What this book covers
Chapter 1, RESTful Web Service Fundamentals, drives you through the fundamentals of RESTful APIs, or for short REST APIs, and their design paradigm. These basics will provide a solid platform to develop a RESTful web service. You will also learn the best practices while designing APIs. This chapter will also introduce the sample e-commerce app that will be used across the book while learning about the different aspects of API development.
Chapter 2, Spring Concepts and REST APIs, explores Spring fundamentals and features that are required to implement RESTful web services using the Spring Framework. This will provide the technical perspective required for developing a sample e-commerce app.
Chapter 3, API Specifications and Implementation, makes use of these two technologies to implement the REST APIs. We have chosen the design-first approach for implementation. You will make use of the OpenAPI specification to first design the APIs and later implement them. You will also learn how to handle the errors that occurred during the serving of the request. Here, the APIs of the sample e-commerce app will be designed and implemented for reference.
Chapter 4, Writing Business Logic for APIs, helps you implement the API's code in terms of business logic, along with data persistence. You will write services and repositories for implementation. You will also add hypermedia and ETag headers to API responses.
Chapter 5, Asynchronous API Design, covers asynchronous API design, where calls will be asynchronous and non-blocking. We'll develop these APIs using Spring WebFlux, which is itself based on Project Reactor (https://projectreactor.io). First, we'll walk through the reactive programming fundamentals and then migrate the existing e-commerce REST APIs (the previous chapter's code) to asynchronous (reactive) APIs to make things easier by correlating and comparing the existing (imperative) way and reactive way of programming.
Chapter 6, Security (Authorization and Authentication), explains how you can secure these REST endpoints using Spring Security. You'll implement token-based authentication and authorization for REST endpoints. Successful authentication will provide two types of tokens – a JSON Web Token (JWT) as an access token, and a refresh token in response. The JWT-based access token then will be used for accessing secured URLs. A refresh token will be used for requesting a new JWT if the existing JWT has expired. A valid request token can provide a new JWT to use. You'll associate users with roles such as Admin, User, and so on. These roles will be used as authorization to make sure that REST endpoints can only be accessed if the user holds a certain role. We'll also briefly discuss Cross-Site Request Forgery (CSRF) and Cross-Origin Resource Sharing (CORS).
Chapter 7, Designing a User Interface, concludes the end-to-end development and communication between different layers of the online shopping app. This UI app will be a Single-Page Application (SPA) that consists of interactive components such as Login, Product Listing, Product Detail, Cart, and Order Listing. By the end of the chapter, you will have learned about SPA and UI component development using React and consuming REST APIs using the browser's in-built Fetch API.
Chapter 8, Testing APIs, introduces manual and automated testing of APIs. You will learn about unit and integration test automation. After learning about automation in this chapter, you will be able to make both types of testing an integral part of the build. You will also set up the Java code coverage tool to calculate the different code coverage metrics.
Chapter 9, Deployment of Web Services, explains the fundamentals of containerization, Docker, and Kubernetes. You will then use this concept to containerize the sample e-commerce app using Docker. This container will then be deployed in a Kubernetes cluster. You are going to use Minikube for Kubernetes, which makes learning and Kubernetes-based development easier.
Chapter 10, gRPC Fundamentals, introduces the gRPC fundamentals.
Chapter 11, gRPC-based API Development and Testing, implements gRPC-based APIs. You will learn how to write a gRPC server and client, along with writing APIs based on gRPC. In the latter part of the chapter, you will be introduced to microservices and how they will help you to design modern, scalable architecture. Here, you will go through the implementation of two services – a gRPC server and a gRPC client.
Chapter 12, Logging and Tracing, explores the logging and monitoring tool called the ELK (Elastic Search, Logstash, Kibana) Stack and Zipkin. These tools will then be used to implement the distributed logging and tracing of the request/response of the API calls. Spring Sleuth will be used to inject the tracing information into API calls. You will learn how to publish and analyze the logging and tracing of different requests and logs related to responses. You will also use Zipkin for monitoring the performance of API calls.
Chapter 13, GraphQL Fundamentals, talks about the fundamentals of GraphQL – schema definition language (SDL), queries, mutations, and subscriptions. This knowledge will help you in the next chapter, where you will implement an API based on GraphQL. During the course of this chapter, you will learn the basics of the GraphQL schema and solving the N+1 problem.
Chapter 14, GraphQL API Development and Testing, explains GraphQL-based API development and its testing. You will implement GraphQL-based APIs for a sample application in this chapter. A GraphQL server implementation will be developed based on the design-first approach.