C# Section I

WEB-API
C#
1. ASP.NET WEB API INTRODUCTION

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 1

C#

Three Tier Architecture (Physical)

Presentati
Data Business
on

Assembly
Assembly (.dll) (.exe/.dll)

Process Process
C#

InterProcess Communication
END POINT/IP+PORT

Data Business Business Data

Assembly Assembly
(.dll) (.dll)

Process Process

END POINT/IP+PORT

Communication Protocol
TCP/IP/UDP/HTTP
C#

? NEED FOR WEB API/WCF

Request Access to Resources
WITHIN COMPANY OUTSIDE COMPANY
Employee Access Outsiders

Same Platform Same Platform Same Platform

.Net (Assembly .Net (Assembly .Net (Assembly
Reference .dll) Reference .dll) Reference .dll)

Firewall
XML/JSON
Light weight WEB API SERIALIZED
Data Business XML/JSON JAVA/C++
Light weight
WEB API SERIALIZED JAVA/C++ PHP/RUBY
PHP/RUBY Platform
Assembly XML/JSON
SERIALIZED JAVA/C++ Platform
(.dll) PHP/RUBY
Platform

Process
WCF Same Platform
XML+HTT .Net (Assembly
ENDPOINT P Reference .dll) Same Platform
/IP+PORT WCF .Net (Assembly
WCF SERVICE Reference .dll) JAVA/C++
XML+HTTP
WCF PHP/RUBY
ASP.NET WEB API Platform
XML+HTTP
C#

? NEED FOR WEB API/WCF

Request Access to Resources
WITHIN COMPANY OUTSIDE COMPANY
Employee Access Outsiders

Same Platform Same Platform Same Platform

.Net (Assembly .Net (Assembly .Net (Assembly
Reference .dll) Reference .dll) Reference .dll)

Firewall
XML/JSON
Light weight WEB API SERIALIZED
Data Business XML/JSON JAVA/C++
Light weight
WEB API SERIALIZED JAVA/C++ PHP/RUBY
PHP/RUBY Platform
Assembly XML/JSON
SERIALIZED Platform
(.dll)

Process
WCF
XML+HTT
ENDPOINT P

WCF SERVICE /IP+PORT WCF

XML+HTTP
WCF
ASP.NET WEB API
XML+HTTP
C#

Web API is the great framework for

exposing your data and service to
ASP.NET WEB API different-different devices. it use the full
features of HTTP (like URIs,
request/response headers, caching,
versioning, various content formats)

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 6

C#

Web services
• A web service is a collection of protocols and
standards used for exchanging data between
applications or systems.
WebServices are published, described and located over Internet.
C#

Characteristics
1. A Web Service is accessible over the Web.
2. Web Services communicate using platform-independent
and language-neutral Web protocols.
3. A Web Service shares schemas and contracts/interface
that can be called from another program.
4. A Web Service is registered and can be located through
a Web Service Registry.
5. Web Services support loosely coupled connections
between systems.
C#

SOAP
• Simple Object Access
Protocol
• SOAP is an open protocol
specification defining a
uniform way of performing
RPCs using HTTP as the
underlying communications
protocol with XML for the
data serialization.

PORT 80 or HTP
C#
SOAP-Packet
HTTP Packet

HTTP Header

HTTP Body

TCP communication channel

C#

SOAP Messages
• SOAP provides a standard ‘envelope’ within which a message
can be delivered.
• SOAP is mechanism (protocol) for transferring information
(messages) between applications which may be widely
distributed.
• SOAP says nothing about the content of the message – the
sender and the receiver must understand the message for
themselves.
• SOAP is part of a communication stack.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 11

C#

Web Services

SOAP

WCF

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 12

C#

SOAP STRUCTURE
• Each SOAP message will Transport protocol
MIME header
have:
SOAP ENVELOPE
– An Envelope
– A Header (optional) SOAP HEADER

– A Body
– The Body may contain a SOAP BODY
Fault element FAULT

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 13

C#

SOAP Structure(2)
• The envelope wraps the entire soap document
• The header allows additional information to be
passed as well as the body of the document – e.g.
Authentication
• The body element contains the core of the SOAP
document – this will contain either the RPC call or
the XML message itself
• The fault information will contain any exception
information
C#

Anatomy of a SOAP message

<?xml version=‘1.0’
encoding=‘UTF-8’?>
<SOAP-ENV:Envelope xmlns:SOAP_ENV=“http://schemas.xmlsoap.org/soap/envelope/”
xmlns:xsi=“http://www.w3c.org/1999/XMLSchema-instance”
xmlns:xsd=“http://www.w3c.org/1999/XMLSchema”>
<SOAP-ENV:Header>

</SOAP-ENV:Header

<SOAP_ENV:Body>

</SOAP-ENV:Body>

</SOAP-ENV:Envelope>
C#

SOAP protocol binding

SOAPAction = “urn:soaphttpclient-action-uri”
Host = localhost
Content-Type = text/xml; charset=utf-8
Content-Length = 701

