my blog. for you.

Let’s talk digital.

I’m an independent IT consultant and entrepreneur in the Internet and software business. I’m interested in design, enterprise applications, web apps and SaaS products. I design and develop business solutions and applications. I help companies in terms of software quality and knowledge transfer, e.g. with Angular and Spring Boot.

WireMock Spring Boot

WireMock is an API mocking tool that enables developers to simulate REST APIs during testing. In a system-under-test fashion, it allows us to remove external, potentially flaky, dependencies from our test environment to make our unit tests more focussed and more reliable. WireMock Spring Boot is a new library by consultant and prolific open source contributor Maciej Walkowiak that "drastically simplifies WireMock configuration in a Spring Boot and JUnit 5 application". Featuring a fully declarative WireMock setup and automatic Spring environment setup, ... Read more

Problem Spring Web: A Library for Handling Problems in Spring Web MVC

Problem Spring Web is an implementation of the proposed application/problem+json HTTP API problem details response for Spring Web (im both its MVC and WebFlux flavours). Error responses should be a first-class citizen when it comes to providing REST APIs. These responses often are generated in an ad-hoc, non-standardised fashion, which not only makes handling such responses more difficult and tedious in client applications but also makes for less maintainable software in the back-end software providing the API. Problem Spring Web attempts to ... Read more

Documenting REST APIs Provided by Express Applications

swagger-jsdoc is an NPM library that allows us to generate an OpenAPI specification for REST APIs provided by an Express application. swagger-jsdoc consumes YAML-formatted OpenAPI specification segments within JSDoc comments annotated with the @openapi annotation and turns those into a comprehensive OpenAPI specification for our API. This specification, in turn, can for example be used for automatically having a Swagger UI documentation page created for our REST APIs (using Swagger UI Express, for instance). While annotating Express routes with syntactically and semantically correct OpenAPI ... Read more

Automating Processes: Meeting Notes

One of the key benefits of business software, or as a matter of fact, any software, is automation of tedious, repetitive tasks. One of the three great virtues of a programmer according to Perl creator Larry Wall is laziness as defined in: "The quality that makes you go to great effort to reduce overall energy expenditure. It makes you write labor-saving programs that other people will find useful and document what you wrote so you don't have to answer so many ... Read more

CORS: What It Is and How It Works

Expanding on last week's article on best practices for REST API Design I'd like to point to a specific aspect working REST APIs frequently entails: A browser security feature called "Cross-Origin Resource Sharing (CORS)". This feature allows you to define which resources provided by a web application are supposed to be accessible from which origin, which in turn typically is comprised of protocol, host / domain name and port. This website's origin for example is https://bjoernkw.com:80 (port 80 is the default port ... Read more

REST API Design: Best Practices

It's probably safe to say that REST (REpresentational State Transfer - originally described by Roy Fielding) is the most widely used architectural pattern when it comes to APIs in web application contexts. From statelessness, to self-descriptive messages, and hypermedia as the engine of application state (HATEOAS) REST comes with quite a few principles, constraints, patterns, and flavours, not all of which are used or applied consistently with each REST API. REST often is a rather loosely-applied architectural pattern or a continuum, on ... Read more

API-First Development with Spring Boot and Swagger at Reflectoring

When I recently had to look into some of the specifics of using Swagger and OpenAPI for designing an API specification and generating a Spring Boot application skeleton from that specification (using OpenAPI Generator) I came across this very useful and comprehensive article on the subject on the Reflectoring blog: API-First Development with Spring Boot and Swagger From creating an API specification with the Swagger editor to generating code (with the OpenAPI Generator Maven plugin, specifically) and implementing the generated interfaces the article ... Read more

The Richardson Maturity Model for REST APIs

On his website about software design patterns Martin Fowler provides an in-depth explanation of the Richardson Maturity Model for HTTP-based REST APIs by Leonard Richardson. According to that model REST APIs come in 4 levels of sophistication: Level 0, aka the "Everything is a POST request" model for example propagated by SOAP. This is basically tantamount to remote procedure invocation. Level 1 - Resources: Every resource is accessed through its own canonical URL. Level 2 - HTTP Verbs: Verbs such as GET, PUT, PATCH and ... Read more

API Security Best Practices by Expedited Security

For everyone dealing with web-based APIs, both as a provider and a consumer, web app security service supplier Expedited Security (known for Expedited SSL, among other products) has compiled a vast, extensive compendium on API security best practices. The importance of secure APIs and best practices that help has make APIs more secure and dependable can't be emphasised enough. Covering each possible attack vector and adopting every best practice out there can seem like a truly daunting task. Guides like this one help ... Read more
Next Page »