Designing Evolvable Web APIs with ASP.NET now as a free ebook

If you’re interested to update your knowledge of simply get started with Web API then there are a bunch of decent books already out there. I noticed however that Glenn Block and others at Microsoft released a book as well and, at the moment, provide for free over at http://chimera.labs.oreilly.com/books/1234000001708.

To get a grasp of what’s in there:

Table of Contents

• Foreword
• Preface
• Why Should You Read This Book?
• What Do You Need to Know to Follow Along?
• The Hitchhiker’s Guide to Navigating This Book
• Part I, Fundamentals
• Part II, Real-World API Development
• Part III, Web API Nuts and Bolts
• Conventions Used in This Book
• Using Code Examples
• Safari® Books Online
• How to Contact Us
• Acknowledgments
• 1. The Internet, the World Wide Web, and HTTP
• Web Architecture
• Resource
• URI
• Cool URIs
• Representation
• Media Type
• HTTP
• Moving Beyond HTTP 1.1
• HTTP Message Exchange
• Intermediaries
• Types of Intermediaries
• HTTP Methods
• Headers
• HTTP Status Codes
• Content Negotiation
• Caching
• Authentication
• Authentication Schemes
• Additional Authentication Schemes
• Conclusion
• 2. Web APIs
• What Is a Web API?
• What About SOAP Web Services?
• Origins of Web APIs
• The Web API Revolution Begins
• Paying Attention to the Web
• Guidelines for Web APIs
• Domain-Specific Media Types
• Media Type Profiles
• Multiple Representations
• API Styles
• The Richardson Maturity Model
• RPC (/images/RMM Level 0)
• Resources (/images/RMM Level 1)
• HTTP VERBS (/images/RMM Level 2)
• Crossing the Chasm Toward Resource-Centric APIs
• Hypermedia (/images/RMM Level 3)
• REST
• REST Constraints
• Conclusion
• 3. ASP.NET Web API 101
• Core Scenarios
• First-Class HTTP Programming
• Symmetric Client and Server Programming Experience
• Flexible Support for Different Formats
• No More “Coding with Angle Brackets”
• Unit Testability
• Multiple Hosting Options
• Getting Started with ASP.NET Web API
• Exploring a New Web API Project
• WebApiConfig
• ValuesController
• “Hello Web API!”
• Creating the Service
• The Client
• The Host
• Conclusion
• 4. Processing Architecture
• The Hosting Layer
• Message Handler Pipeline
• Route Dispatching
• Controller Handling
• The ApiController Base Class
• Conclusion
• 5. The Application
• Why Evolvable?
• Barriers to Evolution
• What Is the Cost?
• Why Not Just Version?
• Walking the Walk
• Application Objectives
• Goals
• Opportunity
• Information Model
• Subdomains
• Related Resources
• Attribute Groups
• Collections of Attribute Groups
• Information Model Versus Media Type
• Collections of Issues
• Resource Models
• Root Resource
• Search Resources
• Collection Resources
• Item Resources
• Conclusion
• 6. Media Type Selection and Design
• Self-Description
• Types of Contracts
• Media Types
• Primitive Formats
• Popular Formats
• New Formats
• Hypermedia Types
• Media Type Explosion
• Generic Media Types and Profiles
• Other Hypermedia Types
• Link Relation Types
• Semantics
• Replacing Embedded Resources
• Indirection Layer
• Reference Data
• Workflow
• Syntax
• A Perfect Combination
• Designing a New Media Type Contract
• Selecting a Format
• Enabling Hypermedia
• Optional, Mandatory, Omitted, Applicable
• Embedded Versus External Metadata
• Extensibility
• Registering the Media Type
• Designing New Link Relations
• Standard Link Relations
• Extension Link Relations
• Embedded Link Relations
• Registering the Link Relation
• Media Types in the Issue Tracking Domain
• List Resources
• Item Resources
• Discovery Resource
• Search Resource
• Conclusion
• 7. Building the API
• The Design
• Getting the Source
• Building the Implementation Using BDD
• Navigating the Solution
• Packages and Libraries
• Self-Host
• Models and Services
• Issue and Issue Store
• IssueState
• IssuesState
• Link
• IssueStateFactory
• LinkFactory
• IssueLinkFactory
• Acceptance Criteria
• Feature: Retrieving Issues
• Retrieving an Issue
• Retrieving Open and Closed Issues
• Retrieving an Issue That Does Not Exist
• Retrieving All Issues
• Retrieving All Issues as Collection+Json
• Searching Issues
• Feature: Creating Issues
• Feature: Updating Issues
• Updating an Issue
• Updating an Issue That Does Not Exist
• Feature: Deleting Issues
• Deleting an Issue
