Web API Development with ASP.NET Core 8: Learn techniques, patterns, and tools for building high-performance, robust, and scalable web APIs

Cover
Title Page
Copyright and credits
Contributors
Table of Contents
Preface
Chapter 1: Fundamentals of Web APIs
	What is a web API?
	What is a REST API?
		The constraints of REST
		A REST API example
		Is my web API RESTful?
	Designing a REST-based API
		Identifying the resources
		Defining the relationships between resources
		Identifying operations
		Designing the URL paths for resources
		Mapping API operations to HTTP methods
		Assigning response codes
		Documenting the API
	RPC and GraphQL APIs
		What is an RPC-based API?
		What is a GraphQL API?
	Real-time APIs
		The problem with API polling
		What is a real-time API?
		Which real-time communication technology is best for your application?
	Summary
Chapter 2: Getting Started with ASP.NET Core Web APIs
	Technical requirements
	Setting up the development environment
		Configuring VS Code
		Checking the .NET SDK
	Creating a simple REST web API project
	Building and running the project
		Building the project
		Running the project
		Changing the port number
		Hot Reload
		Testing the API endpoint
		Swagger UI
		Debugging
	Understanding the MVC pattern
		The model and the controller
		Creating a new model and controller
		Creating a service
		Implementing a GET operation
		Implementing a CREATE operation
		Implementing an UPDATE operation
	Dependency injection
		Understanding DI
		DI in ASP.NET Core
		DI tips
	Introduction to minimal APIs
		Creating a simple endpoint
		Using DI in minimal APIs
		What is the difference between minimal APIs and controller-based APIs?
	Summary
Chapter 3: ASP.NET Core Fundamentals (Part 1)
	Technical requirements
	Routing
		What is attribute routing?
		Mapping HTTP methods to action methods
		Route constraints
		Binding source attributes
	Configuration
		Using appsettings.json
		Using the options pattern
		Other configuration providers
	Environments
		Understanding the launchSettings.json file
		Setting the environment
		Understanding the priorities of configuration and environment variables
		Checking the environment in the code
	Summary
Chapter 4: ASP.NET Core Fundamentals (Part 2)
	Technical requirements
	Logging
		Using built-in logging providers
		Logging levels
		Logging parameters
		Using third-party logging providers
		Structured logging
		What should/shouldn’t we log?
	Middleware
		What is middleware?
		Built-in middleware
		Creating a custom middleware component
	Summary
Chapter 5: Data Access in ASP.NET Core (Part 1: Entity Framework Core Fundamentals)
	Technical requirements
	Why use ORM?
	Configuring the DbContext class
		Creating models
		Creating and configuring the DbContext class
		Creating the database
		Adding seed data
	Implementing CRUD controllers
		Creating the controller
		How controllers work
	Basic LINQ queries
		Querying the data
		Filtering the data
		Sorting and paging
		Creating an entity
		Updating an entity
		Deleting an entity
	Configuring the mapping between models and database
		Mapping conventions
		Data annotations
		Fluent API
		Separating the mapping configurations
	Summary
Chapter 6: Data Access in ASP.NET Core (Part 2 – Entity Relationships)
	Technical requirements
	Understanding one-to-many relationships
		One-to-many configuration
		One-to-many CRUD operations
	Understanding one-to-one relationships
		One-to-one configuration
		One-to-one CRUD operations
	Understanding many-to-many relationships
		Many-to-many configuration
		Many-to-many CRUD operations
	Understanding owned entities
	Summary
Chapter 7: Data Access in ASP.NET Core (Part 3: Tips)
	Technical requirements
	Understanding DbContext pooling
	Understanding the difference between tracking versus no-tracking queries
	Understanding the difference between IQueryable and IEnumerable
	Client evaluation versus server evaluation
	Using raw SQL queries
		FromSql() and FromSqlRaw()
		SqlQuery() and SqlQueryRaw()
		ExecuteSql() and ExecuteSqlRaw()
	Using bulk operations
		ExecuteUpdate()
		ExecuteDelete()
	Understanding concurrency conflicts
		Native database-generated concurrency token
		Application-managed concurrency token
		Handling concurrency conflicts
	Reverse engineering
	Other ORM frameworks
	Summary
Chapter 8: Security and Identity in ASP.NET Core
	Technical requirements
	Getting started with authentication and authorization
		Creating a sample project with authentication and authorization
		Understanding the JWT token structure
		Consuming the API
		Configuring the Swagger UI to support authorization
	Delving deeper into authorization
		Role-based authorization
		Claim-based authorization
		Understanding the authorization process
		Policy-based authorization
	Managing users and roles
	New Identity API endpoints in ASP.NET Core 8
	Understanding OAuth 2.0 and OpenID Connect
		What is OAuth 2.0?
		What is OpenID Connect?
