What Not How - Posts tagged 'dialogue'

FOREST: a GET-only REST Integration Pattern

2009-10-09T17:14:00Z

Since the day in 2006 that our dialogue took place with an imaginary eBay Architect, he has been promoted to imaginary Enterprise Architect in an investment bank! Convinced by the merits of REST, he took his enthusiasm for it into his new job and embarked on architecting a trading system using REST or ROA as an alternative to SOA.

Now, he hit upon a snag: he had a REST "bank server" generating bids on an instrument and POSTing them into that instrument's REST "market server". But then he had two copies of his bid! One held by the bank server on one URI, and the other in a "bid collection" held by the market server's instrument - on another URI.

He asked himself: "Which URI is the real one? Which host 'owns' the bid? Is the market's copy just a cache? If so, why does it have a new URI? Why doesn't the market host know the URI of the bank's original bid? Why can't servers become clients and just GET the data that their own data depends upon?" The server seemed to be dominating the conversation, not letting its 'client' server have a say in things.

Our worried Enterprise Architect noticed that such Service-Orientation permeated REST practice: there were "REST APIs" to Web sites, or "Web services" with a small 's'. Even AtomPub had a "service document"! Some patterns, like AtomPub, offered just simple read/write data services through the full HTTP method set. Some simply used such a read/write interface as a wrapper around more complex service functions.

He wondered: "Where's the Web in REST integration? The Web works great without PUT and DELETE: isn't using GET on its own RESTful enough?"

So, remembering something I said about "Symmetric REST", he contacted me again...

Enterprise Architect: I see we made it into Appendix A of the REST book by Richardson and Ruby!

Duncan Cragg: Indeed - even though I hadn't finished writing up our chat when it was published...

EA: So why did it take you so long to write it up?

DC: Well, I, er, got distracted by Web 2.0 and Mobile 2.0!

But I'm back now, intending to focus more on ROA's advantages over SOA.

EA: Great! Because I wanted to talk to you about that.

Where I now work, we are looking at REST or ROA as an alternative to SOA. However, all the available REST patterns still seem to see the world through Service-Oriented eyes.

I want to do REST like the Web does: to have different servers just publishing stuff that's all linked up. And "mashed up": to have that stuff, that data, "over here" depend on that data "over there": meaning that servers can be clients and vice-versa.

DC: Hyperdata that depends on someone else's hyperdata! Maybe rewrite rules over interlinked XHTML.

I called it "REST Observer" back then, but recent events on the rest-discuss mailing list have left me very wary of using the word 'REST' so openly in the name of something!

So I decided to hide it within a different word: 'FOREST'!

Here is a posting about FOREST that I recently made to the rest-discuss mailing list:

FOREST

FOREST is a GET-only REST Integration Pattern defined simply as:

A resource's state depends on the state of other resources that it links to.

This means that resource servers must also be clients in order to see those dependencies.

Common Web Pattern

FOREST is a REST Pattern derived from GET-only or polling Web use-cases, including mashups:

feed aggregators or filters
search index results pages
pages that depend on a search
Google's mobile versions of pages
sites that create summaries of other Web pages
sites that create feeds from Web pages
creating pages or feeds from REST 'APIs' (GET only)
Yahoo Pipes

Going Enterprisey

FOREST is a REST Pattern for building "Enterprise Mashups" in an ROA / WOA / SOA.

OK - those of you without Dion Hinchcliffe in your feed reader may be feeling a little queasy at this point, but I'd encourage you to read on ... Actually, I quite like the phrase "Enterprise Mashup" since it lightens the gravity of that 'Enterprise' word.

Enterprise Mashup Markup Language is the nearest thing to this that I know about, but FOREST is quite different: it is much simpler and is /only/ a REST Pattern.

Patterns can be implemented in frameworks...

A FOREST implementation would inevitably be over HTTP. It would initially be just XHTML or Atom. I imagine fetching XHTML resources within which are expected to be links to more such documents. Any XHTML could depend on any other, and they're all interlinked. If you depend on another resource, you must have found it directly or indirectly through links in your body. Alternative discovery: a resource could be told that it is being watched using an HTTP header in the GET request listing the URIs of the resources that depend on it - then it could watch and link back. Etag would be used for an automatically incremented version number.

Rough Consensus and Working Code

I would ideally see this work towards a formal description via "rough consensus and working code". I intend to knock up a prototype of FOREST in a Jetty servlet and post it to GitHub; if that code works, I may get rough consensus...

What a FOREST XHTML/HTTP formalisation would specify: Updated

use of HTTP headers (Etag, Cache-Control, Content-Location, Referer*)
API*: doc builder, XPath body set/get*, callbacks (observed, notified*)

Notes (*):

'Referer' is a possible header for the URIs of dependent resources
the API would be language-independent, but probably Java-like
the XPath 'get' would be extended to jump links from doc to doc
every doc jumped to gets observed
'notified' means being told when the GET returns with the observed state

What a FOREST Java servlet and client library would implement 'under' these specs:

a driver module loader: drivers animate resources through the API
a document cache - in memory and maybe saved to disk or database

Resource animation would either be by the application of business rules driving the API, or by adapting between external state and the API.

Amazing

EA: Wow! That's amazing! Can I help build it?

DC: Of course you can. Know any Java?

Web Objects Ask, They Never Tell | The REST Dialogues

2009-08-13T11:43:00Z

In an exclusive nine-part dialogue with an imaginary eBay Architect, we present an accessible discussion of the REST vs. SOA issue.

Although eBay have what they call a 'REST' interface, it is, in fact, a STREST interface, and only works for a few of the many function calls that they make available via SOAP.

In this dialogue series, I argue the case for eBay to adopt a truly REST approach to their integration API.

Part 9: Web Objects Ask, They Never Tell

eBay Architect: You've pushed a lot of responsibility up to the business logic and away from the distribution technologies - away from the HTTP level.

As I understand it, you only want to use HTTP to implement a distributed Observer Pattern, where clients can become servers?

Duncan Cragg: Indeed. REST can be symmetric when used in integration outside of the Web. Further, these server-clients can have resources that do their own GET-ing, with POST callbacks, in order to Observe other resources. I've given many examples of this style.

eA: So how do you program such a distributed system at the business logic level?

DC: Well you need to be able to easily express that the state of a resource depends on the latest state - the intentions and declarations - of other resources it is Observing.

My vision is that you would express this business logic in a simple, powerful and expressive declarative language.

eA: Hmmm.. Just try getting all declarative on someone who just wants his share prices on time! No-one in business understands such abstract concepts.

DC: Oh no? The favourite programming tool of business is the spreadsheet!

And HTML is a form of declarative programming: imagine if you had to build your DOM from the top using Javascript! Or if you had to set all your styles in Javascript instead of using declarative CSS!

eA: Well I've seen some pretty ghastly examples of those two crafts!

And many failed attempts to allow non-programmers or business analysts to program directly.

DC: True, but that doesn't change the fact that most non-programmers can only think declaratively - they know What they want, but they haven't got much of a clue How to get it.

Business people talk business rules and business data.

eA: We just can't program with them!

DC: Well, perhaps we just haven't found the best discipline of pragmatic formalisms and methodology that will allow those rules to easily become programs.

It's a well-supported claim, though, that declarative programming is simpler, clearer and more productive than imperative.

eA: OK - so how would you actually define these business rules?

DC: You could use a rules engine, or a DSL engine, or even XSLT - if that works for you. There are many ways to transform XML.

eA: How would you do it?

DC: I would like to have an XML rewriting and templating system: "if this XPath or XML template matches Observed XML resource A, this one matches resource B and this one matches myself, rewrite this and that bit of myself with these bits from A and B".

Web Objects Ask, They Never Tell

eA: So you want to go around re-creating huge XML documents all the time?

DC: Who said anything about huge? This is another Web thing that doesn't necessarily apply to us in REST integration: we don't need the equivalent of the giant, monolithic HTML page. We can work in much smaller chunks.

I'd even just call them 'objects' rather than resources. Or 'Web objects', if you like.

