HTTP/2: speed up your apps and dispatch real time updates (Symfony and API Platform’s features announcement)

HTTP/2 can improve the loading time of webpages up to 2 times. Did you know that it’s very easy to optimize your Symfony applications to leverage the advanced features of this new protocol?

This talk also contains the announcement of 3 new PHP packages:

Agenda:

  • a historically contextualized presentation of the different versions of the HTTP protocol;
  • a state of the protocol support in the PHP ecosystem;
  • a guide explaining how to serve your PHP and Symfony apps with h2, using Nginx, Apache and Docker;
  • many code samples showing how to use h2 to improve the loading time of your assets and APIs using the WebLink component and Twig
  • examples of how to take advantage of the protocol using the curl and Guzzle clients
  • the Mercure Protocol
  • Mercure x Symfony
  • Mercure x API Platform

Upcoming conferences and workshops

I’ll speak at several conferences until the end of 2018.

The topics will be varied: Panther, modern JavaScript, HTTP/2 and a brand new project to be announced (teasing: it’s written in Go, and it will be very helpful for serverless architectures!).

See you at:

I’ll also be available to chat, and I’ll carry a lot of API Platform goodies. Don’t hesitate to get in touch!

Introducing Symfony Panther: a Browser Testing and Web Scraping Library for PHP

Today, an introduction blog post to Panther was published on the Symfony blog! Panther is a new browser testing and web scraping library I contributed to the Symfony project,
In the blog post, I showcase how to use Symfony, API Platform and VueJS together to create a small but modern app, and how to test it on Panther:

API Platform 2.3: Major Perf Improvement, API evolution/deprecation, Better Dev Tools and Much More!

Today, the API Platform framework has reached 3k stars on GitHub, and it makes us very proud! To celebrate, I’ve just tagged the 2.3 version, that comes with a lot of amazing new features. Let’s discover them!

For newcomers, API Platform is a modern open source framework for API-driven projects. It allows, in just a few minutes, to expose hypermedia and GraphQL APIs. It also provides client-side tools leveraging the capabilities of auto-discoverable APIs: the admin interface and the React and Vue.js Progressive Web App generator. Finally, API Platform has been designed from the ground up as a Cloud Native solution that can run locally with the built-in Docker setup and be deployed instantly on a Kubernetes cluster (Heroku is also supported).

40% faster than the previous version!

We’re committed to continuously improving the performance of API Platform. In version 2.1, we’ve added an amazing invalidation-based cache mechanism. When enabled, HTTP responses are generated only one time then stored and served by a reverse caching proxy. When a resource is modified, all responses including or referencing it are automatically removed from the cache.

In version 2.3, Ben Davies has done an excellent job at profiling and patching the core component. Moreover, we’ve worked closely with the Symfony team to dramatically improve the performance of the Symfony Serializer component (one of the most important pieces of software used by API Platform).

With all these optimizations put together, in the scenario of a cache miss, API Platform-based apps are now more than 40% faster in version 2.3 compared to version 2.2 (Blackfire comparison):

A big thanks to Ben and to Nicolas Grekas from Blackfire.io for making it happen!

Support for API evolution (aka deprecating fields and resources)

A growing best practice is to use the evolution strategy for web APIs. Creating new versions of the API, of or its endpoints requires modifying all clients to upgrade, even the ones not impacted by the changes. On the other hand, this strategy (also known as versionless APIs) consists of deprecating the fields, resources types or operations that will be removed at some point. Most modern API formats including GraphQL, OpenAPI and Hydra are able to support this strategy.

In API Platform 2.3, we’ve introduced a new attribute to mark deprecated resource classes, operations and properties. All documentation formats generated by API Platform and having support for this feature will then automatically take it into account.

Here is how to deprecate an entire resource:

As you can see, to deprecate a resource, we just have to explain what the client should do to upgrade in a dedicated attribute. You can also use this new deprecationReason attribute on any operation.

