SlideShare a Scribd company logo

API management with Taffy and API Blueprint

Kai Koenig
Kai Koenig

Introduction to API development with Taffy, a developer-friendly and convention-based framework for ColdFusion and Lucee. Code samples at: https://github.com/TheRealAgentK/taffydemos

1 of 49
Download to read offline
API MANAGEMENT WITH TAFFY 
 AND API BLUEPRINT KAI KOENIG (@AGENTK)
AGENDA ▸ What is Taffy? ▸ REST in a nutshell ▸ But is it “RESTful ENOUGH”? ▸ Taffy setup and basic flow ▸ Advanced configuration ▸ API Blueprint and other tools
WHAT IS TAFFY?
WHAT IS TAFFY? TAFFY ▸ TLDR version: Taffy is a framework to build REST-based APIs in CFML ▸ Developed by Adam Tuttle ▸ Currently in version 3.1, incepted around 2011 (MIT license) ▸ Very stable, very powerful ▸ Allows the creation of REST-based APIs in CFML independent of any vendor implementation - works with Lucee and ACF ▸ Can be integrated with other frameworks
WHAT IS TAFFY? WHY TAFFY? “But hey, both Lucee and Adobe CF have their own implementation of REST- API handling and it’s SO EASY to use and it has SELF-DOCUMENTATION! That’s great, ey?” ▸ At first glance it might seem like a great idea for getting started. But: ▸ Various issues (created URL structures, JSON handling, clunky syntax) ▸ Significantly lock-in to a vendor’s implementation ▸ Overall developer-unfriendly approaches
WHAT IS TAFFY? BENEFITS OF TAFFY ▸ This is not a talk about the deficiencies of REST in ACF or Lucee ▸ This is why Taffy is great: ▸ Developer-friendly and easy to get started with ▸ Backwards-compatible to ACF 8 ▸ Convention over configuration ▸ Hardly any boilerplate code
REST IN A NUTSHELL https://www.flickr.com/photos/kikasz/2891113802/
REST IN A NUTSHELL WHAT IS REST? ▸ REpresentational State Transfer - a method to communicate over a network ▸ Mostly used over HTTP, technically protocol-independent ▸ 2 phases: ▸ Request - noun, verb, MIME type, headers, data ▸ Response - status code, status text, headers, data
REST IN A NUTSHELL THE REQUEST (I) ▸ Nouns - identifier of the data we want to work with, e.g. /users or /users/232 ▸ Main verbs: ▸ POST: creating a new record (unsafe) ▸ PUT: updating existing record (idempotent) ▸ GET: retrieving existing record (safe) ▸ DELETE: deleting record (idempotent)
REST IN A NUTSHELL THE REQUEST (II) ▸ Less commonly used verbs: ▸ HEAD: similar to GET, but only returns headers (safe) ▸ OPTIONS: used to check which verbs are available (safe) ▸ PATCH: similar to PUT, updating individual properties (idempotent) ▸ MIME type: ▸ Client and API server agree on the data types for exchange, e.g. text/html, application/xml etc
REST IN A NUTSHELL THE REQUEST (III) ▸ Headers - supply metadata with the request (Accept, Content-Type) ▸ Data - the data sent from the client to the server ▸ Can conceptually be of any format ▸ Most common: JSON
REST IN A NUTSHELL THE RESPONSE ▸ Status code & Status text: ▸ “200 OK” ▸ “404 Not Found” ▸ “500 Server Error” … ▸ There are a lot more specific status codes, such as 201, 301, 302, 400, 401 etc. ▸ Headers and Data
REST IN A NUTSHELL WHY DO PEOPLE LIKE AND USE REST? ▸ Works naturally with the HTTP protocol ▸ Other alternatives: ▸ SOAP-XML: very enterprise-y, bloated and complex ▸ XML-RPC: similar to REST, but ignores the power of the verb
RESTFUL ENOUGH? https://www.flickr.com/photos/kikasz/2891113802/https://xkcd.com/386/
BUT IS IT RESTFUL ENOUGH? THE REALITY IS MORE COMPLEX ▸ Roy Fielding’s 2000 dissertation about what we today know as REST ▸ Followed up by a series of blog posts from ~2008 about HATEOAS (Hypermedia As The Engine Of Application State) ▸ prescribing additional requirements and behaviours ▸ often considered as ideal, but impractical in a lot of ways ▸ Leads to a lot of discussion what REST is and how one has to use it
BUT IS IT RESTFUL ENOUGH? MORE MATURE? ▸ Plain JSON
 
