OpenAPI specification for calDAV? - icalendar

I'm about to embark on some work around a calDAV server implementation. calDAV is specified in a series of RFC:
rfc4918: HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV)
rfc4791: Calendaring Extensions to WebDAV (CalDAV)
rfc5545: iCalendar
rfc6638: Scheduling Extensions to CalDAV
caldav-ctag-02: Calendar Collection Entity Tag (CTag) in CalDAV
(Shamelessly lifted from here)
At the end it is "just" http calls to specified URLs with a specified payload. I wonder: is there a ready made OpenAPI spec for calDAV or do I have to create my own?

Related

Is there an OpenAPI type specification for Kafka or similar technology?

OpenAPI is good for RESTful services and at the moment, I'm hacking it to do it for asynchronous messaging system (specifically Kafka) by using POST to a /topic so that I can use redoc do create a website for the API.
I am trying to see if there's already established system of documenting for this. Especially since the GET /events which is used for event sourcing is getting larger and larger by the day.
It seems asyncAPI is basically what you are looking for: openapi but for topics instead of REST endpoints.
https://www.asyncapi.com/docs/getting-started/coming-from-openapi/
CloudEvents is a CNCF backed project for documenting event sourcing, one specification is for Kafka
https://github.com/cloudevents/sdk-java/blob/master/kafka/README.md
If you want a REST API, look at the Kafka REST Proxy
Consider using Protocol Buffers within Kafka.
https://developers.google.com/protocol-buffers/
Protocol Buffers require an API contract (".proto" file) if you want to call or implement a service. The contracts are both human and machine readable.
Protocol Buffers can also be used with other messaging systems and other protocols like HTTP (check out "gRPC" for that). So your documentation / contract is more portable.
Of course this only works for projects having the flexibility to change their payload format.

Why Google uses a lot of SOAP in spite of the following advantages in REST?

Why Google uses a lot of SOAP in spite of the following advantages in REST.
REST is an architectural style.
REST stands for REpresentational State Transfer.
REST can use SOAP web services because it is a concept and can use any protocol like HTTP, SOAP.
REST uses URI to expose business logic. REST uses (generally) URI and methods like (GET, PUT, POST, DELETE) to expose resources. JAX-RS is the java API for RESTful web services.
REST does not define too much standards like SOAP.
REST requires less bandwidth and resource than SOAP.
RESTful web services inherits security measures from the underlying transport.
REST permits different data format such as Plain text, HTML, XML, JSON etc.
REST more preferred than SOAP.
REST is an architectural style, unlike SOAP which is a standardized protocol.
REST follows stateless model
REST has better performance and scalability. REST reads can be cached. JSON usually is a better fit for data and parses much faster
No accepted standard for a JSON schema.
SOAP
SOAP is a protocol.
SOAP stands for Simple Object Access Protocol.
SOAP can't use REST because it is a protocol.
SOAP uses services interfaces to expose the business logic. JAX-WS is the java API for SOAP web services.
SOAP defines standards to be strictly followed.
SOAP requires more bandwidth and resource than REST.
SOAP defines its own security.
SOAP permits XML data format only.
SOAP is less preferred than REST.
SOAP is actually agnostic of the underlying transport protocol and can be sent over almost any protocol such as HTTP, SMTP, TCP, or JMS.
SOAP has a standard specification
SOAP has specifications for stateful implementation as well.
SOAP based reads cannot be cached.
The marshalling costs are higher but one of the core advantages of XML is interoperatibility. For XML, a schema allow message formats to be well-defined. Data typing and control is also much richer under XML.
Thanks in advance.
Steve Francia has a great comparison article on the subject, though I was under the impression (and Steve mentions) that Google had moved away from SOAP to REST. I would be curious if you are asking about a specific API? Then maybe I could formulate a more specific answer regarding that API.
However, overall, while REST is superior in almost every way, here is why you would use SOAP:
Web Service Security - SOAP supports WS-Security in addition to SSL, which adds some enterprise security features and identity through intermediaries, not just point to point (SSL). It also provides a standard implementation of data integrity and data privacy.
