name:"Talk") {
name
fields {
name
description
}}}
• in every backend
• queryable via graphql
• for validation
• type completion
• visualization
• fetching Schema SDLhttps://github.com/graphql-cli/graphql-cli
67. Documentation
# Conference Sessions
type Talk {
# id, e.g. Mi 3.2
id: ID!
title: String!
abstract: String
# multiple speakers
speaker: [Person!]!
}
• auto-generated from schema
• comments as docs
• browseable in client
• helpful for type completion
84. RESTful API
• several resources, reachable via URI
• links between resources
• HTTP as protocol
• different representations / media-types, .e.g JSON
85. Philosophy & Guidelines
REST is software design on the scale of decades: every
detail is intended to promote software longevity and
independent evolution. Many of the constraints are
directly opposed to short-term efficiency.
- Roy Fielding
http://roy.gbiv.com/untangled/2008/rest-apis-must-be-hypertext-driven
86. Philosophy & Guidelines
I think most people just make the mistake that it should
be simple to design simple things. In reality, the effort
required to design something is inversely proportional
to the simplicity of the result. As architectural styles go,
REST is very simple.
- Roy Fielding
http://roy.gbiv.com/untangled/2008/rest-apis-must-be-hypertext-driven
87. New API Description Languages & Tools
• Not much tooling in first 5 years
• Web Service Description Language (WSDL)
• Web Application Description Language (WADL)
• Restful Service Description Language (RSDL)
• HATEOAS – Hypermedia As The Engine Of Application State
• Swagger
• RESTful API Modeling Language (RAML)
89. GraphQL REST
free operation names for queries &
mutations
HTTP Verbs
strong type safety none
operations are fields in schema Resources at URIs
model changes require schema +
query changes
no API change through model change
addtive, deprecation, monitoring versioning, tagged resources
allows introspection communicates links to operations
depending on transport, minimally uses web infrastructure
strong tooling some tooling, depending on API tool
90. REST Benefits
• Well understood and known
• HTTP Protocol incl. Verbs
• Web Standards
• Web Infrastructure (Caching, Auth)
• Isolated Resources
• Dynamic links / data in REST API change client behavior
91. REST Issues
• Most RESTful API are just HTTP APIs
• Effort for complex queries (n+1, latency)
• Overfetching, Underfetching
• Versioning
92. GraphQL Benefits
• Type Safety
• Schema = Contract
• No overfetching, only resolve requested fields
• Single Request
• Combining Queries / Reusing existing Results
• Good set of libraries
• Explicit Specification + Reference Implementation
• Active Community / Drivers / Tools
93. GraphQL Issues
• Still New / Adoption
• Filtering
• Aggregation
• Auth
• Move aggregation to server
• Caching in Server & Client
• Larger Request Sizes
• Can't change hierarchy structure
design principles:
Hierarchical: Most product development today involves the creation and manipulation of view hierarchies. To achieve congruence with the structure of these applications, a GraphQL query itself is structured hierarchically. The query is shaped just like the data it returns. It is a natural way for clients to describe data requirements.
Product‐centric: GraphQL is unapologetically driven by the requirements of views and the front‐end engineers that write them. GraphQL starts with their way of thinking and requirements and build the language and runtime necessary to enable that.
Strong‐typing: Every GraphQL server defines an application‐specific type system. Queries are executed within the context of that type system. Given a query, tools can ensure that the query is both syntactically correct and valid within the GraphQL type system before execution, i.e. at development time, and the server can make certain guarantees about the shape and nature of the response.
Client‐specified queries: Through its type system, a GraphQL server publishes the capabilities that its clients are allowed to consume. It is the client that is responsible for specifying exactly how it will consume those published capabilities. These queries are specified at field‐level granularity. In the majority of client‐server applications written without GraphQL, the server determines the data returned in its various scripted endpoints. A GraphQL query, on the other hand, returns exactly what a client asks for and no more.
Introspective: GraphQL is introspective. A GraphQL server’s type system must be queryable by the GraphQL language itself, as will be described in this specification. GraphQL introspection serves as a powerful platform for building common tools and client software libraries.