 
 ▸ HATEOAS { "name" : “iPhone 7" } { "name": “iPhone 7", "links": [ { "rel": "self", "href": "http://localhost:8080/product/1" } ] }
BUT IS IT RESTFUL ENOUGH? HATEOAS { "content": [ { "price": 499.00, "name": "iPad", "links": [ { "rel": "self", "href": "http://localhost:8080/product/1" } ], "attributes": { "connector": "socket" } }, { "price": 49.00, "name": "Dock", "links": [ { "rel": "self", "href": "http://localhost:8080/product/3" } ], "attributes": { "connector": "plug" } } ], "links": [ { "rel": "product.search", "href": "http://localhost:8080/product/search" } ] }
BUT IS IT RESTFUL ENOUGH? RICHARDSON MATURITY LEVEL http://martinfowler.com/articles/richardsonMaturityModel.html
TAFFY SETUP AND BASIC FLOW https://www.flickr.com/photos/joanna_young/ 4515399787/
TAFFY SETUP AND BASIC FLOW INSTALLATION ▸ Download .zip-file from Github or taffy.io ▸ Installation options: ▸ Global mapping /taffy ▸ /taffy physically in webroot ▸ Installation in sub-directory of site (needs application-specific mappings)
TAFFY SETUP AND BASIC FLOW DRIVEN BY APPLICATION.CFC ▸ Extends taffy.core.api ▸ Needs to call onApplicationStart() and onRequestStart() on the parent CFC ▸ Earlier versions of Taffy had their own Application.cfc events - it was recommended to actually not implement onApplicationStart() etc ▸ That’s gone since Taffy 2.0 component extends="taffy.core.api" { this.name = "TaffyDemo"; function onApplicationStart() { application.productList = [ { "id":1, "name":"iPhone 7" }, { "id":2, "name":"iPhone 7+" }, { "id":3, "name":"iPad Pro 9.7inch" } ]; return super.onApplicationStart(); } function onRequestStart() { return super.onRequestStart(); } }
TAFFY SETUP AND BASIC FLOW CONVENTION OVER CONFIGURATION ▸ Taffy tries to NOT be in your way ▸ Examples: ▸ Default function names for resources are get(), post(), put(), delete() ▸ Looks for resources in a /resources directory ▸ Lots of things are just fine and work out of the box naturally because of sensible conventions
TAFFY SETUP AND BASIC FLOW MINIMAL LAYOUT
TAFFY SETUP AND BASIC FLOW RESOURCES (I) ▸ Extend taffy.core.resource ▸ Live in the /resources directory or a /resources mapping ▸ Can be changed - requires dropping the default bean factory ▸ Good practice: ▸ Have a CFC for a “thing” and for a “collection of things” each ▸ My convention: “SomeThing” and “SomeThingCollection” ▸ A resource should at least implement one verb function
TAFFY SETUP AND BASIC FLOW RESOURCES (II) ▸ taffy_uri defines the public URL of your resource ▸ representationOf() triggers the default serialiser ▸ withStatus() sets the HTTP status of the response (defaults to “200 OK”) component extends="taffy.core.resource" taffy_uri="/product" { public function get(){ return representationOf(application.productList).withStatus(200); } }
TAFFY SETUP AND BASIC FLOW RESOURCES (III) ▸ Passing {productId} token into the resource’s URL ▸ Returning 404 if there’s no record found component extends="taffy.core.resource" taffy_uri="/product/{productId}" { public function get(numeric productId){ for (var product in application.productList) { if (product["id"] == arguments.productId) { return representationOf(product).withStatus(200, "OK"); } } return noData().withStatus(404, "Not Found"); } }
TAFFY SETUP AND BASIC FLOW RESOURCES (IV) ▸ If a verb is not implemented in a resource, Taffy will return “405 Not Allowed” ▸ Tokens will automatically become part of the arguments scope ▸ Tokens support regular expressions: /product/{pId:d{4}} - /product/{pId:[A-Za-z]+} ▸ Query string parameters will ALSO automatically become part of the arguments scope ▸ Use .noData() if the intention is to not return data ▸ Similar to .withStatus(…), it’s possible to chain .withHeaders(…) to the return statement
TAFFY SETUP AND BASIC FLOW TAFFY DASHBOARD
TAFFY SETUP AND BASIC FLOW TAFFY DASHBOARD ▸ Dashboard allows to: ▸ execute requests (incl. Query Params, Headers and Basic Auth) ▸ inspect the response ▸ see a limited amount of documentation ▸ Should (usually) be switched off in production ▸ Default: caches API, needs explicit reloads
TAFFY SETUP AND BASIC FLOW CHANGING DATA - WHERE TO PUT POST? ▸ If the POST method was in Product.cfc - we’d have an issue. ▸ The URL route requires us to use /product/{productId} ▸ POST therefore has to life in ProductCollection.cfc ▸ PUT however (updating existing data) can happily go into Product.cfc ▸ URL matching: /product/search will match before /product/{productId}
TAFFY SETUP AND BASIC FLOW GOOD PRACTICES FOR PUT AND POST ▸ If you created a record with POST: ▸ return “201 Created” with the created data ▸ potentially return x-inserted-id in the header ▸ If you updated a record with PUT: ▸ return “200 OK” with the updated data ▸ if the record to be updated didn’t exist, create it (see above)
ADVANCED TASKS AND CONFIG
ADVANCED TASKS AND CONFIG BREAKING AWAY FROM THE CONVENTIONS ▸ Metadata: ▸ Annotate functions to be triggered by a specific verb: taffy_verb=“<VERB>” ▸ Necessary for extended verbs like OPTIONS, HEAD, PATCH. Optional for standard verbs. ▸ There’s more metadata in serialisers (later)
ADVANCED TASKS AND CONFIG BREAKING AWAY FROM THE CONVENTIONS ▸ Configuration: variables.framework struct in Taffy’s Application.cfc ▸ reloadKey/reloadPassword vs. reloadOnEveryRequest ▸ serializer/deserializer (later) ▸ disableDashboard ▸ jsonp/allowCrossDomain ▸ beanFactory - allows hooking into Coldspring, DI/1 etc…
ADVANCED TASKS AND CONFIG AUTHENTICATION AND SECURITY ▸ Firstly - what do you want to achieve? ▸ Requiring an API Token? ▸ Fine-grain security? ▸ oAuth ▸ HTTP Basic Auth ▸ SSL
ADVANCED TASKS AND CONFIG API TOKEN (I) ▸ Best place to start is onTaffyRequest(…) ▸ Return true to continue processing the request ▸ Return a representation object to abort the request ▸ Two common options for passing token: ▸ URI parameters and/or as part of the data ▸ In the header
ADVANCED TASKS AND CONFIG API TOKEN (II) function onTaffyRequest(verb, cfc, requestArguments, mimeExt, headers, methodMetadata, matchedURI) { if (not structKeyExists(arguments.requestArguments, "apiKey") || !Len(arguments.requestArguments["apiKey"])) { return noData().withStatus(401, "Unauthorized"); } if (!arrayFind(application.validAPIKeys, arguments.requestArguments["apiKey"])) { return noData().withStatus(403, "Forbidden"); } return true; }
ADVANCED TASKS AND CONFIG CUSTOM SERIALISERS (I) ▸ Default serialiser is JSON (CFML-server built-in) ▸ Extend from taffy.core.baseRepresentation ▸ Implement getAsX functions ▸ getAsXML, getAsJSON, getAsYML etc
ADVANCED TASKS AND CONFIG CUSTOM SERIALISERS (II) component extends="taffy.core.baseSerializer" { variables.anythingToXML = application.anythingToXML; variables.jsonUtil = application.jsonUtil; function getAsXML() output="false" taffy_mime="application/xml" taffy_default="false" { return variables.anythingToXML.toXml(variables.data); } function getAsJSON() output="false" taffy_mime="application/json" taffy_default="true" { return variables.jsonUtil.serialize(variables.data); } }
ADVANCED TASKS AND CONFIG RATE LIMITS ▸ In a nutshell: ▸ manage access log (api key & time) in DB or key/value storage ▸ onTaffyRequest logs requests and check if limits are exceeded ▸ if not exceeded, process incoming request ▸ if exceeded, return status code “429 Too Many Requests”
ADVANCED TASKS AND CONFIG API VERSIONING ▸ Multiple schools of thought: ▸ URI vs header ▸ Make sure you version from day 0! ▸ I tend to use /v1/product, /v2/product etc. ▸ Maps nicely on directory structures in /resources ▸ Update version when breaking compatibility ▸ Consider SemVer (Semantic Versioning) if your API is changing a lot
API BLUEPRINT AND OTHER TOOLS https://www.flickr.com/photos/cardoso/2196726835/
API BLUEPRINT WHAT IS IT? ▸ Description and specification language for web APIs (http://apiblueprint.org) ▸ From Apiary.io - but can be used independently from that ▸ Language spec: https://github.com/apiaryio/api-blueprint ▸ Offers platform-neutral documentation and additional tooling ▸ Aglio ▸ API-Mock
API BLUEPRINT DOCUMENTATION WITH AGLIO ▸ Very simple markup language ▸ npm install -g aglio (https://www.npmjs.com/package/aglio) ▸ aglio -i documentation.md -o documentation.html ▸ MD structure: ▸ # Group ▸ ## Resource ▸ ### Action
API BLUEPRINT MOCK SERVER WITH API-MOCK ▸ Creates a mock server for your API (https://github.com/localmed/api-mock) ▸ npm install -g api-mock ▸ api-mock ./documentation.md ▸ Defaults to port 3000
API BLUEPRINT PAW ▸ REST API test and management tool on OS X ▸ Recording/Playback/Testing etc ▸ Has API Blueprint support through extensions
FINAL THOUGHTS https://www.flickr.com/photos/brickset/16099265973/
FINAL THOUGHTS WHAT DID WE COVER? ▸ Taffy - what is it? ▸ How to setup and the foundations ▸ Discussed some advanced topics in more detail ▸ High-level overview of API Blueprint
FINAL THOUGHTS GET IN TOUCH Kai Koenig Email: kai@ventego-creative.co.nz Twitter: @AgentK
Ad