The deprecation will automatically be taken into account by clients supporting the previously mentioned format. Here is how it renders for OpenAPI in the built-in Swagger UI shipped with the framework:

And now in the built-in version of GraphiQL (for GraphQL APIs):

It’s also possible to deprecate a single field:

All our client-side tools have been updated to ignore deprecated fields, operations and resources by default. The api-doc-parser library (which supports Hydra, and OpenAPI in the latest version) also support this new feature.

Dedicated Profiler Panel and Web Debug Toolbar Integration

Symfony comes with a nice set of development tools, including the Profiler, and it is compatible with API Platform! To install it, execute composer req profiler. Thanks to the contributions of Julien Deniau and Anthony Grassiot, the Web Debug Toolbar now displays an icon featuring our nice spider Webby that is linked to a new profiler panel dedicated to API Platform:

Shorter Attributes Syntax

Defining attributes using annotations can become verbose pretty quickly. As alternatives to annotations, for complex configurations API Platform also supports the XML and YAML formats. However, in version 2.3, Baptiste Meyer added a nicer and shorter syntax to define attributes on the @ApiResource and @ApiProperty annotations:

Of course the “old” syntax is still valid, but the new shortcuts allow a better discoverability and enable autocompletion in IDEs (if you are a PHPStorm user, install the PHP Annotations plugin to benefit from this new feature).

Revamped Admin

In version 2.3, a lot of love has been given to the API Platform Admin Component. This JavaScript library, maintained by Morgan Auchedé, dynamically constructs a UI for any API supporting Hydra or OpenAPI.

It uses React, and was built on top of the Admin On Rest library. But as you may know, Admin On Rest has been deprecated and Marmelab, the company behind the tool, has released a replacement called React Admin. React Admin comes with an updated fancy interface and it also fixes some design issues.

So we’ve patched API Platform Admin to use the new kid on the block, and we’ve taken this opportunity to also fix a well known annoying issue on our side: the Admin component wasn’t able to deal with embedded relations. This isn’t the case anymore. What’s even better, the Admin is now smart enough to reuse the data already downloaded as embedded relation instead of triggering a new HTTP request. It allows to dramatically improve the performance of the admin!

We’ve also added support for new features introduced by React Admin, including bulk delete.

Other Features

Of course, this new version also includes a lot of new features that are less visible but also very useful. Here is the curated list of some interesting changes:

  • Make resource class’s constructor parameters writable
  • Add support for interface as a resource
  • Throw an exception if a required filter isn’t set
  • Allow to specify the message when access is denied using the access_control_message attribute
  • Add a new option to include null results when using the date filter
  • Allow data persisters to return a new instance instead of mutating the existing one
  • Add a new attribute to configure specific formats per resources or operations
  • Add an --output option to the api:swagger:export command
  • Drop support for PHP 7.0
  • Upgrade Swagger UI and GraphiQL
  • GraphQL: Add a totalCount field in GraphQL paginated collections
  • JSONAPI: Allow inclusion of related resources

It is also worth mentioning that Teoh Han Hui has modernized the Docker setup we provide to leverage the new capabilities of this containerization technology.

As usual, thank you very much to all the developers who’ve contributed these new features, bug fixes, and the related documentation entries. You’re the most important part of the project: the community.

API Platform: A Framework for API-driven Projects (DevTalks Bucharest slides)

Here the slide deck I presented during DevTalks Bucharest 2018.

It covers the main features of the API Platform framework: we will install the framework, design an API data model as a set of tiny plain old PHP classes and learn how to get:

  • A fully featured dev environment with Symfony Flex and React containers, HTTP/2 and HTTPS support and a cache proxy
  • Pagination, data validation, access control, relation embedding, filters and error handling
  • Support for modern REST API formats: JSON-LD/Hydra, OpenAPI/Swagger, JSONAPI, HAL, JSON…
  • GraphQL support
  • An API responding in a just few milliseconds thanks to the builtin invalidation based cache mechanism
  • A dynamically created Material Design admin interface (a la Sonata / EasyAdmin – but 100% client-side) built with React
  • Client apps skeletons: React/Redux, React Native, Vue.js, Angular…

Finally, we’ll see ho to deploy the project in 1 command on Google Container Engine or any cloud with a Kubernetes.