Web Service Atomic Transaction - WS-AtomicTransactions are necessary if you need Transactions that are ACID compliant (though probably not why Google would have been using it).
Web Service Reliable Messaging - SOAP has standard messaging through WS-ReliableMessaging, enabling built in successful/retry logic and provides end-to-end reliability even through SOAP intermediaries.

REST versioning - URL vs. header

I am planning to write a RESTful API and I am clueless how to handle versioning.
I have read many discussions and blog articles, which suggest to use the accept header for versioning.
But then I found following website listening popular REST APIs and their versioning method and most of them using the URL for versioning.
Why?
Why are most people saying: "Don't use the URL, but use the accept header", but popular APIs using URL?
Both mechanisms are valid. You need to know your consumer to know which path to follow. In general, working with enterprises and academically-minded folks tends to point developers towards Resource Header versioning. However, if your clients are smaller businesses, then URL versioning approach is more widely used.
The Pros and Cons (I'm sure there are more, and some of the Cons have work-arounds not mentioned here)
It's more explorable. For most requests you can just use a browser, whereas, the Resource Header implementation requires a more programatic approach to testing. However, because not all HTTP requests are explorable, for example, POST requests, you should use a Rest Client plugin like Postman or Paw. URI Pro/Header Con
With a URI-versioned API, resource identification and the resource’s representation is munged together. This violates the basic principles of REST; one resource should be identified by one and only one endpoint. In this regard, the Resource Header versioning choice is more academically idealistic. Header Pro/URI Con.
A URI-versioned API is less error prone and more familiar to the client developers. Versioning by URL allows the developer to figure out the version of a service at a glance. f the client developer forgets to include a resource version in the header, you have to decide if they should be directed to the latest version (which can cause errors when incrementing the version) or a 301 (Moved Permanatly) error. Either way there is more confusion for your more novice client developers. URI Pro/Header Con
URI versioning lends itself to hosing multiple versions in the same application. In this case you do not have to further development your framework.
Note: If you do this your directory structure will most likely contain a substantial amount of duplicate code in the v2 directory. Also, deploying updates requires a system restart - Thus this technique should be avoided if possible. URI Pro/Header Con.
It is easier to add versioning to the HTTP Headers for an existing project that didn't already have versioning in mind from it's inception. Header Pro/URI Con.
According to the RMM Level 3 REST Principle: Hypermedia Controls, you should use the HTTP Accept and Content-Type headers to handle versioning of data as well as describing data. Header Pro/URI Con.
Here are some helpful links if you want to do some further reading:
Martin Fowler's description of the Richardson Maturity Model
API Versioning - Pivotal Labs
HATEAOS
Informit.com's Article on Versioning REST Services

Restful vs Other Web Services

What does it make Restful webservices different from the other Web Services like SOAP?
The debate over web services is by no means complete, but there are some elements that stand out.
RESTful web services are a 'family' of web services. Some would call it an architecture.
RESTful web services use the HTTP protocol to perform requests from a web service. They use the HTTP verbs: GET, POST, PUT and DELETE (and others, sometimes). The requests themselves are to URLs which represent resources... sometimes the requests will contain data in the body that could by HTML, JSON, binary data or other.
A purely RESTful web service only requires the URL and the HTTP verb to describe the requested action... the body data is usually a payload to be involved in the requested action... it should not dictate the requested action
SOAP, on the other hand, is actually a protocol. It is usually transported over HTTP, but the HTTP request is just a method to get the SOAP packet to the necessary handler. The contents of the SOAP request describes what the client wants performed. It contains all the necessary information.
They are two very different ways of implementing Web Services. If you ask the question "Which is better" you'll probably get strong opinions from both sides. I suggest you investigate further and make up your own mind.