<SOAP-ENV:Envelope xmlns:SOAP_ENV=“http://schemas.xmlsoap.org/soap/envelope/”
xmlns:xsi=“http://www.w3c.org/1999/XMLSchema-instance”
xmlns:xsd=“http://www.w3c.org/1999/XMLSchema”>

</SOAP-ENV:Envelope>
C#

SOAP RPC
• SOAP RPC messages contain XML that
represents a method call or method response

• The SOAP XML will be converted into a

method call on the server and the response
will be encoded into SOAP XML to be returned
to the client
C#

SOAP Faults
• SOAP errors are handled using a specialised
envelope known as a Fault Envelope
• A SOAP Fault is a special element which must
appear as an immediate child of the body
element
• <faultcode> and <faultstring> are required.
C#

A SOAP fault
<?xml version=‘1.0’ encoding=‘UTF-8’?>
<SOAP-ENV:Envelope
xmlns:SOAP_ENV=“http://schemas.xmlsoap.org/soap/envelope/”
xmlns:xsi=“http://www.w3c.org/1999/XMLSchema-instance”
xmlns:xsd=“http://www.w3c.org/1999/XMLSchema”>
<SOAP_ENV:Body>
<SOAP-ENV:Fault>
<faultcode>SOAP-ENV:Server</faultcode>
<faultstring>Test fault</faultstring>
<faultactor>/soap/servlet/rpcrouter</faultactor>
<detail>
..
</detail>
</SOAP-ENV:Fault>

</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
C#

SOAP Attachment
Transport protocol
• Large quantities or binary data
MIME header
may not fit well into a XML
SOAP message. SOAP ENVELOPE

SOAP HEADER
• In which case it can be sent ‘out
of band’ by attaching it to a
SOAP message SOAP BODY
FAULT
• Analogy : email attachments.

Attachment
C#

Attaching a file to a SOAP message

• To add a file to a SOAP message a tag is added
within the body of the message.
<?xml version=‘1.0’ encoding=‘UTF-8’?>
<SOAP-ENV:Envelope
xmlns:SOAP_ENV=“http://schemas.xmlsoap.org/soap/envelope/”
xmlns:xsi=“http://www.w3c.org/1999/XMLSchema-instance”
xmlns:xsd=“http://www.w3c.org/1999/XMLSchema”>
<SOAP_ENV:Body>

<attachment href=“{URL}”/>

</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
C#

SOAP HTTP
• SOAP is an XML based • HTTP can serve any content
encoding of messages that over HTTP such as HTML,
are typically sent over HTTP, images, sound, video etc.
but could be sent over • HTTP is overTCP/IP
SMTP or even FTP • HTTP based APIs refer to
• SOAP sites on top of HTTP APIs that are exposed as
• Generally require a toolkit one or more HTTP URIs and
and more processing power. typical responses are in XML
/ JSON. Response schemas
are custom per object

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 22

C#

URL
• Uniform resource locator
– http://www.google.com/
– https://www.google.com/username/logo.jpg

url scheme hostname urlpath

http://www.askapache.com/online-tools/http-headers-tool/

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 23

C#

Content Types
• Content type that a server specifies relies on
the Multi-purpose Internet Mail Extensions
(MIME)
Type/SubType Description
Application/atom+xml Atom feed
Application/json JSON data
Image/gif GIF image
Image/png PNG image
Video/mp4 Mp4 video
Text/xml Xml
Text/html Html
Text/plain Just text
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 24
C#

HTTP
• Ubiquitous (common)
• Interoperable
• Scalable
• Flexible
• Mature
• Simple

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 25

C#
Many Faces of HTTP Frameworks in
.NEt
• WCF Web • ASP.NET
HTTP WEB API
• WCF Data
Services
• ASP.NET MVC

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 26

C#

HTTP
• Stateless – Each HTTP is designed
transaction between the
client and server is as a stateless
independent and no state is protocol meaning
set based on a previous
transaction or condition. each request
• Uses requests from the response
client to the server
and responses from the transaction is
server to the client for independent
sending and receiving data.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 27

C#
HTTP is an application layer protocol

• The Web client and the Web server are application programs
• Application layer programs do useful work like retrieving Web
pages, sending and receiving email or transferring files
• Lower layers take care of the communication details
• The client and server send messages and data without knowing
anything about the communication network
C#

HTTP
HTTP: hypertext transfer protocol
•The rules governing the conversation between a Web client and a
Web server
•Request-response protocol
•It is a stateless (does not maintain a state of a session) and
asynchronous( an html document is loaded asynchronous by the
browser as soon as parts of it are available)

Layer Function
Application Do useful work like Web browsing, email,
and file transfer
Lower layers Handle communication between the client
and server

A network protocol is the set of rules governing a conversation between a

client and a server
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 29
C#
HTTP Message Types
Single HTTP Transaction