This is an updated version of the talk I did during the SymfonyLive London 2017 conference, demonstrating the latest features of API Platform, and adapted to target a broader, non-Symfony/PHP audience.

Mastering the Symfony Serializer (PHP Tour slides)

The Symfony Serializer Component exists since the very beginning of Symfony 2. Years after years, it gained a lot of new features useful to transform various data formats to PHP structures and the opposite. It is also a foundation block of API Platform and a first-class citizen in FOSRest.

Let’s dive into this component. We will cover the basic concepts behind the serialization process: normalization, denormalization, encoding and decoding.

Then we will discover all the little known features of the component: JSON, XML and CSV support, file handling with “data:” URIs, serialization groups, attributes names conversion, trees support, updating existing objects, dealing with circular references.

Finally we will learn how to create custom normalizers and encoders; and how to modify the behavior of the builtin ones using composition.

[PHPTour/SymfonyLive slides] REST vs GraphQL: illustrated examples with the API Platform framework

GraphQL is an increasingly popular alternative to REST architectures for building web APIs.

The query language promoted by Facebook has undeniable advantages: retrieve exactly what the client need, limitation of the number of queries, strong typing, powerful and extremely well thought out syntax…

However, it also suffers from often underestimated problems including HTTP cache, logs, security or authentication, features that are the basis of the today’s web stack. GraphQL is also a non-standard format that requires a specific parser.

In addition, modern REST-based hypermedia formats such as JSON-LD or JSON API have features very similar to those of GraphQL (and more advanced ones) while remaining compatible with the fundamentals of the web.

The API Platform framework, based on Symfony, makes it easy to create REST APIs (JSON-LD, JSON API, HAL …) just like GraphQL.

After listing the advantages and disadvantages of different formats, we will study through different cases of frequent use when it is better to use GraphQL, REST or both in addition.

Be paid to improve API Platform during the Rails Girls Summer of Code

(french translation below)

API Platform (the API-driven Open Source framework I created) has been selected for the Rails Girls Summer of Code program!

The goal of the RCSOC is to improve the diversity in Open Source development. It allows groups of 2 women students to work full-time on a FOSS project (such as API Platform) during the summer. Students are paid and mentored.

Rails Girls Summer of Code is a global fellowship program for women and non-binary coders. Students receive a three-month scholarship to work on existing Open Source projects and expand their skill set.

Our worker cooperative, Les-Tilleuls.coop, will also support the program by providing money, coaches (including me) and desktops (in Lille, France):

In our company, we attempt as much as possible to support associations engaged in the fight against social inequalities, or involved in a better access to culture and respect of the environment. Since our foundation in 2011, we have always upheld diversity in Open Source. Thus, it’s no surprise that we support Rails Girls’s Summer of Code program.

If you’re interested in working 3 months with us to improve cutting-edge Open Source projects, don’t by shy, apply!


API Platform, le framework API-driven que nous développons, compte parmi les projets sélectionnés pour le Rails Girls Summer of Code de cette année !

Ce programme vise à favoriser la diversité dans le mode du logiciel libre. Il permet à des groupes de 2 étudiantes d’être payées durant l’été pour travailler (en binôme) sur des projets Open Source.

