I am using multiple webservices API from multiple clients.
I can see the URL in the network tab in the browser inspect. i don't want to expose the URL.
Is there any way to encode the URL to unread format?
From client side, no way. Maybe use a gateway url which does server-side call to "wanna be hidden" url and returns its result to the client ? But it wouldn't change the fact the output would be the same.
if you want to hide an url call from the client, don't do it client-side.
You have to change your design , essentially you need to put a proxy layer in between your client and actual API where the proxy can take a generic input with the encrypted url as the parameter something like
/Apiproxy/{encrypted url}
And the proxy can decrypt it and sent it to the actual u. You do have the complexity of managing the encryption key as well with this approach.
But why do you need this thing ?
Related
i have api gateway with 3 simple backends:
2 basic api routes (/plus and /minus) backed by lambda functions
1 direct sqs queue (/sqs_send)
It means i can send via api call directly to my sqs queue.
2 lambda backend functions take 2 params 'a,b' from api call and add,subtract and show output.
https://86bwtlv5ya.execute-api.us-east-1.amazonaws.com/minus?a=10&b=20 # prints -10 in browser
https://86bwtlv5ya.execute-api.us-east-1.amazonaws.com/plus?a=10&b=20 # prints 30 in browser
The 3rd function is tricky for me. Via postman i managed to send directly to sqs like this via put request. Notice how i have to select "body" "raw" then input message. I did check the sqs queue - the msg from postman is there.
My question - what to type into my api gateway endpoint to send msg directly to sqs? Without using postman?
https://86bwtlv5ya.execute-api.us-east-1.amazonaws.com/sqs_send?mesagebody # what to type after sqs_send?
This did not work - returns {"message":"Not Found"}
https://86bwtlv5ya.execute-api.us-east-1.amazonaws.com/sqs_send?
Action=SendMessage&
MessageBody=This+is+a+test+message
Is it possible, my sqs_send api route does not work with parameters, because it is designed to only work with "messagebody" as per my settings? "Message attributes" is empty?
If I understood correctly, you want to call your API gateway endpoints by directly entering the URL into your browser's address bar.
Short answer:
Unfortunately you can't do this with your 3rd endpoint /sqs_send, because it is a PUT endpoint which the browser cannot call directly through the address bar.
Details:
Browsers usually support only HTTP GET and POST methods directly, through form submissions (which in turn is an HTML limitation, where form submissions only support these two methods). In GET method, parameters are appended to the end of the URL in the pattern example.com/?name1=value1&name2=value2. In POST method, parameters are included in the body of the request, so they're not visible in the URL itself. This means that you can only call GET endpoints by directly typing into the address bar of your browser. Your /plus and /minus are likely GET endpoints. POST endpoints must be called via HTML form submissions to include your parameters.
For calling other methods like PUT and DELETE (in addition to GET and POST), you will have to use XMLHttpRequest or the Fetch API, or some frontend framework method built around them. As your Postman screenshot shows, your third endpoint /sqs_send is a PUT, so you can't call it directly by entering the URL into the browser's address bar. If you must call it this way, you will have to convert your endpoint to a GET so that you can send your parameters via URL parameters.
My requirement is I will expose the ESB integration implementation as a REST API.
1) In the implementation part whenever they will call This ESB API it has to route based on content in the post request sent to ESB(this can be achieved by content based routing pattern ).
2) But on the Endpoint side Which is to be called by the ESB while routing based on content may vary means, if today there is 2 end point to call tomorrow it may rise to 5 like that how to apply changes are is there any solution. So, how to achieve this dynamic integration.
I have 4 ways to achieve this integration pattern.
1) Deploy files in the registry which has the endpoint in it and having the file name which is same as the content name(regex) sent in the payload for routing. Then by storing that name in property mediator and use concat function to read that file in another property mediator, and by pattern matching read the endpoint. Thus you can use that endpoint and achieve the dynamic content based routing.
2) Have separate sequence each one to call one endpoint and have the same name as the content name. The main sequence will call the sequence based on the content.
3)Store the content on which to be routed and endpoint in the RDBMS database then use DB lookup mediator to retrieve the endpoint based on this you can route.
4) I think this is best and suitable for integration scenario where tomorrow the endpoint may change( that is when the number of the endpoint is not fixed ) and each endpoint wants a different transformation of the payload(I mean XML to json or JSON to XML etc..).
First, use one API and store the content in property mediator and use that mediator to call another API which has the implementation to call the endpoint.
For example, if the content based on which routing has to happen has the payload like this
{ "content":"c1" }
Store the content in property mediator using name uri.var.address. Then create another API's which will have the implementation to call endpoint(For each endpoint create separate API's) and URI-Template of the API's should have content stored in the property mediator(same as payload request). While using send mediator to call these ENDPOINT implemented API's use http request having url of the API with /{uri.var.address} because to match the URI-template details.
