API design practices for Java
Make your API usable in both modular and non-modular Java environments
Understand some of the API design practices that should be applied when designing Java API. These practices are useful, in general, and ensure the API can be used properly in a modular environment, such as OSGi and the Java Platform Module System (JPMS). Some of the practices are prescriptive and some are proscriptive. And, of course, other good API design practices also apply.
The OSGi environment provides a modular runtime using the Java class loader concept to enforce type visibility encapsulation. Each module will have its own class loader which will be wired to the classloaders of other modules to share exported packages and consume imported packages.
Java 9 introduced JPMS, which provides a modular platform using the access control concept from the Java Language Specification to enforce type accessibility encapsulation. Each module defines which packages are exported and thus accessible by other modules. By default, the modules in a JMPS layer all reside in the same class loader.
A package can contain an API. There are two roles of clients for these API packages: API consumers and API providers. API consumers use the API which is implemented by an API provider.
In the following design practices, we are discussing the public portions of a package. The members and types of a package, which are not public or protected (that is, private or default accessible), are not accessible outside of the package and are thus implementation details of the package.
Java packages must be a cohesive, stable unit
A Java package must be designed to ensure that it is a cohesive and stable unit. In modular Java, the package is the shared entity between modules. One module may export a package so that other modules can use the package. Because the package is the unit of sharing between modules, a package must be cohesive in that all the types in the package must be related to the specific purpose of the package. Grab bag packages like
java.util are discouraged because the types in such a package often have no relation to each other. Such non-cohesive packages can result in lots of dependencies as the unrelated parts of the package reference other unrelated packages and changes to one aspect of the package impacts all modules that depend on the package even though a module may not actually use the part of the package which was modified.
Since the package is the unit is sharing, its contents must be well known and the contained API only subject to change in compatible ways as the package evolves in future versions. This means a package must not support API supersets or subsets; for example, see
javax.transaction as a package whose contents are unstable. The user of a package must be able to know what types are available in the package. This also means that packages should be delivered by a single entity (for example, a jar
file) and not split across multiple entities since the user of the package must know that the entire package is present.
Additionally, the package must evolve in a compatible way over future versions. So a package should be versioned and its version number must evolve according to the rules for semantic versioning. There is also an OSGi whitepaper on semantic versioning.
But recently I have come to the realization that the semantic versioning recommendations for major version changes for packages are wrong. Package evolution must be an accretion of function. In semantic versioning, this is increasing the minor version. When you remove function, that is making an incompatible change to the package, instead of increasing the major version you must move to a new package name leaving the original package still compatible. To understand why this is important and necessary, see this paper on Semantic Import Versioning for Go and this excellent keynote presentation by Rich Hickey at Clojure/conj 2016. Both of these make the case for moving to a new package name instead of changing the major version when making incompatible changes to a package.
Minimize package coupling
The types in a package can refer to the types in other packages. For example, the parameter types and return type of a method and the type of a field. This inter-package coupling creates what are called uses constraints on the package. This means that an API consumer must use the same referenced packages as the API provider in order for them to both understand the referenced types.
In general, we want to minimize this package coupling to minimize the uses constraints on a package. This simplifies wiring resolution in the OSGi environment and minimizes dependency fan-out simplifying deployment.
Interfaces preferred over classes
For an API, interfaces are preferred over classes. This is a fairly common API design practice that is also important for modular Java. The use of interfaces allow implementation freedom as well as multiple implementations. Interfaces are important to decouple the API consumer from the API provider. It allows a package containing the API interfaces to be used by both the API provider who implements the interfaces and the API consumer who call methods on the interfaces. In this way, API consumers have no direct dependencies on an API provider. They both only depend upon the API package.
Abstract classes are sometimes a valid design choice instead of interfaces, but generally interfaces are the first choice especially given recent improvements to interfaces which allow adding
Finally, an API will often need a number of small of concrete classes such as event types and exception types. This is fine but the types should generally be immutable and not intended for subclassing by API consumers.
