A place to cache linked articles (think custom and personal wayback machine)
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.

index.md 10KB

il y a 4 ans
1234567891011121314
  1. title: REST vs. GraphQL: A Critical Review
  2. url: https://blog.goodapi.co/rest-vs-graphql-a-critical-review-5f77392658e7
  3. hash_url: 1e25f8b07782c3aee0c074627ae40d48
  4. <p name="2ef4" id="2ef4" class="graf graf--p graf-after--h3">Are you building an API?</p><p name="b55a" id="b55a" class="graf graf--p graf-after--p">Here is the idea: If you have never heard about the REST architectural style constraints and their implication on the properties of the resulting distributed system and you do not want to (or can’t) educate yourself, use GraphQL.</p>
  5. <p name="0de6" id="0de6" class="graf graf--p graf-after--figure">By going with GraphQL, you will generally end up with a much better API than if you would attempt to build a REST API without understanding its concepts. After all, the lack of REST (and HTTP) knowledge resulted in the boom of “so-called-REST” APIs. And I am sure you know the problems with these APIs first hand. These problems are part of the reason for GraphQL existence.</p><p name="0a09" id="0a09" class="graf graf--p graf-after--p">And it makes complete sense! When time is the essence, when your API is a disposable service, when only one client that you control consumes your API, when you can’t afford to study REST or to learn HTTP in-depth or when you can’t hire someone with the expertise to help you, GraphQL might be the better way to go.</p><p name="2563" id="2563" class="graf graf--p graf-after--p">Far too many times, I’d rather see a GraphQL APIs than meet a so-called-REST API that doesn’t even understand the HTTP protocol. I am weary of trying to figure out which ID to put to which URL, or what is the difference between v2 and v3, or why do I have to use the POST HTTP method with a colossal request body to perform what is a safe, idempotent and cacheable operation.</p><p name="a57e" id="a57e" class="graf graf--p graf-after--p">I understand there are people who do not have the time to study REST or learn HTTP and while we can question whether they should be the ones to build APIs, with GraphQL there is a solution for them (and not only them!).</p>
  6. <h3 name="c24d" id="c24d" class="graf graf--h3 graf-after--p">Knowledge is the Key</h3><p name="92db" id="92db" class="graf graf--p graf-after--h3">If you have the luxury being able to study the architectural styles or hire someone to train you, the chances are you are an architect. And as architect your role is to understand the benefits and trade-offs of different architectural styles and the implications of applying the styles constraints on the product you are building.</p><p name="272e" id="272e" class="graf graf--p graf-after--p">Of course, different products need different API architectural styles to reach the desired properties and business objectives. And as always, there is no silver bullet. As an architect, it is your duty to have multiple styles under your belt and to know which one to use and when.</p>
  7. <figure name="398d" id="398d" class="graf graf--figure graf--layoutOutsetCenter graf-after--p"><figcaption class="imageCaption">Architectural styles in popular API techniques</figcaption></figure></div><div class="section-inner sectionLayout--insetColumn">
  8. <h3 name="4faa" id="4faa" class="graf graf--h3 graf-after--figure">REST APIs</h3><p name="303d" id="303d" class="graf graf--p graf-after--h3">True REST APIs are incredibly hard to pull off. They are so rare that outside of my (<a href="https://goodapi.co" data-href="https://goodapi.co" class="markup--anchor markup--p-anchor" rel="noopener" target="_blank">Good API</a>) clients I could count them on two hands. Besides, it takes educated clients to consume the API correctly.</p><p name="a2f6" id="a2f6" class="graf graf--p graf-after--p">The reward for the martyrdom and discipline is a system that scales, performs and its components can evolve independently. But, in our fast-paced world, where many apps last only months and where we optimize for now, not later, these seem not to be the properties worth pursuing.</p><p name="5d3c" id="5d3c" class="graf graf--p graf-after--p">Beware! If you have decided to go with the microservices architecture, REST is probably the best style to enable for independent evolution of services and context separation. It almost feels like REST and microservices architecture were meant for each other.</p><p name="97fd" id="97fd" class="graf graf--p graf-after--p">It took me years to fully comprehend the REST, the mechanics and benefits of the server-driven application state interaction, affordance-centric design and the reality of frameworks and implementations. Depending on where you are in your API journey making a quick judgment on what you think REST is, might lead to the world of problems known as so-called-REST API.</p>