I have been into web development from sometime. But recently came across an old technology, REST. I read various places about REST calls, what I have understood about REST service is,
REST service responds back with JSON or XML data, which can be used on client side for rendering the DOM elements.
It enhances the use of HTTP protocol.
The URL difference between a REST call and normal URL is:
REST CALL: wwww.xyz.com/getCart/12
URL: wwww.xyz.com/getCart.php?cartId=12
I got the basic difference, hitting the URL would render a page at the server end and would return the response, whereas making an AJAX Call to the REST service would simply return a JSON or a XML output which can be parsed at the client end.
My question is:
If I make my .php page to render a JSON string, and the application makes a AJAX call to the php page to get the JSON response back and use it on client side to render the DOM, then what is the difference between REST call and a normal URL call.?
How REST calls are configured differently from normal URLs?
There's a lot of misinformation and confusion about REST. I'm not surprised that these three points are what you understood from the information available, but they are wrong.
REST isn't coupled to any particular data format or media type. The most important constraint in REST is the emphasis on an uniform interface, which means in this case that the server should be able to respond with whatever data format or media type the clients accept. Under HTTP, the client will tell what formats it can understand through the Accept header, and the server should comply or fail with a 406 Not Acceptable error.
In the same way, REST isn't coupled to any particular protocol, although it's often convoluted with HTTP. Again, following the uniform interface, the clients should be able to follow any links provided by the server, for any protocol with a valid URI scheme.
The semantics of URLs are completely irrelevant to REST. All that matters to REST is that an URL identifies one and only one resource. The URL is an atomic identifier and the client shouldn't rely on any semantics embedded in it for any operations. The two examples you give are both valid in REST. There's nothing more or less RESTful about any of them.
To answer your question, under a REST application the difference you imagine doesn't exist. Hitting an URL will return a response. If the client is requesting with an Accept: text/html header, it may return the human-friendly html page to be rendered by a browser. If the client requests with an Accept: application/json or Accept: application/xml, it may return a machine-friendly format to be read by another application.
REST is just an architectural style, there is no technical difference.
One of the things that REST defines is that your URL needs to be atomic identifiers that refer to only one resource.
GET /users/:id (return the user with the given :id)
PUT /users/:id (update the user with the given :id)
Here is an answer about using a framework to make a REST API in php.
Rest puts more emphasis on the verbs, like GET, PUT, POST... You can call one method like
/api/Customers
and depending on the verb you use it will do a get, post, put or delete. You can also make more easy URL's like
/api/Customers/{id}/Orders/{id}
instead of making a method that would be
api/GetCustomersOrders?id=x&id=y.
All Web Services are APIs, but not all APIs are Web services.
APIs are application interfaces, meaning that one application is able to interact with another application in a standardized way.
Web services are a type of API, which must be accessed through a network connection.
REST APIs are a standardized architecture for building web APIs using HTTP methods.
I am used to consuming Web services via a XMLHttpRequest, to retrieve xml or JSON.
Recently, I have been working with SharePoint REST services, which can return a single value (for example 5532, or "Jeff"). I am wondering if there is a more efficient way than XMLHttpRequest to retrieve this single value. For example, would it work if I loaded the REST url via an iframe, then retrieved the iframe content? Or is there any other well established method?
[Edit] By single value, I really mean that the service just returns these characters. This is not even presented in a JSON or xml response.
Any inefficiency in XMLHttpRequest is largely due to the overhead of HTTP, which the iframe approach is going to incur, as well. Furthermore, if the Sharepoint service expects to speak HTTP, you're going to need to speak HTTP. However, an API does not have to run over HTTP to be RESTful, per Roy Fielding, so if the service provided an API over a raw socket -- or if you simply wanted to craft your own slimmer HTTP request -- you could use a Flash socket via a library like: http://code.google.com/p/javascript-as3-socket/. You could cut the request message size down to under 100 bytes, and could pull out the response data trivially.
The jQuery library is a well established framework which you can use. It´s also an article which answer your concrete question at StackOverflow.
I've been provided a WSDL file that points to a webservice. I use this webservice to log in and create a session. In addition to the session token, the login response provides a URL I'm supposed to redirect my webservice calls to. Other than the URL I'm addressing, the definitions are the same, so no new WSDL is provided.
What is the best way to handle this? Generate my own altered WSDL? Create and/or alter the webservice object via Java? Some third option I've not thought of?
This is a hack, but you can always download the WSDL as a template, and reference it as a local file. When the login call tells you what URL to hit, simply replace the URL in the template with the new one, and proceed. You could even have a different version of the WSDL for each URL that could be returned, maybe using a hash of the URL as the filename.
Coldfusion webservice invocations always point to WSDL. Be it a local WSDL file, or a remote WSDL file you can access over an HTTP or HTTPs connection. Unless the responding URL points to a new WSDL file to use, it's not going to be that helpful.
-Jay