They could be little XHTML carriers of Microformats.

eA: I thought we'd given up on distributing fine-grained objects back in the CORBA days?

DC: Ah, but this isn't trying to transparently distribute zillions of method calls in an RPC model.

This is about optimising state transfer. Only send what you need, cache where you can, push when something changes. Separate your data by rate of change, timeliness, cacheability.

eA: So these Web objects don't have any methods? Because that would be RPC when distributed?

DC: Exactly. In REST integration, the Web objects Ask, they never Tell! These Web objects are reactive: Asking for public state, not Telling each other what to do.

eA: You mean the opposite of Tell Don't Ask?

DC: Yes. As an object, you don't Tell another object How to do something, you Ask for What you want by either simply Observing its public state or by it Observing yours, then letting it decide How to evolve by itself. You then watch it and react or interact.

It's the "imperative to declarative inversion": everything is turned upside-down or inside-out when you distribute things this way!

eA: Oh yes, your "inevitable inversion" thing.

DC: Another indication of this inversion from the imperative object-oriented world to the declarative ROA world is how the derided 'train wrecks' of object-orientation now become the essential XPaths of the object Web.

You could say we have no methods, only 'getters', and XPath 'train wrecks' are encouraged!

eA: Doesn't sound too safe to me - it breaks encapsulation, doesn't it?

DC: Well, it's actually safe to dig around, since the data is held in shape by a stable, open, public schema. You're expected to go traversing the tree.

And you get excellent encapsulation since Web objects are total masters of their own destiny: they privately control the evolution of that public state.

You very much retain the value of 'What not How'; in fact, in a much better-defined way since it's fundamentally baked in to the programming model.

Hyperdata as the Engine of Object State

eA: But when you write 'train wrecks' you often end up jumping from object to object. How do your object Web XPaths do that, assuming they want to?

DC: Hyperdata of course! Links to links around the Web. Objects can have their opaque UUIDs or GUID object handles encoded into their URIs. Then objects can be wired up with XHTML links.

eA: So now your XPath transparently jumps these links?!

DC: Actually, yes! That would then allow us to dynamically break up data into more manageable chunks without breaking the XPaths that traverse it.

Also, with this approach, you still get to drill down to data like in transparent URI paths, but you now use XPaths that are properly a part of the content layer, jumping transparently over those opaque inter-object URIs.

eA: Would you use these 'jumping XPaths' in the rewrite rules you said you wanted?

DC: Of course. Either linear XPaths, or XPath-like XML tree templates on the left-hand side of a rewrite rule.

You'd start a template match on yourself, then continue on to match other objects by jumping over links, then on and on from object to object.

eA: So I suppose any such jump to another object means you then need to start Observing it, right?

DC: Exactly. And if hyperlinks are the only way you can find other objects to Observe, it brings us to the following:

Your object's next public state depends only on its current public state and the states of those objects that are visible to it through hyperlinks.

eA: Sounds a bit like the "Hypertext As The Engine Of Application State" constraint of REST.

DC: Exactly! Except now that we're doing REST symmetrically - now that clients can be servers, too - client Application State can have its own URIs!

eA: So you could re-phrase this as the even more intimidating: "Hyperdata As The Engine Of Application Resource State"!

DC: Well - how about just "Hyperdata As The Engine Of Object State"?!

eA: So do I have to wait for this link-jumping XML rewrite engine of yours to express my business logic, in order to get "Hyperdata As The Engine Of Object State"?

DC: No, of course not! Use a nice, dynamic, XML-talking language, like Scala, and follow the same principle, perhaps using a DSL.

eA: Can't you have objects that aren't entirely dependent on others? Like those that represent external state?

DC: Of course. That's normal Web stuff. It's probably best to keep these 'pure': to have either fully-interdependent objects driven by Hyperdata, or fully externally-driven ones.

Class, Extension, Instance and Behaviour

eA: Right, so we've got these little Web-mapped XHTML Microformat objects all linked up and watching each other in an Observer Pattern. This object's state depends on that linked object's state according to rewrite rules or a DSL.

So taking this mapping to objects one last step, I presume object 'class' maps onto an XML schema, XHTML Microformat specification or other content type?

DC: Yes. A public grammar in some form. Domain or business classes only, of course, not low-level classes.

eA: So, does each standard Web object class or type have a standard set of rules guiding its evolution or behaviour?

DC: Yes. If you see something and recognise its type, you can attempt to interact with it according to its public specification, and it should, but needn't, react.

The public specification can define the expected behaviour in the RFC language of MUST and SHOULD, like AtomPub. Or it can define it in rewrite rules!

eA: So then, how do I add my own business rules to a content type or 'class', if its behaviour is standardised and meant to be stable and predictable?

DC: There are two ways you can make use of a generic standard, and both are forms of layering or abstraction:

You can 'mash up' standard component instances with declarative configuration - just using them as they are for your domain.

Alternatively, you can extend or subclass their standard structures and behaviour to become themselves more domain-specific. For example, rules can be overridden or their right-hand sides merged.

Again, think of how AtomPub can be used in any domain that looks like time-ordered lists of content; and how you can extend AtomPub without breaking unextended clients or servers.

The REST Observer Pattern

eA: I think you need a memorable name for your symmetric-REST, "Hyperdata As The Engine Of Object State" architectural style!

DC: How about the "REST Observer Pattern"?

eA: But a Pattern has to be a retro-fit to existing behaviour, and "REST Observer" is quite new.

DC: I mean REST .. [DC does double bunnie ears] "Observer Pattern"!

eA: Have you got any worked examples of the REST Observer Pattern?

DC: Will have soon...

Coming soon: Worked examples of the REST Observer Pattern.

Note that the opinions of our imaginary eBay Architect don't necessarily represent or reflect in any way the official opinions of eBay or the opinions of anyone at eBay.

Indeed, I can't guarantee that the opinions of our real blogger necessarily represent or reflect in any way the official opinions of Roy Fielding...

WS-Are-You-Sure | The REST Dialogues

2009-07-16T16:16:00Z

In an exclusive nine-part dialogue with an imaginary eBay Architect, we present an accessible discussion of the REST vs. SOA issue.

Although eBay have what they call a 'REST' interface, it is, in fact, a STREST interface, and only works for a few of the many function calls that they make available via SOAP.

In this dialogue series, I argue the case for eBay to adopt a truly REST approach to their integration API.

Part 8: WS-Are-You-Sure (Security, Reliable Messaging and Transactions)

Duncan Cragg: So, back to your list of Enterprise functions. We're on to what I'm going to call the 'WS-Are-You-Sure': Security, Reliable Messaging and Transactions.

Let's attack these Starting with the Web!

eBay Architect: We could start with Security: authentication, authorisation and encryption. For example, you have to keep some information secret on eBay. Like Invoices, Offer details. Reserve price on an Item. And you have to ensure only the owners of data can change it.

DC: The simplest pattern for read security is to use HTTP Basic Authentication over TLS - following HTTPS. Simple, but well-supported and usually good enough.

But with HTTPS you lose some of the benefits of using intermediaries, such as cacheing. If those intermediaries are untrustworthy, then you can use message-level rather than transport-level security: encrypt the resource state being transferred.

eA: Can't I use WS-Security for this?

DC: Possibly(PDF)! However, the benefits of cacheing may be lost in the time taken to package and unpackage each resource in turn. You may prefer a more lightweight approach as suggested in the Atom and AtomPub specs.

eA: How does REST handle authorisation: such as read and write permissions?

DC: As I keep saying, REST is about much more than simple data read/write services. In REST we don't have the generic concept of authorisation on a specific process execution, such as a command that could cause state change.

REST infrastructure is about state transfer, which is thus really only about 'read permissions'.

Everything else is business logic: it's up to the target resource to manage its reaction to incoming non-GETs and to decide if or how it should change in response, according to internal integrity constraints and the identity of the source. Resources are masters of their own destiny and must be aware of the identity of interacting parties at that level.

eA: What can you do to secure the infrastructure level below the business logic?