Recommended

Tube Structure PPT.ppt
Tube Structure PPT.pptTube Structure PPT.ppt
Tube Structure PPT.ppt
AbdulRauf166100
 
Tadao Ando - Chikutso Asuka Museum
Tadao Ando - Chikutso Asuka MuseumTadao Ando - Chikutso Asuka Museum
Tadao Ando - Chikutso Asuka Museum
Madhu Sagar
 
Structure of national stadium bejing
Structure of national stadium bejingStructure of national stadium bejing
Structure of national stadium bejing
AmaniMughal
 
Cctv final
Cctv finalCctv final
Cctv final
Dhruv Seth
 
An Overview of Analysis and Design of a Single-Layer Reticulated Inverted Mon...
An Overview of Analysis and Design of a Single-Layer Reticulated Inverted Mon...An Overview of Analysis and Design of a Single-Layer Reticulated Inverted Mon...
An Overview of Analysis and Design of a Single-Layer Reticulated Inverted Mon...
AIT Solutions
 
HighRise Presentation
HighRise PresentationHighRise Presentation
HighRise Presentation
bartdankers
 
Earthquake Resistant Structures Taipei 101
Earthquake Resistant Structures Taipei 101Earthquake Resistant Structures Taipei 101
Earthquake Resistant Structures Taipei 101
Khushboo Sood
 
HIGH RISE BUILDING REPORT.pdf
HIGH RISE BUILDING REPORT.pdfHIGH RISE BUILDING REPORT.pdf
HIGH RISE BUILDING REPORT.pdf
Mohammad Salman
 
Divusi dan inovasi reni
Divusi dan inovasi reniDivusi dan inovasi reni
Divusi dan inovasi reni
Operator Warnet Vast Raha
 
Erik
ErikErik
Erik
Educ Israel Patricio Rumaldo
 
Extinción de los Actos Administrativos en Venezuela
Extinción de los Actos Administrativos en VenezuelaExtinción de los Actos Administrativos en Venezuela
Extinción de los Actos Administrativos en Venezuela
Crojas17
 
Entrega taller
Entrega tallerEntrega taller
Entrega taller
Enrique González
 
Avances tecnologicos
Avances tecnologicosAvances tecnologicos
Avances tecnologicos
Mairelys de Alfonso
 
Lección 3 - Doctrina y vida de la Iglesia
Lección 3 - Doctrina y vida de la IglesiaLección 3 - Doctrina y vida de la Iglesia
Lección 3 - Doctrina y vida de la Iglesia
Iglesia Cristiana Evangelica Luz del Mundo
 
Acct20-Chapter12
Acct20-Chapter12Acct20-Chapter12
Acct20-Chapter12
OLCTeacher
 
AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略
AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略
AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略
AdWordsGreaterChina
 
谷歌广告学院 AdWords APP 广告面面观
谷歌广告学院 AdWords APP 广告面面观谷歌广告学院 AdWords APP 广告面面观
谷歌广告学院 AdWords APP 广告面面观
AdWordsGreaterChina
 
API Athens Meetup - API standards 22.03.2016
API Athens Meetup - API standards 22.03.2016API Athens Meetup - API standards 22.03.2016
API Athens Meetup - API standards 22.03.2016
Ivan Goncharov
 
Introduction to philosophy
Introduction to philosophyIntroduction to philosophy
Introduction to philosophy
Syed Noman Ali
 
Kamailio World 2016: Update your SIP!
Kamailio World 2016: Update your SIP!Kamailio World 2016: Update your SIP!
Kamailio World 2016: Update your SIP!
Olle E Johansson
 
Mi estudio de caso carlos moreno
Mi estudio de caso carlos morenoMi estudio de caso carlos moreno
Mi estudio de caso carlos moreno
carlosandres1988
 
REST with Eve and Python
REST with Eve and PythonREST with Eve and Python
REST with Eve and Python
PiXeL16
 
Faster PHP apps using Queues and Workers
Faster PHP apps using Queues and WorkersFaster PHP apps using Queues and Workers
Faster PHP apps using Queues and Workers
Richard Baker
 
12 core technologies you should learn, love, and hate to be a 'real' technocrat
12 core technologies you should learn, love, and hate to be a 'real' technocrat12 core technologies you should learn, love, and hate to be a 'real' technocrat
12 core technologies you should learn, love, and hate to be a 'real' technocrat
Jonathan Linowes
 
Python tools for testing web services over HTTP
Python tools for testing web services over HTTPPython tools for testing web services over HTTP
Python tools for testing web services over HTTP
Mykhailo Kolesnyk
 
Elegant Rest Design Webinar
Elegant Rest Design WebinarElegant Rest Design Webinar
Elegant Rest Design Webinar
Stormpath
 
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data... Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
Big Data Spain
 
Introduction to REST and Hypermedia
Introduction to REST and HypermediaIntroduction to REST and Hypermedia
Introduction to REST and Hypermedia
Nordic APIs
 
Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014
Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014
Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014
gethue
 
Power of Simplicity in FW/1
Power of Simplicity in FW/1Power of Simplicity in FW/1
Power of Simplicity in FW/1
Masha Edelen
 
Ad

More Related Content

Viewers also liked (13)

Divusi dan inovasi reni
Divusi dan inovasi reniDivusi dan inovasi reni
Divusi dan inovasi reni
Operator Warnet Vast Raha
 
Erik
ErikErik
Erik
Educ Israel Patricio Rumaldo
 
Extinción de los Actos Administrativos en Venezuela
Extinción de los Actos Administrativos en VenezuelaExtinción de los Actos Administrativos en Venezuela
Extinción de los Actos Administrativos en Venezuela
Crojas17
 
Entrega taller
Entrega tallerEntrega taller
Entrega taller
Enrique González
 
Avances tecnologicos
Avances tecnologicosAvances tecnologicos
Avances tecnologicos
Mairelys de Alfonso
 
Lección 3 - Doctrina y vida de la Iglesia
Lección 3 - Doctrina y vida de la IglesiaLección 3 - Doctrina y vida de la Iglesia
Lección 3 - Doctrina y vida de la Iglesia
Iglesia Cristiana Evangelica Luz del Mundo
 
Acct20-Chapter12
Acct20-Chapter12Acct20-Chapter12
Acct20-Chapter12
OLCTeacher
 
AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略
AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略
AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略
AdWordsGreaterChina
 
谷歌广告学院 AdWords APP 广告面面观
谷歌广告学院 AdWords APP 广告面面观谷歌广告学院 AdWords APP 广告面面观
谷歌广告学院 AdWords APP 广告面面观
AdWordsGreaterChina
 
