Using Charles Proxyto understand REST

(c) anatoliy.odukha@globallogic.com

The Fundamentals

Web debugging proxy

REST

JSON

What is Charles Proxy ???

It is Web Debugging Proxy

Helps analyse trafic

Captures HTTP and HTTPS traffic

Implements man-in-the-middle HTTPS interception using self-signed certificates

Useful features for bandwidth throttling, mapping local or remote url

Works on MacOS, Linux and Windows

Free version allow 30 minutes sessions

–REpresentational State Transfer

“REST”

REST

It is not specification

It is ARCHITECTURE STYLE that:

client-server

statelessness

HTTP Verbs

POST

GET

PUT

DELETE

PATCH

C.R.U.D. Operations

Create -> POST

Read -> GET

Update -> PUT*

Delete -> DELETE

* PUT is also used for creating

HTTP Codes

1xx Informational

2xx Success

3xx Redirection

4xx Client Error

5xx Server Error

API Design: BAD

/getUser

/getAllUsers

/findUser

/findUserAccounts

/deleteUser

/changeUserPassword

Resources are Plural Nouns. Do not use Verbs!

API Design

Collection

/users

Entities

/users/adam

/users/13246

API Design

verb\ resource POST GET PUT DELETE

/users New User List Users ? delete everybody

/users/adam ? show Adam update/create Adam Delete Adam

API Design: resources chain

/users/adam/accounts

API Versioning

Just integer /v1/users/…

Decimal point /v1.0/users/…

Date /2015-11-11/…

In query string …?v=1

In http header

–JavaScript Object Notation

“JSON”

Object

Value

Array

Number

Syntax diagrams (or railroad diagrams) are a way to represent a context-free grammar.

{ "city":{"id":1851632,"name":"Shuzenji", "coord":{"lon":138.933334,"lat":34.966671}, "country":"JP", "cod":"200", "message":0.0045, "cnt":38, "list":[{ "dt":1406106000, "main":{ "temp":298.77, "temp_min":298.77, "temp_max":298.774, "pressure":1005.93, "sea_level":1018.18, "grnd_level":1005.93, "humidity":87 "temp_kf":0.26}, "weather":[{"id":804,"main":"Clouds","description":"overcast clouds","icon":"04d"}], "clouds":{"all":88}, "wind":{"speed":5.71,"deg":229.501}, "sys":{"pod":"d"}, "dt_txt":"2014-07-23 09:00:00” }] }

json sample from openweathermap.org

Header

Content-Type: application/json

Charles Proxy–Install and Configure

Install

download from official site http://www.charlesproxy.com/

http://www.charlesproxy.com/download/

For Linux use APT or tar.gz from download page

follow the instructions from site http://www.charlesproxy.com/documentation/installation/

latest MacOs version use embedded JRE

Run and check Settings at Proxy->Proxy Settings…

Configure SSL Proxy

For versions below 3.10 follow instructions from Legacy SSL page on official site http://www.charlesproxy.com/documentation/additional/legacy-ssl-proxying

New versions do not use common certificate

Just go to Help->SSL Proxying and select corresponding option

for iOS/Android it is “Install Charles Root Certificate on Mobile Device or Remote Browser”. And follow instructions

Configure SSL Proxy

Configure Android phone to use proxy

Open Settings->WiFi

Long press on target access point

Select Modify Network

In Access Point settings check Advanced Options

Enter IP address and port (8888 by default)

On your laptop allow connection from remote device

Configure Android phone to use proxy

Open in mobile browser link http://charlesproxy.com/getssl

Enter name and tap OK button

It is all you have to do on Android side

Enable and configure target: Menu Proxy->SSL Proxying Settings

–show must go on

Real world demo