Writing a REST Web Service and Client With Zend_Controller
April 2nd, 2009so here’s my makeup video for last week’s absence. It’s a little on the long end (nearing 40 mintues), however in my defense, I’m trying to cover a lot of ground. The video covers how you can build a very basic JSON web service with some private key authentication. I think that I muddled through the description, so I invite you to look at the Wikipedia entry on private / public key cryptography.
I start by producing a simple Business Object for countries, which then becomes a web service. With some credentials for authentication stored in Zend_Config_Ini, I go through the motions of writing a wrapper around Zend_HttpClient for handling requests with our home-grown country list web service. This approach was adapted from a web service I’ve been working on for a client recently, that I’ve found light and easy to write for RESTful calls. Following along with the source code might also be helpful. Grab yourself a copy of the source code here.
If you put google ads on your site I’ll click em as a tip for the great vids
Hey Mike,
I’d be interested in supporting products that make sense for Zend developers, but I really don’t want to inflate the site with ads, since I think it will cheapen the brand. I’m happy to take donations though!
Thanks for the heads up
This is a great tutorial, thank you very much!
How did you get that var_dump() to look all pretty? Mine looks like this:
array(1) { [0]=> string(1) “a” }
Hi CamargoBP,
I have XDebug running on my local installation. This causes the formatting of var_dump (and error messages) to be a little more colourful.
Do you think you could do a zc on zend_db with mysql or anther db? I think that would be helpful.
Great work! Great site!
But, in this case, why not use Zend_Rest ?
hey F@bio,
that’s a great point, however Zend_Rest seems a little thin on documentation. Also, the REST server that comes from Zend_Rest seems to be XML specific (no JSON). I believe XML is a great format for certain web services, however this isn’t the only way of doing it and I would argue that JSON is lighter and easier to query when dealing with data transfer objects. Also, the REST server client documentation states that its best used with Zend’s REST server class. Also, the documentation doesn’t cover authentication of RESTful services with keys (which is a common pattern for REST). I have found the Zend SOAP classes really interesting (and better documented), but I haven’t found a need for that kind of weight in any projects I’ve done with Zend quite yet. I’m definitely interested in covering other ways of implementing web services with Zend, so if you have any suggestions I’m all game!
In the cast you said you were going to use Zend Studio from here on out because most of us that are watching are using it.
One of the reasons I have been following your casts is because of you using netbeans. I am a full time student that works part time as a web developer. with the price difference from free to 400.00 I can’t see me using anything but netbeans(I have tried out zend studio and do like it but not 400.00 worth of liking it)
I was real excited to see that you were doing an SVN webcast but was disapointed when i started to watch it and it was only for zend studio.
I think I might speak for the majority that we would like you to come back to Netbeans.
thanx.
I like how you are using what zend has. Really subversion is one of few features you pay for with zendstudio. If you stick to what zend touts you won’t get burned.
Great post! I just found out about your site today. I found it very helpful.
Correct me if I’m wrong (I’m new to REST). In REST, GET request is for fetching data and POST request is for updating data. In this example, is it better to use GET instead of POST? Or does it matter?
Hi Warren,
. GET is usually used for “non-destructive” calls. The thinking behind this is that a web crawler could easily fire off a GET request to a web service inadvertently. From what I understand, GET usually also has a limited character limit (since parameters are tacked on to the URI). In this particular post, GET would have been sufficient, however this might be confusing with the ZF due to the whole routing infrastructure provided by Zend_Route and the MVC framework. I guess it really depends on the requirements.
glad you found zendcasts
A suggestion for your next zendcast maybe to include Oauth implementation on top of this example. I think it’s a very common pattern used nowadays.
Loved the screencast. Just one clarification: using md5 is hashing, not encrypting. You did use a salt in your hash to make it more unique, but it is still hashing, not encrypting.
I’d love to see you use Zend’s built-in encryption: http://framework.zend.com/manual/en/zend.filter.set.html#zend.filter.set.encrypt
Thanks for all the work you put into the videos
Hi Jeremy,
thanks for the clarification. While I can recognize the hashing pattern through example, I haven’t really dug into encryption. I’ll be sure to look into that portion of the zend documentation. I’m still a bit of a newb when it comes to encryption (especially the math behind it), so I’m sticking to what I’ve seen, but I could use my own studying in this area.
I was expecting using Zend_Rest..
but overall great tutorial for all (especially beginners)
Nice tutorial. But I don’t understand why you don’t use the Zend Framework component for a Json server. You say that the Zend RPC server is XML based but they also a Json server component. You can find the manual on this website:
http://framework.zend.com/manual/en/zend.json.server.html
Hi Ivo,
thanks for calling attention to this part of the manual! I think something like this would be really effective with a complex web service and a follow-up video might be in order. I’m still wondering why the Zend architects haven’t made a common REST server class that works with JSON and XML interchangeably (.NET has gone through 2 architectures of this sort that both work in this manner).