DC: The department managing the infrastructure can see data going either out (GET) or in (POST), and can see the target URIs. They can thus do both server- (URI) and client- (request header) based security and partitioning.

For read permission, it's possible to implement a low-level lookup from the identity in the request header to whatever URIs they can GET. They can enforce simple rules at that level like 'only GETs are allowed on these URIs unless the client is in this list'. They can groom more and less sensitive traffic to different servers.

eA: Any more Security advice?

DC: Paul Prescod has written some notes on REST security.

Finally, remember to keep sensitive data out of those highly-propagatable unencrypted URIs by using POST instead of GET when submitting queries; another reason to use URIs that are literally opaque, not just treated as opaque operationally.

Reliable Messaging

eA: Another of the WS-* specifications deals with Reliable Messaging. How does REST give me the assurances I need that an important message - such as a new Offer on an Item or a ResponseToBestOffer, or an Invoice - will be delivered? In the right order? I can't just rely on POST, as you suggested before, if I really care about this.

DC: In REST, there are no command messages that have to make it through. There's only state that may or may not need to be reliably transferred - or that may or may not need to be notified in a timely manner.

In the eBay example, as I described it before, "if you keep re-POSTing the same Invoice, or Item or Offer, it only gets created once".

eA: Ah! Define 'same'!

DC: If, as in this eBay example, the successful POST creates a server-side copy with its own new URI, then the Item, Invoice, etc, must have some uniquely identifying information on it. It could perhaps have a Message-ID header or get cheap, unique URIs minted for it from the server in advance. Alternatively, when the POSTed resource already has a URI itself on the 'client', then it's obviously the same each time it's POSTed.

When used as state notification, POST must be idempotent; repeatable.

So if the initial POST fails, just keep POSTing until you can see the appropriate response, whatever that may be in business terms. On the pull or poll side, keep GETing until you see what you expect.

eA: So that's another issue you're side-stepping by dumping it into the business logic?!

DC: Only the business logic knows the following things: what signifies receipt of the notification; if it matters that the state didn't get through; how frequently to push or poll; whether it matters that state is out of date and by how much; and when to give up and tell someone.

Set the push or pull frequency and total number according to the business logic's view of the importance of that state transfer. Set cache control according to your domain's tolerance of stale data.

It's just like in real life: if something I sent doesn't get a response - in a form that is completely dependent on the type of recipient - then, after a time - which is also completely dependent on the type of recipient - I'll chase it up.

eA: Can't REST give any support here at all?

DC: Well, it would be easy enough to write a REST support library that implemented a simple API for specifying your constraints on a successful state transfer.

Transactions

eA: Now, when you're a site like eBay, dealing with money all the time, you need the assurance that transactions give you. You need to make sure accounts are always consistent. But I suppose, like before, you're going to tell me that it'll all be fine in the end, right?

DC: Hold on. Let's not mix up financial transactions and database transactions! We'll first talk about the need for atomic units of work. Then see how to support financial transaction business logic.

Also, we're talking about units of work in public view, not hidden behind resources. Inside, it's up to a resource to ensure that its integrity and consistency are maintained through its interactions with others, and it's free to use transactions to achieve that internally if it wants, without exposing that to its clients.

eA: OK - so now say that it'll all be fine in the end!

DC: In a distributed system, you have to decide on what to give up out of Consistency, Availability and Partition Tolerance.

I have to say that eBay are actually fully clued here: that was a paper about 'BASE' by Dan Pritchett, Technical Fellow at eBay, in which he discusses the benefits of Eventual Consistency - i.e., knowing that it'll all be fine in the end! Especially if you tidy things up eventually.

eA: Gah! Ya got me there!

DC: Essentially, the rule of thumb is, use ACID internally, use BASE externally.

We're back to the inevitable inversion from internal imperative thinking to external declarative thinking.

As an imperative programmer you're inclined to want to take your internal programming style out into the distributed world - to think single-thread, central control: 'begin - do work - commit'.

But the importance of Availability and Partition Tolerance in distributed systems usually outweighs the importance of Consistency, leading the wise architect to a more relaxed, less imperative, more declarative approach.

eA: Such as REST.

DC: Indeed. REST without transaction support.

REST isn't a database model: in the same way REST doesn't imply simple read/write services, it also doesn't imply inert data that needs locking. And resources in REST should model active domain data, not low-level, domain-independent transaction paraphenalia.

eA: How does REST without transactions work, BASE-ically, then?

DC: A handy phrase that sums it up is intention puts the system in tension.

You start by declaring your intention that some state be true, which puts the system in tension - a tension that can only be resolved by the application of business logic constraints over each player in parallel, until the whole system settles or resolves into a new, consistent state.

eA: Examples, please!

DC: Think about how you'd do the classic transfer of funds between accounts, in the real world of loosely interacting, self-determined parties. Say inside a big company before computers came along, between an office that handles one account and an office that handles the other.

Your key resource is a signed declaration (the intention) by the payer that they are happy to have funds passed to the payee. As long as this fact doesn't appear in one account or the other, you have work to do (there is tension in the business rules).

eA: You've got to run around real quick with a piece of paper.

DC: It doesn't even need to happen all at the same time: you can visit one office, check the funds are available and deduct the amount, then wander over to the other office and tell them to increase the payee's balance. If you get waylaid and the auditors come, there is always the signed declaration and the account history available to resolve the situation.

You can enforce the constraint that no money appears to be in two places with the business rule that the payee account is only increased if the payer's account has an entry corresponding to the signed declaration.

eA: Mmm. Sounds a bit too loosely coupled to me.

DC: It's life outside of Central Control.

Consider hotel and flight booking: you don't lock the hotel and the flight while telling them all in a two-phase commit what your itinerary will be. You do 'optimistic locking' with compensation: if things don't work out, you cancel a booking. A system may tell you something is available, but when it comes to booking it may have just been taken.

The real, distributed, reactive world doesn't work in a lock-step fashion, so our distributed, reactive systems don't need to work that way to model it. Reality is much more like optimistic locking with the possibility of compensation or merge on conflict that, again, can only be defined at the business level.

eA: Why not do your optimistic locking below that? HTTP has support for it, right?

DC: In the same way that REST can support read permissions but is at the wrong level for write permissions, which are a business level concern, there is an asymmetry in read versioning versus write versioning.

While using Etags is great for optimising the reading and cacheing of data, I wouldn't use them in the optimistic locking pattern for writes that is supported by HTTP. The proper place for handling a mismatch of versions in an interaction is not in the HTTP headers.

REST should be about state declaration and intention, not absolute write commands. Only the business logic governing the evolution of a resource knows if, for example, it can go ahead and respond anyway to an edit request, even though it's possible that the sender has an out-of-date copy of it.

In Part 9: Web Objects Ask, They Never Tell

Note that the opinions of our imaginary eBay Architect don't necessarily represent or reflect in any way the official opinions of eBay or the opinions of anyone at eBay.

Indeed, I can't guarantee that the opinions of our real blogger necessarily represent or reflect in any way the official opinions of Roy Fielding...

Business Conversations | The REST Dialogues

2008-12-11T11:45:00Z

In an exclusive nine-part dialogue with an imaginary eBay Architect, we present an accessible discussion of the REST vs. SOA issue.

Although eBay have what they call a 'REST' interface, it is, in fact, a STREST interface, and only works for a few of the many function calls that they make available via SOAP.

In this dialogue series, I argue the case for eBay to adopt a truly REST approach to their integration API.

Part 7: Business Conversations

eBay Architect: Now, I have a few more questions about the areas where REST is generally considered to be weaker than SOA. I'll start with a big list, then we can go through each one.

Duncan Cragg: OK, go ahead!

eA: Right - it's basically the list of techniques you need to architect complex distributed applications: Service Discovery, Service Description, Client/Server Session State, Business Process Coordination, Workflow, Orchestration, Choreography; Security, Reliable Messaging and Transactions.

DC: Phew! Well, some of these beg the question; by assuming you need them, you end up concluding that you need SOA!

