book

Modern API Development with Spring and Spring Boot

by Sourabh Sharma

June 2021

Intermediate to advanced

582 pages

11h 12m

English

Packt Publishing

Read now

Unlock full access

ContributorsAbout the authorAbout the reviewer
Who this book is forWhat this book coversTo get the most out of this bookDownload the example code filesDownload the color imagesConventions usedGet in touchReviews
Technical requirementsIntroducing REST APIsREST historyREST fundamentalsHandling resources and URIsThe URI syntaxURLsURNsExploring HTTP methods and status codesPOSTGETPUTDELETEPATCHHTTP status codesLearning HATEOASBest practices for designing REST APIs1. Use nouns and not verbs when naming a resource in the endpoint path2. Use the plural form for naming the collection resource in the endpoint path3. Use hypermedia (HATEOAS)4. Always version your APIs5. Nested resources6. Secure APIs7. Documentation8. Status codes9. Caching10. Rate limitAn overview of the e-commerce appSummaryQuestionsFurther reading
Technical requirementsIntroduction to SpringThe Inversion of Control patternThe Dependency Injection patternThe Aspect-Oriented Programming paradigmLearning the basic concepts of the Spring FrameworkIoC containersDefining beansConfiguring beans using JavaHow to code DIWriting code for AOPWhy use Spring Boot?Purpose of servlet dispatcherSummaryQuestionsFurther reading
Technical requirementsDesigning APIs with OASUnderstanding the basic structure of OASThe metadata sections of OASThe servers and tags sections of OASThe components section of OASThe path section of OASConverting OAS to Spring codeStep 1 – adding the Gradle pluginStep 2 – defining the OpenAPI config for code generationStep 3 – defining the OpenAPI Generator ignore fileStep 4 – defining a swaggerSources task in the Gradle build fileStep 5 – adding swaggerSources to the compileJava task dependencyStep 6 – adding the generated source code to Gradle sourceSetsStep 7 – running the build for generating, compiling, and building the codeImplementing the OAS code interfacesAdding a Global Exception HandlerTestingSummaryQuestionsFurther reading
Technical requirementsOverview of the service designAdding a Repository component@Repository annotationDatabase and JPA configurationThe database and seed data scriptAdding entitiesAdding repositoriesAdding a Service componentImplementing hypermediaEnhancing the controller with a service and HATEOASAdding ETags to API responsesTesting the APIsSummaryQuestionsFurther reading
Technical requirementsUnderstanding Reactive StreamsPublisherSubscriberSubscriptionProcessorExploring Spring WebFluxReactive APIsReactive CoreUnderstanding DispatcherHandlerControllersFunctional endpointsImplementing Reactive APIs for our e-commerce appChanging OpenAPI Codegen for Reactive APIsAdding Reactive dependencies in build.xmlHandling exceptionsAdding hypermedia links to an API responseDefining an entityAdding repositoriesAdding servicesAdding controller implementationsAdding H2 Console to an applicationAdding application configurationTesting Reactive APIsSummaryQuestionsFurther reading
Technical requirementsImplementing authentication using Spring Security and JWTLearning how to authenticate using filtersAdding the required Gradle dependenciesAuthentication using OAuth 2.0 Resource ServerExploring the fundamentals of JWTSecuring REST APIs with JWTLearning new API definitionsModifying the API specificationStoring the refresh token using a database tableImplementing the JWT managerImplementing new APIsImplementing the REST controllersConfiguring web-based securityConfiguring CORS and CSRFUnderstanding authorizationRole and authorityTesting securitySummaryQuestionsFurther reading