Notre SCOP Les-Tilleuls.coop participe également au programme en tant que sponsor, et va fournir des bureaux (à Euratechnologies, Lille) et des “coachs” afin d’accompagner les participantes :

Chez Les-Tilleuls.coop, nous tentons autant que possible d’accompagner des associations ou des entités engagées dans la lutte contre les inégalités sociales, l’accès à la culture, la formation, ou encore le respect de l’environnement.  Notre coopérative s’implique aussi dans une meilleure diversité dans le numérique et c’est donc avec une certaine évidence que nous apportons notre soutien au programme “Summer of Code 2018” organisé par l’association Rails Girls (RGSoC).

Si vous êtes intéressées pour travailler 3 mois sur des projets Open Source innovants, ne soyez pas timides, postulez !

API Platform 2.2: GraphQL, JSON API, React admin and PWA, Kubernetes instant deployment and many more new features


I’m glad to announce the immediate availability of API Platform 2.2 beta 1. This is a huge release that comes with a lot of exciting features including (but not limited too):

  • GraphQL and JSON API support
  • Symfony 4 / Flex integration
  • API Platform Admin integration (built with ReactJS and Admin On Rest)
  • ReactJS and Vue.js Progressive Web App generators integration (a React Native app generator is also available)
  • Revamped Docker containers for both PHP and JavaScript components, including out of the box support for HTTP2, HTTPS and a built-in invalidation-based cache mechanism using Varnish
  • The ability to deploy in seconds in any Kubernetes cluster
  • A new, super-easy, way to register filters through annotations
  • And literally dozens of developer experience, performance and quality improvements

V2.2 will definitely be the best version of API Platform, and is probably the most advanced “full-stack” solution to create API-driven projects. The paradigm shift introduced by this new version has been detailed in my talk during the SymfonyCon 2017.

It took 6 months and 483 commits from more than 60 contributors to craft this version. The documentation has also been dramatically improved, even if some work is still to do (upgrading the getting started guide and migrating all articles to the new Flex directory structure, finish to document some new features).

Thank you very much to all contributors of the project! You rock!

Let’s see more in depth all of these new features:

The New Distribution

The easiest way to get started with API Platform has always been to use the provided Docker setup. In version 2.2, the Docker configuration has been totally redesigned to fit with the new features provided by Symfony Flex and to integrate our JavaScript components.

To get started:

You get:

– An API skeleton following the Flex directory structure. Just add classes representing your public data model (see the example below) to get a working hypermedia and/or GraphQL web API.

The API is available in HTTP/2 and HTTPS thanks to the provided development proxy. It also automatically benefits from the API Platform’s built-in cache mechanism (the Varnish container is also provided). CORS headers are automatically configured. As you can see, the nice documentation is – of course – still available if you open the entrypoint in a browser.

– A ReactJS Progressive Web App skeleton with a fancy welcome page designed by Laury Sorriaux:

Execute  docker-compose exec client generate-api-platform-client to bootstrap a nice and fully-featured Progressive Web App (that can even work offline) using React, Redux and Bootstrap 4 and respecting accessibility recommendations.

To generate the PWA, the tool parses the API hypermedia description automatically generated in the Hydra format by the API component. This generator can work with any server exposing a Hydra documentation (done with API Platform or not).

The tool also has Vue.js, React Native and TypeScript skeletons thanks to the great contributions of Alain Hippolyte, Piotr Synowiec and Antoine Bluchet.

Read the full documentation of the API Platform Client Generator.

– Last but not least, a dynamically generated admin for the API is also automatically available:

Like the client generator, the API Platform Admin component also leverages the Hydra documentation to automatically guess the structure of the data exposed by the API.

Because it is built on top of React and Admin On Rest (aka React Admin), the UI is fully customizable.

Morgan Auchedé is the new maintainer of this component, and has greatly improved it since its initial release.

– In this version of API Platform, the MySQL container has been replaced by a Postgres one.

Instant Kubernetes Deployment

Kubernetes has become the most popular way to deploy, run and manage containers in production. Both Google Cloud Platform, Microsoft Azure and Amazon Web Services provide managed Kubernetes environment.