Also, seeing WS-standards for these things, some people think that SOA has them covered and that their work is done. But you still have to design and architect your system on top of these standards, to meet the business need.

In REST or ROA, we're talking about a different way of seeing distributed systems that requires a break from Service- (and even Object-) Oriented thinking and an embrace of Resource-Oriented thinking.

eA: So what's the REST way of approaching my list?

DC: Do things the REST way and there are three possibilities: (a) that it's easy to implement these functions in REST; (b) that you don't need these things anyway, or (c) that it's already your job to do them as an application architect; it's part of your business process, so you do work that you needed to do anyway in SOA, but do it in a simpler and more powerful way.

eA: Already my job?

DC: It's your job while you're designing your resource interactions at the application level: the resource-type or business level. Or maybe while you're making use of some existing resource types and 'resource-animating' code that does your business logic for you. Having WS-* only clouds and complicates this task.

eA: You've just hand-waved away a billion-dollar standardisation and tooling industry!

DC: Standards and tools are essential - we need them. But simple standards and tools are best. HTTP, URI, XML and standard schemas are perfectly good enough standards to get started with, guided by the REST or ROA mind-set.

I'll grant that we do need some extra help to support RESTful resource interaction in our domains and applications. I would like a few more standards and tools, over and above HTTP and XML, to help me build these complex distributed applications. Some help configuring and programming the way an application's resources interact at a business level.

eA: What exact support would you like for REST integration?

DC: We would benefit from standards, tools and frameworks that help define resource URIs, mapping to GETable and POSTable URIs, easy cache control, easy support for various response codes, HTTP Auth-based and URI-based identity, inter-resource links, collections, content types, Microformat support, useful schemas, structures, sets of simple default behaviours, APP libraries, business rule engines, etc.

It is still early days for the adoption of REST - an adoption that's undoubtedly been slowed by the industry's obsession with SOA. We do have Restlet and the JSR 311 work, as well as some help from Microsoft in WCF and the ADO.NET Data Services Framework, but there is still much more that could be done.

eA: Indeed. There's lots of work to do to catch up with all the SOA standards, tools and frameworks!

DC: I really don't want ROA to compete with SOA in bureaucracy and vendor in-fighting! But REST needs much less than SOA. Some things are simply part of REST: you discover stuff by following links; you know what something can do for you because of its content type or schema - we went over this sort of thing before.

Service Discovery and Description

eA: So, following links and seeing content types cover REST 'Service Discovery' and 'Service Description'?

DC: Yes. When you start thinking in terms of resources not actions, it all becomes much clearer:

In real life you might walk up the street, ask someone where the nearest shoe shop is or consult a directory, then see a likely shop, decide it may have what you want, then go in to investigate. Inside, you may consult more directories or just wander around. You see the cues around you (shoes on offer, checkout desk), and act or react accordingly.

You engage at a chosen level of understanding: there is a generic concept of street layout, then generic shop and shop assistant understanding, then an understanding of how to view and interact in shoe shops in particular.

eA: And in 'virtual life'?

DC: The Web is exactly the same: you explore through links or by asking a search engine, see what you want, enter the online shop, follow the cues, etc. It's no accident that the cyberspace metaphor is often applied to the flat, 2D Web.

eA: And in REST integration?

DC: In REST integration, the metaphor can be extended for machine interaction: get a list of items by direct reference or by query, go through them finding something that matches, interact according to standard business types and follow links between business resources.

eA: So no service contracts for you, then, just exploring and hoping for the best. Sounds a bit sloppy!

DC: You can do anything with anything in computing, it's just a matter of what metaphor is the most powerful or expressive.

You can design your 'machine cyberspace' to include contracts if that's what you need, just like in real life, and just like we went over with the eBay/gBay example.

But in general - especially when building distributed systems - it's best to start with loose arrangements and established conventions; adding constraints, contracts and Central Control only where absolutely necessary. Ensure central control only over schemas.

Make your Enterprise 'mashable' and everyone will thank you. Expose the UUIDs and GUIDs of your data in URLs. Transform and enrich your data within standard content types. Link it all up with your own data and data from elsewhere. Allow two-way interaction. Then publish it for future generations to discover and re-use!

Client State and Sessions

eA: Right, now how do you model complex state transitions, state evolution and conversations within a changing context, in a supposedly stateless architecture?

DC: There's a common misunderstanding about REST that its statelessness should extend above the protocol (e.g., HTTP) into the application. On the contrary - once above HTTP and into a Resource-Oriented application, it's all about state - as long as that state has a URI!

All the stateless requirement is saying in practical terms is that each HTTP request and response exchange is a one-off as far as HTTP is concerned. It means that you don't need to tie successive exchanges together at the protocol level, which makes implementing HTTP easier. HTTP just wants a URI to be a URI, and the content there to be manageable via headers; and HTTP doesn't and shouldn't introspect either the URI or the content.

eA: So where do you keep the conversation state, then?

DC: Above HTTP in the world of URI-tagged state. You can have an ongoing 'conversation' between a client and a server resource - as long as those resources are linkable and fetchable.

You don't need sessions below the resource level; below the business level. If your application truly demands the concept of a sequence of interactions with a start point and an end point, then go ahead and implement it - at the application or domain level, not at the framework level.

Most applications can use ad hoc, asynchronous interactions, where the client identifies itself each time with Authorization headers.

eA: Can each client machine have assigned to it dedicated server resources as part of this conversation, sort of like an explicit session state?

DC: Yes. Cacheability and linkability are clearly affected, but if it truly makes sense in your domain model to have client-specific resources, then just do it - by definition their scalability and findability is limited to that client! The client can still cache its own view, as in a browser, and even intermediate proxies can, although it's of benefit to only one client.

eA: Presumably it's a bad idea to put client state in a Cookie header?

DC: Yup: it's not got a URI, so its state is hidden. Put it on a URI in a server.

Hidden state is a red flag.

You know you're on the right track as long as you are exposing your statefulness in URIs. It should always be obvious where things stand from inspecting public state alone, to know what is possible and what will happen next.

If you find yourself hiding state in sessions and cookies, or returning different data dedicated to that client from the same URI by setting no-cache, or if you tie up successive interactions through sessions, you are going down the wrong track.

eA: Are cookies always bad?

DC: A Cookie header should be used only to identify the client, not a session. You'd probably use the Authorization header in REST integration anyway. Just use Cookie headers along with an auth scheme if you need a more elaborate, perhaps multi-layered or proxied, authentication system.

eA: What about the Vary response header and its use with Authorization or Cookie request headers?

DC: Mechanically, from the cache perspective, adding Vary on client-identifying headers like these is the same as using per-client URIs; setting the Vary header to allow the URI to be cached on a per-client basis is a hidden way of effectively adding the identifying data from the Authorization or Cookie header to the URI itself.

Actual per-client resources are explicit; these Vary'd resources are implicit. You choose which to use at the application level based on the importance of the resources being identified in your domain model. Either way, the identity of the requestor can be used to determine read permissions.

The explicit way means you can pass links to your personal resources to others, modulo read permissions. A client may or may not be able to or want to pass the link to its dedicated resources to other players - it probably isn't a link they want anyway - but they can still pass around general jumping-off links, that make sense for other recipients.

eA: To be honest, I just don't like the idea of the server saving and distributing a ton of this client-specific resource data!

DC: There are two answers to this: firstly, now that we're using REST for business data integration, not generating entire pages of HTML, the chunks of data can have much finer grain. The actual amount of client-specific data can be much smaller! You can cache and share links to all the generic chunks, and only transfer small amounts of less cacheable and linkable per-client data.

Secondly, our clients in REST integration are also often servers, so can in fact expose their own state. We may be better off just putting those client-specific resources on the client itself, to get around this whole issue. The client isn't a browser any more!

We're back to the symmetric Distributed Observer Pattern.

Business Processes

eA: OK, now what about Business Process Coordination, Workflow, Orchestration and Choreography in that sloppy cyberspace of yours?