Technical requirementsLearning React fundamentalsCreating a React appExploring basic structures and filesUnderstanding the package.json fileUnderstanding how React worksExploring React components and other featuresExploring JSXExploring a component's stateStyling components using TailwindConfiguration to remove unused styles in productionIncluding Tailwind in ReactDesigning e-commerce app componentsConsuming APIs using FetchWriting the product API clientCoding the Product Listing pageImplementing authenticationCreating a custom useToken hookWriting the Login componentWriting the custom cart contextWriting the Cart componentWriting the Order componentWriting the root (App) componentRunning the applicationSummaryQuestionsFurther reading
Technical requirementsTesting APIs and code manuallyTesting automationUnit testingCode coverageIntegration testingSummaryQuestionsFurther reading
Technical requirementsExploring the fundamentals of containerizationBuilding a Docker imageExploring DockerConfiguring code to build an imageAdding ActuatorConfiguring the Spring Boot plugin taskConfiguring the Docker registryExecuting a Gradle task to build an imageDeploying an application in KubernetesSummaryQuestionsFurther reading
Technical requirementsIntroduction and gRPC architectureREST versus gRPCCan I call the gRPC server from web browsers and mobile apps?gRPC architecture overviewProtocol BufferUnderstanding service definitionsExploring the RPC life cycleThe life cycle of unary RPCThe life cycle of server-streaming RPCThe life cycle of client-streaming RPCThe life cycle of bidirectional streaming RPCEvents that impact the life cycleUnderstanding the gRPC server and gRPC stubHandling errorsError status codesSummaryQuestionsFurther reading
Technical requirementsWriting an API interfaceSetting up the projectWriting the payment gateway functionalitiesDeveloping the gRPC serverImplementation of the gRPC base classesImplementation of the gRPC serverTesting the gRPC serverHandling errorsDeveloping the gRPC clientImplementing the gRPC clientTesting the gRPC clientLearning microservice conceptsDesign differences in monolithic and microservice-based systemsSummaryQuestionsFurther reading
Technical requirementsIntroducing logging and tracingUnderstanding the ELK stackInstalling the ELK stackImplementing logging and tracingChanging the gRPC server codeChanging the gRPC client codeTesting the logging and tracing changesDistributed tracing with Zipkin Executing ZipkinSummaryQuestionsFurther reading
Technical requirementsIntroducing GraphQLBrief history of GraphQLComparing GraphQL with RESTLearning about the fundamentals of GraphQLExploring the Query typeExploring the Mutation typeExploring the Subscription typeDesigning a GraphQL schemaUnderstanding scalar typesUnderstanding fragmentsUnderstanding interfacesUnderstanding Union typesUnderstanding input typesTools that help with designing a schemaTesting GraphQL queries and mutationsSolving the N+1 problemUnderstanding the N+1 problemSolution for the N+1 problemSummaryQuestionsFurther reading
Technical requirementsWorkflow and tooling for GraphQLImplementation of the GraphQL serverCreating the gRPC server projectAdding the GraphQL DGS dependenciesAdding the GraphQL schemaAdding custom scalar typesImplementing GraphQL queriesImplementing GraphQL mutationsImplementing GraphQL subscriptionsInstrumenting the GraphQL APIDocumenting APIsTest automationTesting GraphQL queriesTesting GraphQL mutationsTesting GraphQL subscriptionsSummaryQuestionsFurther reading
Chapter 1 – RESTful Web Services FundamentalsChapter 2 – Spring Concepts and REST APIsChapter 3 – API Specifications and ImplementationChapter 4 – Writing Business Logic for APIsChapter 5 – Asynchronous API DesignChapter 6 – Security (Authorization and Authentication)Chapter 7 – Designing the User InterfaceChapter 8 – Testing APIsChapter 9 – Deployment of Web ServicesChapter 10 – gRPC FundamentalsChapter 11 – gRPC-Based API Development and TestingChapter 12 – Logging and TracingChapter 13 – GraphQL FundamentalsChapter 14 – GraphQL API Development and Testing
Other Books You May EnjoyPackt is searching for authors like youLeave a review - let other readers know what you think

Content preview from Modern API Development with Spring and Spring Boot

Chapter 6: Security (Authorization and Authentication)

In previous chapters, we have developed RESTful web services (where REST stands for REpresentational State Transfer) using imperative and reactive coding styles. Now, you'll learn how you can secure these REST endpoints using Spring Security. You'll implement token-based authentication and authorization for REST endpoints. A successful authentication provides two types of tokens—a JavaScript Object Notation (JSON) Web Token (JWT) as an access token, and a refresh token in response. This JWT-based access token is then used to access the secured Uniform Resource Locators (URLs). A refresh token is used to request a new JWT if the existing JWT has expired, and a valid request token provides ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Modern API Development with Spring 6 and Spring Boot 3 - Second Edition

Publisher Resources

ISBN: 9781800562479Supplemental Content

Modern API Development with Spring and Spring Boot

by Sourabh Sharma

Chapter 6: Security (Authorization and Authentication)

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Modern API Development with Spring 6 and Spring Boot 3 - Second Edition

Beginning Spring Boot 2: Applications and Microservices with the Spring Framework

Spring REST: Building Java Microservices and Cloud Applications

Full Stack Development with Spring Boot and React - Third Edition

Publisher Resources

Chapter 6: Security (Authorization and Authentication)

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Modern API Development with Spring 6 and Spring Boot 3 - Second Edition

Beginning Spring Boot 2: Applications and Microservices with the Spring Framework

Spring REST: Building Java Microservices and Cloud Applications

Full Stack Development with Spring Boot and React - Third Edition

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.