There is a scenario, where we have two commercial applications that are so called REST based(java) but not HATEOAS compliant. Development activity is out-sourced to vendor
Development phase of project is done and planning for functional testing.
We preferred in-house technicians for testing phase to perform functional testing but the technicians have no business/domain knowledge of these two applications. Developers knew the purpose of each endpoint referring to a specific database entity.
I learnt that good restful programming is HATEOAS compliant.
HATEOAS allows (representational (state transfer))
One quick advantage is in testing phase where it just need to start from root end point and navigate to different states, which does not require any business/domain knowledge of application, because api end points are self-discoverable.
Public platforms like Facebook does not follow HATEOS compliant Restful service
If HATEOAS is not a pre-condition for RESTful programming, then, it is unclear on the difference between
-
serverside businesslogic mapped to route, say with python decorator(
@route('/'))&
-
RESTful end points.
1) What are the advantages of HATEOS compliant RESTful service?
2) What does it take for a developer to redesign any application, as HATEOAS compliant? In order to perform functional testing successfully..
Best Answer
In short: You stay in control of your server side, minimize client knowledge about server internals.
Imagine Amazon giving you a product page with just the product data, no links or forms to buy the item. It would assume, that you will go to a separate service (let's say a shopping cart service) where you will enter the product ids you want. It would be pretty stupid, wouldn't it?
HATEOAS is not just giving you links about stuff, it is about providing the clients with options to fulfill a specific use-case.
Another example: If I would implement a hotel booking application, I wouldn't just give you the data for rooms, reservations, time-slots, as data, I would give you only the data you need to know (so no internals ids and stuff like that), and only the options specifically designed to guide you through a reservation process.
Change of mindset mostly. Think of your application "endpoints" or "resources" as web-pages directed to humans. What would you show a human, and what options would you give a human to be able to navigate your application? Creating a HATEOAS compliant application interface is exactly like that.
To be honest, that is not as easy as it sounds, there are certainly a few technical things you have to be aware of. Just one point: of course you don't need an AI on the client side, you just have to have typed representations (using proper Media-types, instead of generic ones), which the client does need to know (just like a browser understanding HTML, CSS, PNG, JPG, etc.).