DC: We've already discussed the auction business process, both single-site and cross-site, which was quite a good example that covers a number of business activities.

Another good feature of REST is the way it naturally maps onto declarative business rules. When you switch from process-thinking to resource-thinking, you also switch from imperative thinking to declarative. This manifests as inter-resource dependency and transformation.

eA: Eh?

DC: A spreadsheet is an example of this style, where you declare the way cells depend on each other and then let the hidden magic take care of satisfying your constraints. We've discussed this style of programming before.

Again, tools will be essential to help with this. Managing and testing event-driven business rules over shared and distributed state is somewhat new territory, even to most REST integrators!

eA: Business Processes and Business Rules seem like different things to me.

DC: Well, as we saw, the business process of an auction can emerge from the local application of business rules. The thing is to let go of the myth that you benefit from specifying and controlling some over-arching vision of your business processes - that it makes sense to centralise control of what actually works best when delegated and decentralised.

Just write the local What, not the global How, and let the process emerge!

eA: Might be a hard sell to control freaks.

DC: Yeah, true enough. But it more closely maps onto the reality of the way businesses operate and interoperate. It's more about the actual peer-to-peer business interactions and visible state evolution, and less about central controllers that know the intimate, inscrutable details of the Web Services involved.

Instead of coordinating the import and export of data from one hand-coded interface to another, you can just link it all up and expect everyone to dereference and recognise your data. Instead of coordinating sessions with implicit state, you can just react to standard, public data types.

In Part 8: WS-Are-You-Sure (Security, Reliable Messaging and Transactions).

Note that the opinions of our imaginary eBay Architect don't necessarily represent or reflect in any way the official opinions of eBay or the opinions of anyone at eBay.

Indeed, I can't guarantee that the opinions of our real blogger necessarily represent or reflect in any way the official opinions of Roy Fielding...

Content-Types and URIs | The REST Dialogues

2008-02-16T23:44:00Z

In an exclusive nine-part dialogue with an imaginary eBay Architect, we present an accessible discussion of the REST vs. SOA issue.

Although eBay have what they call a 'REST' interface, it is, in fact, a STREST interface, and only works for a few of the many function calls that they make available via SOAP (GetSearchResults, GetItem, GetCategoryListings, etc).

In this dialogue series, I argue the case for eBay to adopt a truly REST approach to their integration API.

Part 6: Content-Types and URIs

eBay Architect: OK, enough fancy REST or ROA interaction patterns! Let's get back to REST basics.

Duncan Cragg: That'll be content types and URIs, then.

eA: OK - I've a question about your standard content types. In particular, about Microformats.

DC: Go on.

eA: You keep on mentioning Microformats when offering examples of content type standardisation. But Microformats are always embedded into HTML (or, preferably XHTML).

Are you suggesting somehow taking them out and using them separately? Or do we have to always use them through a, possibly inappropriate, document model schema?

DC: Microformats currently 'tunnel' through mechanisms in XHTML such as the class attribute. They themselves have distinct model schemas, that ride on the document model schema.

eA: So can you use them apart from HTML?

DC: No, not really, although you can carry a single Microformat in a single document carrier, then squeeze out any document model content that isn't supporting the Microformat, perhaps leaving enough that it still renders sensibly in a browser if anyone looks.

The Microformats people won't like you doing it, I'm quite sure, but if you and I want to exchange a pure hCard, hCalendar, hResume or hReview, and nothing else, then we can use the minimal document model carrier, and have just one Microformat per resource.

eA: But why not use the original data schema, before it was Microformatted? Why not just use vCard and vCalendar?

DC: Or use Atom instead of hAtom! Of course, if vCard has an XML representation, you could use that - as long as the constituency of your clients is the right one and is big enough. There may be more code out there that 'gets' hCard than an XML vCard. And some Microformats - such as hResume and hReview - don't have an original schema and are based on abstracting from common or prior behaviour.

This is REST integration we're talking about, where data, not documents, are native, and we aim to search out the most popular and most widely understood data schemas - even if carried over documents - to maximise interoperability.

eA: OK, that seems fine. Although I'd point out that REST doesn't have the monopoly on interoperability. SOA does that too.

DC: Interoperability is best acheived by sharing millions of URIs dereferencing to a handful of standard content types, with interlinks across the Web of resources. ROAs (Resource-Oriented Architectures) do that. SOA doesn't.

eA: REST APIs don't always have to do it. In the previous example you went through, eBay and gBay could offer REST interfaces but not talk the same schemas and not allow cross-linking in the way you described. Or talk the same schemas but not recognise each other's Items and Offers.

DC: That would be walled-garden, silo-thinking. It's also 'API' thinking. Just opening up a port to your application, even one with correct use of GET and POST on well-organised domain URIs, isn't in the spirit of REST, and certainly isn't good enough for REST integration.

In REST we always aim to adopt the same schemas, to aim explicitly for interoperability. And linking between those resources, even cross-site, is fundamental to the REST way of thinking. If someone offers you a 'REST API' that uses unnecessary proprietary schemas that miss obvious interlinking opportunities, especially across to other sites, run away!

eA: Are there any real-world examples?

DC: A good, and ironic, example of this is Google's Open Social, at least in its earlier releases, which fails to achieve true cross-site openness even with a 'REST API' and shared schemas, because sites don't cross-link or actually allow data sharing. Also, the schemas are a strange extension of Atom, rather than using, for example, vCard as the basis for 'People Data'.

This hopefully will be fixed as the 'REST API' evolves and with the work going on in groups such as DataPortability, with agreement from the major operators.

eA: So much for the interoperability of that REST interface.

DC: The heart of good REST interoperability is the acceptance of standardised data at a 'foreign' URI, and the re-publishing of that foreign URI in your own standardised resources. It happens on the Web all the time, of course. We just need to copy the model for REST integration.

Hypermedia and (more importantly, here) 'hyperdata' is baked into REST, but is an afterthought in SOA. ROAs create an interlinked hyperdata landscape across sites and domains. I'm using 'hyperdata' here in the sense of interlinked data resources in REST integration, by analogy with hypermedia, not in its Semantic Web sense.

eA: Ah! But how do your little pure Microformat resources link up into this hyperdata landscape? Microformats can't link to each other, can they?

DC: It's true you may have to go and get involved in the Microformats movement in order to help define how to link an hCalendar event to a list of hCards of people attending. Or the hCard of a company to a list of hCards of its board members. Or an hReview to the hCalendar event being reviewed and the hCard of its author. Or to include the XFN list of links to friends' hCards inside a person's own hCard.

One indication that there's something not ideal in Microformats is the fact that you have to write someone's hCard out again and again for every page or site they appear on. If you could just link to a single hCard for that person it would be more efficient.

eA: But Microformats have a narrow charter: to decorate the document model with semantics. Any links are just part of the hypertext Web. It sounds like you're trying to make some kind of domain model out of them, with their own interlinks!

DC: Yup. When you start to think the data of REST integration, the document carrier of Microformats and it's often superfluous links can be a distraction. If the document links are relevant to the Microformat, of if people would use links within the Microformat if they were told what value it has, it would be worth pulling them out into the Microformat definition itself. Then enhancing in-browser Microformat parsers to follow links will greatly enhance their utility.

All you have to do is find real-world examples, and propose it on the Microformat lists! Meantime, reuse the schemas and keep all your extensions public and backwards-compatible.

eA: What about all those 'rel-' decorations? You know, rel-tag, XFN, etc.

DC: Well, hAtom is the only Microformat that specifies nested rel-links: rel-tag, rel-bookmark and rel-enclosure. Otherwise, each Microformat is independent, and the rel-links are independent. Like I said, it may be worth going to the Microformat community and suggesting more such rel-links beyond hAtom.

URI Opacity

eA: So this RESTful data landscape of data wired up with URIs: it sounds a bit hard-wired: where do URIs as queries (and URI templates) fit into that tight mesh?

DC: URI templates fall into exactly the same category as standardised content types and schemas in terms of their level of abstraction and location in the stack. In other words, the right thing to do, if it's transparent URIs you want, is to standardise search URI templates across sites of a type.

eA: This is getting complicated. It's hard enough to get agreement on the content types of resources, never mind on URI formats as well!