A RESTful web service (also called a RESTful web API) is a simple web service implemented using HTTP and the principles of REST. Such a web service can be thought about as a collection of resources. The definition of such a web service can be thought of as comprising three aspects:
The base URI for the web service, such as http://example.com/resources/
The MIME type of the data supported by the web service. This is often JSON, XML or YAML but can be any other valid MIME type.
The set of operations supported by the web service using HTTP methods (e.g., POST, GET, PUT or DELETE).
SOAP, originally defined as Simple Object Access Protocol, is a protocol specification for exchanging structured information in the implementation of Web Services in computer networks. It relies on eXtensible Markup Language (XML) as its message format, and usually relies on other Application Layer protocols (most notably Remote Procedure Call (RPC) and HTTP) for message negotiation and transmission. This XML based protocol consists of three parts:
an envelope - which defines what is in the message and how to process it -
a set of encoding rules for expressing instances of application-defined datatypes,
and a convention for representing procedure calls and responses.
references:
http://en.wikipedia.org/wiki/Representational_State_Transfer#RESTful_web_services
http://en.wikipedia.org/wiki/SOAP
By the way, a simple google search could provide answers for you...
Ok there is a wealth of knowledge in Stack Overflow on this topic.
I think the best article that articulates the spirit of REST and how it compares against technologies like SOAP is How I explained REST to my wife.
Unlike SOAP, REST is not a standard it's more of an approach that's centred around Resources and things you can do to resources. The HTTP verbs GET, POST, PUT and DELETE are typical actions that you can apply against any resource. SOAP is a standard that ignores these verbs and has invented a more comprehensive protocol that works on top of the most popular verb HTTP POST for maximum interoperability. Most of the time this added complexity is unnecessary and a simple HTTP GET request for a resource would normally suffice over what could be potentially 1KB+ of SOAP+XML to achieve an equivalent result.
You can also check out Roy Fielding's blog (the inventor of REST) for more information about what it means.
RESTful services focus on speed and simplicity, eliminating the overhead of SOAP for the simple transactions that many web services require. However, a service implemented in this way is very HTTP-specific, and you'll have a hard time making use of it outside of that context.
SOAP services offer more out-of-the-box features, the most important (imho, of course) of which is discovery. The ability to add a reference to a SOAP service in just about any dev environment and have it automatically generate a proxy class that will hide the underlying HTTP complexities, even to the point of serializing non-trivial types, is very, very useful.
I feel that both of these approaches to web service development have their place. For AJAX requirements that don't require anything complex, I tend to implement as an HTTP handler (ASP.NET). Anything that needs to be called from another application, or from multiple places within the same app, I implement as a SOAP service because of the protocol encapsulation that it provides, as well as the ability to call the use the underlying object without the HTTP overhead where it makes sense.
1) REST is more simple and easy to use than SOAP
2) REST uses HTTP protocol for producing or consuming web services while SOAP uses XML.
3) REST is lightweight as compared to SOAP and preferred choice in mobile devices and PDA's.
4) REST supports different format like text, JSON and XML while SOAP only support XML.
5) REST web services call can be cached to improve performance.

Representational state transfer (REST) and Simple Object Access Protocol (SOAP)

Can somebody explain what is REST and what is SOAP in plain english? And how Web Services work?
Simple explanation about SOAP and REST
SOAP - "Simple Object Access Protocol"
SOAP is a method of transferring messages, or small amounts of information, over the Internet. SOAP messages are formatted in XML and are typically sent using HTTP (hypertext transfer protocol).
Rest - Representational state transfer
Rest is a simple way of sending and receiving data between client and server and it doesn't have very many standards defined. You can send and receive data as JSON, XML or even plain text. It's light weighted compared to SOAP.
Both methods are used by many of the large players. It's a matter of preference. My preference is REST because it's simpler to use and understand.
Simple Object Access Protocol (SOAP):
SOAP builds an XML protocol on top of HTTP or sometimes TCP/IP.
SOAP describes functions, and types of data.
SOAP is a successor of XML-RPC and is very similar, but describes a standard way to communicate.
Several programming languages have native support for SOAP, you typically feed it a web service URL and you can call its web service functions without the need of specific code.
