Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Modified:SunNov282021,20:49:24Humlav0.3
MiddlewareArchitectures1Lecture4:HATEOAS,CachingandConcurrency
doc.Ing.TomášVitvar,[email protected]•@TomasVitvar•https://vitvar.com
CzechTechnicalUniversityinPragueFacultyofInformationTechnologies•SoftwareandWebEngineering•https://vitvar.com/lectures
Overview
HATEOASCaching,Revalidation,ConcurrencyControlRichardsonMaturiyModel
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒2‒
HATEOAS
HATEOAS=HypertextastheEngineforApplicationState‒TheRESTcoreprinciple‒Hypertext→Hypertextisarepresentationofaresourcestatewithlinks
→AlinkisanURIofaresource→Applyinganaccess(PUT,POST,DELETE)toaresourceviaitslink=statetransition
Statelessness‒Aservicedoesnotuseasessionmemorytorememberastate
‒HATEOASenablesstatelessimplementationofservicesLecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒3‒
StatefulserverSessionstostoretheapplicationstate‒Theappusesaservermemorytorememberthestate‒Whentheserverrestarts,theappstateislost
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒4‒
StatelessserverHTTPandhypermediatotransfertheappstate‒Doesnotuseaservermemorytoremembertheappstate‒StatetransferredbetweenaclientandaserviceviaHTTPmetadataandresources'representations
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒5‒
PersistentStorageandSessionMemoryPersistentStorage‒Containstheappdata‒Dataisserializedintoresourcerepresentationformats‒AllsessionsmayaccessthedataviaresourceIDsSessionMemory‒Servermemorythatcontainsastateoftheapp‒Asessionmayonlyaccessitssessionmemory‒Accessthroughcookies‒Note→Asessionmemorymaybeimplementedviaapersistentstorage(suchasinGoogleAppEngine)
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒6‒
LinkServiceoperation‒Applyinganaccesstoalink(GET,PUT,POST,DELETE)‒Link:HTTPmethod+resourceURI+optionallinksemanticsExample:getOrder,addOrder,andupdateItem
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒7‒
AtomLinksAtomSyndicationFormat‒XML-baseddocumentformat;Atomfeeds‒AtomlinksbecomingpopularforRESTfulapplications
‒Linkstructurerel–nameofthelink~semanticsofanoperationbehindthelinkhref–URItotheresourcedescribedbythelinktype–mediatypeoftheresourcethelinkpointsto
12345678
<ordera:xmlns="http://www.w3.org/2005/Atom"xmlns="..."><a:linkrel="next"href="http://company.com/orders/5543"type="application/xml"/><customer>Tomas</customer><items>...</items></order>
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒8‒
LinkSemanticsStandardrelvalues‒Navigation:next,previous,self‒DoesnotreflectaHTTPmethodyoucanuseExtensionrelvalues‒Youcanusereltoindicateasemanticsofanoperation‒Example:additem,deleteorder,updateorder,etc.‒Aclientassociatesthissemanticswithanoperationitmayapplyataparticularstate
‒ThesemanticsshouldbedefinedbyusinganURI1234567
<ordera:xmlns="http://www.w3.org/2005/Atom"xmlns="..."><id>2324</id><a:linkrel="http://company.com/op/addItem"href="http://company.com/orders/2324"/><a:linkrel="http://company.com/op/deleteOrder"href="http://company.com/orders/2324"/></order>
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒9‒
LinkHeadersAnalternativetoAtomlinksinresourcerepresentations‒linksdefinedinHTTPLinkheader,WebLinkingIETFspec‒TheyhavethesamesemanticsasAtomLinks‒Example:
Advantages‒noneedtogettheentiredocument‒noneedtoparsethedocumenttoretrievelinks‒useHTTPHEADonly
>HEAD/ordersHTTP/1.1<Content-Type:application/xml<Link:<http://company.com/orders/?page=2&size=10>;rel="next"<Link:<http://company.com/orders/?page=10&size=10>;rel="last"
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒10‒
PreconditionsandHATEOASPreconditionsinHATEOAS‒Serviceinacurrentstategeneratesonlyvalidtransitionsthatitincludesintherepresentationoftheresource.
‒Transitionlogicisrealizedattheserver-side
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒11‒
AdvantagesLocationtransparency‒only"entry-level"linkspublishedtotheWorld‒otherlinkswithindocumentscanchangewithoutchangingclient'slogic‒Hypertextrepresentsthecurrentuser'sview,i.e.rightsorothercontextLoosecoupling‒noneedforalogictoconstructthelinks‒ClientsknowtowhichstatestheycanmovevialinksStatelessnessandCloud‒Betterimplementationofscalability
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒12‒
Overview
HATEOASCaching,Revalidation,ConcurrencyControlRichardsonMaturiyModel
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒13‒
Scalability
Needforscalability‒HugeamountofrequestsontheWebeveryday‒HugeamountofdatadownloadedSomeexamples‒Google,Facebook:5billionAPIcalls/day‒Twitter:3billionsofAPIcalls/day(75%ofallthetraffic)→50milliontweetsaday
‒eBay:8billionAPIcalls/month‒Bing:3billionAPIcalls/month‒AmazonWS:over100billionobjectsstoredinS3ScalabilityinREST‒Cachingandrevalidation‒Concurrencycontrol
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒14‒
Caching
Yourserviceshouldcache:‒anytimethereisastaticresource‒eventhereisadynamicresource→withchancesitupdatesoften→youcanforceclientstoalwaysrevalidate
threesteps:‒clientGETstheresourcerepresentation‒servercontrolshowitshouldcachethroughCache-Controlheader‒clientrevalidatesthecontentviaconditionalGET
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒15‒
CacheHeadersCache-Controlresponseheader‒controlsoverlocalandproxycaches‒private–noproxyshouldcache,onlyclientscan‒public–anyintermediarycancache(proxiesandclients)‒no-cache–theresponseshouldnotbecached.Ifitiscached,thecontentshouldalwaysberevalidated.