DC: Indeed, and in fact, I believe that URIs should be opaque: they already are to HTTP, but also in our data landscape, a URI should point to a single, predictable resource.

The mechanism of querying that dataspace should be separated out from the mechanism of linking it up.

eA: A bit like GUIDs?

DC: Exactly. In Enterprise applications, you often see GUIDs (globally unique ids) being used, and never see them mixed up with search strings!

Transparent, query or template URIs are either used to be helpful or decorative, or are an acceptable optimisation, as long as you know that it's tunnelling through or hijacking the URI for a quick query string.

eA: Tunnelling? Hijacking? You've dismissed a long-standing convention, in the Web at least! How else do you do query fetches?

DC: A better solution is the query-POST-redirect pattern: the client POSTs their query, then the server redirects them to a linkable results resource on an opaque URI.

The POST query schema can then be properly standardised in a content type, or 'templated' in the REST integration equivalent of an HTML form.

It's an extra round trip, but only one IP packet in each direction; a redirect or a GET can fit into a single IP packet - the cost is only in the connection latency.

eA: Why not just return the state of the resource you're redirecting to in the body of the redirect, to save even this round-trip?

DC: Yes, you could do that. It's not something seen in the hypermedia Web as far as I know, but this is REST integration, where we're able to come up with new sub-protocols like this - where HTTP response codes are often given much thought.

Further, the server can offer the option to snapshot this results resource, so that it's still exactly the same whenever the link is dereferenced - something you can't do with a query URI.

eA: What would Tim Berners-Lee say about this? Is it in the spirit or letter of his vision for how HTTP and URIs should be used?

DC: I've no idea! However, in my opinion, when Tim didn't separate the concepts of a globally unique identifier returning exactly one resource from a query string returning maybe none, one or many resources (in a list), he started a good deal of unnecessary confusion, even if non-fatal in practical terms.

The phrase 'hackable URIs' sums up the situation. We may have been forced into creating slightly better user interfaces if the URI textbox were taken away from browsers.

Make your interface your content and have good search and information architecture to allow your (opaque) links to be discovered. If you know that human users - or search engines - will be interested in reading some links at the top of your information architecture, then go ahead and use just a few simple, meaningful addresses.

eA: You're venturing into controversy again! I'm sure I keep reading about designing nice URLs being good practice.

DC: There was a time when transparent URLs were considered important, but now everyone just uses Google! All the energy that's put into URL good manners and systems of URI templating and naming is just a distraction from the bigger effort of standardising content and defining schemas.

Opaque URIs keep content in the body where it can be given a Content-Type, instead of the headers - the URL line.

This is related to my preference to put 'write methods' such as PUT and DELETE into the body instead of the URL line.

eA: How exactly?

DC: The URL line should have a definite target - an opaque, globally-unique URI - and a content transfer direction - GET or POST.

The rest of the application-level interaction, including anything that will affect state and any searching and querying, should be in transferred bodies with standardised content types.

In Part 7: Business Conversations.

Note that the opinions of our imaginary eBay Architect don't necessarily represent or reflect in any way the official opinions of eBay or the opinions of anyone at eBay.

Indeed, I can't guarantee that the opinions of our real blogger necessarily represent or reflect in any way the official opinions of Roy Fielding...

The Distributed Observer Pattern | The REST Dialogues

2007-06-20T22:42:00Z

In an exclusive nine-part dialogue with an imaginary eBay Architect, we present an accessible discussion of the REST vs. SOA issue.

In this dialogue series, I argue the case for eBay to adopt a truly REST approach to their integration API.

Part 5: The Distributed Observer Pattern

eBay Architect: So, can you summarise your argument that 'REST isn't just about reading and writing data', and explain your view on RESTful business logic?

Duncan Cragg: OK. The whole collection of related resources determines where things stand at any given time.

Resources are masters of their own destiny - guided by rules declared in the standard to which their content type conforms.

These rules, or business logic, run on notification of any declarations of the state of peer resources, or on arrival of any state via POST. Such peer states and POSTs are not commands, although it is possible to go ahead and define a special command or edit command content type.

The rules aim to satisfy the business or domain constraints on the mutual states of these resources - updating and creating resources accordingly and causing appropriate side-effects outside the server, such as financial transactions and emails.

These transformations are state driven. Even though the 'tension' in unresolved rules may be detected by events, that tension exists, not in those events as such, but in resource state.

eA: That sounds like a core difference to SOA.

DC: Indeed. It's a Resource-Oriented Architecture. And ROAs are declarative, not imperative like SOAs.

We have a world of resources declaring their current state, and resources settling into new states depending on the current state of related resources. These state changes can be driven by hard-coded resource animation logic, or by simpler, clearer, more scalable, declarative state transformation rules.

eA: Remind me of those patterns for notifying state change.

DC: Resource states are either polled via GET or actively notified via POST. Such actively POSTed state could be from a resource that also happens to be GETable, could be simply a link to such a resource, or could cause such a GETable resource to be created on the target server. Alternatively, the POSTed state could be considered too transient to record in a GETable resource, but can still trigger transformation in its target resource.

The above eBay examples used the pattern of 'server creates GETable copy of POSTed resource', and also 'second server hosts GETable copy of POST-notified resource'.

What I have described is a general programming model because, in general, such simple, declarative, transformational mechanisms are Turing Complete.

eA: I'm sure it's a novel perspective - even to RESTians! Again, do you have any high-level RESTian support for this?

DC: Any web resource that is a derivative of, or is dependent on, one or more other resources is using this approach.

Like I said before, there is an example of a similar approach by Joe Gregorio on his 'Well-Formed Web' site for alerting resources to peer resources of mutual interest.

Every time you would POST some data, consider making that data GETable and POST its URI instead, as a notification of the data existing.

eA: GETable POST data? You sure that's REST-compliant?

DC: In REST integration, things become more symmetric than in the client-server Web, or rather, the 'client-resource' Web. We can start to talk about the 'resource-resource' Web!

But anyway, we're already halfway to the symmetric resource-resource Web when we POST - not to a service, but to a URI. Resources can already both issue and receive state, which is a pretty symmetric state of affairs.

eA: I never thought of it that way - I keep forgetting that you can POST right back to a resource you just fetched.

DC: But think one step on: the POSTed data has a Content-Type but no URI!

Why not close the loop and have this POSTed data be a first-class resource (with a URI) that POSTs itself to the target. And it can itself GET that target or be POSTed to by that target in return.

That really is a Resource-Oriented Architecture. Once resources are seen as equal and active participants in RESTful integration, it becomes irrelevant whether their state is transferred by GET or by POST.

eA: I'm still having trouble with this pattern of POST just being a pro-active GET.

DC: Making POSTed data GETable more correctly moves the responsibility to the target resource to fetch the incoming resource state when its ready (rather than being bombarded by state it hasn't asked for).

Once the target is interested, updates can be POSTed directly as they happen, to prevent the target polling, or notification of an updated URI POSTed to trigger the target to re-GET the changed resource when it wants (thereby updating the caches).

eA: Hmm - makes clients look like servers..

DC: Since our 'clients' in REST integration are also 'servers' in other contexts, it is easier to set up client-side resources than on the browser-based Web. One objection to cookies on the Web is that they are state or resource that has no URI. So give your 'client' state a URI! And put any client-specific server resources on your own 'client' host.

eA: Is anyone doing this sort of thing?

DC: Well, in fact there are many examples of this POST-notification of a GETable resource already happening between web sites. Like submitting a link to your site to an indexing engine and letting it crawl (or poll) it.

Trackback pings are another example: POST a URI along with a sample of your page. And the Microformat rel-tag adds your article to Technorati's tag index when you ping their servers with the URI of the article.

Further, imagine POSTing to some new site a link to your hCard on your own server, to save you having to type your name and address again. And you'd never need to manually update sites when your address changes: just ping 'em all.

eA: Ah - but I thought all URIs should be GETable. The ping URI you're POSTing to in these examples isn't always one that you can also GET!