Binary data that is sent must be encoded first into a format such as base64 encoded.
Has several protocols and technologies relating to it: WSDL, XSDs, SOAP, WS-Addressing
Representational state transfer (REST):
REST need not be over HTTP but most of my points below will have an HTTP bias.
REST is very lightweight, it says wait a minute, we don't need all of this complexity that SOAP created.
Typically uses normal HTTP methods instead of a big XML format describing everything. For example to obtain a resource you use HTTP GET, to put a resource on the server you use HTTP PUT. To delete a resource on the server you use HTTP DELETE.
REST is a very simple in that it uses HTTP GET, POST and PUT methods to update resources on the server.
REST typically is best used with Resource Oriented Architecture (ROA). In this mode of thinking everything is a resource, and you would operate on these resources.
As long as your programming language has an HTTP library, and most do, you can consume a REST HTTP protocol very easily.
Binary data or binary resources can simply be delivered upon their request.
There are endless debates on REST vs SOAP on google.
My favorite is this one.
Update 27 Nov 2013: Paul Prescod's site appears to have gone offline and this article is no longer available, copies though can be found on the Wayback Machine or as a PDF at CiteSeerX.
REST
I understand the main idea of REST is extremely simple. We have used web browsers for years and we have seen how easy, flexible, performing, etc web sites are. HTML sites use hyperlinks and forms as the primary means of user interaction. Their main goal is to allow us, clients, to know only those links that we can use in the current state. And REST simply says 'why not use the same principles to drive computer rather than human clients through our application?' Combine this with the power of the WWW infrastructure and you'll get a killer tool for building great distributed applications.
Another possible explanation is for mathematically thinking people. Each application is basically a state machine with business logic actions being state transitions. The idea of REST is to map each transition onto some request to a resource and provide clients with links representing transitions available in the current state. Thus it models the state machine via representations and links. This is why it's called REpresentational State Transfer.
It's quite surprising that all answers seem to focus either on message format, or on HTTP verbs usage. In fact, the message format doesn't matter at all, REST can use any one provided that the service developer documents it. HTTP verbs only make a service a CRUD service, but not yet RESTful. What really turns a service into a REST service are hyperlinks (aka hypermedia controls) embedded into server responses together with data, and their amount must be enough for any client to choose the next action from those links.
Unfortunately, it's rather difficult to find correct info on REST on the Web, except for the Roy Fielding's thesis. (He's the one who derived REST). I would recommend the 'REST in Practice' book as it gives a comprehensive step-by-step tutorial on how to evolve from SOAP to REST.
SOAP
This is one of the possible forms of RPC (remote procedure call) architecture style. In essence, it's just a technology that allows clients call methods of server via service boundaries (network, processes, etc) as if they were calling local methods. Of course, it actually differs from calling local methods in speed, reliability and so on, but the idea is that simple.
Compared
The details like transport protocols, message formats, xsd, wsdl, etc. don't matter when comparing any form of RPC to REST. The main difference is that an RPC service reinvents bicycle by designing it's own application protocol in the RPC API with the semantics that only it knows. Therefore, all clients have to understand this protocol prior to using the service, and no generic infrastructure like caches can be built because of proprietary semantics of all requests. Furthermore, RPC APIs do not suggest what actions are allowed in the current state, this has to be derived from additional documentation. REST on the other hand implies using uniform interfaces to allow various clients to have some understanding of API semantics, and hypermedia controls (links) to highlight available options in each state. Thus, it allows for caching responses to scale services and making correct API usage easily discoverable without additional documentation.
In a way, SOAP (as any other RPC) is an attempt to tunnel through a service boundary treating the connecting media as a black box capable of transmitting messages only. REST is a decision to acknowledge that the Web is a huge distributed information system, to accept the world as is and learn to master it instead of fighting against it.
SOAP seems to be great for internal network APIs, when you control both the server and the clients, and while the interactions are not too complex. It's more natural for developers to use it. However, for a public API that is used by many independent parties, is complex and big, REST should fit better. But this last comparison is very fuzzy.
