This particular sentence says it all: "the message content should be independent of the transmission channel." That's the RPC dream: no matter what the pipe is, I'm sending you stuff to do. The problem, of course, is that in practice the transmission channel is never neutral: for example, HTTP and RMI are very different beasts, and in practice applications built on top of either one will end up relying on this or that assumption about the protocol, no matter how hard you try to standardize them. Same for any transmission protocol out there, really. You just have to decide when to stop trying to abstract everything away and do your work, because each additional abstraction is inevitably leaky. In this sense, REST basically tells you to stop right there and get to work. REST is not a "transmission channel", it's an application design philosophy for applications built on HTTP. End of.
Pretty much all his other objections can be fixed by using proper response codes and intelligent payloads that do not include verbs. The only verbs you need are in HTTP already - GET, POST and DELETE will cover 99% of your requirements. They make your API substantially predictable and robust. The minute you start putting verbs in payloads, you're doing RPC and you might as well use CORBA. If this is what you want, go ahead and do it, but don't say it's REST's fault if you don't understand what REST is.
Hardly. There's no search in these. You end up putting your query either to URL, which is hideous, or to request body, which is awful.
The only HTTP verb that can sensibly carry anything beside "create", "destroy", and "retrieve" commands is POST. This equals to operation "manipulate". And guess what? Plenty of remote interfaces use at the same time many operations that can be called "manipulate". Sticking to merely HTTP verbs is way, way too constraining.
We'll just have to disagree there.
In any case, if you find REST restrictive, fine, go ahead and do your RPC. Just don't try to tell me that it's anything other than RPC, with all the problems and warts we all know.
The value in REST is exactly that it forces you to simplify your interface down to basic verbs that everyone can understand and work with; if you can't do that, if additional complexity is unavoidable, then REST is not for you and you should be aware that your application is now officially complex, maybe too complex to be a public API.
From that point of view, something like SOAP is a perfectly respectable protocol and you should use that instead.
Sorry, did Computer Science change the last few years and RPC went out of style?
What "problems and wars we all know" RPC has? Nothing that doesn't go with the field, and isn't already the same (or worse) in REST.
RPC is a basic CS notion that will always be around -- the same way garbage collection, floating point math, functional programming, regular expressions, etc will be.
It not some faulty fad that went away.
>The value in REST is exactly that it forces you to simplify your interface down to basic verbs that everyone can understand and work with
It just forces you to overload HTTP verbs, verbs that people don't use in the first place (even web developers knew and used GET and POST but not PUT and DELETE -- outside of REST and some specialty domains that is), that might or might not match your business logic.
>From that point of view, something like SOAP is a perfectly respectable protocol and you should use that instead.
Slippery slope fallacy.
Why the heck do you think that "lol, you use RPC" would be an insult? Because you clearly send this message with your tone.
I put RPC wherever I need an operation(s) to be called remotely. And yes, I do use dedicated RPC protocols (namely, XML-RPC, for popularity of its clients). I rarely create things that boil down to being a CRUD database interface, so I find REST very limiting.
> From that point of view, something like SOAP is a perfectly respectable protocol and you should use that instead.
Apparently you haven't worked with SOAP. No, it's not respectable. It's overcomplicated itself, it uses overcomplicated format (XML with namespaces), and its tooling is overcomplicated, too (e.g. try to control how WSDL looks like, so you can swap implementation languages; or try to create WSDL beforehand, and then implement its backend in a language of your choice).
Really, in HTTP-based remote call protocols (this includes REST!), Microsoft hit the spot twenty years ago with XML-RPC. The only two things missing are null/None/undef encoding and named procedure arguments.
>The only HTTP verb that can sensibly carry anything beside "create", "destroy", and "retrieve" commands is POST.
So what you are saying is that a search or query is fundamentally different from the idea of "retrieve" provided by the GET verb?
Also, how would you specify the query and search options? Mix those in query string portion? Or encode them? (And how?)
To really do things for arbitrary apps without getting ugly and abusing the intended semantics, you really need at least GET, QUERY (safe, retrieves a resource specified by the combination of the URI and the request body rather than just the URI like GET), POST, PUT, PATCH, and DELETE. All but QUERY and PATCH are very widely supported now, and PATCH is fairly widely supported. QUERY isn't (there are some things like it under various names, mostly overly specific and tied to WebDAV, but nothing general purpose in an RFC or in general use.)
No, you just get something like XML-RPC. Which was a great and cool solution in its time. Only even simpler in this case, since XML is replaced with JSON.
Nothing to do with SOAP's faults (which were related to over-engineering and ridiculous volumes of specs) at all.
RPC-over-JSON (using HTTP) is exactly what we need and what we want to do.
Only we do it as "REST", complicating our lives trying to condense our endpoints to BS "HTTP verbs" that don't exactly match, and adding a separate off-band lane for status (HTTP STATUS codes) instead of having everything alonside the payload.
No he's not. The RPC pattern is a tad more specific than "any pattern that separates message content from channel". Likewise, just because you put one or more "verbs" in your payload doesn't mean you're doing RPC.
An RPC system has a much more rigid message structure that represents a function call, which is automatically marshaled via concrete client and server methods. If you're just receiving a payload and calling one or more methods based on it's contents, you're not doing RPC and you're not even touching upon any of the problems of SOAP.
The actual problems with SOAP have very little to do with the fact that messages can be serialized or that there are verbs. Here are some of the problems with SOAP:
- XML is verbose, making transmission slower.
- SOAP is a huge, complicated type system compared to JSON.
- Mapping SOAP to a given language is difficult.
- Security concerns over automatic function marshaling.
What, exactly the 'solution' will look like depends on future posts... however https://xkcd.com/927/ (Standards) comes to mind.
I don't see much wrong with those, and they do much better than REST, since they already have well-defined way of signaling errors.