1 of 24

HTTP and Web API Overview

CS – Advanced Programming Concepts

2 of 24

Chess Server Review

3 of 24

Clients and Server Diagram

Web API

Test Driver

(JUnit tests)

Web Site

Web Browser

(Test Page)

Client App

Server

Clients

4 of 24

Chess Server Diagram

Model

User

AuthToken

Game

Register Handler

Login Handler

Join Game Handler

Data Access

UserDao

AuthTokenDao

GameDao

DB

User table

AuthToken table

Game table

Server

Main server class

Request/

Result

RegisterRequest

RegisterResult

LoginRequest

LoginResult

… more handlers

login

User Service

RegisterResult register(RegisterRequest)

LoginResult login(LoginRequestion)

… more services

Encodes objects in JSON format

Decodes objects from JSON format

Object Encoder/Decoder

register

Game Service

ListGamesResult listGames(ListGamesRequest)

CreateGameResult createGame(CreateGameRequest)

JoinGameRequest joinGame(JoinGameRequest)

joinGame

Contains lambdas that map

Incoming requests to handlers

5 of 24

HTTP Overview

How HTTP Works

6 of 24

HTTP Request Diagram

Server

Client App

Web

HTTP Request

HTTP Response

7 of 24

Client connects to Server

  • Client establishes a network connection with the server
  • A connection allows the client to send bytes to the server and vice versa

Server

Client App

bytes

bytes

8 of 24

Client connects to Server (cont. 1)

  • In order to connect, both the client machine and server machine must have IP addresses (e.g., 128.187.80.20)
  • The client program must know the server’s IP address in order to connect
    • Just like you must know someone’s phone number in order to call them
  • IP addresses are hard to work with and remember, so we normally specify a server’s IP address using a “domain name” (e.g., “www.google.com”)
  • The client uses the “domain name service” (DNS) to convert the server’s domain name to an IP address

Server

Client App

213.7.98.52

128.187.80.20

www.google.com

9 of 24

Client connects to Server (cont. 2)

  • The server machine will probably be running multiple programs, many of which will be using the internet
  • Therefore, the server’s IP address is not sufficient for the client to connect to the server program�����
  • Each server program communicates on a particular “port” number (e.g., 80). A port number is an unsigned integer in the range 1 - 65535
  • The client must know both the server program’s IP address and port number in order to connect to it

Client App

213.7.98.52

128.187.80.20

www.google.com

Server

Program D

(port 1919)

Program A

(port 80)

Program B

(port 25)

Program C

(port 10000)

Program E

(port 7777)

10 of 24

HTTP GET Requests

11 of 24

Browsing the Web with HTTP �(GET Request)

  • URL
    • https://www.google.com:443/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Protocol

Domain Name

Port Number

Path

GET /images/branding/googlelogo/1x/googlelogo_color_272x92dp.png HTTP/1.1

Accept: image/png,image/gif,image/jpg

Accept-Encoding: gzip, deflate

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 …

Method (i.e., request type)

URL Path

HTTP Version

Headers

12 of 24

Browsing the Web with HTTP �(GET Response)

HTTP/1.1 200 OK

Content-Type: image/png

Content-Length: 5969

Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT

PNG Image Bytes …

Empty Line (\n)

Status Code

Reason Phrase

Headers

Response Body

HTTP Version

13 of 24

Web API Call with HTTP (GET Request) – Get “event” request

  • URL
    • http://macho.cs.byu.edu:7979/event/12345

GET /event/12345 HTTP/1.1

Authorization: 12ab34cd56ef

Method (i.e., request type)

URL Path

HTTP Version

Auth Token Header

14 of 24

Web API Call with HTTP (GET Response)

HTTP/1.1 200 OK

Content-Type: application/json

Content-Length: 8423

JSON String Containing Event Data …

Empty Line (\n)

Status Code

Reason Phrase

Headers

Response Body

HTTP Version

15 of 24

Ticket to Ride Web API GET example

  • Get list of games
    • Description: Returns list of currently-running games
    • URL Path: /games/list
    • HTTP Method: GET
    • Request Body: None
    • Response Body: JSON of the following form:

{ "game-list": [

{ "name": "the game", "player-count": 3 },

{ "name": "work game", "player-count": 4 },

{ "name": "church game", "player-count": 2 }

]

}

15

16 of 24

HTTP POST Requests

17 of 24

Browsing the Web with HTTP �(POST Request)

  • URL
    • https://www.google.com:443/search

POST /search HTTP/1.1

Content-Type: application/x-www-form-urlencoded

Accept: text/html,text/xhtml

Accept-Encoding: gzip, deflate

Content-Length: 19

keywords=byu&cs&240

Method (i.e., request type)

URL Path

HTTP Version

Headers

Empty Line (\n)

Request Body

18 of 24

Browsing the Web with HTTP �(POST Response)

HTTP/1.1 200 OK

Content-Type: text/html

Content-Length: 10986

�HTML Code Containing Search Results …

Empty Line (\n)

Status Code

Reason Phrase

Headers

Response Body

HTTP Version

19 of 24

Web API Call with HTTP (POST Request)

  • URL
    • https://macho.cs.byu.edu:7979/login

POST /login HTTP/1.1

Content-Type: application/json

Content-Length: 58

JSON String Containing User Name and Password …

Method (i.e., request type)

URL Path

HTTP Version

Headers

Empty Line (\n)

Request Body

20 of 24

Web API Call with HTTP �(POST Response)

HTTP/1.1 200 OK

Content-Type: application/json

Content-Length: 972

JSON String Containing Login Result …

Empty Line (\n)

Status Code

Reason Phrase

Headers

Response Body

HTTP Version

21 of 24

Ticket to Ride Web API Post Example

  • Claim route
    • Description: Allows player to claim route between two cities
    • URL Path: /routes/claim
    • HTTP Method: POST
    • Request Body: JSON of the following form:

{ "route": "atlanta-miami" }

    • Response Body: None

21

22 of 24

HTTP Methods

(request types)

23 of 24

HTTP Methods

  • GET: Retrieve data
    • A read operation in a REST API
    • Body should normally not be included in request
  • POST: Submit something to the specified resource, often causing a change or side effect
    • A create operation in a REST API
    • Body included in request

  • PUT: Replace the specified resource
    • An update operation in a REST API
    • Body included in request
  • DELETE: Delete the specified resource
    • A delete operation in a REST API
    • Body should normally not be included in request
  • Other methods that are rarely used
    • HEAD, OPTIONS, TRACE, PATCH

24 of 24

Citations

Diagrams created by Ken Rodham and Jerod Wilkerson