• Deleting an Issue That Does Not Exist
• Feature: Processing Issues
• The Tests
• The Implementation
• Conclusion
• 8. Improving the API
• Acceptance Criteria for the New Features
• Implementing the Output Caching Support
• Adding the Tests for Output Caching
• Implementing Cache Revalidation
• Implementing Conditional GETs for Cache Revalidation
• Conflict Detection
• Implementing Conflict Detection
• Change Auditing
• Implementing Change Auditing with Hawk Authentication
• Tracing
• Implementing Tracing
• Conclusion
• 9. Building the Client
• Client Libraries
• Wrapper Libraries
• Links as Functions
• Application Workflow
• Need to Know
• Clients with Missions
• Client State
• Conclusion
• 10. The HTTP Programming Model
• Messages
• Headers
• Message Content
• Consuming Message Content
• Creating Message Content
• Conclusion
• 11. Hosting
• Web Hosting
• The ASP.NET Infrastructure
• ASP.NET Routing
• Web API Routing
• Global Configuration
• The Web API ASP.NET Handler
• Self-Hosting
• WCF Architecture
• The HttpSelfHostServer Class
• The HttpSelfHostConfiguration Class
• URL Reservation and Access Control
• Hosting Web API with OWIN and Katana
• OWIN
• The Katana Project
• Web API Configuration
• Web API Middleware
• The OWIN Ecosystem
• In-Memory Hosting
• Azure Service Bus Host
• Conclusion
• 12. Controllers and Routing
• HTTP Message Flow Overview
• The Message Handler Pipeline
• Dispatcher
• HttpControllerDispatcher
• Controller Selection
• Controller Activation
• The Controller Pipeline
• ApiController
• ApiController Processing Model
• Conclusion
• 13. Formatters and Model Binding
• The Importance of Models in ASP.NET Web API
• How Model Binding Works
• Built-In Model Binders
• The ModelBindingParameterBinder Implementation
• Value Providers
• Model Binders
• Model Binding Against URIs Only
• The FormatterParameterBinder Implementation
• Default HttpParameterBinding Selection
• Model Validation
• Applying Data Annotation Attributes to a Model
• Querying the Validation Results
• Conclusion
• 14. HttpClient
• HttpClient Class
• Lifecycle
• Wrapper
• Multiple Instances
• Thread Safety
• Helper Methods
• Peeling Off the Layers
• Completed Requests Don’t Throw
• Content Is Everything
• Cancelling the Request
• SendAsync
• Client Message Handlers
• Proxying Handlers
• Fake Response Handlers
• Creating Resuable Response Handlers
• Conclusion
• 15. Security
• Transport Security
• Using TLS in ASP.NET Web API
• Using TLS with IIS Hosting
• Using TLS with Self-Hosting
• Authentication
• The Claims Model
• Retrieving and Assigning the Current Principal
• Transport-Based Authentication
• Server Authentication
• Client Authentication
• The HTTP Authentication Framework
• Implementing HTTP-Based Authentication
• Katana Authentication Middleware
• Active and Passive Authentication Middleware
• Web API Authentication Filters
• Token-Based Authentication
• The Hawk Authentication Scheme
• Authorization
• Authorization Enforcement
• Cross-Origin Resource Sharing
• CORS Support on ASP.NET Web API
• Conclusion
• 16. The OAuth 2.0 Authorization Framework
• Client Applications
• Accessing Protected Resources
• Obtaining Access Tokens
• Authorization Code Grant
• Scope
• Front Channel Versus Back Channel
• Refresh Tokens
• Resource Server and Authorization Server
• Processing Access Tokens in ASP.NET Web API
• OAuth 2.0 and Authentication
• Scope-Based Authorization
• Conclusion
• 17. Testability
• Unit Tests
• Unit Testing Frameworks
• Getting Started with Unit Testing in Visual Studio
• xUnit.NET
• The Role of Unit Testing in Test-Driven Development
• Unit Testing an ASP.NET Web API Implementation
• Unit Testing an ApiController
• Unit Testing a MediaTypeFormatter
• Unit Testing an HttpMessageHandler
• Unit Testing an ActionFilterAttribute
• Unit Testing Routes
• Integration Tests in ASP.NET Web API
• Conclusion
• A. Media Types
• B. HTTP Headers
• C. Content Negotiation
• Proactive Negotiation
• Reactive Negotiation
• D. Caching in Action
• E. Authentication Workflows
• F. Media Type Specification for application/issue+json
• Notational Conventions
• Issue Documents
• Security Considerations
• Interoperability Considerations
• IANA Considerations
• G. Public-Key Cryptography and Certificates
• Revocation
• Creating Test Keys and Certificates
• Index

Grz, Kris.