Modern API Development with Spring and Spring Boot

Book description

A developer's guide to designing, testing, and securing production-ready modern APIs with the help of practical ideas to improve your application's functionality

Key Features

  • Build resilient software for your enterprises and customers by understanding the complete API development life cycle
  • Overcome the challenges of traditional API design by adapting to a new and evolving culture of modern API development
  • Use Spring and Spring Boot to develop future-proof scalable APIs

Book Description

The philosophy of API development has evolved over the years to serve the modern needs of enterprise architecture, and developers need to know how to adapt to these modern API design principles. Apps are now developed with APIs that enable ease of integration for the cloud environment and distributed systems. With this Spring book, you'll discover various kinds of production-ready API implementation using REST APIs and explore async using the reactive paradigm, gRPC, and GraphQL.

You'll learn how to design evolving REST-based APIs supported by HATEOAS and ETAGs and develop reactive, async, non-blocking APIs. After that, you'll see how to secure REST APIs using Spring Security and find out how the APIs that you develop are consumed by the app's UI. The book then takes you through the process of testing, deploying, logging, and monitoring your APIs. You'll also explore API development using gRPC and GraphQL and design modern scalable architecture with microservices. The book helps you gain practical knowledge of modern API implementation using a sample e-commerce app.

By the end of this Spring book, you'll be able to develop, test, and deploy highly scalable, maintainable, and developer-friendly APIs to help your customers to transform their business.

What you will learn

  • Understand RESTful API development, its design paradigm, and its best practices
  • Become well versed in Spring's core components for implementing RESTful web services
  • Implement reactive APIs and explore async API development
  • Apply Spring Security for authentication using JWT and authorization of requests
  • Develop a React-based UI to consume APIs
  • Implement gRPC inter-service communication
  • Design GraphQL-based APIs by understanding workflows and tooling
  • Gain insights into how you can secure, test, monitor, and deploy your APIs

Who this book is for

This book is for inexperienced Java programmers, comp science, or coding boot camp graduates who have knowledge of basic programming constructs, data structures, and algorithms in Java but lack the practical web development skills necessary to start working as a developer. Professionals who've recently joined a startup or a company and are tasked with creating real-world web APIs and services will also find this book helpful. This book is also a good resource for Java developers who are looking for a career move into web development to get started with the basics of web service development.