Update
My experience has unexpectedly shown REST development to be more difficult than SOAP. At least for .NET. While there are great frameworks like ASP.NET Web API, there's no tooling that would automatically generate client-side proxy. Nothing like 'Add Web Service Reference' or 'Add WCF Service Reference'. One has to write all serialization and service querying code by hand. And man, that's lots of boilerplate code. I think REST development needs something similar to WSDL and tooling implementation for each development platform. In fact, there seems to be a good ground: WADL or WSDL 2.0, but neither of the standards seems to be well-supported.
Update (Jan 2016)
Turns out there is now a wide variety of tools for REST API definition. My personal preference is currently RAML.
How Web Services work
Well, this is a too broad question, because it depends on the architecture and technology used in the specific web service. But in general, a web service is simply some application in the Web that can accept requests from clients and return responses. It's exposed to the Web, thus it's a web service, and it's typically available 24/7, that's why it's a service. Of course, it solves some problem (otherwise why would someone ever use a web service) for its clients.
This is the simplest explanation you will ever find.
This article takes a husband to wife narrative, where the husband explains to his wife about REST, in pure layman terms. Must read!
how-i-explained-rest-to-my-wife (original link)
how-i-explained-rest-to-my-wife (2013-07-19 working link)
SOAP - Simple Object Access Protocol is a protocol!
REST - REpresentational State Transfer is an architectural style!
SOAP is an XML protocol used to transfer messages, typically over HTTP
REST and SOAP are arguably not mutually exclusive. A RESTful architecture might use HTTP or SOAP or some other communication protocol. REST is optimized for the web and thus HTTP is a perfect choice. HTTP is also the only protocol discussed in Roy Fielding's paper.
Although REST and SOAP are clearly very different, the question does illuminate the fact that REST and HTTP are often used in tandem. This is primarily due to the simplicity of HTTP and its very natural mapping to RESTful principles.
Fundamental REST Principles
Client-Server Communication
Client-server architectures have a very distinct separation of concerns. All applications built in the RESTful style must also be client-server in princple.
Stateless
Each each client request to the server requires that its state be fully represented. The server must be able to completely understand the client request without using any server context or server session state. It follows that all state must be kept on the client. We will discuss stateless representation in more detail later.
Cacheable
Cache constraints may be used, thus enabling response data to to be marked as cacheable or not-cachable. Any data marked as cacheable may be reused as the response to the same subsequent request.
Uniform Interface
All components must interact through a single uniform interface. Because all component interaction occurs via this interface, interaction with different services is very simple. The interface is the same! This also means that implementation changes can be made in isolation. Such changes, will not affect fundamental component interaction because the uniform interface is always unchanged. One disadvantage is that you are stuck with the interface. If an optimization could be provided to a specific service by changing the interface, you are out of luck as REST prohibits this. On the bright side, however, REST is optimized for the web, hence incredible popularity of REST over HTTP!
The above concepts represent defining characteristics of REST and differentiate the REST architecture from other architectures like web services. It is useful to note that a REST service is a web service, but a web service is not necessarily a REST service.
See this blog post on REST Design Principals for more details on REST and the above stated bullets.
I like Brian R. Bondy's answer. I just wanted to add that Wikipedia provides a clear description of REST. The article distinguishes it from SOAP.
REST is an exchange of state information, done as simply as possible.
SOAP is a message protocol that uses XML.
One of the main reasons that many people have moved from SOAP to REST is that the WS-* (called WS splat) standards associated with SOAP based web services are EXTREMELY complicated. See wikipedia for a list of the specifications. Each of these specifications is very complicated.
EDIT: for some reason the links are not displaying correctly. REST = http://en.wikipedia.org/wiki/REST
WS-* = http://en.wikipedia.org/wiki/WS-*
Both SOAP webservices and REST webservices can use the HTTP protocol and other protocols as well (just to mention SOAP can be the underlying protocol of REST). I will talk only about the HTTP protocol related SOAP and REST, because this is the most frequent usage of them.
