As software architecture design is evolving to a microservice paradigm, RESTful APIs are being established as the preferred choice to build applications. In such a scenario, there is a shift towards a growing market o...
详细信息
ISBN:
(纸本)9781450355728
As software architecture design is evolving to a microservice paradigm, RESTful APIs are being established as the preferred choice to build applications. In such a scenario, there is a shift towards a growing market of APIs where providers offer different service levels with tailored limitations typically based on the cost. In such a context, while there are well-established standards to describe the functional elements of APIs (such as the openapi specification), having a standard model for Service Level Agreements (SLAs) for APIs may boost an open ecosystem of tools that would represent an improvement for the industry by automating certain tasks during the development. In this paper, we introduce Governify for APIs, an ecosystem of tools aimed to support the user during the SLA-Driven RESTful APIs' development process. Namely, an SLA Editor, an SLA Engine and an SLA Instrumentation Library. We also present a fully operational SLA-Driven API Gateway built on the top of our ecosystem of tools. To evaluate our proposal, we used three sources for gathering validation feedback: industry, teaching and research.
REpresentational State Transfer (REST) is considered as one standard software architectural style to build web APIs that can integrate software systems over the internet. However, while connecting systems, RESTful API...
详细信息
ISBN:
(纸本)9781728156194
REpresentational State Transfer (REST) is considered as one standard software architectural style to build web APIs that can integrate software systems over the internet. However, while connecting systems, RESTful APIs might also break the dependent applications that rely on their services when they introduce breaking changes, e.g., an older version of the API is no longer supported. To warn developers promptly and thus prevent critical impact on downstream applications, a deprecated-removed model should be followed, and deprecation-related information such as alternative approaches should also be listed. While API deprecation analysis as a theme is not new, most existing work focuses on non-web APIs, such as the ones provided by Java and Android. To investigate RESTful API deprecation, we propose a framework called RADA (RESTful API Deprecation Analyzer). RADA is capable of automatically identifying deprecated API elements and analyzing impacted operations from an openapi specification, a machine-readable profile for describing RESTful web service. We apply RADA on 2,224 openapi specifications of 1,368 RESTful APIs collected from ***, the largest directory of openapi specifications. Based on the data mined by RADA, we perform an empirical study to investigate how the deprecated-removed protocol is followed in RESTful APIs and characterize practices in RESTful API deprecation. The results of our study reveal several severe deprecation-related problems in existing RESTful APIs. Our implementation of RADA and detailed empirical results are publicly available for future intelligent tools that could automatically identify and migrate usage of deprecated RESTful API operations in client code.
Mining data from remote repositories, such as GitHub and StackExchange, involves the execution of requests that can easily reach the limitations imposed by the respective APIs to shield their services from overload an...
详细信息
ISBN:
(纸本)9781450357166
Mining data from remote repositories, such as GitHub and StackExchange, involves the execution of requests that can easily reach the limitations imposed by the respective APIs to shield their services from overload and abuse. Therefore, data mining clients are left alone to deal with such protective service policies which usually involves an extensive amount of manual implementation effort. In this work we present RESTMULE, a framework for handling various service policies, such as limited number of requests within a period of time and multi-page responses, by generating resilient clients that are able to handle request rate limits, network failures, response caching, and paging in a graceful and transparent manner. As a result, RESTMULE clients generated from openapi specifications (i.e. standardized REST API descriptors), are suitable for intensive data-fetching scenarios. We evaluate our framework by reproducing an existing repository mining use case and comparing the results produced by employing a popular hand-written client and a RESTMULE client.
RESTful web APIs nowadays may be considered the de facto standard for web integration, since they enable interoperability between heterogeneous software systems in a standard way, and their usage is widespread in indu...
详细信息
ISBN:
(纸本)9783031265068;9783031265075
RESTful web APIs nowadays may be considered the de facto standard for web integration, since they enable interoperability between heterogeneous software systems in a standard way, and their usage is widespread in industry. Testing these systems thoroughly is therefore of utmost importance: a single bug in an API could compromise hundreds of services using it, potentially affecting millions of end users. In recent years, there has been an explosion in the number of tools and approaches to test RESTful web APIs, making it difficult for researchers and practitioners to select the right solution for the problem at hand. In this tutorial, we overview some of the main industrial and research tools for testing RESTful APIs, with a primarily practical approach. We analyze different testing tools and frameworks from three different perspectives: a) manual vs automated testing;b) black-box vs whitebox testing;and c) online vs offline testing. First, we show the capabilities of industrial tools and libraries for manual testing of web APIs, including REST Assured [3] and Postman [1]. Then, we delve into some of the main research tools for automatically generating test cases for RESTful APIs such as RESTler [6], EvoMaster [5], and RESTest [7]. Finally, we overview existing industrial Testing as a Service (TaaS) platforms such as RapidAPI [2] and Sauce Labs [4], and we show the latest research advances on the provision of continuous online testing of RESTful APIs (including automated test generation and execution) with the RESTest testing ecosystem [8]. We finish the tutorial outlining some of the most pressing research challenges in the domain of web API testing automation, which will hopefully open a range of opportunities for future researchers working on the topic.
暂无评论