HTTP Request

HTTP Response

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 30

C#
An HTTP conversation

Client Server
• I would like to open a
connection • OK

• GET <file location>

• Send page or error message

• Display response
• Close connection
• OK

HTTP is the set of rules governing the format and content

of the conversation between a Web client and server
C#
HTTP Status Codes

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 32

C#

HTTP Request
•
Request-Method is: Request-header can have the
following fields (selection):
• GET – request whatever information is
identified by the Request-URL – Accept : MIME types of resources
accepted by browser
• POST – request that server accepts the
entity enclosed in the request – Accept-Charset : charset accepted by
• OPTIONS - request for information about browser
communication options – Accept-Encoding : encoding accepted
• PUT – request that the enclosed entity be by browser
stored under the Request-URL – Accept-Language : language accepted
• DELETE – request that the server delete by browser
the resource identified by Request-URL
– Authorization : user-agent wishes to
• TRACE – invoke a remote, application- authenticate itself with a server
layer loopback of the request message
– Host : the host Request-URL points to
• CONNECT – used by proxies in SSL
connections – Referer : the URL of document
• HEAD – identical to GET, but server must refering this URL
not return a message body in response – User-Agent : Firefox, Safari, IE

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 33

C#

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 34

C#

Safe vs Unsafe HTTP Request Methods

SAFE REQUEST METHOD UNSAFE REQUEST METHOD

HTTP1.1 HTTP1.1

GET POST
HEAD PUT
OPTIONS WRITE
DELETE
READ

http methods that do not modify resources http methods that modify resources

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 35

C#

HTTP vs HTTPS
HTTP HTTPS
• It is hypertext transfer • It is hypertext transfer
protocol protocol with secure
• It is not secure and • It is secure and reliable
unreliable • Https urls being with https
• HTTP urls begin with http:// • It uses port 443 by default
• It uses port 80 by default • It is designed to withstand
• It is subject to man-in-the- such attacks and is
middle and eavesdropping considered secure against
attacks such attacks

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 36

C#

http://www.rexswain.com/httpview.html
http://headers.cloxy.net/

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 37

C#
Chrome add on tools for HTTP
Header viewing

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 38

C#

Request Messages
[method] [URL] [version]
[headers]
[body]

GET http://www.sycliq.com/articles/index.aspx
Host: google.com
Accept-Language : en-EN
Date: FRI, 19 Jan, 2016 10:10:26 GMT

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 39

C#

Common Request Headers

Header Description
Referer The URL of the referring page
User-Agent Information about the browser
Accept Preferred media types
Accept-Language Preferred Language
Cookie Cookie information
If-Modified-Since Date of last retrieval
Date Creation timestamp for the
message

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 40

C#

Full Request
Get/HTTP/1.1
Host: sycliq.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows 10; WOW64) Chrome/16.0.912.75
Accept: text/html, application/xhtml+xml, application/xml;q=0.9,*/*; q=0.8
Referer: http://www.google.com/url?&q=iot
Accept-Encoding: gzip, defalte, sdch
Accept-Language: en-Us, en; q=0.8
Accept-Charset: ISO-8859-1, utf-8;q=0.7,*q=0.3

http://www.askapache.com/online-tools/http-headers-tool/

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 41

C#

HTTP RESPONSE
https://curlbuilder.com/

[version] [status][reason]
[headers]
[body]

X-headers are reserved

for non-standard
headers

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 42

C#

HTTP Header
Request

Response

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 43

C#

Content Negotiation
• It is the process of selecting the • In general a client sends the
best representation for a given Accept parameter in the Request
response when there are multiple Header to determine the
representations available. response.
• Content negotiation (conneg) in • In .NET, it really comes down to
the ASP.NET Web API is an deciding how to send down your
intrinsic server-driven mechanism CLR object to the client, over
used to determine, based on the HTTP or from the ASP.NET Web
client's request, which media API perspective, serialization is
type formatter (out of the box the process of translating a .NET
there are 4 media type Common Language Runtime (CLR)
formatters) to be used to return type into a format that can be
an API response. transmitted over HTTP. The
default formats are either JSON
or XML.
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 44
C#

Content Negotiation
• Core mechanism of
HTTP
• Client specific desired
formats using
AcceptHeader

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 45

C#

Summary
• We understood the evolution of web services
to support cross platform applications using
light weight http application protocol.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 46

C#

ASP.NET WEB API

© Syed Awase 2015-16 - ASP.Net MVC Ground

3/23/2016 47
Up
C#

ASP.NET

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 48

C#

A Framework for creating

HTTP Services that can
reach a broad range of
ASP.NET WEB API

clients including browsers

and mobile devices

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 49

C#

ASP.NET WEB API TIMELINE

April 2010 Aug 2012
WCF Feb 2012 ASP.Net
WebHttp ASP.Net Web API
Binding(.N Web API 4
et4) (Beta) Release

October20 March Sep

10 WCF 2012
Web API
2013
ASP.Net ASP.Net
on
OpenSou Web
CodePlex
rce
API 2
RC

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 50

C#

HTTP & ASP.NET WEB API

• HTTP Fundamentals via Web API • Hosting
– HTTP Messages – HTTP.SYS
– URIs
– IIS 101
– Verbs
– HTTP Compression
– Controllers and Actions
– Persisted Connections
– Status Code
– HttpRequestMessage – Web API Self Hosting
– HttpResponseMessage • More HTTP and Web API
– Error Handling – Caching
– Content Negotiation – Concurrency
– MediaType Formatters
– Security
– OData
– Streaming
– Validations
– WebSockets and SignalR
– Dependency Resolver
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 51
C#