Publisher resources

Download Example Code

Table of contents

  1. Modern API Development with Spring and Spring Boot
  2. Contributors
  3. About the author
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Download the color images
    6. Conventions used
    7. Get in touch
    8. Reviews
  6. Section 1: RESTful Web Services
  7. Chapter 1: RESTful Web Service Fundamentals
    1. Technical requirements
    2. Introducing REST APIs
      1. REST history
      2. REST fundamentals
    3. Handling resources and URIs
      1. The URI syntax
      2. URLs
      3. URNs
    4. Exploring HTTP methods and status codes
      1. POST
      2. GET
      3. PUT
      4. DELETE
      5. PATCH
      6. HTTP status codes
    5. Learning HATEOAS
    6. Best practices for designing REST APIs
      1. 1. Use nouns and not verbs when naming a resource in the endpoint path
      2. 2. Use the plural form for naming the collection resource in the endpoint path
      3. 3. Use hypermedia (HATEOAS)
      4. 4. Always version your APIs
      5. 5. Nested resources
      6. 6. Secure APIs
      7. 7. Documentation
      8. 8. Status codes
      9. 9. Caching
      10. 10. Rate limit
    7. An overview of the e-commerce app
    8. Summary
    9. Questions
    10. Further reading
  8. Chapter 2: Spring Concepts and REST APIs
    1. Technical requirements
    2. Introduction to Spring
      1. The Inversion of Control pattern
      2. The Dependency Injection pattern
      3. The Aspect-Oriented Programming paradigm
    3. Learning the basic concepts of the Spring Framework
      1. IoC containers
      2. Defining beans
      3. Configuring beans using Java
      4. How to code DI
      5. Writing code for AOP
      6. Why use Spring Boot?
    4. Purpose of servlet dispatcher
    5. Summary
    6. Questions
    7. Further reading
  9. Chapter 3: API Specifications and Implementation
    1. Technical requirements
    2. Designing APIs with OAS
      1. Understanding the basic structure of OAS
      2. The metadata sections of OAS
      3. The servers and tags sections of OAS
      4. The components section of OAS
      5. The path section of OAS
    3. Converting OAS to Spring code
      1. Step 1 – adding the Gradle plugin
      2. Step 2 – defining the OpenAPI config for code generation
      3. Step 3 – defining the OpenAPI Generator ignore file
      4. Step 4 – defining a swaggerSources task in the Gradle build file
      5. Step 5 – adding swaggerSources to the compileJava task dependency
      6. Step 6 – adding the generated source code to Gradle sourceSets
      7. Step 7 – running the build for generating, compiling, and building the code
    4. Implementing the OAS code interfaces
    5. Adding a Global Exception Handler
      1. Testing
    6. Summary
    7. Questions
    8. Further reading
  10. Chapter 4: Writing Business Logic for APIs
    1. Technical requirements
    2. Overview of the service design
    3. Adding a Repository component
    4. @Repository annotation
      1. Database and JPA configuration
      2. The database and seed data script
      3. Adding entities
      4. Adding repositories
    5. Adding a Service component
    6. Implementing hypermedia
    7. Enhancing the controller with a service and HATEOAS
    8. Adding ETags to API responses
    9. Testing the APIs
    10. Summary
    11. Questions
    12. Further reading
  11. Chapter 5: Asynchronous API Design
    1. Technical requirements
    2. Understanding Reactive Streams
      1. Publisher
      2. Subscriber
      3. Subscription
      4. Processor
    3. Exploring Spring WebFlux
      1. Reactive APIs
      2. Reactive Core
    4. Understanding DispatcherHandler
      1. Controllers
      2. Functional endpoints
    5. Implementing Reactive APIs for our e-commerce app
      1. Changing OpenAPI Codegen for Reactive APIs
      2. Adding Reactive dependencies in build.xml
      3. Handling exceptions
      4. Adding hypermedia links to an API response
      5. Defining an entity
      6. Adding repositories
      7. Adding services
      8. Adding controller implementations
      9. Adding H2 Console to an application
      10. Adding application configuration
      11. Testing Reactive APIs
    6. Summary
    7. Questions
    8. Further reading
  12. Section 2: Security, UI, Testing, and Deployment
  13. Chapter 6: Security (Authorization and Authentication)
    1. Technical requirements
    2. Implementing authentication using Spring Security and JWT
      1. Learning how to authenticate using filters
      2. Adding the required Gradle dependencies
      3. Authentication using OAuth 2.0 Resource Server
      4. Exploring the fundamentals of JWT
    3. Securing REST APIs with JWT
      1. Learning new API definitions
      2. Modifying the API specification
      3. Storing the refresh token using a database table
      4. Implementing the JWT manager
      5. Implementing new APIs
      6. Implementing the REST controllers
      7. Configuring web-based security
    4. Configuring CORS and CSRF
    5. Understanding authorization
      1. Role and authority
    6. Testing security
    7. Summary
    8. Questions
    9. Further reading
  14. Chapter 7: Designing a User Interface
    1. Technical requirements
    2. Learning React fundamentals
      1. Creating a React app
      2. Exploring basic structures and files
      3. Understanding the package.json file
      4. Understanding how React works
    3. Exploring React components and other features
      1. Exploring JSX
      2. Exploring a component's state
      3. Styling components using Tailwind
    4. Configuration to remove unused styles in production
      1. Including Tailwind in React