DC: Indeed - so think how much more powerful it would be if we did close the loop and provide or create a GETable resource to POST these notifications to.

For example, imagine a page containing an hCalendar event. Now point to it with a rel="attending" link. When the hCalendar discovers your intention (using a direct POST ping of your page's URI to the hCalendar page's URI - or perhaps through the referrer trick from people clicking through), it adds your referring page to a list of attendees inside the hCalendar. The hCalendar could either contain lists of backlinks to the attendee's pages, which may in turn carry hCards, or it could contain lists of complete hCards copied over.

eA: Sounds like a good use of Microformats.

DC: These examples make crawling and polling (even with If-Modified-Since et al) look like a clumsy version of the more proactive POST.

Web Feeds and general publish-subscribe are further examples where POST may be used to notify changes on a resource - giving the feed consumer first-class resource status with their own URI.

eA: I'd never think of using HTTP in this way.

DC: Obviously this only applies where the feed consumer is a visible and POSTable server and where timeliness is crucial. And probably where the number of subscribers is relatively small, unless asynchronous I/O and an event-driven architecture are employed, and you don't wait for the response to each POST.

This isn't done now simply because of the asymmetry of the current Web, an asymmetry which we are free of in REST integration.

eA: What about all those REST rules about idempotent and unsafe methods?

DC: We're not mixing GET and POST in that sense, just turning the tables on the asymmetric Web. GET is still cacheable, and we can POST a link to cause a cached GET.

I believe this is a more-constrained REST style, not disjoint to REST. It is at least an ROA! It may fall foul of REST's client-server constraint, since we're now in server-server territory with integration applications. Also, the concept of 'Hypertext as the Engine of Application State' is something that may take some refitting to the mutual state dependency model. However, I believe it's most important to focus on maintaining the benefits of REST and its key elements of standard content types at URIs.

I call this symmetric REST integration style the 'Distributed Observer Pattern'.

eA: Quickly summarise the 'Distributed Observer Pattern'.

DC: OK, the Distributed Observer Pattern is 'symmetric REST'. A resource subscribes to a peer resource via a GET that supplies its own URI, and is notified of subsequent state changes in that resource through a POST back.

eA: That was too quick. Tell me the details!

DC: OK, here are four. First, a POST can be either the whole new state or the fact of the change, allowing the subscriber to GET the resource when it's ready (and thereby fill any caches).

Secondly, you can use either the Referer header or perhaps the Content-Location header in POST and GET requests to indicate the origin POSTer or GETter URI. Alternatively, you can send this origin resource URI using the Cookie header, echoing its use in the normal browser client-server case to identify the pseudo-resource of a browser user.

POSTed state notifications may be unsolicited by a prior GET subscription, when the POST target is clearly open to them (as in the ping notification examples). These can be seen as 'subscribe to anyone', and may be combined with a corresponding 'GET anyone' crawling process, without explicit subscription.

Finally, POST notifications may be targetted to single resources to ask them to update: the Distributed Observer Pattern way of achieving the client-server editing function. These now become 'edit suggestions' of the POSTer resource - putting the target back in control of its own destiny and integrity.

eA: And why should I use the Distributed Observer Pattern?

DC: The Distributed Observer Pattern supports the programming model of inter-dependent resources whose own state is a function of their peers' state, driven by declarative rules. It's a very general ROA programming model.

In Part 6: Content-Types and URIs.

Note that the opinions of our imaginary eBay Architect don't necessarily represent or reflect in any way the official opinions of eBay or the opinions of anyone at eBay.

Indeed, I can't guarantee that the opinions of our real blogger necessarily represent or reflect in any way the official opinions of Roy Fielding...

Inter-Enterprise REST Integration | The REST Dialogues

2007-04-08T13:38:00Z

In an exclusive nine-part dialogue with an imaginary eBay Architect, we present an accessible discussion of the REST vs. SOA issue.

In this dialogue series, I argue the case for eBay to adopt a truly REST approach to their integration API.

Part 4: Inter-Enterprise REST Integration

Duncan Cragg: OK - I've demonstrated how you can replace imperative, function-call API-driving with a clean, declarative, RESTful interaction, driven by simple business rules.

We had servers run by eBay and clients run by the public, in the same way your SOAP API is used.

eBay Architect: Ah: that's something SOA has that REST doesn't!

DC: What? What's that?

eA: Services are all about Enterprise Integration: about servers talking to servers. In REST you're all about clients talking to servers. The Web is essentially only browser clients talking to Web servers. With Web Services, you can do more serious Enterprise Integration.

DC: You never give up do you? So you want 'serious' integration. Is that within or between enterprises?

eA: Let's say between.

DC: Fine. We'll use the same example as before: it's just a variation on the Patterns used.

We can standardise a more general version of the eBay schemas for Items, Offers, ResponseToBestOffers and so on. Anyone can put their own Items, Offers, etc. up on their own servers, or on some public auction service site. Everyone can do auctions with eBay and with anyone else who decides to set up.

Even, say, a new Google auction site: let's call it 'gBay'!

eA: Ha! OK, let's go through this slowly: you have eBay and 'gBay' sites, with sets of users on each. Now Ernie wants to sell his old laptop on eBay, so creates a new Item for it. Gordon is registered to gBay and needs a cheap laptop.

DC: Great - well the first thing is search. As an interoperable site, gBay offers a broad search across both gBay sale Items and eBay ones - cached and indexed internally. The gBay search database would be filled by crawling eBay URIs and even by running queries on eBay.

eA: Mm. Have to check the T's & C's...

DC: So Gordon on gBay finds Ernie's laptop on eBay. The presentation of this eBay sale item will be given the gBay style, but calling out directly to the eBay data and images.

eA: OK, now let's say Gordon decides to make an offer.

DC: So an Offer resource is created on gBay referring to the laptop on eBay. Then through a notification, the Item on eBay is alerted to this Offer.

eA: What's notified, to where?

DC: There's a number of possible patterns. Before, we had the pattern of POSTing a resource to a server that then creates the GETable version.

However, now gBay is hosting the Offer, so the internal mechanisms for notification are no longer available.

So gBay could suggest an update through APP or a simpler POST to a collection of Offer entries within the eBay Item to point to this, now remote, Offer.

Perhaps the gBay Offer can simply be POSTed wholesale to the eBay Item.

Or just a link to it.

Or eBay may poll, read a feed or search gBay for new Offer URIs, putting them into Offer lists as they come up.

An unusual approach (thanks to Joe Gregorio) would be for gBay to GET the eBay Item, with the Offer marked in a Referer: header.

eA: Plenty of patterns to choose from. So there are some Offers on eBay, some on gBay. The Item lists its Offers in a rank as before, as they appear through this notification.

Now, let's say Ernie wants to accept Gordon's Offer on gBay.

DC: OK, assuming he can see the Offers the same regardless of host, he just chooses Gordon's Offer on the offer listing for his Item and accepts it.

eA: So we need to create a ResponseToBestOffer on eBay.

DC: Yes. Now the patterns are reversed, because eBay needs to notify gBay this time - of its ResponseToBestOffer.

Pub-Sub and Observer Pattern

DC: Again, it can do this by POSTing the ResponseToBestOffer to each Offer on gBay in turn, or can POST the actual Item itself to each Offer, where the Item has a link to the ResponseToBestOffer.

That would implement a logical subscription to the Item from each of the Offers on it.

eA: It sounds to me like POSTing several times to implement this pub-sub pattern is physically inefficient, even if it's logically correct. Especially when it's the same information repeated from eBay to gBay servers.

DC: Yes, indeed: a single notification to gBay would be better, letting gBay handle the propagation of subscription responses. This would in effect treat gBay as a proxy cache, and the notification as a cache invalidation event on gBay's copy of the eBay Item.

eA: What URI on gBay would you POST this eBay Item to?