What?
• A fully supported and extensible framework for
building HTTP based endpoints
• Built on the top of ASP.NET
– Mostly ASP.NET Routing
• Released with ASP.NET MVC4
– Not linked to MVC – you can use alone, with MVC4 or you
can use with ASP.NET web forms
– Available via NuGET
• Also includes a new HTTP Client

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 52

C#

Why?
• First-class modern HTTP programming model
• Easily map resources to URIs and implement the uniform
interface of HTTP
• Rich support for formats and HTTP content negotiation
• Request validation
• Enable hypermedia with link generations
• Separate out cross cutting concerns (like authorization,
caching)
• Help Page generation
• Flexible hosting
• Light-weight testable, scales
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 53
C#

Why?
• You are building
– An HTML5 application that needs a services layer
– A mobile application that needs a services layer
– A client-server desktop application that needs a
services layer
– Reach more clients (Native Mobile Applications,
Cross platform applications)
– Scale with the cloud
– Embrace HTTP as an Application protocol
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 54
C#

Why to choose Web API?

• If we need a Web Service and don’t need SOAP, then ASP.Net Web API is
best choice.
• It is used to build simple, non-SOAP-based HTTP Services on top of existing
WCF message pipeline.
• It doesn't have tedious and extensive configuration like WCF REST service.
• Simple service creation with Web API. With WCF REST Services, service
creation is difficult.
• It is only based on HTTP and easy to define, expose and consume in a
REST-ful way.
• It is light weight architecture and good for devices which have limited
bandwidth like smart phones.
• It is open source.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 55

C#

HTTP & ASP.NET WEB API

• HTTP Fundamentals via Web API • Hosting
– HTTP Messages – HTTP.SYS
– URIs
– IIS 101
– Verbs
– HTTP Compression
– Controllers and Actions
– Persisted Connections
– Status Code
– HttpRequestMessage – Web API Self Hosting
– HttpResponseMessage • More HTTP and Web API
– Error Handling – Caching
– Content Negotiation – Concurrency
– MediaType Formatters
– Security
– OData
– Streaming
– Validations
– WebSockets and SignalR
– Dependency Resolver
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 56
C#

What’s new?
ASP.NET Web API 2 ASP.NET Web 2.1
• Attribute Routing • Attribute Routing
• Improved testability improvements
(IHTTPActionResult, • Global error handling
HttpRequestContext)
• Odata: $select, $expand, • Help page improvements
$value,$batch • IgnoreRoute support
• Request batching • BSON formatter
• OWIN (Open Web Interface for
.NET) Integration
• Better async filter
• Portable Web API Clients • Portable query building and
• Web API Security parsing
(CORS,OAuth2.0, Authentication
filters, filter overrides)
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 57
C#

WEB API Features

• It supports convention-based CRUD Actions since it works with HTTP verbs
GET,POST,PUT and DELETE.
• Responses have an Accept header and HTTP status code.
• Responses are formatted by Web API’s MediaTypeFormatter into JSON,
XML or whatever format you want to add as a MediaTypeFormatter.
• It may accepts and generates the content which may not be object
oriented like images, PDF files etc.
• It has automatic support for OData. Hence by placing the new [Queryable]
attribute on a controller method that returns IQueryable, clients can use
the method for OData query composition.
• It can be hosted with in the application or on IIS.
• It also supports the MVC features such as routing, controllers, action
results, filter, model binders, IOC container or dependency injection that
makes it more simple and robust.
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 58
C#

ASP.NET WEB API TOOLS

• ASP.NET WEB API 2 • Fiddler
Ships with Visual Studio • Getpostman (chrome
2013 addon)
• Requires .NET 4.5 or • XHR POSTER (chrome
later addon)
• http://www.asp.net/we • HTTPHeaders (chrome
b-api addon)
https://curlbuilder.com/ http://jflasher.github.io/spark-helper/

https://www.hurl.it/

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 59

C#

Is this REST?
• The ASP.NET Web API doesn’t dictate an
architectural style
• However you can build a RESTful service on
top of it
– It does not get in your way if you want to design
using the REST architectural style

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 60

C#

Versus the WCF Web Framework

• WCF also has a framework for building HTTP
based services
– Based on WCF attributed programming and
configuration models
• When would you choose WCF over ASP.NET
Web API
– You are limited to .NET 3.5
– You also are exposing a SOAP based services

