This course from Pluralsight provides a thorough introduction to the programming models and APIs needed to leverage Microsoft’s Web API stack. Students will come away with a comprehensive understanding of the capabilities of the Web API, core concepts underlying this part of the framework, appropriate use cases, programming models, best practices, and a variety of tips and tricks. Upon course completion, students will be able to determine whether the ASP.NET Web API is a suitable platform for constructing and deploying HTTP-enabled APIs and business services for the client applications they serve, and with the foundation to deepen their understanding with additional coursework in more advanced topic areas. Experienced .NET developers will be able to begin designing and building such services right away.
The course is divided into six modules, and is a combination of slide/lecture format and hands-on coding demos using Microsoft Visual studio.
The first module provides an overview, including some history of the MS Web programming stack, the evolution of the .NET APIs, and when and how to use the ASP.NET Web API. It discusses the APIs client-agnostic behavior, and its suitability for building services that can be consumed by HTML5 apps, mobile apps, and desktop apps alike. It introduces both the client and server side programming models. It discusses the use of both MVC based and ASP.NET web forms based services. It also introduces the HttpClient. It describes how the API can handle both RESTful and non REST based services.
The second module dives deep into building a RESTful interface, including an overview of REST that covers the concepts of URIs and HTTP verbs, and how to create controller classes and methods that implement the interface. It also digs deeper into the HTTP stack and discusses custom handling of headers and response codes, and overviews the standard HTTP request and response objects.
The third module covers the HTTP Client in depth, including a discussion of security, and request response handling with JSON, XML and other media types. It also covers HTTP headers and cookies in depth, and discusses proxies, credentials, compression and other client handling topics.
The fourth module covers two main Web API hosting options: ASP.NET hosting and Self Hosting. It describes how to configure each. While ASP.NET hosting (inside the normal IIS pipeline) is the more common case, self hosting allows developers to implement HTTP endpoints in other services. It delves into how to use the controller infrastructure to do message dispatching and routing in the self hosted configuration.
The fifth module covers basic security in the Web API, and how to extend it. It describes how the security model depends on the hosting option chosen: with ASP.NET hosting, the security services are provided by ASP.NET; with self hosting, the Web API exposes the WCF security model, and allows it to be extended. The module provides a walkthrough of authentication and authorization, and provides a demo of adding authentication to a self hosted Web API service.
The sixth module covers extensibility topics. It describes how the entire ASP.NET pipeline was built from the ground up for extensibility, and walks through the key topics of using the HttpConfiguration object for modifying configurations, as well as details on modifying filters, formatters and message handlers. It addresses considerations like handling non built-in media types, pre- and post-request hooks in the controller execution pipeline, customized message handlers, and strategies for deciding which approach to take in different use cases. It includes a detailed demo of using X-HTTP-Method-Override headers to tunnel HTTP methods when PUT and DELETE aren’t allowed. It ends with a description of using the Service Resolver to find services.