Strong Typing
defines an application‐specific type system
queries within its context
syntactically correct & valid within context, feedback during dev. time
Client‐specified queries
publishes the capabilities that its clients are allowed to consume
client responsible for specifying exactly what it wants to retrieve (field level)
Hierarchical
create and manipulate view hierarchies
query shaped in same way as result data
Product Centric
driven by the requirements of views and the front‐end engineers
build the language and runtime necessary to enable their way of thinking
Introspective
type system must be queryable using graphql itself
powerful platform for building common tools and client software libraries
Strong Typing
defines an application‐specific type system
queries within its context
syntactically correct & valid within context, feedback during dev. time
Client‐specified queries
publishes the capabilities that its clients are allowed to consume
client responsible for specifying exactly what it wants to retrieve (field level)
Hierarchical
create and manipulate view hierarchies
query shaped in same way as result data
Product Centric
driven by the requirements of views and the front‐end engineers
build the language and runtime necessary to enable their way of thinking
Introspective
type system must be queryable using graphql itself
powerful platform for building common tools and client software libraries
design principles:
Hierarchical: Most product development today involves the creation and manipulation of view hierarchies. To achieve congruence with the structure of these applications, a GraphQL query itself is structured hierarchically. The query is shaped just like the data it returns. It is a natural way for clients to describe data requirements.
Product‐centric: GraphQL is unapologetically driven by the requirements of views and the front‐end engineers that write them. GraphQL starts with their way of thinking and requirements and build the language and runtime necessary to enable that.
Strong‐typing: Every GraphQL server defines an application‐specific type system. Queries are executed within the context of that type system. Given a query, tools can ensure that the query is both syntactically correct and valid within the GraphQL type system before execution, i.e. at development time, and the server can make certain guarantees about the shape and nature of the response.
Client‐specified queries: Through its type system, a GraphQL server publishes the capabilities that its clients are allowed to consume. It is the client that is responsible for specifying exactly how it will consume those published capabilities. These queries are specified at field‐level granularity. In the majority of client‐server applications written without GraphQL, the server determines the data returned in its various scripted endpoints. A GraphQL query, on the other hand, returns exactly what a client asks for and no more.
Introspective: GraphQL is introspective. A GraphQL server’s type system must be queryable by the GraphQL language itself, as will be described in this specification. GraphQL introspection serves as a powerful platform for building common tools and client software libraries.
Represents named entrypoint
Declared in Schema as Query Object
Field that takes named parameter
Returns Object Type or Scalar
Implementation in GraphQL Server
Extensible via Directives
Represents named Update Operation
Declared in Schema as Mutation
Field that takes parameters
Returns Object Type or Scalar
Implementation in GraphQL Server
Represents named Update Operation
Declared in Schema as Mutation
Field that takes parameters
Returns Object Type or Scalar
Implementation in GraphQL Server
Represents named Update Operation
Declared in Schema as Mutation
Field that takes parameters
Returns Object Type or Scalar
Implementation in GraphQL Server
Represents named Update Operation
Declared in Schema as Mutation
Field that takes parameters
Returns Object Type or Scalar
Implementation in GraphQL Server
Represents named Update Operation
Declared in Schema as Mutation
Field that takes parameters
Returns Object Type or Scalar
Implementation in GraphQL Server
like Java Annotation
In Type Schema or Query
on Types, Fields, Parameters
e.g. @isUnique, @isDeprecated, @local
custom directives
can have parameters, and directives
field resolver
language specfication
typesafe schema
validations of query & schema
introspection capabilities
built in documentation
schema with separate queries and mutations
subscriptions
typesafe, named parameters on every field, default params
arbitrary nesting of queries
mutations can return data
directives as built-in extension mechanism
support offline mode
add + deprecate fields & types
proper type system – object types, input types, enums, union, scalars, basic types
nullability
type references
monitoring & tracking per field
virtual schema stitching
Aliases
(named) fragments
multiple queries, mutations per request
aliases