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 61

C#

WCF Challenges
• It is also based on SOAP and return • To use WCF as WCF Rest service you
data in XML form. have to enable webHttpBindings.
• It is the evolution of the web • It support HTTP GET and POST verbs
service(ASMX) and support various by [WebGet] and [WebInvoke]
protocols like TCP, HTTP, HTTPS, attributes respectively.
Named Pipes, MSMQ. • To enable other HTTP verbs you have
• The main issue with WCF is, its to do some configuration in IIS to
tedious and extensive configuration. accept request of that particular verb
• It is not open source but can be on .svc files
consumed by any client that • Passing data through parameters
understands xml. using a WebGet needs configuration.
• It can be hosted with in the The UriTemplate must be specified
applicaion or on IIS or using window • It support XML, JSON and ATOM data
service. format.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 62

C#
Choosing between WCF or WEB API

• Choose WCF when you want to create a service that should support
special scenarios such as one way messaging, message queues, duplex
communication etc.
• Choose WCF when you want to create a service that can use fast transport
channels when available, such as TCP, Named Pipes, or maybe even UDP
(in WCF 4.5), and you also want to support HTTP when all other transport
channels are unavailable.
• Choose Web API when you want to create a resource-oriented services
over HTTP that we can use the full features of HTTP (like URIs,
request/response headers, caching, versioning, various content formats).
• Choose Web API when you want to expose your service to a broad range
of clients including browsers, mobiles, iphone and tablets.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 63

C#
MVC Web API

• Used to create web applications • Used to create full blown HTTP

that comply with MVC design services with easy and simple way
patterns generating both views that returns only data
and data • Helps to build REST-ful services
• MVC has provision to return data over the .NET framework and it
in JSON format using JsonResult also supports content-negotiation
• Requests are mapped on to the ( deciding the best response
action name. format data that could be
• Model binding, filter, router and acceptable by the client ex: JSON,
other MVC features are different XML, etc.), Self hosting
from ASP.NET and extends from • Requests are mapped to the
system.web.mvc actions based on HTTP verbs
• Web API can be used with
ASP.NET and as a stand alone
service layer and extends from
system.web.http assembly
• A light weight architecture
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 64
C#

INTRODUCTION, ROUTING,
ATTRIBUTE ROUTING
© Syed Awase 2015-16 - ASP.Net MVC Ground
3/23/2016 65
Up
C#

Getting Started
• Create a WebAPI
Project
• Create an ASP.NET
Project and add a Web
API Project
• Create any project!
– Install-package
Microsoft.AspNet.WebApi.SelfHost
– Using NuGet

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 66

C#

WEB API SCAFFOLDING PROJECT

WebApiConfig.cs
WebAPI
ASP.NET MVC5
Project

Global.asax Global.asax

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 67

C#

Conventional Routing
• Convention-based routing, you • Advantage being that
define one or more route templates are defined in a
templates, which are basically
parameterized strings.
single place and routing
• ASP.NET Hosting Layer Maps URIs
rules are applied
and Verbs to controller consistently across
– Must derive from APIController controllers
• New Extension Method for • ASP.NET Routing is the most
Routing common way to map URIs
– MapHttpRoute
and Verbs to your methods
– Registers a differentHandler to
the routing Infrastructure – Not the only way however
• HttpControllerHandler – Self Hosting can use this
system or replace it with your
own.
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 68
C#
Conventional Routing

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 69

C#

Conventional Routing

WebAPI Configuration Services

And WebAPI Routes

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 70

C#

Attribute Routing
• Convention-based routing • Attribute routing, is
makes it hard to support trivial to define a route
certain URI patterns that
for this URL.
are common in RESTful
APIs. • Simply by adding an
• E.g. Customers have orders, [attribute] to the
movies have actors, books controller action
have authors
• It’s natural to create URIs
that reflect these relations
– /customers/1/orders

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 71

C#

Attribute routing
set a common prefix for an entire controller
by using the [RoutePrefix] attribute:
WebAPI
Configuration
Services
And WebAPI
Routes

Enabling Attribute Routing

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 72

C#

Override the route prefix

Use a tilde (~) on the method attribute to
override the route prefix:

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 73

C#

Route prefix parameters

route prefix can include parameters:

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 74

C#

Route constraints
Route constraints let you restrict how the parameters
in the route template are matched. The general syntax
is "{parameter:constraint}"

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 75

C#

Supported constraints
Constraint Description Example

Matches uppercase or lowercase

alpha {x:alpha}
Latin alphabet characters (a-z, A-Z)

bool Matches a Boolean value. {x:bool}

datetime Matches a DateTime value. {x:datetime}

decimal Matches a decimal value. {x:decimal}

Matches a 64-bit floating-point

double {x:double}
value.

Matches a 32-bit floating-point

float {x:float}
value.

guid Matches a GUID value. {x:guid}

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 76
C#
int Matches a 32-bit integer value. {x:int}

Matches a string with the specified length {x:length(6)}

length
or within a specified range of lengths. {x:length(1,20)}

long Matches a 64-bit integer value. {x:long}

Matches an integer with a maximum

max {x:max(10)}
value.

maxlength Matches a string with a maximum length. {x:maxlength(10)}

min Matches an integer with a minimum value. {x:min(10)}

minlength Matches a string with a minimum length. {x:minlength(10)}

Matches an integer within a range of

range {x:range(10,50)}
values.