API Athens Meetup - API standards 22.03.2016
API Athens Meetup - API standards 22.03.2016API Athens Meetup - API standards 22.03.2016
API Athens Meetup - API standards 22.03.2016
Ivan Goncharov
 
Introduction to philosophy
Introduction to philosophyIntroduction to philosophy
Introduction to philosophy
Syed Noman Ali
 
Kamailio World 2016: Update your SIP!
Kamailio World 2016: Update your SIP!Kamailio World 2016: Update your SIP!
Kamailio World 2016: Update your SIP!
Olle E Johansson
 
Mi estudio de caso carlos moreno
Mi estudio de caso carlos morenoMi estudio de caso carlos moreno
Mi estudio de caso carlos moreno
carlosandres1988
 
Divusi dan inovasi reni
Divusi dan inovasi reniDivusi dan inovasi reni
Divusi dan inovasi reni
Operator Warnet Vast Raha
 
Erik
ErikErik
Erik
Educ Israel Patricio Rumaldo
 
Extinción de los Actos Administrativos en Venezuela
Extinción de los Actos Administrativos en VenezuelaExtinción de los Actos Administrativos en Venezuela
Extinción de los Actos Administrativos en Venezuela
Crojas17
 
Entrega taller
Entrega tallerEntrega taller
Entrega taller
Enrique González
 
Avances tecnologicos
Avances tecnologicosAvances tecnologicos
Avances tecnologicos
Mairelys de Alfonso
 
Lección 3 - Doctrina y vida de la Iglesia
Lección 3 - Doctrina y vida de la IglesiaLección 3 - Doctrina y vida de la Iglesia
Lección 3 - Doctrina y vida de la Iglesia
Iglesia Cristiana Evangelica Luz del Mundo
 
Acct20-Chapter12
Acct20-Chapter12Acct20-Chapter12
Acct20-Chapter12
OLCTeacher
 
AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略
AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略
AdWords Academy 谷歌广告节假日专题-电商欧美市场营销策略
AdWordsGreaterChina
 
谷歌广告学院 AdWords APP 广告面面观
谷歌广告学院 AdWords APP 广告面面观谷歌广告学院 AdWords APP 广告面面观
谷歌广告学院 AdWords APP 广告面面观
AdWordsGreaterChina
 
API Athens Meetup - API standards 22.03.2016
API Athens Meetup - API standards 22.03.2016API Athens Meetup - API standards 22.03.2016
API Athens Meetup - API standards 22.03.2016
Ivan Goncharov
 
Introduction to philosophy
Introduction to philosophyIntroduction to philosophy
Introduction to philosophy
Syed Noman Ali
 
Kamailio World 2016: Update your SIP!
Kamailio World 2016: Update your SIP!Kamailio World 2016: Update your SIP!
Kamailio World 2016: Update your SIP!
Olle E Johansson
 
Mi estudio de caso carlos moreno
Mi estudio de caso carlos morenoMi estudio de caso carlos moreno
Mi estudio de caso carlos moreno
carlosandres1988
 

Similar to API management with Taffy and API Blueprint (20)

REST with Eve and Python
REST with Eve and PythonREST with Eve and Python
REST with Eve and Python
PiXeL16
 
Faster PHP apps using Queues and Workers
Faster PHP apps using Queues and WorkersFaster PHP apps using Queues and Workers
Faster PHP apps using Queues and Workers
Richard Baker
 
12 core technologies you should learn, love, and hate to be a 'real' technocrat
12 core technologies you should learn, love, and hate to be a 'real' technocrat12 core technologies you should learn, love, and hate to be a 'real' technocrat
12 core technologies you should learn, love, and hate to be a 'real' technocrat
Jonathan Linowes
 
Python tools for testing web services over HTTP
Python tools for testing web services over HTTPPython tools for testing web services over HTTP
Python tools for testing web services over HTTP
Mykhailo Kolesnyk
 
Elegant Rest Design Webinar
Elegant Rest Design WebinarElegant Rest Design Webinar
Elegant Rest Design Webinar
Stormpath
 
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data... Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
Big Data Spain
 
Introduction to REST and Hypermedia
Introduction to REST and HypermediaIntroduction to REST and Hypermedia
Introduction to REST and Hypermedia
Nordic APIs
 
Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014
Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014
Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014
gethue
 
Power of Simplicity in FW/1
Power of Simplicity in FW/1Power of Simplicity in FW/1
Power of Simplicity in FW/1
Masha Edelen
 
Play framework productivity formula
Play framework productivity formula Play framework productivity formula
Play framework productivity formula
Sorin Chiprian
 
Room with a Vue - Introduction to Vue.js
Room with a Vue - Introduction to Vue.jsRoom with a Vue - Introduction to Vue.js
Room with a Vue - Introduction to Vue.js
Zachary Klein
 
Rapid Application Development with SwiftUI and Firebase
Rapid Application Development with SwiftUI and FirebaseRapid Application Development with SwiftUI and Firebase
Rapid Application Development with SwiftUI and Firebase
Peter Friese
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.
Mario Cardinal
 
Monitoring OSGi Applications with the Web Console - Carsten Ziegeler
Monitoring OSGi Applications with the Web Console - Carsten ZiegelerMonitoring OSGi Applications with the Web Console - Carsten Ziegeler
Monitoring OSGi Applications with the Web Console - Carsten Ziegeler
mfrancis
 
Monitoring OSGi Applications with the Web Console
Monitoring OSGi Applications with the Web ConsoleMonitoring OSGi Applications with the Web Console
Monitoring OSGi Applications with the Web Console
Carsten Ziegeler
 
WebGUI Developers Workshop
WebGUI Developers WorkshopWebGUI Developers Workshop
WebGUI Developers Workshop
Plain Black Corporation
 
CodeIgniter PHP MVC Framework
CodeIgniter PHP MVC FrameworkCodeIgniter PHP MVC Framework
CodeIgniter PHP MVC Framework
Bo-Yi Wu
 
The Big Picture and How to Get Started
The Big Picture and How to Get StartedThe Big Picture and How to Get Started
The Big Picture and How to Get Started
guest1af57e
 
Building a Cloud Native Stack with EMR Spark, Alluxio, and S3
Building a Cloud Native Stack with EMR Spark, Alluxio, and S3Building a Cloud Native Stack with EMR Spark, Alluxio, and S3
Building a Cloud Native Stack with EMR Spark, Alluxio, and S3
Alluxio, Inc.
 
