Rest – Is REST and HATEOAS a good architecture for web services

hateoasrest

If I understand correctly, REST was formalized by Roy Fielding as a descriptive model of the architecture of the web. AFAIK Fielding didn't claim REST was any good, he was just describing the de-facto architecture of the web. The web had already at this point proven an enormous successful distributed hypertext system, so this kind of validates REST as a successful architecture for the domain of distributed hypermedia primarily navigated and consumed by humans.

REST web services were created by applying REST architecture to API's. But is there actually any reason to think REST is a desirable architecture for this domain? More specifically, is there any evidence that says HATEOAS is a beneficial design principle for machine-to-machine communication?

My concern is that HATEOAS makes sense for hypermedia because there are few well-known content types (HTML, images, video etc) and the client knows how to consume them. But for API's the content types are very specific and can only be consumed in a meaningful way by the client if the client is specifically programmed to consume them. Returning an URL to the client does not in itself make the client able to consume the indicated resource.

Best Answer

AFAIK Fielding didn't claim REST was any good, he was just describing the de-facto architecture of the web.

That undersells it a bit, I would think. REST is, after all, an enumeration of the architectural style that Fielding was using as chief architect of the HTTP/1.1 spec.

But is there actually any reason to think REST is a desirable architecture for this domain? Is there any evidence that say HATEOAS is a beneficial design principle for machine-to-machine communication?

"It depends". HATEOAS is part of the uniform interface constraint of REST.

By applying the software engineering principle of generality to the component interface, the overall system architecture is simplified and the visibility of interactions is improved. Implementations are decoupled from the services they provide, which encourages independent evolvability. The trade-off, though, is that a uniform interface degrades efficiency, since information is transferred in a standardized form rather than one which is specific to an application's needs. The REST interface is designed to be efficient for large-grain hypermedia data transfer, optimizing for the common case of the Web, but resulting in an interface that is not optimal for other forms of architectural interaction.

So let's think for a moment about what this means. When I'm having trouble with my wireless router, I can communicate with it using the same browser that I use to submit answers to stackexchange. In particular, it doesn't matter what browser I'm using, or whether my browser is a few updates behind (or ahead) of what the router is expecting. It doesn't matter that the engineering organization that wrote the browser is completely independent of the organization that created the router interface.

It just works.

It's not, of course, universal. Fielding, in 2008, wrote:

That doesn’t mean that I think everyone should design their own systems according to the REST architectural style. REST is intended for long-lived network-based applications that span multiple organizations. If you don’t see a need for the constraints, then don’t use them.

The constraints that form the REST architectural style were chosen for the properties that they induce; if those properties aren't valuable to your use case, then you should absolutely be considering dropping the corresponding constraints.

Where machine to machine gets difficult, is that you've lost the ability of the human being to fuzzy match the semantics provided by the representations. The clients can get by with knowing just the media types, but we normally have a human being looking at the semantic cues to derive meaning.

schema.org is one part of an effort to create a machine readable vocabulary; the machine agents use the client to find the semantic hints, and applies its own understanding of the meaning to choose the correct actions to take.

But it's work; you need to invest in developing machine friendly representations of your resources, and ensuring that those representations remain forward and backwards compatible, so that clients can be developed independently.

When a single organization controls both the client and the server, the benefits of this independence are a lot smaller, in which case the constraint may not be an appropriate architectural choice.

Related Solutions

Handling Resource Identifiers in REST API Clients

Edited to address question updates, previous answer removed

Looking over your changes to your question I think I understand the problem you are facing a bit more. As there is no field that is an identifier on your resources (just a link) you have no way to refer to that specific resource within your GUI (i.e. a link to a page describing a specific pet).

The first thing to determine is if a pet ever makes sense without an owner. If we can have a pet without any owner then I would say we need some sort of unique property on the pet that we can use to refer to it. I do not believe this would violate not exposing the ID directly as the actual resource ID would still be tucked away in a link that the REST client wouldn't parse. With that in mind our pet resource may look like:

<Entity type="Pet">
    <Link rel="self" href="http://example.com/pets/1" />
    <Link rel="owner" href="http://example.com/people/1" />
    <UniqueName>Spot</UniqueName>
</Entity>

We can now update the name of that pet from Spot to Fido without having to mess with any actually resource IDs throughout the application. Likewise we can refer to that pet in our GUI with something like:

http://example.com/GUI/pets/Spot

If the pet does not make any sense without an owner (or pets are not allowed in the system without an owner) then we can use the owner as part of the "identity" of the pet in the system:

http://example.com/GUI/owners/John/pets/1 (first pet in the list for John)

One small note, if both Pets and People can exist separate of each-other I would not make the entry point for the API the "People" resource. Instead I would create a more generic resource that would contain a link to People and Pets. It could return a resource that looks like:

<Entity type="ResourceList">
    <Link rel="people" href="http://example.com/api/people" />
    <Link rel="pets" href="http://example.com/api/pets" />
</Entity>

So by only knowing the first entry point into the API and not processing any of the URLs to figure out system identifiers we can do something like this:

User logs into the application. The REST client accesses the entire list of people resources available which may look like:

<Entity type="Person">
    <Link rel="self" href="http://example.com/api/people/1" />
    <Pets>
        <Link rel="pet" href="http://example.com/api/pets/1" />
        <Link rel="pet" href="http://example.com/api/pets/2" />
    </Pets>
    <UniqueName>John</UniqueName>
</Entity>
<Entity type="Person">
    <Link rel="self" href="http://example.com/api/people/2" />
    <Pets>
        <Link rel="pet" href="http://example.com/api/pets/3" />
    </Pets>
    <UniqueName>Jane</UniqueName>
</Entity>

The GUI would loop through each resource and print out a list item for each person using the UniqueName as the "id":

<a href="http://example.com/gui/people/1">John</a>
<a href="http://example.com/gui/people/2">Jane</a>

While doing this it could also process each link that it finds with a rel of "pet" and get the pet resource such as:

<Entity type="Pet">
    <Link rel="self" href="http://example.com/api/pets/1" />
    <Link rel="owner" href="http://example.com/api/people/1" />
    <UniqueName>Spot</UniqueName>
</Entity>

Using this it can print a link such as:

<!-- Assumes that a pet can exist without an owner -->
<a href="http://example.com/gui/pets/Spot">Spot</a>

<!-- Assumes that a pet MUST have an owner -->
<a href="http://example.com/gui/people/John/pets/Spot">Spot</a>

If we go with the first link and assume that our entry resource has a link with a relation of "pets" the control flow would go something like this in the GUI:

Page is opened and the pet Spot is requested.
Load the list of resources from the API entry point.
Load the resource that is related with the term "pets".
Look through each resource from the "pets" response and find one that matches Spot.
Display the information for spot.

Using the second link would be a similar chain of events with the exception being that People is the entry point to the API and we would first get a list of all people in the system, find the one that matches, then find all pets that belong to that person (using the rel tag again) and find the one that is named Spot so we can display the specific information related to it.

HATEOAS REST Services – Strategies for Discovering REST Services Using HATEOAS

How would you know what kind of inputs are acceptable? That is to say, if your client has no prior knowledge, how would you define the semantics of "surname"? You're starting to get into the territory of needing something like OWL.

I think it's more practical to expect your clients to understand the semantics of well-known mime-types; say, for example, "text/vcard" for people.

Best Answer

Related Solutions

Handling Resource Identifiers in REST API Clients

HATEOAS REST Services – Strategies for Discovering REST Services Using HATEOAS

Related Topic