		Integrating with other identity providers
	Other security topics
		Always use Hypertext Transfer Protocol Secure (HTTPS)
		Using a strong password policy
		Implementing two-factor authentication (2FA)
		Implementing rate-limiting
		Using model validation
		Using parameterized queries
		Using data protection
		Keeping secrets safe
		Keeping the framework up to date
		Checking the Open Web Application Security Project (OWASP) Top 10
	Summary
Chapter 9: Testing in ASP.NET Core (Part 1 – Unit Testing)
	Technical requirements
	Introduction to testing in ASP.NET Core
	Writing unit tests
		Preparing the sample application
		Setting up the unit tests project
		Writing unit tests without dependencies
		Writing unit tests with dependencies
		Using FluentAssertions to verify the test results
	Testing the database access layer
		How can we test the database access layer?
		Creating a test fixture
		Using the test fixture
		Writing tests for methods that change the database
		Parallelism of xUnit
		Using the repository pattern
		Testing the happy path and the sad path
	Summary
Chapter 10: Testing in ASP.NET Core (Part 2 – Integration Testing)
	Technical requirements
	Writing integration tests
		Setting up the integration test project
		Writing basic integration tests with WebApplicationFactory
		Testing with a database context
		Testing with mock services
	Testing with authentication and authorization
		Preparing the sample application
		Creating a test fixture
		Creating the test class
		Testing the anonymous API endpoints
		Testing the authorized API endpoints
	Code coverage
		Using data collectors
		Generating a code coverage report
	Summary
Chapter 11: Getting Started with gRPC
	Technical requirements
	Recap of gRPC
	Setting up a gRPC project
		Creating a new gRPC project
		Understanding the gRPC project structure
	Creating protobuf messages
		Defining a protobuf message
		Understanding field numbers
		Understanding the field types
		Other .NET types
	Creating a protobuf service
		Defining a unary service
		Creating a gRPC client
		Defining a server streaming service
		Defining a client streaming service
		Defining a bidirectional streaming service
	Consuming gRPC services in ASP.NET Core applications
	Updating proto files
	Summary
		Further reading
Chapter 12: Getting Started with GraphQL
	Technical requirements
	Recap of GraphQL
	Setting up a GraphQL API using HotChocolate
	Adding mutations
	Using variables in queries
	Defining a GraphQL schema
		Scalar types
		Object types
	Retrieving related objects using resolvers
		Field resolvers
		Resolver for a list of objects
	Using data loaders
		Batch data loader
		Group data loader
	Dependency injection
		Using the Service attribute
		Understanding the lifetime of the injected services
	Interface and union types
		Interfaces
		Union types
	Filtering, sorting, and pagination
		Filtering
		Sorting
		Pagination
	Visualizing the GraphQL schema
	Summary
	Further reading
Chapter 13: Getting Started with SignalR
	Technical requirements
	Recap of real-time web APIs
	Setting up SignalR
	Building SignalR clients
		Building a TypeScript client
		Building a Blazor client
	Using authentication and authorization in SignalR
		Adding authentication and authorization to the SignalR server
		Adding a login endpoint
		Authenticating the TypeScript client
		Authenticating the Blazor client
	Managing users and groups
		Managing events in SignalR
		Sending a message to a specific user
		Using strongly typed hubs
		Joining groups
		Sending a message to a group
	Sending messages from other services
	Configuring SignalR hubs and clients
		Configuring SignalR hubs
		HTTP configuration options
		Automatically reconnecting
		Scaling SignalR
	Summary
Chapter 14: CI/CD for ASP.NET Core Using Azure Pipelines and GitHub Actions
	Technical requirements
	Introduction to CI/CD
		CI/CD concepts and terminologies
		Understanding the importance of CI/CD
	Containerizing ASP.NET Core applications using Docker
		What is containerization?
		Installing Docker
		Understanding Dockerfiles
		Building a Docker image
		Running a Docker container
	CI/CD using Azure DevOps and Azure Pipelines
		Preparing the source code
		Creating Azure resources
		Creating an Azure DevOps project
		Creating a pull request pipeline
		Publishing the Docker image to ACR
		Deploying the application to Azure Web App for Containers
		Configuring settings and secrets
	GitHub Actions
		Preparing the project
		Creating GitHub Actions
		Pushing a Docker image to ACR
	Summary
Chapter 15: ASP.NET Core Web API Common Practices
	Technical requirements
	Common practices of ASP.NET web API development
		Using HTTPS instead of HTTP
		Using HTTP status codes correctly
		Using asynchronous programming
		Using pagination for large collections
		Specifying the response types
		Adding comments to the endpoints
		Using System.Text.Json instead of Newtonsoft.Json
	Optimizing the performance by implementing caching
		In-memory caching
		Distributed caching
		Response caching
		Output caching
		What caching strategy should I use?
	Using HttpClientFactory to manage HttpClient instances
		Creating a basic HttpClient instance
		Named HttpClient instances
		Typed HttpClient instances
	Summary
Chapter 16: Error Handling, Monitoring, and Observability
	Technical requirements
	Error handling
		Handling exceptions
	Health checks
		Implementing a basic health check
	Monitoring and observability
		What is observability?
	Summary
Chapter 17: Cloud-Native Patterns
	Technical requirements
	Domain-driven design
		Ubiquitous language
		Bounded context
		DDD layers
	Clean architecture
	Microservices
	Web API design patterns
		CQRS
	Summary
		Further reading
Index
Other Books You May Enjoy