‒no-store–mustnotstorepersistently(thisturnsoffcaching)‒no-transform–notransformationofcacheddata;e.g.compressions‒max-age,s-maxageatimeinsecondshowlongthecacheisvalid;s-maxageforproxies
Last-ModifiedandETagresponseheaders‒ContentlastmodifieddateandacontententitytagIf-Modified-SinceandIf-None-Matchrequestheaders‒Contentrevalidation(conditionalGET)
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒16‒
ExampleDateRevalidationCachecontrolexample:
‒onlyclientcancache,thecacheisvalidfor200seconds.Revalidation(conditionalGET)example:‒Aclientrevalidatesthecacheafter200seconds.
>GET/ordersHTTP/1.1>...<HTTP/1.1200OK<Content-Type:application/xml<Cache-Control:private,max-age=200<Last-Modified:Sun,7Nov2011,09:40CET<<...data...
>GET/ordersHTTP/1.1>If-Modified-Since:Sun,7Nov2011,09:40CET<HTTP/1.1304NotModified<Cache-Control:private,max-age=200<Last-Modified:Sun,7Nov2011,09:40CET
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒17‒
EntityTagsSignatureoftheresponsebody‒AhashsuchasMD5‒AsequencenumberthatchangeswithanymodificationofthecontentTypesoftag‒StrongETag:reflectsthecontentbitbybit‒WeakETag:reflectsthecontent"semantically"→Theappdefinesthemeaningofitsweaktags
ExamplecontentrevalidationwithETag<HTTP/1.1200OK<Cache-Control:private,max-age=200<Last-Modified:Sun,7Nov2011,09:40CET<ETag:"4354a5f6423b43a54d">GET/ordersHTTP/1.1>If-None-Match:"4354a5f6423b43a54d"<HTTP/1.1304NotModified<Cache-Control:private,max-age=200<Last-Modified:Sun,7Nov2011,09:40CET<ETag:"4354a5f6423b43a54d"
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒18‒
DesignSuggestionsComposedresourcesuseweakETags‒Forexample/orders→acomposedresourcethatcontainsasummaryinformation→changestoanorder'sitemswillnotchangesemanticsof
/orders‒ItisusuallynotpossibletoperformupdatesontheseresourcesNon-composedresourcesusestrongETags‒Forexample/orders/{order-id}‒TheycanbeupdatedFurthernotes‒ServershouldsendbothLast-ModifiedandETagheaders‒IfclientsendsbothIf-Modified-SinceandIf-None-Match,ETagvalidationtakespreference
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒19‒
WeakETagExampleAppspecific,/ordersresourceexample
WeakETagcomputefunctionexample‒Anymodificationtoanorder'sitemsisnotsignificantfor/orders:
12345678910111213
{"orders":[{"id":2245,"customer":"Tomas","descr":"Stufftobuildahouse.","items":[...]},{"id":5546,"customer":"Peter","descr":"Thingstobuildapipeline.","items":[...]}]}
12345678
varcrypto=require("crypto");functioncomputeWeakETag(orders){varcontent="";for(vari=0;i<orders.length;i++)content+=orders[i].id+orders[i].customer+orders[i].descr;returncrypto.createHash('md5').update(content).digest("hex");}
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒20‒
WeakETagRevalidationUpdating/ordersresource‒POST/orders/{order-id}insertsanewitemtoanorder‒Anychangestoorders'itemswillnotchangetheWeakETag
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒21‒
ConcurrencyTwoclientsmayupdatethesameresource1)aclientGETsaresourceGET/orders/55452)theclientmodifiestheresource3)theclientupdatestheresourceviaPUT/orders/5545HTTP/1.1
Whathappensifanotherclientupdatestheresourcebetween1)and3)?Concurrencycontrol‒ConditionalPUT→UpdatetheresourceonlyifithasnotchangedsinceaspecifieddateoraspecifiedETagmatchestheresourcecontent
‒If-Unmodified-SinceandIf-Matchheaders‒ResponsetoconditionalPUT:→200OKifthePUTwassuccessful→412PreconditionFailediftheresourcewasupdatedinthemeantime.
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒22‒
ConcurrencyControlProtocol
ConditionalPUTandETags‒ConditionalPUTmustalwaysusestrongentitytagsordatevalidation
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒23‒
Overview
HATEOASCaching,Revalidation,ConcurrencyControlRichardsonMaturiyModel
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒24‒
StepstowardsREST
SeeRichardsonMaturiyModeldetails.
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒25‒
LevelsLEVEL0–POX(PlainOldXML)‒HTTPasatunnelingmechanism‒URLdefinesaserviceendpoint‒NoWebprinciplesLEVEL1–Resources‒TakeadvantagesofresourcesandURIsLEVEL2–HTTPVerbs‒UseHTTPmethodsandrespecttheirsemanticsLEVEL3–HypermediaControls‒HATEOAS
Lecture4:HATEOAS,CachingandConcurrency,CTUWinterSemester2021/2022,@TomasVitvar ‒26‒