  9. <h3 name="df88" id="df88" class="graf graf--h3 graf-after--p">so-called-REST APIs</h3><p name="4a3d" id="4a3d" class="graf graf--p graf-after--h3">There are many variants of so-called-REST APIs, that is, APIs that do not follow all the required REST constraints but still dare to label themselves as REST APIs.</p><p name="7ddc" id="7ddc" class="graf graf--p graf-after--p">The best you can hope for in this category is an API that honors the HTTP protocol and follows its semantics. I call these APIs “HTTP APIs.”</p><p name="fd0a" id="fd0a" class="graf graf--p graf-after--p">A good HTTP API gives you all the benefits of the existing internet infrastructure but it still tightly couples clients with servers making an independent evolution a chore. Furthermore, it still requires a significant amount of understanding to the protocol on both producer and consumer parts.</p><p name="a4bc" id="a4bc" class="graf graf--p graf-after--p">If your HTTP knowledge isn’t the strongest and you can’t fix it, it might be a better idea to act as there is no network at all and to use GraphQL than to create an <a href="https://blog.goodapi.co/api-maturity-fb25560151a3" data-href="https://blog.goodapi.co/api-maturity-fb25560151a3" class="markup--anchor markup--p-anchor" target="_blank">immature</a> so-called-REST API.</p>
  10. <h3 name="62ac" id="62ac" class="graf graf--h3 graf-after--p">GraphQL APIs</h3><p name="b412" id="b412" class="graf graf--p graf-after--h3">Choosing GraphQL gives you easy to design and to amazing to consume API. It also rewards you with effortless consistency between the APIs. By its nature, GraphQL is contract-driven and comes introspection, which is something REST lacks out-of-the-box.</p><p name="3fdb" id="3fdb" class="graf graf--p graf-after--p">The cost you pay is that your clients have to read the docs (GraphQL schema) at the development time and hardcode the affordances (queries and mutations). This hardcoding of the development-time knowledge leads to clients tightly coupled to the server, but the same also applies to so-called-REST APIs.</p><p name="c596" id="c596" class="graf graf--p graf-after--p">Using GraphQL also leaves you vulnerable to what HTTP protocol and the whole internet infrastructure already solved: Scaling, performance, network communication mechanics, and concepts like content, language negotiation, and many others. Some of these can be “added” to a GraphQL API but are not included in-the-box. Adding the functionality that otherwise comes with HTTP leads to bike-shedding. And unfortunately, these home-made-solutions destroys the genius of consistency between GraphQL APIs.</p>
  11. <h3 name="d81e" id="d81e" class="graf graf--h3 graf-after--figure">API Design and Over-fetching</h3><p name="bad4" id="bad4" class="graf graf--p graf-after--h3">There are many misconceptions and false statements about both GraphQL and REST. The one I want to address is about the over-fetching.</p><p name="61b3" id="61b3" class="graf graf--p graf-after--p">Often, we see the claim that GraphQL has the benefit over REST that its clients are not over-fetching data from the server by being able to specify only the attributes they want to receive.</p><p name="b08e" id="b08e" class="graf graf--p graf-after--p">This statement holds true only thanks to poorly designed so-called-REST APIs. Typical examples are naive conversions of SOAP APIs into REST. Other good examples are colossal responses justified by the chattiness of the HTTP1.1 protocol. Either way, the rule of thumb is that if you see an API request or response body with more than a dozen of attributes, somebody didn’t do the API design job properly.</p><p name="ff7e" id="ff7e" class="graf graf--p graf-after--p">If you really understand your API clients use-cases (and if you use HTTP2), you can design REST API in a such a way that there will be little to no over-fetching and zero impact on the performance.</p><p name="8f49" id="8f49" class="graf graf--p graf-after--p">Besides, how is fetching few more fields with the out-of-the-box caching less performant than fetching only the fields you want but all the way from the origin every single time?</p>
  12. <h3 name="4e08" id="4e08" class="graf graf--h3 graf-after--p">None Shall Escape the API Design</h3><p name="3475" id="3475" class="graf graf--p graf-after--h3">There’s one other aspect of understanding how users interact with your API: The API Design.</p><p name="87b8" id="87b8" class="graf graf--p graf-after--p">In REST you have to go through the exercise of understanding the users’ needs before the API implementation. With GraphQL you can defer the moment of understanding how users consume your API until you start profiling the queries, evaluating their complexity and identifying the slow queries.</p><p name="12ce" id="12ce" class="graf graf--p graf-after--p">In either case, at some point, you will have to understand the user needs and design your API and its implementation accordingly. It would be foolish to think you can create a well-performant API for every use case. You have to make design choices. There is no escaping to this.</p>
  13. <h3 name="12af" id="12af" class="graf graf--h3 graf-after--p">Conclusion: Yes Man</h3><p name="1864" id="1864" class="graf graf--p graf-after--h3">Whether you say yes to REST, so-called-REST, or GraphQL, it is essential that you understand the consequences of the noes you tell to the other styles. What aspect are you buying when you say yes to a particular style? What other properties are you loosing when you say no to others?</p><p name="1a46" id="1a46" class="graf graf--p graf-after--p graf--trailing">Chances are you are not a technological company, and you are a product (or service) company. Take a look at the product or service you want to build, what are the business objectives? Understand your choices. Understand your decisions’ impact. And don’t judge by decisions of others; you are unique.</p>