API Platform 2.2 contains a built-in Helm (the k8s package manager) chart to deploy with ease:

Your app is now up and running in a managed cluster! Read the related documentation to learn more about the Kubernetes support.

GraphQL Support

GraphQL is a query language for APIs designed by Facebook that is becoming a very popular alternative to the REST pattern. GraphQL support has been the most wanted feature for a while, it is now fully implemented!

The new GraphQL subsystem of API Platform now supports:

To enable the GraphQL support, you just have to install the GraphQL PHP library:

Then, create an API Platform entity, as usual:

Yes, both GraphQL and REST formats can be used for the same entity! Thanks to API Platform’s hypermedia support, you can even run a GraphQL request, then apply REST operations to the retrieved resources using their IRIs! The best of both worlds.

Your GraphQL API is ready! Browse https://localhost:8443/graphql :

There is a lot to say about the GraphQL support, how to use it in collaboration with REST and how to apply fine-grained configurations. I’ll write a follow-up post dedicated to it, stay tuned!

The GraphQL support is an important team work of Raoul Clais, Alan Poulain, Baptiste Meyer and myself.

JSON API Support

JSON API is a rising, well designed, hypermedia format. Unlike JSON-LD (the default format exposed by API Platform), it’s not a web standard; and it has less features but it is also simpler to learn and understand.

With API Platform 2.2, you don’t have to choose, you can have both! And even more because API Platform supports out of the box JSON-LD/Hydra, HAL, JSON API, YAML, XML, raw JSON and as we’ve seen just before, GraphQL.

To enable JSON API, add the following config:

Easy enough?

The JSON API support has been contributed by Hamza Amrouche, Hector Hurtarte and Baptiste Meyer.

Declaring API Filters Using Annotations

The API Platform filtering system is very powerful. It contains a lot of built-in filters and can easily be extended. However, until now, it wasn’t really easy to configure: it was requiring to declare services manually.

Because Symfony Flex is all about service autowiring and autoconfiguration, simplifying the filters configuration was a top priority task.

Hopefully, Antoine Bluchet created a nice way to do it using annotations:

Nothing more! You can now filter the collection of organizations by the name  property, both with REST and GraphQL!

In addition to these main features, a lot of other configuration options and various improvements have been introduced. Read the full changelogs for more information:

Help Us: Test, Star, Spread the Word!

If you have some existing API Platform projects, or if you want to give a try to the framework, please test this new version and report any problem on our GitHub issue tracker!

If you like API Platform, please tell the world and give us a star on GitHub.

Since API Platform 2.2, the Symfony Thanks command is also shipped with API Platform. Thanks to this tool, you can send a star to all the PHP libraries you use in your project (including API Platform) by simply running: docker-compose exec php composer thanks

If you want to learn API Platform, come to one of the workshops organized during these upcoming tech conferences:

[SymfonyCon] API Platform and Symfony: a Framework for API-driven Projects

Here are the slides of my talk during the Symfony Con Cluj. You can rate this talk on joind.in.

Install API Platform. Design the API data model as a set of tiny plain old PHP classes. Instantly get:

  • Fully featured dev environment with Symfony Flex and React containers, HTTP/2 and HTTPS support and a cache proxy
  • Pagination, data validation, access control, relation embedding, filters and error handling
  • Support for modern REST API formats: JSON-LD/Hydra, OpenAPI/Swagger, JSONAPI, HAL, JSON…
  • GraphQL support
  • An API responding in a just few milliseconds thanks to the builtin invalidation based cache mechanism
  • A dynamically created Material Design admini interface (a la Sonata / EasyAdmin – but 100% client-side) built with React.
  • Client apps skeletons: React/Redux, React Native, Vue.js, Angular…
  • Finally, deploy in 1 command on Google Container Engine or any cloud with a Kubernetes instance with the provided Helm chart.

Yes, you just need is describing a data model, just a few line of codes to get all of that!