TL; DR: iOS 9R
TL; DR: iOS 9RTL; DR: iOS 9R
TL; DR: iOS 9R
Kevin Donnelly
 
REST with Eve and Python
REST with Eve and PythonREST with Eve and Python
REST with Eve and Python
PiXeL16
 
Faster PHP apps using Queues and Workers
Faster PHP apps using Queues and WorkersFaster PHP apps using Queues and Workers
Faster PHP apps using Queues and Workers
Richard Baker
 
12 core technologies you should learn, love, and hate to be a 'real' technocrat
12 core technologies you should learn, love, and hate to be a 'real' technocrat12 core technologies you should learn, love, and hate to be a 'real' technocrat
12 core technologies you should learn, love, and hate to be a 'real' technocrat
Jonathan Linowes
 
Python tools for testing web services over HTTP
Python tools for testing web services over HTTPPython tools for testing web services over HTTP
Python tools for testing web services over HTTP
Mykhailo Kolesnyk
 
Elegant Rest Design Webinar
Elegant Rest Design WebinarElegant Rest Design Webinar
Elegant Rest Design Webinar
Stormpath
 
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data... Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
Big Data Web applications for Interactive Hadoop by ENRICO BERTI at Big Data...
Big Data Spain
 
Introduction to REST and Hypermedia
Introduction to REST and HypermediaIntroduction to REST and Hypermedia
Introduction to REST and Hypermedia
Nordic APIs
 
Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014
Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014
Hue: Big Data Web applications for Interactive Hadoop at Big Data Spain 2014
gethue
 
Power of Simplicity in FW/1
Power of Simplicity in FW/1Power of Simplicity in FW/1
Power of Simplicity in FW/1
Masha Edelen
 
Play framework productivity formula
Play framework productivity formula Play framework productivity formula
Play framework productivity formula
Sorin Chiprian
 
Room with a Vue - Introduction to Vue.js
Room with a Vue - Introduction to Vue.jsRoom with a Vue - Introduction to Vue.js
Room with a Vue - Introduction to Vue.js
Zachary Klein
 
Rapid Application Development with SwiftUI and Firebase
Rapid Application Development with SwiftUI and FirebaseRapid Application Development with SwiftUI and Firebase
Rapid Application Development with SwiftUI and Firebase
Peter Friese
 
Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.Best Practices for Architecting a Pragmatic Web API.
Best Practices for Architecting a Pragmatic Web API.
Mario Cardinal
 
Monitoring OSGi Applications with the Web Console - Carsten Ziegeler
Monitoring OSGi Applications with the Web Console - Carsten ZiegelerMonitoring OSGi Applications with the Web Console - Carsten Ziegeler
Monitoring OSGi Applications with the Web Console - Carsten Ziegeler
mfrancis
 
Monitoring OSGi Applications with the Web Console
Monitoring OSGi Applications with the Web ConsoleMonitoring OSGi Applications with the Web Console
Monitoring OSGi Applications with the Web Console
Carsten Ziegeler
 
WebGUI Developers Workshop
WebGUI Developers WorkshopWebGUI Developers Workshop
WebGUI Developers Workshop
Plain Black Corporation
 
CodeIgniter PHP MVC Framework
CodeIgniter PHP MVC FrameworkCodeIgniter PHP MVC Framework
CodeIgniter PHP MVC Framework
Bo-Yi Wu
 
The Big Picture and How to Get Started
The Big Picture and How to Get StartedThe Big Picture and How to Get Started
The Big Picture and How to Get Started
guest1af57e
 
Building a Cloud Native Stack with EMR Spark, Alluxio, and S3
Building a Cloud Native Stack with EMR Spark, Alluxio, and S3Building a Cloud Native Stack with EMR Spark, Alluxio, and S3
Building a Cloud Native Stack with EMR Spark, Alluxio, and S3
Alluxio, Inc.
 
TL; DR: iOS 9R
TL; DR: iOS 9RTL; DR: iOS 9R
TL; DR: iOS 9R
Kevin Donnelly
 
Ad

More from Kai Koenig (20)

Why a whole country skipped a day - Fun with Timezones
Why a whole country skipped a day - Fun with Timezones Why a whole country skipped a day - Fun with Timezones
Why a whole country skipped a day - Fun with Timezones
Kai Koenig
 
Android 103 - Firebase and Architecture Components
Android 103 - Firebase and Architecture ComponentsAndroid 103 - Firebase and Architecture Components
Android 103 - Firebase and Architecture Components
Kai Koenig
 
Android 102 - Flow, Layouts and other things
Android 102 - Flow, Layouts and other thingsAndroid 102 - Flow, Layouts and other things
Android 102 - Flow, Layouts and other things
Kai Koenig
 
Android 101 - Building a simple app with Kotlin in 90 minutes
Android 101 - Building a simple app with Kotlin in 90 minutesAndroid 101 - Building a simple app with Kotlin in 90 minutes
Android 101 - Building a simple app with Kotlin in 90 minutes
Kai Koenig
 
Kotlin Coroutines and Android sitting in a tree - 2018 version
Kotlin Coroutines and Android sitting in a tree - 2018 versionKotlin Coroutines and Android sitting in a tree - 2018 version
Kotlin Coroutines and Android sitting in a tree - 2018 version
Kai Koenig
 
Kotlin Coroutines and Android sitting in a tree
Kotlin Coroutines and Android sitting in a treeKotlin Coroutines and Android sitting in a tree
Kotlin Coroutines and Android sitting in a tree
Kai Koenig
 
Improving your CFML code quality
Improving your CFML code qualityImproving your CFML code quality
Improving your CFML code quality
Kai Koenig
 
Summer of Tech 2017 - Kotlin/Android bootcamp
Summer of Tech 2017 - Kotlin/Android bootcampSummer of Tech 2017 - Kotlin/Android bootcamp
Summer of Tech 2017 - Kotlin/Android bootcamp
Kai Koenig
 
2017: Kotlin - now more than ever
2017: Kotlin - now more than ever2017: Kotlin - now more than ever
2017: Kotlin - now more than ever
Kai Koenig
 
Anko - The Ultimate Ninja of Kotlin Libraries?
Anko - The Ultimate Ninja of Kotlin Libraries?Anko - The Ultimate Ninja of Kotlin Libraries?
Anko - The Ultimate Ninja of Kotlin Libraries?
Kai Koenig
 
Coding for Android on steroids with Kotlin
Coding for Android on steroids with KotlinCoding for Android on steroids with Kotlin
Coding for Android on steroids with Kotlin
Kai Koenig
 
Little Helpers for Android Development with Kotlin
Little Helpers for Android Development with KotlinLittle Helpers for Android Development with Kotlin
Little Helpers for Android Development with Kotlin
Kai Koenig
 
Introduction to Data Mining
Introduction to Data MiningIntroduction to Data Mining
Introduction to Data Mining
Kai Koenig
 
Garbage First and you
Garbage First and youGarbage First and you
Garbage First and you
Kai Koenig
 
Real World Lessons in jQuery Mobile
Real World Lessons in jQuery MobileReal World Lessons in jQuery Mobile
Real World Lessons in jQuery Mobile
Kai Koenig
 
The JVM is your friend
The JVM is your friendThe JVM is your friend
The JVM is your friend
Kai Koenig
 
Regular Expressions 101
Regular Expressions 101Regular Expressions 101
Regular Expressions 101
Kai Koenig
 
There's a time and a place
There's a time and a placeThere's a time and a place
There's a time and a place
Kai Koenig
 
Clojure - an introduction (and some CFML)
Clojure - an introduction (and some CFML)Clojure - an introduction (and some CFML)
Clojure - an introduction (and some CFML)
Kai Koenig
 
AngularJS for designers and developers
AngularJS for designers and developersAngularJS for designers and developers
AngularJS for designers and developers
Kai Koenig
 
