Visão Geral
Curso Construindo APIs REST com ASP.NET: A API Web ASP.NET facilita a construção de APIs REST que alcançam uma ampla gama de clientes, incluindo aplicativos da web e móveis. Junto com as melhores práticas e técnicas de design moderno, este treinamento estendido de 3 dias irá guiá-lo para a compreensão da arquitetura API, considerações de segurança e como construir uma API com ASP.NET que seja extensível e flexível.
Conteúdo Programatico
REST
Roy Fielding, the inventor of REST, realized while using the HTTP protocol you can also use HTTP to work with data stored in a database. Here we will look at how REST uses HTTP to serve data instead of web pages.
- The HTTP Protocol in Depth
- How REST works
Introducing ASP.NET Web API
For .NET developers ASP.NET Web Api is the way to create REST services. Web API is an adapted version of ASP.NET MVC specifically designed for REST. This module serves as an overview of the framework.
- Architecture
- CRUD operations
- Content Negotiation
- Consuming with a .NET Client or fetch API
- LAB: Building a Web API
End-point Routing
On the web the URL decides what the server will do. In ASP.NET Core you will find the End-point Routing Middleware. A solid understanding of this middleware is required to build applications with ASP.NET Core.
- Getting Started with Routing Concepts
- Defining Routing Templates
- Route Parameter Contraints
- Route Parameter Transformers
- Understanding Route Matching
- Using Concentional vs. Attribute Routing
- Routing Attributes
- Handling Routing Errors
- LAB: Routing and Constraints
ASP.NET Core API Controllers
In this module we'll take a closer look at the C in MVC. The controller has a very important role to fulfill: It's the component that figures out what to do when receiving a request.
- The
ApiController Attribute and ControllerBase Class - Action Methods
- Understanding
IActionResult and ActionResult<T> - Using the
ProblemDetails class for error reporting - LAB: API Controllers
Content Negotiation
Generally, in WebAPI we will use JSON as the serialization format. But how can we efficiently convert an object into JSON, and back again? Here we will look at classes from System.Text.Json, the latest and fastest JSON serialization library.
- Media types
- Built-in Content Negotiation
- Media Formatters
- Custom Media Formatters
- LAB: Building a Custom Media Formatter
Model Validation
People could be sending any data to your API. So you should always validate your input. Here we will look at validation options, and how to send feedback in case of errors.
- Model Binding
- The Modelstate
- Validation Attributes
- Returning Validation Errors
- Avoiding Overposting with ViewModels
- LAB: Model Validation
Securing your Web API service
Security is a world on its own. In this module we'll explore the common techniques to secure your Web API.
- Authentication & Authorization in Web API
- Authorization Attributes and Policies
- Authentication with OAuth and OpenID Connect
- Working with Roles and Scopes
- LAB: Protecting a Web API with OAuth
Documenting your REST service with the OpenAPI Specification
When you want to consume a REST service you are dependent on the documentation of the service. And developers don't like to write documentation. No problem: using Swagger you can automatically generate the necessary metadata for describing your service functionalities.
- Swagger and Swashbuckle
- Enriching your metadata with attributes
- Enriching your metadata with comments
- Adding XML-comments
- Generating client-side code with Visual Studio and Swagger Codegen
- LAB: OpenAPI
Best Practices when Designing a Web API
Returning a 202 Accepted status code is easy. When to return it, that's another question. In this topic we'll dive into some best practices to create a properly designed API.
- How to Organize Resources
- Idempotency and Safeness
- Dealing with Batches
- Remote Procedure Calls
- Limiting Data
- Versioning
- Handling Exceptions
- Caching
- Handling Large Resources
Web API Patterns
This topic contains some frequently used patterns and techniques when creating more complex APIs.
- Asynchronous Request-Reply Pattern
- WebHooks
- HATEOAS