Implementing Oracle API Platform Cloud Service电子书

Title Page

Copyright and Credits

Implementing Oracle API Platform Cloud Service

Packt Upsell

Why subscribe?

PacktPub.com

Foreword

Contributors

About the authors

About the reviewers

Packt is searching for authors like you

Acknowledgments by All Authors

Preface

What is an API?

3rd generation APIs

What this book covers

How we have approached this book

What you need for this book

Who is the book for?

Conventions

Reader feedback

Customer support

Downloading the example code

Download the color images

Errata

Piracy

Questions

Platform Overview

What is the Oracle API platform?

Evolution of Oracle's API offering

Platform architecture

Components description

Management portal

APIs page

The API implementation page

The implementation section

The deployment section

The publication section

The grants section

Registration section

The analytics section

Applications page

The settings section

Grants section

The gateways page

Settings section

Properties section

Nodes section

Deployments section

Grants section

The analytics section

The services page

The settings section

The grants section

Service accounts page

The settings section

The grants section

The roles page

Users and groups

Platform settings page

General settings section

Developer portal settings section

Development portal

The API page

The API documentation section

API subscription

My applications page

The overview section

Subscribed APIs section

The grants section

The analytics section

Management service REST APIs

API plans

Apiary

The Apiary account

Apiary views

Apiary personal view

Apiary editor

Inspector

Documentation

Testing with Apiary

Apiary settings

People

Apiary team view

APIs

Styles

People

Settings

Billing

Account settings

Summary

Use Case

Scenario

Use case opportunities

IT landscape

Financial processes

Recorded material and related assets

Contracts

Identities

Audit trail

Logical data view

API requirements in detail

Product

Product for partners

Product for composers and artists

Product availability

Structuring the design approach

Exploring OMESA

Single purpose versus multipurpose APIs

Semi-decoupled and fully decoupled

Bounded context

Next steps

Summary

Designing the API

Scenario

The API design-first process

Step 1 – defining the API type

Single-purpose APIs

Multi-purpose APIs

MRA's Media Catalogue API – public and multi-purpose

Step 2 – defining the API's domain semantics

Step 3 – creating the API definition with its main resources

Step 4 – trying the API mock

Step 5 – defining MSON data structures

Step 6 – pushing the API blueprint to GitHub

Step 7 – publishing the API mock in Oracle API platform CS

Step 8 – setting up Dredd for continuous testing of API endpoints against the API blueprint

Summary

Building and Running the Microservice

What is a microservice?

Understanding the technical requirements

Building the Microservice

Step 1 – install Node.js and MongoDB

Step 2 – create the skeleton of the Media Catalogue Microservice

Step 3 – define the structure of the Media Catalogue Microservice

Step 4 – configure the Media Catalogue Microservice

Step 5 – define the data entity

Step 6 – code the interaction with the database

Step 7 – define the controller function

Step 8 – route the incoming request to the new controller function

Step 9 – test the microservice

Step 10 – package and deploy the microservice

Step 11 – updating the API endpoint and re-test using Dredd

Summary

Platform Setup and Gateway Configuration

Platform architecture

The concept of logical and physical gateways

Avoiding network latency for global deployments

Deployment for the use case

How many nodes

How many logical gateways

How much storage?

Gateway design decisions in our use case

One cloud management or several?

Single management instance

Multiple management instances

MRA's approach number of cloud management instances

Firewall or no firewall

Load balancing

Web proxies

Content Delivery Networks (CDNs)

Prerequisites to allow the API platform to be built

Background to the account types

Building the cloud

Default roles and users

Creating users inside API platform

Configuring Oracle traffic director

Network-based access controls

Setting up Apiary

Configure developer portal look and feel

Gateway life cycle and deployment

Gateway configuration

Where to get the logical gateway ID

Configuration JSON properties

Gateway prerequisites

Retrieving the gateway deployment package

Actioning the gateway deployment

Unpacking

Install

Configure

Start

Create

Join

Making the gateway production ready

Linux security

Log analytics

Dealing with certificates

Gateway lockdown

Summary

Defining Policies for APIs

Background

Common security threats

Denial-of-service attacks (DoS)

Payload attacks

Role of the gateway

HTTP and HTTPS

Throttling

Implementing APIs for MRA

Understanding policies

General guidelines for designing policies

Request and response pipeline policies

Defining polices

Inbound policies

Outbound policies

Defining rate limiting policies

API rate limiting policies

Steps to create a rate limiting policy

Application rate limiting policies

Creating an application rate policy

Testing the policy

Lightweight authorization checks

Creating an API key policy

Testing the API key

Logging

Enabling logging

Interface filtering

Creating an interface filter

Testing the policy

Cross origin resource sharing (CORS)

Creating a CORS policy

Testing the CORS policy

Gateway-based routing

Creating a gateway-based routing policy

Resource-based routing

Groovy policies

Response policies

API policy iterations

Monitoring APIs

Summary

Testing APIs with API Fortress

What is API Fortress?

Test management

Monitoring

Continuous deployment

Tools

Test the MRA Media Catalogue API

Create Media Catalogue test case

The GetArtistById test case

Test using the Jenkins plugin

Summary

Implementing OAuth 2.0

OAuth 2.0 overview

Client credentials

Resource owner password

Implicit

Authorization code

MRA use case

Implementation steps

Step 1 – obtaining an Oracle identity cloud account

Step 2 – configuring an Oracle identity cloud resource server

Step 3 – configuring an Oracle identity cloud client application

Step 4 – adding users and groups to client application

Step 5 – configuring the API platform gateway

Step 6 – applying OAuth 2.0 policies to APIs

Summary

Implementing Custom Policies

What is Groovy?

Why provide Groovy for logging?

How Groovy custom policies work?

APIs to access call data

How to reject an API call in a Groovy policy?

Recognizing Groovy errors

Groovy policy illustration

Addressing a problem with a simple Groovy policy

Building our API

Run the test

Implementing a Groovy policy for an API response

A closer look at Groovy language limitations

Custom Java policies

Composition of a custom Java policy

Creating a custom policy for MRA

Getting geolocation information

Simplifying the development process

Using an IDE

Build properties

Build process

Presentation definition

Supporting JavaScript

Localization of the UI

UI Backend for validating configuration

Backend implementation

API runtime

Metadata

Additional libraries

Deployment

Current constraints

Custom policies – which policy type to use?

Summary

Moving from API Management 12c to APIP CS

Oracle API management suite 12c

Oracle API manager 12c overview

Oracle API gateway 11g

Oracle API Platform Cloud Service

Mapping of personas and roles

Architectural differences

Strategy for transitioning APIs from OAPIM 12c to APIP CS

API re-implementation design

Service implementation

API definition and API-first design

API creation/policy implementation

API testing

API switch-over strategy

Defining API policies

Adding API documentation

Deploying endpoints

Testing the API

Publication of the API

Analytics

Summary

Another book You May Enjoy

Leave a review - let other readers know what you think