Binu BhasuranMicrosoft MVP Visual C#

Facebook http://facebook.com/codeno47

Blog http://proxdev.com/

• REST defines an architectural style based on a set of constraints for building things the “Web” way. REST is not tied to any particular technology or platform – it’s simply a way to design things to work like the Web.

• People often refer to services that follow this philosophy as “RESTful services.”

On the Web, every resource is given a unique identifier, also known as a universal resource identifier (URI). The most common type of URI used on the Web today is a uniform resource locator (URL).When you retrieve a resource using a Web browser, you’re really retrieving a representation of that resource.

The Web platform also comes with a standard communication protocol – HTTP – for interacting with resources and their representations.The GET method allows you to retrieve a resource

representationwhile PUT allows you to create or update a resource with the supplied representation,DELETE allows you to delete a resource.

In short, GET, PUT, and DELETE provide basic CRUD operations (create, retrieve, update, and delete) for the Web. HEAD and OPTIONS, on the other hand, provide the ability to retrieve resource metadata, allowing you to discover out how to interact with resources at run time.

Method Description Safe Idempotent

GET Requests a specific representation of a resource

Yes Yes

PUT Create or update a resource with the supplied representation

No Yes

DELETE Deletes the specified resource

No Yes

POST Submits data to be processed by the identified resource

No No

HEAD Similar to GET but only retrieves headers and not the body

Yes Yes

OPTIONS Returns the methods supported by the identified resource

Yes Yes

Moving from Verbs to Nouns

Designing the URI Templates

[ServiceContract]public partial class BookmarkService{

...[WebInvoke(Method = "POST", RequestFormat=WebMessageFormat.Json,

UriTemplate = "users/{username}/bookmarks?format=json")][OperationContract]void PostBookmarkAsJson(string username, Bookmark newValue){

HandlePostBookmark(username, newValue);}[WebGet(ResponseFormat= WebMessageFormat.Json,

UriTemplate = "users/{username}/bookmarks/{id}?format=json")][OperationContract]Bookmark GetBookmarkAsJson(string username, string id){

HandleGetBookmark(username, id);}...

}

private bool AuthenticateUser(string user){

WebOperationContext ctx = WebOperationContext.Current;string requestUri =

ctx.IncomingRequest.UriTemplateMatch.RequestUri.ToString();string authHeader =

ctx.IncomingRequest.Headers[HttpRequestHeader.Authorization];// if supplied hash is valid, user is authenticatedif (IsValidUserKey(authHeader, requestUri))

return true;return false;

}

public bool IsValidUserKey(string key, string uri){

string[] authParts = key.Split(':');if (authParts.Length == 2){

string userid = authParts[0];string hash = authParts[1];if (ValidateHash(userid, uri, hash))

return true;}return false;

}

bool ValidateHash(string userid, string uri, string hash){

if (!UserKeys.ContainsKey(userid))return false;

string userkey = UserKeys[userid];byte[] secretBytes = ASCIIEncoding.ASCII.GetBytes(userkey);HMACMD5 hmac = new HMACMD5(secretBytes);byte[] dataBytes = ASCIIEncoding.ASCII.GetBytes(uri);byte[] computedHash = hmac.ComputeHash(dataBytes);string computedHashString = Convert.ToBase64String(computedHash);return computedHashString.Equals(hash);

}

if (!AuthenticateUser(username)){

WebOperationContext.Current.OutgoingResponse.StatusCode =

HttpStatusCode.Unauthorized;return;

}

<configuration><system.serviceModel>

<services><service name="BookmarkService">

<endpoint binding="webHttpBinding" contract="BookmarkService"behaviorConfiguration="webHttp"/>

</service></services><behaviors>

<endpointBehaviors><behavior name="webHttp">

<webHttp/></behavior>

</endpointBehaviors></behaviors>

</system.serviceModel><configuration>

The WCF provides the attributes, MessageContractAttribute, MessageHeaderAttribute, and MessageBodyMemberAttribute to describe the structure of the SOAP messages sent and received by a service.

[DataContract]public class SomeProtocol{

[DataMember]public long CurrentValue;[DataMember]public long Total;

}

[DataContract]public class Item{

[DataMember]public string ItemNumber;[DataMember]public decimal Quantity;[DataMember]public decimal UnitPrice;

}

[MessageContract]public class ItemMesage{

[MessageHeader]public SomeProtocol ProtocolHeader;[MessageBody]public Item Content;

}

[ServiceContract]public interface IItemService{

[OperationContract]public void DeliverItem(ItemMessage itemMessage);

}

http://msdn.microsoft.com/en-us/library/ms730214.aspx