SOAP
SOAP ("simple" object access protocol) is a protocol (and a W3C standard). It defines how to create, send and process SOAP messages.
SOAP messages are XML documents with a specific structure: they contain an envelope which contains the header and the body section. The body contains the actual data - we want to send - in an XML format. There are two encoding styles, but we usually choose literal, which means that our application or its SOAP driver does the XML serialization and unserialization of the data.
SOAP messages travel as HTTP messages with SOAP+XML MIME subtype. These HTTP messages can be multipart, so optionally we can attach files to SOAP messages.
Obviously we use a client-server architecture, so the SOAP clients send requests to the SOAP webserices and the services send back responses to the clients. Most of the webservices use a WSDL file to describe the service. The WSDL file contains the XML Schema (XSD hereafter) of the data we want to send and the WSDL binding which defines how the webservice is bound to the HTTP protocol. There are two binding styles: RPC and document. By the RPC style binding the SOAP body contains the representation of an operation call with the parameters (HTTP requests) or the return values (HTTP response). The parameters and return values are validated against the XSD. By the document style binding the SOAP body contains an XML document which is validated against the XSD. I think the document binding style is better suited to event based systems, but I never used that binding style. The RPC binding style is more prevalent, so most people use SOAP for XML/RPC purposes by distributed applications. The webservices usually find each other by asking an UDDI server. UDDI servers are registries which store the location of the webservices.
SOAP RPC
So the - in my opinion - most prevalent SOAP webservice uses RPC binding style and literal encoding style and it has the following properties:
It maps URLs to operations.
It sends messages with SOAP+XML MIME subtype.
It can have a server side session store, there are no constraints about that.
The SOAP client drivers use the WSDL file of the service to convert the RPC operations into methods. The client side application communicates with the SOAP webservice by calling these methods. So most of the SOAP clients break by interface changes (resulting method names and/or parameter changes).
It is possible to write SOAP clients which won't break by interface changes using RDF and find operations by semantics, but semantic webservice are very rare and they don't necessarily have a non breaking client (I guess).
REST
REST (representational state transfer) is an architecture style which is described in the dissertation of Roy Fielding. It does not concern about protocols like SOAP does. It starts with a null architecture style having no constraints and defines the constraints of the REST architecture one by one. People use the term RESTful for webservices which fulfill all of the REST constraints, but according to Roy Fielding, there are no such things as REST levels. When a webservice does not meet with every single REST constraint, then it is not a REST webservice.
REST constraints
Client - server architecture - I think this part is familiar to everyone. The REST clients communicate with the REST webservices, the webservices maintain the common data - resource state hereafter - and serve it to the clients.
Stateless - The "state transfer" part of the abbreviation: REST. The clients maintain the client state (session/application state), so the services must not have a session storage. The clients transfer the relevant part of the client state by every request to the services which respond with the relevant part of the resource state (maintained by them). So requests don't have context, they always contain the necessary information to process them. For example by HTTP basic auth the username and the password is stored by the client, and it sends them with every request, so authentication happens by every request. This is very different from regular webapplications where authentication happens only by login. We can use any client side data storage mechanism like in-memory(javascript), cookies, localStorage, and so on... to persist some parts of the client state if we want. The reason of the statelessness constraint, that the server scales well - even by very high load (millions of users) - when it does not have to maintain the session of every single client.
Cache - The response must contain information about it can be cached by the client or not. This improves scalability further.
