dokucama

User Tools

Site Tools

Trace: desktop_applications restapi
scripting:restapi

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
scripting:restapi [2022/10/03 12:01] jotasandokuscripting:restapi [2023/11/02 14:38] (current) – external edit 127.0.0.1
Line 1: Line 1:
 +__REST API (OR REST-API)__
 +\\
 +__BUILDING THE URL__
 +\\
 +[[https://mydevice.mycompany.com/getstuff?queryName=errors&queryResults=yes]]
 +\\
 +  * Parameters
 +    * Terms
 +  * Endpoint: endpoint is the whole URL. Leftside is Domain name; Rightside is URI
 +  * A group of **resources** is called a **collection.** [[https://openclassrooms.com/en/courses/6121936-build-your-web-projects-with-rest-apis/6268226-use-rest-resources-and-collections|External Link]] 
 +  * 
 +  * method, headers, data(body) [[https://www.smashingmagazine.com/2018/01/understanding-using-rest-api/|External Link]]
 +
 +----
 +FILTERS:
 +
 +  * [[https://example.com/api/sp/alerts/?filter=/data/attributes/alert_class=dos%20AND%20/data/attributes/importance=2&page=10]] 
 +  * Match booleans: ongoing.eq.true  ; match with numbers : attributes/ip_version.eq.4
 +\\
 +  * The URL above has **two parameters** separated by **&**
 +    * The second parameter has **two terms** separated by ' AND '
 +
 +
 +  * If we are told to separate anything with Space, this is how is encoded in the URL : ''%20''. So, if we need something like ' AND ' we encode it as: ''%20AND%20''
 +    * [[https://www.w3schools.com/tags/ref_urlencode.ASP|URL_encoding_reference]]
 +
 +
 +__SECURITY__ [[https://restfulapi.net/security-essentials/|External_Link]]
 +  * CREDENTIALS:
 +    * Token bearer
 +    * Non-standard token (in the header itself):
 +    * Content-Type : Content-Type
 +    * X-Arbux-APIToken : xxxxxxx
 +
 +__Rest API resource ''internals''__ [[https://medium.com/@h4t0n/rest-api-uuid-v3-is-the-right-way-3ca0695610dc|LINK]]
 +\\
 +  * REST API should expose named UUID-V3 identifier. UUID should be generated from the resource logical key
 +  * BACKEND should use/store numeric (ID) primary keys for its logics  
 +
 +
 +----
 +
   * [[https://restfulapi.net/security-essentials/|Security_Principles]]   * [[https://restfulapi.net/security-essentials/|Security_Principles]]
 +  * Sample domains:
 +    * [[http://ip.jsontest.com]]
 +    * [[https://www.w3schools.com/python/demopage.js]]
  
 ---- ----
Line 6: Line 51:
 **CURL** **CURL**
 \\ \\
-**TODO: curl most common flags**+**TODO: curl most common flags** [[https://gist.github.com/eneko/dc2d8edd9a4b25c5b0725dd123f98b10|External Link]] 
 +  * -H (header) 
 +  * -X (request verb to use. Example -X PUT)
 \\ \\
 **CRAFTED REQUESTS**\\ **CRAFTED REQUESTS**\\
Line 30: Line 77:
 Also see curl examples in [[https://softbackbone.duckdns.org/doku.php?id=network_stuff:linux|External Link]] \\ Also see curl examples in [[https://softbackbone.duckdns.org/doku.php?id=network_stuff:linux|External Link]] \\
  
-  curl --socks5 127.0.0.1:1080 -X GET --header 'Accept: application/json' --header 'X-CSRFToken: WBC93zWg6SMnpzs6vvBXnejzLzpJJQ4LSeuGHsHVbeSHDa7cwlWcrwyGL8v1CTOn' 'http://netbox.uswest-cluster.aws.mycompany1.co.uk:8080/api/dcim/devices/' +  curl --socks5 127.0.0.1:1080 -X GET --header 'Accept: application/json' --header 'X-CSRFToken: XXXXYYYY' 'http://netbox.uswest-cluster.aws.mycompany1.co.uk:8080/api/dcim/devices/'
- +
----- +
-__BUILDING THE URL__ +
-\\ +
-  * Parameters +
-    * Terms +
-  * Endpoint: endpoint is the whole URL. Leftside is Domain name; Rightside is URI +
-  * A group of **resources** is called a **collection.** [[https://openclassrooms.com/en/courses/6121936-build-your-web-projects-with-rest-apis/6268226-use-rest-resources-and-collections|External Link]]  +
-  *  +
-  * method, headers, data(body) [[https://www.smashingmagazine.com/2018/01/understanding-using-rest-api/|External Link]] +
- +
-[[https://example.com/api/sp/alerts/?filter=/data/attributes/alert_class=dos%20AND%20/data/attributes/importance=2&page=10]]  +
-\\ +
-  * The URL above has **two parameters** separated by **&** +
-    * The second parameter has **two terms** separated by ' AND ' +
- +
- +
-  * If we are told to separate anything with Space, this is how is encoded in the URL : ''%20''. So, if we need something like ' AND ' we encode it as: ''%20AND%20'' +
- +
-__CREDENTIALS__ +
-\\ +
-  * Token bearer +
-  * Non-standard token (in the header itself): +
-    * Content-Type : Content-Type +
-    * X-Arbux-APIToken : xxxxxxx +
- +
-__Rest API resource ''internals''__ [[https://medium.com/@h4t0n/rest-api-uuid-v3-is-the-right-way-3ca0695610dc|LINK]] +
-\\ +
-  * REST API should expose named UUID-V3 identifier. UUID should be generated from the resource logical key +
-  * BACKEND should use/store numeric (ID) primary keys for its logics   +
  
 ---- ----
scripting/restapi.1664798501.txt.gz · Last modified: (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki