Re: [apps-discuss] FYI: "home" document format for APIs
mike amundsen <mamund@yahoo.com> Wed, 16 May 2012 12:42 UTC
Return-Path: <mca@amundsen.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E612421F8503 for <apps-discuss@ietfa.amsl.com>; Wed, 16 May 2012 05:42:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.221
X-Spam-Level: *
X-Spam-Status: No, score=1.221 tagged_above=-999 required=5 tests=[AWL=-1.300, BAYES_50=0.001, FM_FORGED_GMAIL=0.622, FORGED_YAHOO_RCVD=2.297, HTML_MESSAGE=0.001, J_CHICKENPOX_44=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ak8pTsasLbdJ for <apps-discuss@ietfa.amsl.com>; Wed, 16 May 2012 05:42:57 -0700 (PDT)
Received: from mail-ob0-f172.google.com (mail-ob0-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id 13B5F21F8501 for <apps-discuss@ietf.org>; Wed, 16 May 2012 05:42:56 -0700 (PDT)
Received: by obbeh20 with SMTP id eh20so1228265obb.31 for <apps-discuss@ietf.org>; Wed, 16 May 2012 05:42:56 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :x-gm-message-state; bh=sZ14NiCQ7HQETPaz+CPxaKoaiQxo5imKWX38OboYQqM=; b=HNYg9bP6J86GdS6ErRArM9nu7bZPftSYz4cjwGJKEWozTlNthZu5xfrlmbmvmddQvF 9WduhCee5IB5CdTt4iwPBx6OGqi1ep7y7hjjRhqmyo27qHKwx690HKftAN4gNwUFU7Xa ZTjItaca9sGq+yr23Ia6UjOGTXOMueds3jum5qB7TrgG2Iz23bZVgizUH4rMxn58P8Tm Jyx9hCQ/DTbMHqFkU3B3NmXQ0H+VHlVPdFCG7Wr6kVvNQ2zT28vFxU7c88xZdbZRSZw2 bGuSXwtdDldl4NM7FJUhFd0ZgWd2cNkzHBdLcUgrTIMQJfTw9/CApoiNv1SgTLG6TU0D 872w==
MIME-Version: 1.0
Received: by 10.60.19.164 with SMTP id g4mr2617999oee.44.1337172176413; Wed, 16 May 2012 05:42:56 -0700 (PDT)
Sender: mca@amundsen.com
Received: by 10.182.169.1 with HTTP; Wed, 16 May 2012 05:42:56 -0700 (PDT)
In-Reply-To: <25C12394-42A4-4EF6-B820-28C5B8CC7D0F@mnot.net>
References: <3C09861C-2A2A-474B-8D8D-E6CFB19176DD@mnot.net> <CAPW_8m5KsmQEsYN0DqtsR07QDzjiDR=bDMniZhUYRWtRjLX=jQ@mail.gmail.com> <C499F065-CDF0-4755-BE3D-08E2BAE713C3@mnot.net> <CAPW_8m6chjgpcvr9z31B73PYMjKuyxJ0=StJ3puPzy2PYQJDBA@mail.gmail.com> <CAPW_8m5mnpGdticRJWzvvoq2f04c=DKQz7ZVubxGqqX=jY8xmg@mail.gmail.com> <25C12394-42A4-4EF6-B820-28C5B8CC7D0F@mnot.net>
Date: Wed, 16 May 2012 08:42:56 -0400
X-Google-Sender-Auth: 1TOepqbp4ns7etegBTlIO35fSH4
Message-ID: <CAPW_8m6eO5bq8fmkC5EqCGE=NS_an4aAbp57sSRfae7HnSB34Q@mail.gmail.com>
From: mike amundsen <mamund@yahoo.com>
To: Mark Nottingham <mnot@mnot.net>
Content-Type: multipart/alternative; boundary="e89a8fb2009a94250204c026a8da"
X-Gm-Message-State: ALoCoQlC6L+FtM13tBTELhHneqUKBh/1zOyI2DMmfeoUQghTm8PklGZCcjzgQQAAGM8MkXyYeMPK
Cc: IETF Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] FYI: "home" document format for APIs
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 May 2012 12:42:59 -0000
Mark: OK, I think I have a general sense of what you're working on here. check me: - clients will be coded to "start" w/ this document (and keep a fresh copy on hand while interacting w/ the related service) - while the document currently includes URI templates to describe valid GET requests, there are currently no body templates to describe valid PUT/POST requests - this document is not the source of semantic interactions for client-server interaction (that will still be in the primary response representations from the service); it is merely an additional descriptor document to aide in knowing what transitions are possible and (in some cases) how to compose a valid transition request - the document will not contain schema, data bindings or other similar information That pretty close at least? Finally, while you have quite a bit of prose saying this document is not static, "the client can decide at run-time", "follow your nose", etc. I don't yet see details on _how_ this document could be used at run-time to "lead" clients through a set of state transitions; not sure what clients will "follow" in this document. For now I will assume this is due to a limitation on my part and will wait for some additional drafts and possibly some examples/pseudo-code to help me out. Thanks. mca http://amundsen.com/blog/ http://twitter.com@mamund http://mamund.com/foaf.rdf#me On Wed, May 16, 2012 at 12:30 AM, Mark Nottingham <mnot@mnot.net> wrote: > > On 16/05/2012, at 11:56 AM, mike amundsen wrote: > > > since i forgot to say it in my first comment; thanks for offering this > up. i am looking forward to learning more about it. > > Thanks. > > > > _when_ should a client retrieve this document? at design-time? at > run-time on the _first_ call to the domain space? and then each time the > caching expires after that? > > It's up to the client; they just need to use a fresh copy when they use > it. The simplest (but least efficient) design would be to fetch it before > every request; next would be to fetch-and-cache upon first use. However, > some clients might want to have a thread/process/task keeping a copy fresh > in the "background" as long as they're interested in that service. > > > > > do you have a "recommendation" on this item? IOW, a suggested best > > > practice on how the client will "discover" the proper home document? > > > /.welknown/? in the response?, etc.? > > > >> What I have in mind is that the client will be given a "starting point" > -- i.e., the home page document, usually expressed as a URL, and all > interaction will follow from that. For me, it makes sense if that URL is > the "root" (home) document for the authority (e.g., <http://example.com/>. > >> > >> For a particular use case, one *could* register a well-known URL to > shorten that URL to just a hostname, but I hope that won't be the usual > thing. > > > > so, a client should be coded to pick up this document form a > pre-determined location (i.e. the service documentation will publish a URI > for the document.). > > Yes. Just as I go to http://www.amazon.com/ to buy [insert most products > here]. > > > > > 2) use the linked home document as a guide when parsing/processing the > > > current representation? > > > >> At this point, I'm reluctant to define this. The Web works because > media types *are* effectively guides to parsing representations. > >> media types *are* guides to parsing. this _is_ a media type, right? > this is the guide to parsing, right? > >> > >> That said, I want to make the representation types capable of carrying > more data than just the media type (such as a profile), but I'm keenly > aware that doing so will encourage people to do things like put schema in > there, so they can do "data binding" to objects. IMO that's asking for > trouble. > > > > so you want to "discourage" certain information from appearing in this > document, rigiht (i.e. no schema should appear, no binding of UI to data > elements should appear, what else)? > > Possibly. I'd say that I want to vet what gets in very carefully, because > in the past people have gone so far off the rails with this kind of format, > and once it's out in the open, people are going to try to bend it to fit > those patterns / tools / expectations. > > > >> There might be some useful cases for that (e.g., doing QA on the API, > having an intermediary do something with it), but all of the experience > we've had with "data binding" has made be extremely wary of doing this > without a lot of consideration. > > > > can you give an example of how this document could be used in QA? > > Well, effectively QA is a client, and it has to be able to consume the > API. Beyond that, you may want to annotate the document with QA-specific > information (e.g., "I expect THIS resource/representation to meet THOSE > tests"). > > > >> I'm fine with describing (again, as a hint) the expected semantics of > the document; if the media type covers this, great, if not, that's where > I'm thinking profiles might help. It's describing the syntax where it gets > sticky. > > > > i;m not clear on this answer. are you saying "the media type" === not > this document? what expected semantics to you have in mind here? > > I mean the syntax/semantics of the request and responses representations > send in interactions driven by this format. So, "the media type" is their > media type(s). > > > > > not sure how to "know" what args are available for anything other than > > > GET, how are PUT/POST representations described? > > > >> The assumed convention is that what you can GET you can PUT (assuming > PUT is allowed). The accept-post hint covers POSTs. > > > > i can see (using URI templates how GET requests can be composed using > information in this document. i can't see details on how to compose a PUT > using the example. am i missing something? are clients expected to parse > the URI template vars and use that to compose a body for PUT/POST? > > See below. > > > > > 3) use the linked home document to determine which hypermedia options > > > to present to the user/user-agent (for each response)? > > > >> Please explain? > > > > i assume that the document will contain several (possibly dozens) of > Resource Objects. i assume that the client application would consume this > document and then use it to build up a UI that shows each of the Resource > Objects along with the possible arguments. Users will then select the one > they like, fill in the details and execute the request. am i wrong in this? > > That's one possible use of it, yes. > > > > > i can see how the client code might scan the home document and present > > > controls to express the various templates (i.e. could be converted > > > into HTML.FORM elements, etc.) i assume ALL the templates would be > > > presented to the user/user-agent ALL the time, right? > > > >> That's up to the client. > > > > Yep, i understand it's up to the client. what i am unclear on is _how_ > the client will decide which items to "show" is this done by hard-coding > the client to only show selected controls at certain times (determined by > the client)? or is the decision on which Object Resources to render decided > at run-time by the client? and if it's decided at runtime, how is that > decision made? > > I'm circumspect about use of the term "show" here, but pushing on, the > document certainly can/should be "personalised" to indicate what resources, > etc. are available to the client. Of course, actually attempting > interaction gives authoritative information, and interacting with resources > might expose further information that wasn't available in the home document. > > > > > also, it seems the design includes read-only templating (URI templates > > > for GET), but nothing line for POST/PUT. > > > >> What caused you to make that assumption? > > > > i assumed that the "href-template" and "href-vars" describe the details > on composing a URI used for GET (possibly DELETE). i assumed the home > document does not contain similar descriptions for composing