Why a whole country skipped a day - Fun with Timezones
Why a whole country skipped a day - Fun with Timezones Why a whole country skipped a day - Fun with Timezones
Why a whole country skipped a day - Fun with Timezones
Kai Koenig
 
Android 103 - Firebase and Architecture Components
Android 103 - Firebase and Architecture ComponentsAndroid 103 - Firebase and Architecture Components
Android 103 - Firebase and Architecture Components
Kai Koenig
 
Android 102 - Flow, Layouts and other things
Android 102 - Flow, Layouts and other thingsAndroid 102 - Flow, Layouts and other things
Android 102 - Flow, Layouts and other things
Kai Koenig
 
Android 101 - Building a simple app with Kotlin in 90 minutes
Android 101 - Building a simple app with Kotlin in 90 minutesAndroid 101 - Building a simple app with Kotlin in 90 minutes
Android 101 - Building a simple app with Kotlin in 90 minutes
Kai Koenig
 
Kotlin Coroutines and Android sitting in a tree - 2018 version
Kotlin Coroutines and Android sitting in a tree - 2018 versionKotlin Coroutines and Android sitting in a tree - 2018 version
Kotlin Coroutines and Android sitting in a tree - 2018 version
Kai Koenig
 
Kotlin Coroutines and Android sitting in a tree
Kotlin Coroutines and Android sitting in a treeKotlin Coroutines and Android sitting in a tree
Kotlin Coroutines and Android sitting in a tree
Kai Koenig
 
Improving your CFML code quality
Improving your CFML code qualityImproving your CFML code quality
Improving your CFML code quality
Kai Koenig
 
Summer of Tech 2017 - Kotlin/Android bootcamp
Summer of Tech 2017 - Kotlin/Android bootcampSummer of Tech 2017 - Kotlin/Android bootcamp
Summer of Tech 2017 - Kotlin/Android bootcamp
Kai Koenig
 
2017: Kotlin - now more than ever
2017: Kotlin - now more than ever2017: Kotlin - now more than ever
2017: Kotlin - now more than ever
Kai Koenig
 
Anko - The Ultimate Ninja of Kotlin Libraries?
Anko - The Ultimate Ninja of Kotlin Libraries?Anko - The Ultimate Ninja of Kotlin Libraries?
Anko - The Ultimate Ninja of Kotlin Libraries?
Kai Koenig
 
Coding for Android on steroids with Kotlin
Coding for Android on steroids with KotlinCoding for Android on steroids with Kotlin
Coding for Android on steroids with Kotlin
Kai Koenig
 
Little Helpers for Android Development with Kotlin
Little Helpers for Android Development with KotlinLittle Helpers for Android Development with Kotlin
Little Helpers for Android Development with Kotlin
Kai Koenig
 
Introduction to Data Mining
Introduction to Data MiningIntroduction to Data Mining
Introduction to Data Mining
Kai Koenig
 
Garbage First and you
Garbage First and youGarbage First and you
Garbage First and you
Kai Koenig
 
Real World Lessons in jQuery Mobile
Real World Lessons in jQuery MobileReal World Lessons in jQuery Mobile
Real World Lessons in jQuery Mobile
Kai Koenig
 
The JVM is your friend
The JVM is your friendThe JVM is your friend
The JVM is your friend
Kai Koenig
 
Regular Expressions 101
Regular Expressions 101Regular Expressions 101
Regular Expressions 101
Kai Koenig
 
There's a time and a place
There's a time and a placeThere's a time and a place
There's a time and a place
Kai Koenig
 
Clojure - an introduction (and some CFML)
Clojure - an introduction (and some CFML)Clojure - an introduction (and some CFML)
Clojure - an introduction (and some CFML)
Kai Koenig
 
AngularJS for designers and developers
AngularJS for designers and developersAngularJS for designers and developers
AngularJS for designers and developers
Kai Koenig
 
Ad

Recently uploaded (20)

What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
Andre Hora
 
EASEUS Partition Master Crack + License Code
EASEUS Partition Master Crack + License CodeEASEUS Partition Master Crack + License Code
EASEUS Partition Master Crack + License Code
aneelaramzan63
 
How can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptxHow can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptx
laravinson24
 
Meet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Meet the Agents: How AI Is Learning to Think, Plan, and CollaborateMeet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Meet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Maxim Salnikov
 
Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025
kashifyounis067
 
Not So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java WebinarNot So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java Webinar
Tier1 app
 
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage DashboardsAdobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
BradBedford3
 
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
Egor Kaleynik
 
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
Andre Hora
 
Automation Techniques in RPA - UiPath Certificate
Automation Techniques in RPA - UiPath CertificateAutomation Techniques in RPA - UiPath Certificate
Automation Techniques in RPA - UiPath Certificate
VICTOR MAESTRE RAMIREZ
 
Top 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docxTop 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docx
Portli
 
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Andre Hora
 
Download YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full ActivatedDownload YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full Activated
saniamalik72555
 
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Eric D. Schabell
 
Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025
mu394968
 
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AIScaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
danshalev
 
Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025
kashifyounis067
 
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Dele Amefo
 
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software DevelopmentSecure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Shubham Joshi
 
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdfMicrosoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
TechSoup
 
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
Andre Hora
 
EASEUS Partition Master Crack + License Code
EASEUS Partition Master Crack + License CodeEASEUS Partition Master Crack + License Code
EASEUS Partition Master Crack + License Code
aneelaramzan63
 
How can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptxHow can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptx
laravinson24
 
Meet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Meet the Agents: How AI Is Learning to Think, Plan, and CollaborateMeet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Meet the Agents: How AI Is Learning to Think, Plan, and Collaborate
Maxim Salnikov
 
Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025
kashifyounis067
 
Not So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java WebinarNot So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java Webinar
Tier1 app
 
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage DashboardsAdobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
BradBedford3
 
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
Egor Kaleynik
 
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
Andre Hora
 
Automation Techniques in RPA - UiPath Certificate
Automation Techniques in RPA - UiPath CertificateAutomation Techniques in RPA - UiPath Certificate
Automation Techniques in RPA - UiPath Certificate
VICTOR MAESTRE RAMIREZ
 
Top 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docxTop 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docx
Portli
 
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Andre Hora
 
Download YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full ActivatedDownload YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full Activated
saniamalik72555
 
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Eric D. Schabell
 
Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025Avast Premium Security Crack FREE Latest Version 2025
Avast Premium Security Crack FREE Latest Version 2025
mu394968
 
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AIScaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
danshalev
 
Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025
kashifyounis067
 
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Dele Amefo
 
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software DevelopmentSecure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Shubham Joshi
 
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdfMicrosoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
TechSoup
 

