What this book covers

Chapter 1, RESTful Web Service Fundamentals, drives you through the fundamentals of RESTful APIs, or, for short, REST APIs, and their design paradigm. These basics will provide you with a solid platform for developing a RESTful web service. You will also learn about the best practices while designing APIs. This chapter will also introduce the example e-commerce app that will be used across the book while learning about the different aspects of API development.

Chapter 2, Spring Concepts and REST APIs, explores the Spring fundamentals and features that are required to implement REST, gRPC, and GraphQL APIs using the Spring Framework. This will provide the technical perspective required for developing an example e-commerce app.

Chapter 3, API Specifications and Implementation, makes use of OpenAPI and Spring to implement the REST APIs. We have chosen a design-first approach to implementation. You will make use of the OpenAPI specification to first design the APIs and later implement them. You will also learn how to handle the errors that occur during the serving of the request. Here, the APIs of the example e-commerce app will be designed and implemented for reference.

Chapter 4, Writing Business Logic for APIs, helps you implement the API’s code in terms of business logic, along with data persistence in the H2 database. You will write services and repositories for implementation. You will also add hypermedia and ETag headers to API responses for optimal performance and caching.

Chapter 5, Asynchronous API Design, covers asynchronous or reactive API design, where calls will be asynchronous and non-blocking. We’ll develop these APIs using Spring WebFlux, which is itself based on Project Reactor (https://projectreactor.io). First, we’ll walk through the reactive programming fundamentals and then migrate the existing e-commerce REST APIs (the previous chapter’s code) to asynchronous (reactive) APIs to make things easier by correlating and comparing the existing (imperative) way and reactive way of programming.

Chapter 6, Securing REST Endpoints Using Authorization and Authentication, explains how you can secure these REST endpoints using Spring Security. You’ll implement token-based authentication and authorization for REST endpoints. Successful authentication will provide two types of tokens – a JSON Web Token (JWT) as an access token, and a refresh token in response. The JWT-based access token then will be used to access secured URLs. A refresh token will be used to request a new JWT if the existing JWT has expired. A valid request token can provide a new JWT to use. You’ll associate users with roles such as Admin, User, and so on. These roles will be used as authorization to make sure that REST endpoints can only be accessed if the user holds a certain role. We’ll also briefly discuss cross-site request forgery (CSRF) and cross-origin resource sharing (CORS).

Chapter 7, Designing a User Interface, concludes the end-to-end development and communication between different layers of the online shopping app. This UI app will be a single-page application (SPA) that consists of interactive components such as Login, Product Listing, Product Detail, Cart, and Order Listing. By the end of the chapter, you will have learned about SPA and UI component development using React and consuming REST APIs using the browser’s in-built Fetch API.

Chapter 8, Testing APIs, introduces manual and automated testing of APIs. You will learn about unit and integration test automation. After learning about automation in this chapter, you will be able to make both types of testing an integral part of the build. You will also set up the Java code coverage tool to calculate the different code coverage metrics.

Chapter 9, Deployment of Web Services, explains the fundamentals of containerization, Docker, and Kubernetes. You will then use this concept to containerize the example e-commerce app using Docker. This container will then be deployed in a Kubernetes cluster. You are going to use minikube for Kubernetes, which makes learning and Kubernetes-based development easier.

Chapter 10, Getting Started with gRPC, introduces the gRPC fundamentals.

Chapter 11, gRPC API Development and Testing, implements gRPC-based APIs. You will learn how to write a gRPC server and client, along with writing APIs based on gRPC. In the latter part of the chapter, you will be introduced to microservices and how they will help you to design modern, scalable architecture. Here, you will go through the implementation of two services – a gRPC server and a gRPC client.

Chapter 12, Adding Logging and Tracing to Services, explores the logging and monitoring tool called the Elasticsearch, Logstash, Kibana (ELK) stack, and Zipkin. These tools will then be used to implement the distributed logging and tracing of the request/response of the API calls. You will learn how to publish and analyze the logging and tracing of different requests and logs related to responses. You will also use Zipkin to monitor the performance of API calls.

Chapter 13, Getting Started with GraphQL, talks about the fundamentals of GraphQL – the schema definition language (SDL), queries, mutations, and subscriptions. This knowledge will help you in the next chapter, where you will implement an API based on GraphQL. Over the course of this chapter, you will learn about the basics of the GraphQL schema and solving the N+1 problem.

Chapter 14, GraphQL API Development and Testing, explains GraphQL-based API development and its testing. You will implement GraphQL-based APIs for an example application in this chapter. A GraphQL server implementation will be developed based on the design-first approach.