DC: Something like http://gbay.com/ebay.com/item/4243 - to a copy of itself. You could also GET this cached copy if you wanted.

eA: OK, what next?

DC: In gBay the losing Offers get updated on receipt of this ResponseToBestOffer state. Gordon's Offer gets set to 'won'. In eBay, all the losing Offers are updated to 'lost'. The laptop Item gets marked 'sold', with a link to the ResponseToBestOffer, which links to the Offer that won.

It is possible to implement this internally in eBay (and that pub-sub cache invalidation propagation in gBay) using the Observer Pattern. and an event-driven server.

eA: Makes sense - you mean something like SEDA?

DC: Yep.

So the Offers all subscribe to the Item to watch for its status switching to 'sold' and to see if they won. Conversely, the Item can subscribe to the Offers: maybe the Offers could change or be withdrawn, and the Item needs to keep itself updated accordingly.

eA: Wow - symmetric subscription - the two-way Observer Pattern!

OK, what next?

DC: The eBay laptop Item resource will be further updated by its owner with paid, shipped, refunded, etc., as it currently is within eBay.

eA: Hold on, you're mixing patterns: you had the Observer Pattern on the Item just now: the Item observes the Offers. The Offers' state can be POSTed to the Item, whose own state may then change according to its rules.

But you then mix patterns by allowing a POST directly to the Item from the Item's owner, to update a couple of fields.

In one, the Item chooses what its state will be according to the state of its peers, and in the other, it's told, not according to a peer state, but some POST content type.

That doesn't seem neat or symmetric.

DC: It's true that these interaction styles differ: the Observer Pattern or pub-sub approach is peer-to-peer (resource-to-resource as equals watching each other); and in this scenario it's also server-to-server.

The direct edit request is more a client-server pattern, where the server resource - the Item - is considered under the control of a client.

However, the Item is always in control of its own state, and can even ignore a request by its owner if that request doesn't match its internal integrity rules.

The Item supporting both styles at the same time is absolutely fine.

Actually, you could see these two styles as aspects of the same peer-to-peer pattern: introduce a resource in the client that holds edit requests, to which the Item subscribes. It all ends up being much the same.

Transactions, Trust

eA: Right, now what if you have a race, where the ResponseToBestOffer is created at the same time as an Offer is changed or withdrawn?

Don't you need some kind of two-phase commit or distributed transaction logic?

DC: Of course not. It's the same as in the real world: as long as it all settles in the end and the rules are followed. The ResponseToBestOffer cites what state of the Offer it is accepting. If that changes for any reason, the ResponseToBestOffer is void.

It's about state and state consistency in REST, as opposed to the SOA style of maintaining total control at all times.

There will be temporary states that trigger the rules and that need to be resolved. That's the programming and distribution model. Tolerance of transient states is what makes this model so robust.

eA: Surely there are some legal and contract issues? How is this exchange legally binding?

DC: You can digitally sign the Item, Offer and ResponseToBestOffer resources, and each side needs to keep records of the history. Then it's down to agreements between eBay and gBay and the local laws in force.

eA: What about buyer and seller ratings and feedback?

DC: Ernie in eBay and Gordon in gBay can happily publish feedback about each other, and Ernie will be able to see Gordon's rating via eBay's interface, or directly on gBay.

As for aggregated ratings from several buyer/seller interactions: a person's rating is a function of the ratings of all those they have dealt with. These ratings can be fetched by GET from remote sites, and combined with internally-held ratings, depending on the trust of one site over another site's ratings.

eA: So how do we trust these ratings across sites?

DC: We have to trust eBay that it trusts gBay. This is one of the basics of distributed systems. In a monolithic system you have a single trust domain: all parts can trust each other.

Split the application up across multiple trust domains and you need authentication and crypto. You can't get way from needing peer trust structures built up explicitly through crypto, agreement and contract and/or implicitly through past successful experience.

eA: Can you be more specific?

DC: Normally, a GET for a resource or a POST of some data comes with a header identifying the GETer or POSTer. The resource can also be signed by a user on a site or by the site itself as a proxy.

Or, if you have an agreement with the site, you just need to use https to ensure you've got a secure connection with that site, then needn't have individual signatures.

eA: Where's the Single Sign On and Identity in all this? We've got users working across multiple sites.

DC: Well, gBay is the holder of the Gordon identity or persona - and it manages his world view. Gordon on gBay needs his identity to mean something on eBay, but we don't want him to have to create an account on eBay or to have to tell gBay his eBay login details to work on both sites. So he expects gBay and eBay to have come to some agreements about technology and policy.

In REST, we don't have sessions and logins - we have identity, which implies asymmetric (private/public key) crypto for signatures and security. We have a number of tools available to us, including OpenID and https, as well as resource signing.

eA: Here's a question for you: how would you manage a single shopping trolley for Gordon on gBay, containing and allowing payment for eBay goods?

DC: ShoppingTrolley resource, links to eBay and gBay items. At checkout, smaller eBay-Items-only ShoppingTrolley resource POSTed to eBay along with CreditCard resource (again, you can sign the ShoppingTrolley and encrypt the data).

eA: So, as eBay, why should we integrate the seller ratings of someone on gBay? Or get gBay's for-sale items coming up in our searches? Or accept Offers and ShoppingTrolleys from gBay? We don't control or trust them, and don't want to send traffic or business over to them.

DC: Fair enough, for now. I'm only describing what's technically possible. Like I said before, you may revisit your stance on interoperability and mutual agreements one day soon.

Also, what if your business decides this year to set up a commercial partnership with another similar business and the managers come to you asking how it's all going to work together internally?

You'll find having good REST interoperability already in place a huge asset for internal integration! You'll also find that an interop-friendly approach makes developing internal 'mashups' much easier.

Better Than SOA

eA: I still can't see why all this is better than our SOAP approach, though: it just seems like the same things are happening at the end of the day - that it's only a change of perspective.

DC: Well, a minute ago, you were challenging using REST for anything other than simple data manipulation. Now I've shown you the power of a REST approach can be easily extended to a clean, simple, scalable, interoperable, general, declarative programming model. And you're still not satisfied!

eA: Ha! OK. So tell me why this programming model is so scalable and interoperable compared with the SOAP API and normal function calls.

DC: It's scalable because of all the reasons I mentioned before: the cacheability of the basic data operations and their parallelisability through URI partitioning. updated - I meant data partitions not operation partitions!

Plus now we have parallelisability of the application of the business rules. There's nothing more parallelisable than a declarative system.

eA: If you say so! OK, perhaps you could elaborate on that; it sounds like a new point.

DC: It is: when you're leading the computer step-by-step through a process, you have to handle concurrency yourself. That's the 'How' of 'What not How'.

Conversely, when you simply declare 'What' the rules are, the computer is free to go off and do things as concurrently as the rules and the data separation allow.

eA: Mm. OK. Interoperability?

DC: It's interoperable again for the reasons I mentioned before. Firstly, the power of the URI; this scenario is a full player in the Web: you can share links to Items around and go fetch your Offers and Feedbacks with a simple HTTP GET. You can make things happen by POSTing to the relevant URI, given its content type.

There's also the expectation of standard Content-Types, sub-types and schemas in GET and POST, rather than custom eBay WSDLs and schemas, that I mentioned before.

eA: Like you said, you already mentioned these things. Anything to add now that we're doing business rules?

DC: Yes; when data is your interface and resource transformation your basic programming model, resource data types become part of your 'programming language'. As such, there is great benefit in sharing data types to allow such programming across multiple domain boundaries.

SOA, on the other hand, encourages inventing your own 'programming language' every time. It's a much more brittle model and mind-set.

You can't GET your RespondToBestOffer function call, but I can GET the ResponseToBestOffer! It's basically a more mashable approach to distributed programming.

In Part 5: The Distributed Observer Pattern.

Note that the opinions of our imaginary eBay Architect don't necessarily represent or reflect in any way the official opinions of eBay or the opinions of anyone at eBay.

Indeed, I can't guarantee that the opinions of our real blogger necessarily represent or reflect in any way the official opinions of Roy Fielding...