API management with Taffy and API Blueprint

  • 1. API MANAGEMENT WITH TAFFY 
 AND API BLUEPRINT KAI KOENIG (@AGENTK)
  • 2. AGENDA ▸ What is Taffy? ▸ REST in a nutshell ▸ But is it “RESTful ENOUGH”? ▸ Taffy setup and basic flow ▸ Advanced configuration ▸ API Blueprint and other tools
  • 4. WHAT IS TAFFY? TAFFY ▸ TLDR version: Taffy is a framework to build REST-based APIs in CFML ▸ Developed by Adam Tuttle ▸ Currently in version 3.1, incepted around 2011 (MIT license) ▸ Very stable, very powerful ▸ Allows the creation of REST-based APIs in CFML independent of any vendor implementation - works with Lucee and ACF ▸ Can be integrated with other frameworks
  • 5. WHAT IS TAFFY? WHY TAFFY? “But hey, both Lucee and Adobe CF have their own implementation of REST- API handling and it’s SO EASY to use and it has SELF-DOCUMENTATION! That’s great, ey?” ▸ At first glance it might seem like a great idea for getting started. But: ▸ Various issues (created URL structures, JSON handling, clunky syntax) ▸ Significantly lock-in to a vendor’s implementation ▸ Overall developer-unfriendly approaches
  • 6. WHAT IS TAFFY? BENEFITS OF TAFFY ▸ This is not a talk about the deficiencies of REST in ACF or Lucee ▸ This is why Taffy is great: ▸ Developer-friendly and easy to get started with ▸ Backwards-compatible to ACF 8 ▸ Convention over configuration ▸ Hardly any boilerplate code
  • 7. REST IN A NUTSHELL https://www.flickr.com/photos/kikasz/2891113802/
  • 8. REST IN A NUTSHELL WHAT IS REST? ▸ REpresentational State Transfer - a method to communicate over a network ▸ Mostly used over HTTP, technically protocol-independent ▸ 2 phases: ▸ Request - noun, verb, MIME type, headers, data ▸ Response - status code, status text, headers, data
  • 9. REST IN A NUTSHELL THE REQUEST (I) ▸ Nouns - identifier of the data we want to work with, e.g. /users or /users/232 ▸ Main verbs: ▸ POST: creating a new record (unsafe) ▸ PUT: updating existing record (idempotent) ▸ GET: retrieving existing record (safe) ▸ DELETE: deleting record (idempotent)
  • 10. REST IN A NUTSHELL THE REQUEST (II) ▸ Less commonly used verbs: ▸ HEAD: similar to GET, but only returns headers (safe) ▸ OPTIONS: used to check which verbs are available (safe) ▸ PATCH: similar to PUT, updating individual properties (idempotent) ▸ MIME type: ▸ Client and API server agree on the data types for exchange, e.g. text/html, application/xml etc
  • 11. REST IN A NUTSHELL THE REQUEST (III) ▸ Headers - supply metadata with the request (Accept, Content-Type) ▸ Data - the data sent from the client to the server ▸ Can conceptually be of any format ▸ Most common: JSON
  • 12. REST IN A NUTSHELL THE RESPONSE ▸ Status code & Status text: ▸ “200 OK” ▸ “404 Not Found” ▸ “500 Server Error” … ▸ There are a lot more specific status codes, such as 201, 301, 302, 400, 401 etc. ▸ Headers and Data
  • 13. REST IN A NUTSHELL WHY DO PEOPLE LIKE AND USE REST? ▸ Works naturally with the HTTP protocol ▸ Other alternatives: ▸ SOAP-XML: very enterprise-y, bloated and complex ▸ XML-RPC: similar to REST, but ignores the power of the verb
  • 15. BUT IS IT RESTFUL ENOUGH? THE REALITY IS MORE COMPLEX ▸ Roy Fielding’s 2000 dissertation about what we today know as REST ▸ Followed up by a series of blog posts from ~2008 about HATEOAS (Hypermedia As The Engine Of Application State) ▸ prescribing additional requirements and behaviours ▸ often considered as ideal, but impractical in a lot of ways ▸ Leads to a lot of discussion what REST is and how one has to use it
  • 16. BUT IS IT RESTFUL ENOUGH? MORE MATURE? ▸ Plain JSON
 