[...] don’t have time to set anything up but this is a good resource: Writing a REST Web Service & Client With Zend_Controller | free Zend Framework screencasts – Zen… [...]
Hi, Jon!
Thanks for all the videos, I like it much. But I couldn’t watch the downloaded video from the link above. I downloaded it twice but it fails to be played on windows.
Please check if it’s playable at yours. Thanks!
Any chance to get this video back ?
Hey Michael,
looks like my wordpress plugin doesn’t like ampersands. Should be working now. Thanks for mentioning it.
Awesome tutorial. I tried both the code that I wrote following it and also the downloaded code and I seem to have problems (I think with the md5). I am getting the following output eventhough my key is set up properly:
Please advise. Thanks much.
Application Error
The following error occurred:
exception ‘Zend_Json_Exception’ with message ‘Illegal Token’ in /home/ted/library/Zend/Json/Decoder.php:451 Stack trace: #0 /home/ted/library/Zend/Json/Decoder.php(118): Zend_Json_Decoder->_getNextToken() #1 /home/ted/library/Zend/Json/Decoder.php(157): Zend_Json_Decoder->__construct(‘call(‘countrysearch’, Array) #4 /home/ted/library/Zend/Controller/Action.php(503): IndexController->indexAction() #5 /home/ted/library/Zend/Controller/Dispatcher/Standard.php(285): Zend_Controller_Action->dispatch(‘indexAction’) #6 /home/ted/library/Zend/Controller/Front.php(934): Zend_Controller_Dispatcher_Standard->dispatch(Object(Zend_Controller_Request_Http), Object(Zend_Controller_Response_Http)) #7 /var/www/teddy/ep16/application/bootstrap.php(21): Zend_Controller_Front->dispatch() #8 /var/www/teddy/ep16/public/index.php(8): require(‘/var/www/te…’) #9 {main}
hmmm… maybe its related to the encoding / decoding process? I would try and run the requests with really simple data sets.
Zend framework 1.9.0 included Zend_Rest_Route, Zend_Rest_Controller, and Zend_Controller_Plugin_PutHandler, which aid in providing RESTful resources via the MVC layer. This should be a nice topic for your upcoming webcast.
Thanks Jon, got it by fixing my .htaccess
public function init()
{
$this->_helper->contextSwitch()
->addActionContext(‘index’, ‘json’)
->initContext();
}
I would suggest to solve this problem with contextSwitch. More info at reference manual at http://framework.zend.com/manual/en/zend.controller.actionhelpers.html more precicly 12.8.4. Built-in Action Helpers
Hey John,
first to say, cool and useful tutorial. But I have one question… What if i want to access my API from other php site that does not run on zend framework? I cant run “HttpClient.php” class because that class contain some zend framework objects (like Zend_Http_Client). Maybe i didnt understand what we give client to access our API (except secret key).
Thanks for you time
hey Milos,
the key is used to make sure that the request parameters are properly encrypted. You could re-create this functionality for a python, .NET, Java, etc… consumer of your web service. At the end of the day, you’re just sending and requesting XML.
Hi,
Did you mention that using SSL the hashing procedure is not required ?
Correct me if I’m wrong. As far as I know, using a SSL cert, all the data is encrypted form the client to the Server, so there’s no way a MiM get something valuable.
Forcing the client to communicate with https protocol would prevent any security issue.
Of course, the tutorial could be aimed for those not using SSL.
Again, correct me if I’m wrong. I’m relatively new to this.
Great Videos.
Great Video, but a little outdated. After watching this video, consider this tutorial for 1.9/1.10
http://techchorus.net/create-restful-applications-using-zend-framework
Thank you for the amazing screencasts! They have been my main learning tool for Zend.
I am getting an error, “Class ‘App_Countries’ not found in…” I have Countries.php under library/App but in I am not able to create an instance of the class in my index controller. Just curious if you can provide any help with that.
Thank you again!
Well, it turns out I forgot to use the autoloader:
require_once ‘Zend/Loader/Autoloader.php’;
$loader = Zend_Loader_Autoloader::getInstance();
$loader->registerNamespace(‘App_’);
Thx for these videos. They are very helpful. But I have a question. Can I use a API function with capital letters such as ‘getDefaultNumberAction’ ?
I tried but it was not working. When I changed it to ‘getdefaultnumberAction’ then it worked..