Uniform interface
Identification of resources - REST resource is the same as RDF resource. According to Fielding if you can name something, then it can be a resource, for example: "the current local weather" can be a resource, or "your mobile phone" can be a resource, or "a specific web document" can be a resource. To identify a resource you can use resource identifiers: URLs and URNs (for example ISBN number by books). A single identifier should belong only to a specific resource, but a single resource can have many identifiers, which we frequently exploit for example by pagination with URLs like https://example.com/api/v1/users?offset=50&count=25. URLs have some specifications, for example URLs with the same pathes but different queries are not identical, or the path part should contain the hierarhical data of the URL and the query part should contain the non-hierarchical data. These are the basics of how to create URLs by REST. Btw. the URL structure does matter only for the service developers, a real REST client does not concern with it. Another frequently asked question is API versioning, which is an easy one, because according to Fielding the only constant thing by resource is semantics. If the semantics change, then you can add a new version number. You can use classical 3 number versioning and add only the major number to the URLs (https://example.com/api/v1/). So by backward compatible changes nothing happens, by non-backward compatible changes you will have a non-backward compatible semantics with a new API root https://example.com/api/v2/. So the old clients won't break, because they can use the https://example.com/api/v1/ with the old semantics.
Manipulation of resources through representations - You can manipulate the data related to resources (resource state) by sending the intended representation of the resources - along with the HTTP method and the resource identifier - to the REST service. For example if you want to rename a user after marriage, you can send a PATCH https://example.com/api/v1/users/1 {name: "Mrs Smith"} request where the {name: "Mrs Smith"} is a JSON representation of the intended resource state, in other words: the new name. This happens vica-versa, the service sends representations of resources to the clients in order to change their states. For example if we want to read the new name, we can send a GET https://example.com/api/v1/users/1?fields="name" retrieval request, which results in a 200 ok, {name: "Mrs Smith"} response. So we can use this representation to change the client state, for example we can display a "Welcome to our page Mrs Smith!" message. A resource can have many representations depending on the resource identifier (URL) or the accept header we sent with the request. For example we can send an image of Mrs Smith (probably not nude) if image/jpeg is requested.
Self-descriptive messages - Messages must contain information about how to process them. For example URI and HTTP method, content-type header, cache headers, RDF which describes the meaning of the data, etc... It is important to use standard methods. It is important to know the specification of the HTTP methods. For example GET means retrieving information identified by the request URL, DELETE means asking the server to delete the resource identified by the given URL, and so on... HTTP status codes have a specification as well, for example 200 means success, 201 means the a new resource has been created, 404 means that the requested resource was not found on the server, etc... Using existing standards is an important part of REST.
Hypermedia as the engine of application state (HATEOAS hereafter) - Hypermedia is a media type which can contain hyperlinks. By the web we follow links - described by a hypermedia format (usually HTML) - to achieve a goal, instead of typing the URLs into the addres bar. REST follows the same concept, the representations sent by the service can contain hyperlinks. We use these hyperlinks to send requests to the service. With the response we get data (and probably more links) which we can use to build the new client state, and so on... So that's why hypermedia is the engine of application state (client state). You probably wonder how do clients recognize and follow the hyperlinks? By humans it is pretty simple, we read the title of the link, maybe fill input fields, and after that just a single click. By machines we have to add semantics to the links with RDF (by JSON-LD with Hydra) or with hypermedia specific solutions (for example IANA link relations and vendor specific MIME types by HAL+JSON). There are many machine readable XML and JSON hypermedia formats, just a short list of them:
XHTML
ATOM+XML
RDF+XML
HAL+XML
HAL+JSON
JSON-LD
RDF+JSON
Siren
Collection+JSON
Sometimes it is hard to choose...
Layered system - We can use multiple layers between the clients and the services. None of them should know about all of these additonal layers, just of layer right next to it. These layers can improve scalability by applying caches and load balancing or they can enforce security policies.
Code on demand - We can send back code which extends the functionality of the client, for example javascript code to a browser. This is the only optional constraint of REST.
REST webservice - SOAP RPC webservice differences
So a REST webservice is very different from a SOAP webservice (with RPC binding style and literal encoding style)
It defines an uniform interface (intead of a protocol).
It maps URLs to resources (and not operations).
It sends messages with any MIME types (instead of just SOAP+XML).
It has a stateless communication, and so it cannot have a server side session storage. (SOAP has no constraint about this)
It serves hypermedia and the clients use links contained by that hypermedia to request the service. (SOAP RPC uses operation bindings described in the WSDL file)
It does not break by URL changes only by semantics changes. (SOAP RPC clients without using RDF semantics break by WSDL file changes.)