 
 ▸ HATEOAS { "name" : “iPhone 7" } { "name": “iPhone 7", "links": [ { "rel": "self", "href": "http://localhost:8080/product/1" } ] }
  • 17. BUT IS IT RESTFUL ENOUGH? HATEOAS { "content": [ { "price": 499.00, "name": "iPad", "links": [ { "rel": "self", "href": "http://localhost:8080/product/1" } ], "attributes": { "connector": "socket" } }, { "price": 49.00, "name": "Dock", "links": [ { "rel": "self", "href": "http://localhost:8080/product/3" } ], "attributes": { "connector": "plug" } } ], "links": [ { "rel": "product.search", "href": "http://localhost:8080/product/search" } ] }
  • 18. BUT IS IT RESTFUL ENOUGH? RICHARDSON MATURITY LEVEL http://martinfowler.com/articles/richardsonMaturityModel.html
  • 19. TAFFY SETUP AND BASIC FLOW https://www.flickr.com/photos/joanna_young/ 4515399787/
  • 20. TAFFY SETUP AND BASIC FLOW INSTALLATION ▸ Download .zip-file from Github or taffy.io ▸ Installation options: ▸ Global mapping /taffy ▸ /taffy physically in webroot ▸ Installation in sub-directory of site (needs application-specific mappings)
  • 21. TAFFY SETUP AND BASIC FLOW DRIVEN BY APPLICATION.CFC ▸ Extends taffy.core.api ▸ Needs to call onApplicationStart() and onRequestStart() on the parent CFC ▸ Earlier versions of Taffy had their own Application.cfc events - it was recommended to actually not implement onApplicationStart() etc ▸ That’s gone since Taffy 2.0 component extends="taffy.core.api" { this.name = "TaffyDemo"; function onApplicationStart() { application.productList = [ { "id":1, "name":"iPhone 7" }, { "id":2, "name":"iPhone 7+" }, { "id":3, "name":"iPad Pro 9.7inch" } ]; return super.onApplicationStart(); } function onRequestStart() { return super.onRequestStart(); } }
  • 22. TAFFY SETUP AND BASIC FLOW CONVENTION OVER CONFIGURATION ▸ Taffy tries to NOT be in your way ▸ Examples: ▸ Default function names for resources are get(), post(), put(), delete() ▸ Looks for resources in a /resources directory ▸ Lots of things are just fine and work out of the box naturally because of sensible conventions
  • 23. TAFFY SETUP AND BASIC FLOW MINIMAL LAYOUT
  • 24. TAFFY SETUP AND BASIC FLOW RESOURCES (I) ▸ Extend taffy.core.resource ▸ Live in the /resources directory or a /resources mapping ▸ Can be changed - requires dropping the default bean factory ▸ Good practice: ▸ Have a CFC for a “thing” and for a “collection of things” each ▸ My convention: “SomeThing” and “SomeThingCollection” ▸ A resource should at least implement one verb function
  • 25. TAFFY SETUP AND BASIC FLOW RESOURCES (II) ▸ taffy_uri defines the public URL of your resource ▸ representationOf() triggers the default serialiser ▸ withStatus() sets the HTTP status of the response (defaults to “200 OK”) component extends="taffy.core.resource" taffy_uri="/product" { public function get(){ return representationOf(application.productList).withStatus(200); } }
  • 26. TAFFY SETUP AND BASIC FLOW RESOURCES (III) ▸ Passing {productId} token into the resource’s URL ▸ Returning 404 if there’s no record found component extends="taffy.core.resource" taffy_uri="/product/{productId}" { public function get(numeric productId){ for (var product in application.productList) { if (product["id"] == arguments.productId) { return representationOf(product).withStatus(200, "OK"); } } return noData().withStatus(404, "Not Found"); } }
  • 27. TAFFY SETUP AND BASIC FLOW RESOURCES (IV) ▸ If a verb is not implemented in a resource, Taffy will return “405 Not Allowed” ▸ Tokens will automatically become part of the arguments scope ▸ Tokens support regular expressions: /product/{pId:d{4}} - /product/{pId:[A-Za-z]+} ▸ Query string parameters will ALSO automatically become part of the arguments scope ▸ Use .noData() if the intention is to not return data ▸ Similar to .withStatus(…), it’s possible to chain .withHeaders(…) to the return statement
  • 28. TAFFY SETUP AND BASIC FLOW TAFFY DASHBOARD
  • 29. TAFFY SETUP AND BASIC FLOW TAFFY DASHBOARD ▸ Dashboard allows to: ▸ execute requests (incl. Query Params, Headers and Basic Auth) ▸ inspect the response ▸ see a limited amount of documentation ▸ Should (usually) be switched off in production ▸ Default: caches API, needs explicit reloads
  • 30. TAFFY SETUP AND BASIC FLOW CHANGING DATA - WHERE TO PUT POST? ▸ If the POST method was in Product.cfc - we’d have an issue. ▸ The URL route requires us to use /product/{productId} ▸ POST therefore has to life in ProductCollection.cfc ▸ PUT however (updating existing data) can happily go into Product.cfc ▸ URL matching: /product/search will match before /product/{productId}
  • 31. TAFFY SETUP AND BASIC FLOW GOOD PRACTICES FOR PUT AND POST ▸ If you created a record with POST: ▸ return “201 Created” with the created data ▸ potentially return x-inserted-id in the header ▸ If you updated a record with PUT: ▸ return “200 OK” with the updated data ▸ if the record to be updated didn’t exist, create it (see above)
  • 33. ADVANCED TASKS AND CONFIG BREAKING AWAY FROM THE CONVENTIONS ▸ Metadata: ▸ Annotate functions to be triggered by a specific verb: taffy_verb=“<VERB>” ▸ Necessary for extended verbs like OPTIONS, HEAD, PATCH. Optional for standard verbs. ▸ There’s more metadata in serialisers (later)
  • 34. ADVANCED TASKS AND CONFIG BREAKING AWAY FROM THE CONVENTIONS ▸ Configuration: variables.framework struct in Taffy’s Application.cfc ▸ reloadKey/reloadPassword vs. reloadOnEveryRequest ▸ serializer/deserializer (later) ▸ disableDashboard ▸ jsonp/allowCrossDomain ▸ beanFactory - allows hooking into Coldspring, DI/1 etc…
  • 35. ADVANCED TASKS AND CONFIG AUTHENTICATION AND SECURITY ▸ Firstly - what do you want to achieve? ▸ Requiring an API Token? ▸ Fine-grain security? ▸ oAuth ▸ HTTP Basic Auth ▸ SSL
  • 36. ADVANCED TASKS AND CONFIG API TOKEN (I) ▸ Best place to start is onTaffyRequest(…) ▸ Return true to continue processing the request ▸ Return a representation object to abort the request ▸ Two common options for passing token: ▸ URI parameters and/or as part of the data ▸ In the header
  • 37. ADVANCED TASKS AND CONFIG API TOKEN (II) function onTaffyRequest(verb, cfc, requestArguments, mimeExt, headers, methodMetadata, matchedURI) { if (not structKeyExists(arguments.requestArguments, "apiKey") || !Len(arguments.requestArguments["apiKey"])) { return noData().withStatus(401, "Unauthorized"); } if (!arrayFind(application.validAPIKeys, arguments.requestArguments["apiKey"])) { return noData().withStatus(403, "Forbidden"); } return true; }
  • 38. ADVANCED TASKS AND CONFIG CUSTOM SERIALISERS (I) ▸ Default serialiser is JSON (CFML-server built-in) ▸ Extend from taffy.core.baseRepresentation ▸ Implement getAsX functions ▸ getAsXML, getAsJSON, getAsYML etc
  • 39. ADVANCED TASKS AND CONFIG CUSTOM SERIALISERS (II) component extends="taffy.core.baseSerializer" { variables.anythingToXML = application.anythingToXML; variables.jsonUtil = application.jsonUtil; function getAsXML() output="false" taffy_mime="application/xml" taffy_default="false" { return variables.anythingToXML.toXml(variables.data); } function getAsJSON() output="false" taffy_mime="application/json" taffy_default="true" { return variables.jsonUtil.serialize(variables.data); } }
  • 40. ADVANCED TASKS AND CONFIG RATE LIMITS ▸ In a nutshell: ▸ manage access log (api key & time) in DB or key/value storage ▸ onTaffyRequest logs requests and check if limits are exceeded ▸ if not exceeded, process incoming request ▸ if exceeded, return status code “429 Too Many Requests”
  • 41. ADVANCED TASKS AND CONFIG API VERSIONING ▸ Multiple schools of thought: ▸ URI vs header ▸ Make sure you version from day 0! ▸ I tend to use /v1/product, /v2/product etc. ▸ Maps nicely on directory structures in /resources ▸ Update version when breaking compatibility ▸ Consider SemVer (Semantic Versioning) if your API is changing a lot
  • 42. API BLUEPRINT AND OTHER TOOLS https://www.flickr.com/photos/cardoso/2196726835/
  • 43. API BLUEPRINT WHAT IS IT? ▸ Description and specification language for web APIs (http://apiblueprint.org) ▸ From Apiary.io - but can be used independently from that ▸ Language spec: https://github.com/apiaryio/api-blueprint ▸ Offers platform-neutral documentation and additional tooling ▸ Aglio ▸ API-Mock
  • 44. API BLUEPRINT DOCUMENTATION WITH AGLIO ▸ Very simple markup language ▸ npm install -g aglio (https://www.npmjs.com/package/aglio) ▸ aglio -i documentation.md -o documentation.html ▸ MD structure: ▸ # Group ▸ ## Resource ▸ ### Action
  • 45. API BLUEPRINT MOCK SERVER WITH API-MOCK ▸ Creates a mock server for your API (https://github.com/localmed/api-mock) ▸ npm install -g api-mock ▸ api-mock ./documentation.md ▸ Defaults to port 3000
  • 46. API BLUEPRINT PAW ▸ REST API test and management tool on OS X ▸ Recording/Playback/Testing etc ▸ Has API Blueprint support through extensions
  • 48. FINAL THOUGHTS WHAT DID WE COVER? ▸ Taffy - what is it? ▸ How to setup and the foundations ▸ Discussed some advanced topics in more detail ▸ High-level overview of API Blueprint
  • 49. FINAL THOUGHTS GET IN TOUCH Kai Koenig Email: [email protected] Twitter: @AgentK