{x:regex(^\d{3}-\d{3}-
regex Matches a regular expression.
\d{4}$)}

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 77

C#

Custom Route Constraints

custom route constraints by implementing the IHttpRouteConstraint interface.
constraint restricts a parameter to a non-zero integer value.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 78

C#

Custom Route Constraint

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 79

C#
Optional URI Parameters and
Default Values
make a URI parameter optional by adding a question mark to the route
parameter. If a route parameter is optional, you must define a default value for
the method parameter.

[OR]

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 80

C#

Route Name
In Web API, every route has a name. Route names are useful for generating links,
so that you can include a link in an HTTP response.

set the Name property on the attribute.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 81

C#

Route Order
When the framework tries to match a URI with a route, it evaluates the routes in a
particular order. To specify the order, set the RouteOrder property on the route
attribute. Lower values are evaluated first. The default order value is zero.

How is the total ordering is determined ?

1. Compare the RouteOrder property of the route attribute.

2. Look at each URI segment in the route template. For each
segment, order as follows:
i. Literal segments.
ii. Route parameters with constraints.
iii. Route parameters without constraints.
iv. Wildcard parameter segments with constraints.
v. Wildcard parameter segments without constraints.
3. In the case of a tie, routes are ordered by a case-insensitive ordinal
string comparison (OrdinalIgnoreCase) of the route template.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 82

C#

Route Order
1. orders/details
2. orders/{id}
3. orders/{customerName}
4. orders/{*date}
5. orders/pending

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 83

C#

Conventional Routing Attribute Routing

• Define one or more • Convention based routing

templates, which are makes it hard to support
basically parameterized certain URI patterns that are
strings. common in RESTful APIs.
• Applied to Controller Action
• Templates are defined in a
Methods or at the Controller
single place and routing
level.
rules are applied
• Ability to define constraints
consistently across all
and custom route constraints
controllers
• Route names are useful for
generating links, so that they
can include a link in an HTTP
response

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 84

C#

SUMMARY
• Approaches for creating web api 2
applications
• Conventional routing using MapHttpRoute
• Attribute Routing approaches
• In fact, you can combine both techniques in
the same project.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 85

C#

SYED AWASE KHIRNI

ACTION RESULTS IN WEB API

© Syed Awase 2015-16 - ASP.Net MVC Ground

3/23/2016 86
Up
C#

ACTION RESULTS
• Converting the return value from a controller action into an HTTP
response message.
• WEB API 1 : two ways of creating response from an API action
– Either return a specific object instance (or void) and let the Web API pipeline
convert that to an HttpResponseMessage for you
– Return a raw HttpResponseMessage, where the user has to construct it
manually and bypass all of the internal Web API mechanisms (formatters,
content negotiation).
• WEB API 2: IHTTPACTIONRESULT is a kind of wrap of
HTTPRESPONSEMESSAGE. It contains ExecuteAsync method to create an
HttpResponseMessage, further simplifies unit testing of your controller.
The return type are kind of strongly typed classes serialized by Web API
using media formatter into the response body.
– Drawbacks being one cannot directly return an error code, such as 404. Instead you
can only throw and HttpResponseException error.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 87

C#

WEB API Controller Action

• Web API uses different mechanisms to create
the HTTP response
Return type How Web API create the response
Void Return empty 204 (No Content)
HttpResponseMessage Convert directly to an HTTP response message
IHTTPActionResult Call ExecuteAsync to create an
HTTPResponseMessage, then convert to an HTTP
response message
Other type Write the serialized return value into the response
body; return 200(OK)

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 88

C#

VOID
• If the return type is
void, Web API simply
returns an empty HTTP
response with status
code 204 (NO
CONTENT)

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 89

C#

HttpResponseMessage
• HttpResponseMessage
return type, converts the
return value directly into
an HTTP response
message using the
properties of the
HttpResponseMessage
object to populate the
response.
• The option gives you a lot
of control over the
response message

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 90

C#

HttpResponseMessage

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 91

C#

“the process of selecting

Content the best representation
Negotiation in for a given response
ASP.NET WEB API when there are multiple
representations
available”
RFC 2616

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 92

C#

1. Accept : which media types are

acceptable for the response, such as
“application/json”, “application/xml” or a
Primary custom media type such as
Mechanism for “application/vnc.example+xml”
2. Accept-Charset: which character sets
Content are acceptable such as UTF-8 or ISO
Negotiation in 8859-1
3. Accept-Encoding: which content
HTTP are using encoding are acceptable, such as gzip.
4. Accept-Language: preferred natural
these request language, such as “en-us”
headers 5. Other Option – if the request contains
an X-Requested-With header,
indicating an AJAX request, the server
might default to JSON if there is no
Accept header

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 93

C#

IHttpActionResult
• Introduced in Web API2
• IHttpActionResult Interface defines an
HttpResponseMessage factory
• Advantages of using IHttpActionResult
– Simplifies unit testing webapi controllers
– Moves common logic for creating HTTP responses into
separate classes
– Makes the intent of the controller action clearer, by hiding
the low-level details of constructing the response