Statics should be avoided in an API. Types should not have static members. Static factories should be avoided. Instance creation should be decoupled from the API. For example, API consumers should receive object instances of API types through dependency injection or an object registry like the OSGi service registry or the
java.util.ServiceLoader in JPMS.
The avoidance of statics is also good practice for making testable API since statics cannot be easily mocked.
Sometimes there are singleton objects in an API design. However access to the singleton object should not be through statics like a static
getInstance method or static field. When a singleton object is necessary, the object should be defined by the API as a singleton and provided to API consumers through dependency injection or an object registry as mentioned above.
Avoid class loader assumptions
APIs often have extensibility mechanisms where the API consumer can supply the name of a class the API provider must load. The API provider must then use
Class.forName (possibly using the thread context class loader) to load the class. This sort of mechanism assumes class visibility from the API provider (or thread context class loader) to the API consumer. API designs must avoid class loader assumptions. One of the main points of modularity is type encapsulation. One module (for example, API provider) must not have visibility/accessibility to the implementation details of another module (for example, API consumer).
API designs must avoid passing class names between the API consumer and API provider and must avoid assumptions regarding the class loader hierarchy and type visibility/accessibility. To provide an extensibility model, an API design should have the API consumer pass class objects, or better yet, instance objects to the API provider. This can be done through a method in the API or through an object registry such as the OSGi service registry. See the whiteboard pattern.
java.util.ServiceLoader class, when not used in JPMS modules, also suffers from class loader assumptions in that it assumes all the providers are visible from the thread context class loader or the supplied class loader. This assumption is generally not true in a modular environment although JPMS allows module declaration to declare modules provide or use a
ServiceLoader managed service.
Don’t assume permanence
Many API designs assume only a construction phase where objects are instantiated and added to the API but ignore the destruction phase which can happen in a dynamic system. API designs should consider that object can come and they can go. For example, most listener APIs allow for listeners to be added and removed. But many API designs only assume objects are added and never removed. For example, many dependency injection systems have no means to withdraw an injected object.
In an OSGi environment, modules can be added and removed, so an API design that can accommodate such dynamics is important. The OSGi Declarative Services specification defines a dependency injection model for OSGi which supports these dynamics including the withdrawal of injected objects.
Clearly document type roles for API consumers and API providers
As mentioned in the introduction, there are two roles for clients of an API package: API consumers and API providers. API consumers use the API and API providers implement the API. For the interface (and abstract class) types in an API, it is important that the API design clearly document which of those types are only to be implemented by API providers vs. those types which can be implemented by API consumers. For example, listener interfaces are generally implemented by API consumers and instances passed to API providers.
API providers are sensitive to changes in types implemented by both API consumers and API providers. The provider must implement any new changes in API provider types and must understand and likely invoke any new changes in API consumer types. An API consumer can generally ignore (compatible) changes in API provider type unless it wants to change to invoke the new function. But an API consumer is sensitive to changes in API consumer types and will probably need modification to implement the new function. For example, in the
javax.servlet package, the
ServletContext type is implemented by API providers such as a servlet container. Adding a new method to
ServletContext will require all API providers to be updated to implement the new method but API consumers do not have to change unless they wish to call the new method. However, the
Servlet type is implemented by API consumers and adding a new method to
Servlet will require all API consumers to be modified to implement the new method and will also require all API providers to be modified to utilize the new method. Thus the
ServletContext type has an API provider role and the
Servlet type has an API consumer role.
Since there are generally many API consumer and few API providers, API evolution must be very careful when considering changes to API consumer types while being more relaxed about changing API provider types. This is because, you will need to change the few API providers to support an updated API but you do not want to require the many existing API consumers to change when an API is updated. API consumers should only need to change when the API consumer wants to take advantage of new API.
The OSGi Alliance defines documentary annotations,
ConsumerType to mark the roles of types in an API package. These annotations are available in the osgi.annotation jar for use in your API.
When next designing an API, please consider these API design practices. Your API will then be usable in both modular Java and non-modular Java environments.