a body for > PUT/POST since i could not find "body-template" and "body-vars" elements in > your design. > > I'm purposefully punting on body / format constraints for the time being, > but will get to it. > > > > > I assume write actions would > > > not be provided at runtime and would only be available via > > > documentation that devs would consult ahead of time (before ever using > > > this "service") and hard-code into the client, right? > > > >> I'm not sure what you mean by "write actions." Do you mean PUT, or > something more fine-grained? > > > > by "write actions" i mean the unsafe HTTP methods POST & PUT. this goes > back to my previous follow up. while i see details in your document on > composing URIs, i don't see details on composing bodies. i see the it's > possible to *tell* clients a PUT is possible. i don't see that it is > possible to tell clients what a valid PUT body looks like. i assumed, then, > that information would be in written documentation that the client > developer would consult when coding the client. > > OK, see above. > > > > > my initial reaction is that this home document design is optimized to > > > for use as a design-time IDL (ala WADL) instead of a run-time > > > interaction guide (ala HTML hypermedia). > > > >> Can you be more specific? On its own, that's not a helpful comment. > > > > my current understanding of your I-D is that it desctibes a static > resource which contains details on a "context-free" list of possible > actions on Object Resources. this looks to me very much like WADL/WSDL. > alternatively, designs like Mike Kelly's HAL or my Collection+JSON describe > dynamic representations that contain lists of "context-bound" possible > actions within the response itself (similar to HTML). does this make sense? > is it an accurate characterization of your I-D? > > No. It's very much the opposite; e.g., from the draft: > > > In contrast, a "follow your nose" API advertises the resources > > available to clients using link relations [RFC5988] and the formats > > they support using internet media types [RFC4288]. A client can then > > decide - at "run time" - which resources to interact with based upon > > its capabilities (as described by link relations), and the server can > > safely add new resources and formats without disturbing clients that > > are not yet aware of them. > > > > As such, the client needs to be able to discover this information > > quickly and efficiently use it to interact with the server. Just as > > with a human-targeted "home page" for a site, we can create a "home > > document" for a HTTP API (often, at the same URI, found through > > server-driven content negotiation) that describes it to non-browser > > clients. > > and: > > > o Home documents can be personalised, just as "normal" home pages > > can. For example, you might advertise different URIs, and/or > > different kinds of link relations, depending on the client's > > identity. > > and: > > > Note that the home document is a "living" document; it does not > > represent a "contract", but rather is expected to be inspected before > > each interaction. In particular, links from the home document MUST > > NOT be assumed to be valid beyond the freshness lifetime of the home > > document, as per HTTP's caching model [RFC2616]. > > I'm happy to expand upon this further in the draft, but I thought I'd > already used a fairly large sledgehammer / clue-by-four. > > > > > any sample (or pseudo-code) worked up that would show using the home > > > document at runtime? > > > >> Am working on it... > > > > cool. keep me posted. if you'd like, i'd be happy to attempt to build > something using this desgin once you think it is (and I am) ready<g>. > > Great; will do. > > > > -- > Mark Nottingham http://www.mnot.net/ > > > >
- [apps-discuss] FYI: "home" document format for AP… Mark Nottingham
- Re: [apps-discuss] FYI: "home" document format fo… Mike Jones
- Re: [apps-discuss] FYI: "home" document format fo… Martin Thomson
- Re: [apps-discuss] FYI: "home" document format fo… Mark Nottingham
- Re: [apps-discuss] FYI: "home" document format fo… Ben Niven-Jenkins
- Re: [apps-discuss] FYI: "home" document format fo… Mike Jones
- Re: [apps-discuss] FYI: "home" document format fo… James M Snell
- Re: [apps-discuss] FYI: "home" document format fo… Mark Nottingham
- Re: [apps-discuss] FYI: "home" document format fo… Mark Nottingham
- Re: [apps-discuss] FYI: "home" document format fo… Graham Klyne
- Re: [apps-discuss] FYI: "home" document format fo… James M Snell
- Re: [apps-discuss] FYI: "home" document format fo… Mark Nottingham
- Re: [apps-discuss] FYI: "home" document format fo… Martin Thomson
- Re: [apps-discuss] FYI: "home" document format fo… Martin Thomson
- Re: [apps-discuss] FYI: "home" document format fo… Michiel de Jong
- Re: [apps-discuss] FYI: "home" document format fo… James M Snell
- Re: [apps-discuss] FYI: "home" document format fo… mike amundsen
- Re: [apps-discuss] FYI: "home" document format fo… Mark Nottingham
- [apps-discuss] FYI: "home" document format for AP… mike amundsen
- Re: [apps-discuss] FYI: "home" document format fo… Mark Nottingham
- Re: [apps-discuss] FYI: "home" document format fo… mike amundsen
- Re: [apps-discuss] FYI: "home" document format fo… Graham Klyne
- Re: [apps-discuss] FYI: "home" document format fo… Mark Nottingham