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 94

C#
Contains a single method, ExecuteAsync,
which asynchronously creates an
HttpResponseMessage instance

IHttpActionResult

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 95

C#

Other Return Types

• Web API uses a media
formatter to serialize the
return value. Web API
writes the serialized value
into the response body.
• A disadvantage of this
approach is that you
cannot directly return an
error code e.g. 404.
• You can only throw an
HttpResponseException
for error codes.
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 96
C#

Assemblies
System.Net.Http • Client and raw messaging types

System.Net.Http.Formatting • Model Binding and media type formatter

System.Web.Http • Basic Hosting Infrastructure

System.Web.Http.Common • Common APIs

System.Web.Http.WebHost • ASP.NET hosting

System.Web.Http.SelfHost • Self hosting

System.Web.Http.Data • DataController is an APIController that handles “CRUD” type operations

System.Web.Http.Data.EntityFramework • Specific implementations of DataController

System.Web.Http.Data.Helpers • Common code for data api

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 97

C#

UNIFORM INTERFACE

© Syed Awase 2015-16 - ASP.Net MVC Ground

3/23/2016 98
Up
C#

• The Uniform interface of REST

• ASP.NET Web API and the uniform interface
• Content Negotiation
• Model binding and formatting
• HTTP-deep diving

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 99

C#

REST
• Representational State Transfer
• Architecture for building systems ( by Roy Fielding)
• Based on the advantages of the Web
– URIs
– Uniform Interface
– Stateless
– Hypermedia-driven(i.e links)
– Cache-ability

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 100

C#

It’s all about URIs

• A RESTful service models its resources as URIs
– Builds on the success of the web
• Everything is addressable via a URI
• You interact with a resource by using the
Uniform Interface
– Start with URI, add well-known HTTP verbs

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 101

C#

Uniform interface
• No Side-effects (Safe)

GET • Idempotent(calling a million times has the same effect as one request)
• Retrieves resource
• Cacheable

POST • Creates a new resource

• Same as SOAP – still unsafe

PUT • Updates an existing resource

• Also idempotent

DELETE • Removes a resource

• Also idempotent

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 102

C#

Implementing using Conventions

• The route determines which Controller should
be invoked based on the request URI
• Controller derives from APIController
• Method invoked is picked based upon the
verb of the incoming HTTP request
– GET
– POST
– PUT
– DELETE
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 103
C#

Verbs to Attributes
• If you don’t want to name your methods with the Convention,
you can add attributes to your methods
– Name method whatever you’d like
– Routing still picks Controller
• AcceptVerbs
– Can specify multiple verbs to one method
• Specific attributes
– HttpGet
– HttpPost
– HttpPut
– HttpDelete

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 104

C#

Content Negotiation
• Dynamically determining the media type of a
resource based on client request
– Client sends Accept header with 1...N media types
(XML/JSON)
– Server sends back appropriate response with Content-Type
header
– Client also sends Content-Type header when sending a
body
• Web API provides automatic content negotiation
• Implemented using MediaTypeFormatter base class
– More on this in extensibility Module
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 105
C#

Parameter Binding in ASP.NET WEB API

Rules of binding
• When a WEB API calls a • Simple types – include .NET
method on a controller, primitive types (int, bool, double
..+ TimeSpan, DateTime, Guid,
it must set values for decimal and String)
the parameters, a • Complex types –Web API tries to
process called binding. read the value from the message
body, using a media-type
formatter

Simple type Complex Type

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 106

C#

Simple type Complex Type

id – parameter is of simple type and gets the value from the request URI

Item-parameter is a complex type, so WEB API uses a media-type

formatter to read the value from the request body

For complex types, however, consider using media-type formatters

whenever possible.A key principle of HTTP is that resources are sent in the
message body, using content negotiation to specify the representation of the
resource. Media-type formatters were designed for exactly this purpose.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 107

C#

[FromURI]
• To force WEB API
to read a complex
type from the URI
• Add the [FromUri]
attribute to the
parameter.

The client can put the Latitude and Longitude values in the query string and Web API
will use them to construct a GeoPoint
http://localhost/api/geopoint/?Latitude=47.678558&Longitude=-
122.130989
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 108
C#
[FromBody]
• To force WEB API to
read a simple type
from the request
body, add the
[FromBody] attribute
to the parameter
• At most one Content-Type: application/json
parameter is allowed
to read from the
message body.