    5. Designing e-commerce app components
    6. Consuming APIs using Fetch
      1. Writing the product API client
      2. Coding the Product Listing page
    7. Implementing authentication
      1. Creating a custom useToken hook
      2. Writing the Login component
      3. Writing the custom cart context
      4. Writing the Cart component
      5. Writing the Order component
      6. Writing the root (App) component
      7. Running the application
    8. Summary
    9. Questions
    10. Further reading
  15. Chapter 8: Testing APIs
    1. Technical requirements
    2. Testing APIs and code manually
    3. Testing automation
      1. Unit testing
      2. Code coverage
      3. Integration testing
    4. Summary
    5. Questions
    6. Further reading
  16. Chapter 9: Deployment of Web Services
    1. Technical requirements
    2. Exploring the fundamentals of containerization
    3. Building a Docker image
      1. Exploring Docker
      2. Configuring code to build an image
      3. Adding Actuator
      4. Configuring the Spring Boot plugin task
      5. Configuring the Docker registry
      6. Executing a Gradle task to build an image
    4. Deploying an application in Kubernetes
    5. Summary
    6. Questions
    7. Further reading
  17. Section 3: gRPC, Logging, and Monitoring
  18. Chapter 10: gRPC Fundamentals
    1. Technical requirements
    2. Introduction and gRPC architecture
      1. REST versus gRPC
      2. Can I call the gRPC server from web browsers and mobile apps?
      3. gRPC architecture overview
      4. Protocol Buffer
    3. Understanding service definitions
    4. Exploring the RPC life cycle
      1. The life cycle of unary RPC
      2. The life cycle of server-streaming RPC
      3. The life cycle of client-streaming RPC
      4. The life cycle of bidirectional streaming RPC
      5. Events that impact the life cycle
    5. Understanding the gRPC server and gRPC stub
    6. Handling errors
      1. Error status codes
    7. Summary
    8. Questions
    9. Further reading
  19. Chapter 11: gRPC-based API Development and Testing
    1. Technical requirements
    2. Writing an API interface
      1. Setting up the project
      2. Writing the payment gateway functionalities
    3. Developing the gRPC server
      1. Implementation of the gRPC base classes
      2. Implementation of the gRPC server
      3. Testing the gRPC server
    4. Handling errors
    5. Developing the gRPC client
      1. Implementing the gRPC client
      2. Testing the gRPC client
    6. Learning microservice concepts
      1. Design differences in monolithic and microservice-based systems
    7. Summary
    8. Questions
    9. Further reading
  20. Chapter 12: Logging and Tracing
    1. Technical requirements
    2. Introducing logging and tracing
      1. Understanding the ELK stack
    3. Installing the ELK stack
    4. Implementing logging and tracing
      1. Changing the gRPC server code
      2. Changing the gRPC client code
      3. Testing the logging and tracing changes
    5. Distributed tracing with Zipkin
      1. Executing Zipkin
    6. Summary
    7. Questions
    8. Further reading
  21. Section 4: GraphQL
  22. Chapter 13: GraphQL Fundamentals
    1. Technical requirements
    2. Introducing GraphQL
      1. Brief history of GraphQL
      2. Comparing GraphQL with REST
    3. Learning about the fundamentals of GraphQL
      1. Exploring the Query type
      2. Exploring the Mutation type
      3. Exploring the Subscription type
    4. Designing a GraphQL schema
      1. Understanding scalar types
      2. Understanding fragments
      3. Understanding interfaces
      4. Understanding Union types
      5. Understanding input types
      6. Tools that help with designing a schema
    5. Testing GraphQL queries and mutations
    6. Solving the N+1 problem
      1. Understanding the N+1 problem
      2. Solution for the N+1 problem
    7. Summary
    8. Questions
    9. Further reading
  23. Chapter 14: GraphQL API Development and Testing
    1. Technical requirements
    2. Workflow and tooling for GraphQL
    3. Implementation of the GraphQL server
      1. Creating the gRPC server project
      2. Adding the GraphQL DGS dependencies
      3. Adding the GraphQL schema
      4. Adding custom scalar types
      5. Implementing GraphQL queries
      6. Implementing GraphQL mutations
      7. Implementing GraphQL subscriptions
      8. Instrumenting the GraphQL API
    4. Documenting APIs
    5. Test automation
      1. Testing GraphQL queries
      2. Testing GraphQL mutations
      3. Testing GraphQL subscriptions
    6. Summary
    7. Questions
    8. Further reading
  24. Assessments
    1. Chapter 1 – RESTful Web Services Fundamentals
    2. Chapter 2 – Spring Concepts and REST APIs
    3. Chapter 3 – API Specifications and Implementation
    4. Chapter 4 – Writing Business Logic for APIs
    5. Chapter 5 – Asynchronous API Design
    6. Chapter 6 – Security (Authorization and Authentication)
    7. Chapter 7 – Designing the User Interface
    8. Chapter 8 – Testing APIs
    9. Chapter 9 – Deployment of Web Services
    10. Chapter 10 – gRPC Fundamentals
    11. Chapter 11 – gRPC-Based API Development and Testing
    12. Chapter 12 – Logging and Tracing
    13. Chapter 13 – GraphQL Fundamentals
    14. Chapter 14 – GraphQL API Development and Testing
    15. Why subscribe?
  25. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Leave a review - let other readers know what you think

Product information

  • Title: Modern API Development with Spring and Spring Boot
  • Author(s): Sourabh Sharma
  • Release date: June 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781800562479