It scales better than a SOAP webservice because of its stateless behavior.
and so on...
A SOAP RPC webservice does not meet all of the REST constraints:
client-server architecture - always
stateless - possible
cache - possible
uniform interface - never
layered system - never
code on demand (optional) - possible
Well I'll begin with the second question: What are Web Services? , for obvious reasons.
WebServices are essentially pieces of logic(which you may vaguely refer to as a method) that expose certain functionality or data. The client implementing(technically speaking, consuming is the word) just needs to know what are the parameter(s) the method is going to accept and the type of data it is going to return(if at all it does).
The following Link says it all about REST & SOAP in an extremely lucid manner.
REST vs SOAP
If you also want to know when to choose what (REST or SOAP), all the more reason to go through it!
SOAP and REST both refer to ways for different systems to talk to each other.
REST does this using techniques that resemble the communication that your browser has with web servers: using GET to request a web page, POSTing in form fields, etc.
SOAP provides for something similar but does everything through sending blocks of XML back and forth. Another key component of SOAP is WSDL which is an XML document that describes what functions and data elements are supported. WSDLs can be used to programmatically "discover" what functions are supported as well as to generate programming code stubs.
The problem with SOAP is that it is in conflict with the ideals behind the HTTP stack. Any middleware should be able to work with HTTP requests without understanding the content of the request or response, but for example a regular HTTP caching server won't work with SOAP requests without knowing only which parts of the SOAP content matter for caching. SOAP just uses HTTP as a wrapper for its own communications protocol, like a proxy.
I think that this is as easy as I can explain it. Please, anyone is welcome to correct me or add to this.
SOAP is a message format used by disconnected systems (like across the internet) to exchange information / data. It does with XML messages going back and forth.
Web services transmit or receive SOAP messages. They work differently depending on what language they are written in.
REST is an architecture style for designing networked applications. The idea is that, rather than using complex mechanisms such as CORBA, RPC or SOAP to connect between machines, simple HTTP is used to make calls between machines.
SOAP – "Simple Object Access Protocol"
SOAP is a slight of transferring messages, or little amounts of information over the Internet. SOAP messages are formatted in XML and are typically sent controlling HTTP.
REST – "REpresentational State Transfer"
REST is a rudimentary proceed of eventuality and receiving information between fan and server and it doesn't have unequivocally many standards defined. You can send and accept information as JSON, XML or even plain text. It's light weighted compared to SOAP.
SOAP­based Web Services
In short, the SOAP­based Services model views the world as an ecosystem of co­equal peers that cannot control each other, but have to work together by honoring published contracts. It's a valid
model of the messy real world, and the metadata ­based contracts form the SOAP Service Interface.
we can still associate SOAP with XML­based Remote Procedure Calls, but SOAP­based Web Services technology has emerged into a flexible and powerful messaging model.
SOAP assumes all systems are independent and no system has any knowledge of the internals of another and internal functionality.
The most such systems can do is send messages to one another and hope they will be acted upon. Systems publish contracts that they undertake to honor, and other systems rely upon these contracts to exchange messages with them.
Contracts between systems are collectively called metadata, and comprise service descriptions, the message exchange patterns supported and the policies governing qualities of service (a service may
need to be encrypted, reliably delivered, etc.) A service description, in turn, is a detailed specification of the data (message documents) that will be sent and received by the system. The documents are
described using an XML description language like XML Schema Definition. As long as all systems honor their published contracts, they can inter operate, and changes to the internals of systems never affect any other. Every system is responsible for translating its own internal implementations to and from its contracts
REST - REpresentational State Transfer. The physical
protocol is HTTP. Basically, REST is that all distinct resources on the web that are uniquely identifiable by a URL. All operations that can be performed on these resources can be described by a limited set of verbs (the “CRUD” verbs) which in turn map to HTTP verbs.
REST's is much less “heavyweight” than SOAP.
Working of web service