The reason for this rule is that the request body might be stored in a non-
buffered stream that can only be read once.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 109

C#

ModelBinding and Formatting

• The Web API will automatically bind URI and HTTP
Body data to your methods
– Body data can be passed to MediaTypeFormatter based
on Content-Type
– Model Binding (same as ASP.NET MVC) is used on Query
String (URI) data
• Rule-body can only be read once
• [FromBody] and [FromUri] attributes used to control
• ModelBinding attribute can specify a custom
ModelBinding for a parameter
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 110
C#

HTTP-Diving Deeper
• Routing and controllers take care of the basics of HTTP
– URI + Verb
• What if you want to reach down further into the HTTP stack?
– Send back particular return methods
– Interrogate additional HTTP headers
• HttpRequestMessage/HttpResponseMessage are the answer
in the Web API
– HttpRequestMessage can replace body parameter
– HttpResponseMessage can replace return parameter

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 111

C#

Enable all http methods to come through

Current http methods supported are

Enable for/change/ Add “Put”, “DELETE”

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 112

C#
ASP.NET WEB API PROCESSING
ARCHITECTURE

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 113

C#

SYED AWASE KHIRNI

BASEBALL STATS 3-TIER WEB API

APPLICATION DB FIRST APPROACH

© Syed Awase 2015-16 - ASP.Net MVC Ground

3/23/2016 114
Up
C#

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 115

C#

Create WEB API Project

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 116

C#

Data Layer Project

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 117

C#

Service Layer Project

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 118

C#
Install Entity Framework with NuGet to
Data and Service Layer Projects

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 119

C#

Create DB, TABLES

Populate data through Insert Statements in SQL Query

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 120

C#

ADD REFERENCE FOR WEB API LAYER

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 121

C#

ADD REFERENCE FOR SERVICE LAYER

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 122

C#

DATA LAYER EF

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 123

C#

EF DB FIRST

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 124

C#

DB Connection Settings

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 125

C#

Service Layer

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 126

C#

Add WebAPI Controller

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 127

C#

ApiController

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 128

C#

Add Connection String

WebAPI -> Web.config
<connectionStrings>
<add name="PlayerContext"
connectionString="metadata=res://*/PlayerModel.csdl|res://*/PlayerModel.ss
dl|res://*/PlayerModel.msl;provider=System.Data.SqlClient;provider
connection string=&quot;data source=DESKTOP-
I57JOS9\SQLEXPRESS2014;initial catalog=DEVENVIRONMENT;integrated
security=True;MultipleActiveResultSets=True;App=EntityFramework&quot;"
providerName="System.Data.EntityClient" />
</connectionStrings>

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 129

C#

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 130

C#

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 131

C#

SYED AWASE KHIRNI

MOVIE REVIEW WEB API

APPLICATION WITH CODE FIRST
APPROACH
© Syed Awase 2015-16 - ASP.Net MVC Ground
3/23/2016 132
Up
C#

Movie and Review Classes

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 133

C#

Connection String

Web.config

<connectionStrings>
<add name="DefaultConnection" connectionString="Data Source=DESKTOP-
I57JOS9\SQLEXPRESS2014;Initial Catalog=Work;Integrated Security = SSPI"
providerName="System.Data.SqlClient" />
</connectionStrings>

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 134

C#

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 135

C#

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 136

C#

Package Manager Console

Enable-Migrations
Add-Migration Initial

Update-Database

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 137

C#

Migrations -> Configuration.cs

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 138

C# https://msdn.microsoft.com/en-in/data/jj713564.aspx

Relationship FixUP
• Navigation properties are not loaded explicitly
• Cyclic Reference

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 139

C#

Run the Application

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 140

C#

SYED AWASE KHIRNI

MEDIATYPEFORMATTERS IN WEB
API
© Syed Awase 2015-16 - ASP.Net MVC Ground
3/23/2016 141
Up
C#

The process of translating a .NET

Common Language Runtime (CLR) type
into format that can be transmitted over
SERIALIZATION HTTP. The default format can be either
JSON or XML.

A media type formatter that is

an object of type
MediaTypeFormatter performs the
serialization in the ASP.NET Web API
pipeline.

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 142

C#

MediaTypeFormatter
• To seamlessly convert HTTP data to/from .NET types.
• media type: refers to the value of the content-type
header within an HTTP request and response.
– Media types allow agent (client) and server to define the
type of the data sent in the HTTP body (payload).
– It is also used within the accept header in the request to
allow content negotiation, i.e. client notifies the server of
the media types it accepts/prefers.

Media type formatter is the bridge between the HTTP world

of URI fragments, headers and body on one side, and the
controller world of actions, parameters and return types.
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 143
C#

Using MediaTypeFormatters
• Global formatters sitting in
the formatters property of • For Self-Hosting
HttpConfiguration. – Create a
• If you are using ASP.NET HttpSelfHostConfiguration
hosting (IIS, Cassini, etc) object which has
then you can use formatters property.
GlobalConfiguration.Configuration
to access the instance
of HttpConfiguration
containing formatters.
App_Start-> WebApiConfig.cs
Result in Output window
3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 144
C#

MediaTypeFormatters

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 145

C#
Order of handling a request from a
MediaType Formatter
• System.Net.Http.Formatting.JsonMediaTypeFormatter, based
on JSON.NET
• System.Net.Http.Formatting.XmlMediaTypeFormatter, based
on DataContractSerializer
• System.Net.Http.Formatting.FormUrlEncodedMediaTypeForm
atter, for handling HTML form URL-encoded data
• System.Web.Http.ModelBinding.JQueryMvcFormUrlEncodedF
ormatter, for handling model-bound HTML form URL-encoded
data

3/23/2016 © Syed Awase 2015-16 - ASP.Net MVC Ground Up 146