api merge requestshttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests2022-02-08T13:10:58Zhttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/1Draft: feat: define basic structure for the API2022-02-08T13:10:58ZFrançois FerryDraft: feat: define basic structure for the APIFrançois FerryFrançois Ferryhttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/2Add schema and transaction api2022-03-14T10:20:23ZArnaud VergnetAdd schema and transaction apiRelies on commit https://forge.extranet.logilab.fr/cubicweb/cubicweb/-/commit/f0f8cda9f5d2ce7df59a148b3d16a7edf555487d to export the schema directly as a python dict.Relies on commit https://forge.extranet.logilab.fr/cubicweb/cubicweb/-/commit/f0f8cda9f5d2ce7df59a148b3d16a7edf555487d to export the schema directly as a python dict.Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/4Serialize dates in iso format2022-03-14T10:20:24ZArnaud VergnetSerialize dates in iso formatDefault python JSON serializer does not know how to handle dates. This MR forces dates to be converted to iso format when serialized to JSON.Default python JSON serializer does not know how to handle dates. This MR forces dates to be converted to iso format when serialized to JSON.Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/5Topic/default/routing2022-03-14T13:21:03ZFrançois FerryTopic/default/routingFrançois FerryFrançois Ferryhttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/3Handle errors2022-03-29T14:13:08ZArnaud VergnetHandle errorsThis MR adds support for handling various errors thrown by cubicweb when interacting with the api.
When catching an error, the api will return an HTTP response with the appropriate response code, and a json body with the name of the err...This MR adds support for handling various errors thrown by cubicweb when interacting with the api.
When catching an error, the api will return an HTTP response with the appropriate response code, and a json body with the name of the error and an explanatory message.Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/6feat: add jwt authentication2022-05-24T13:03:33ZArnaud Vergnetfeat: add jwt authenticationUsing [pyramid_jwt](https://github.com/wichert/pyramid_jwt) as base, this MR implements a new Authentication policy to handle JWT.
A new `api/v1/login` route has been added allowing the user to post his credentials and receiving a JWT t...Using [pyramid_jwt](https://github.com/wichert/pyramid_jwt) as base, this MR implements a new Authentication policy to handle JWT.
A new `api/v1/login` route has been added allowing the user to post his credentials and receiving a JWT token as response.
Closes #1Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/7feat: use pyramid decorators and rework error handling2022-06-01T16:51:32ZArnaud Vergnetfeat: use pyramid decorators and rework error handlingCompletely rewrites route creation to use pyramid decorators instead of contexes.
Also reworks the error handling to make it easier to choose what errors to catch and when. It now uses regular `try...except` blocks around the parts whic...Completely rewrites route creation to use pyramid decorators instead of contexes.
Also reworks the error handling to make it easier to choose what errors to catch and when. It now uses regular `try...except` blocks around the parts which could fail, and raises a pyramid `HTTPError` to return an HTTP error to the user.
As part of the error handling, this MR adds request parameter validation using [marshmallow](https://github.com/marshmallow-code/marshmallow) and [marshmallow_dataclass](https://github.com/lovasoa/marshmallow_dataclass). Using those libraries we can define `dataclasses` and convert them to a schema compatible with marshmallow and used to validate request parameters.
There is one breaking change in this MR: The `/transaction` endpoint is now split in 4 with `/transaction/begin`, `/transaction/execute`, `/transaction/commit` and `/transaction/rollback`. This was done in order to have static params. Before this change, request parameters would change based on the `action` param.
Closes #9
Closes #5
Closes #11Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/8feat: add openapi spec validation2022-06-02T12:52:36ZArnaud Vergnetfeat: add openapi spec validationAdds a file containing the [OpenAPI specification](https://swagger.io/specification/). This spec is accessible from the `openapi.yaml` route. The `openapi` route shows the same spec but using the [Swagger UI](https://swagger.io/tools/swa...Adds a file containing the [OpenAPI specification](https://swagger.io/specification/). This spec is accessible from the `openapi.yaml` route. The `openapi` route shows the same spec but using the [Swagger UI](https://swagger.io/tools/swagger-ui/).
It uses the [pyramid_openapi3](https://github.com/Pylons/pyramid_openapi3) library to validate the endpoints.Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/10fix: improve error logging2022-06-03T10:28:46ZArnaud Vergnetfix: improve error loggingErrors are logged using the info levelErrors are logged using the info levelArnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/11feat: use openapi validation instead of marshmallow2022-06-07T13:37:08ZArnaud Vergnetfeat: use openapi validation instead of marshmallowRemoves marshmallow dependencies.
Also generates the available routes from the yaml config.
This MR changes the error format to use a simpler one. HTTP codes and error title are not included in the json response as those can be fetched...Removes marshmallow dependencies.
Also generates the available routes from the yaml config.
This MR changes the error format to use a simpler one. HTTP codes and error title are not included in the json response as those can be fetched from the response headers.Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/12feat: add decorator to check for authenticated users2022-06-07T13:39:30ZArnaud Vergnetfeat: add decorator to check for authenticated usersCloses #12Closes #12Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/13feat: allow configuring api path2022-06-10T12:06:21ZArnaud Vergnetfeat: allow configuring api pathMakes it possible to configure a custom api prefix in `all-in-one.conf` using the `api-path-prefix` key.
This prefix is validated using regex to only allow latin and basic symbols.
The openapi specification is updated using this prefix...Makes it possible to configure a custom api prefix in `all-in-one.conf` using the `api-path-prefix` key.
This prefix is validated using regex to only allow latin and basic symbols.
The openapi specification is updated using this prefix to add it to each path.Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/15fix: removed reference to unused lib2022-06-10T16:31:49ZArnaud Vergnetfix: removed reference to unused libCloses #15Closes #15Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/17fix: improve config path checks2022-06-13T13:15:02ZArnaud Vergnetfix: improve config path checksImprove error messages and make sure path starts with a `/`.Improve error messages and make sure path starts with a `/`.Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/16fix: write openapi.yaml to cubicweb config dir2022-06-13T14:48:20ZArnaud Vergnetfix: write openapi.yaml to cubicweb config dirInstead of writing the file to the cube's dir, writes the file in the instance's config directory (`/etc/cubicweb.d/INSTANCE_NAME` usually).
This fixes Docker write permission issues
Closes #16Instead of writing the file to the cube's dir, writes the file in the instance's config directory (`/etc/cubicweb.d/INSTANCE_NAME` usually).
This fixes Docker write permission issues
Closes #16Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/18fix: convert date and time object to iso format for JSON2022-06-14T12:41:35ZArnaud Vergnetfix: convert date and time object to iso format for JSONArnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/20feat: catch more authentication errors2022-06-14T13:13:21ZArnaud Vergnetfeat: catch more authentication errorsArnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/19feat: add version in url path2022-06-14T13:31:19ZArnaud Vergnetfeat: add version in url pathAdds a version number after the configured api prefix. The default is v1 but a version number can be specified for future releases.Adds a version number after the configured api prefix. The default is v1 but a version number can be specified for future releases.Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/21fix: revert to base pyramid_jwt implementation using a custom cookie serializer2022-06-15T13:49:07ZArnaud Vergnetfix: revert to base pyramid_jwt implementation using a custom cookie serializerReverts to the base pyramid_jwt implementation but with a custom serializer which simply returns the given value. Needed as the JWT token is already base64 encoded.
This fixes authentication issues using the cubicweb_web login forms.Reverts to the base pyramid_jwt implementation but with a custom serializer which simply returns the given value. Needed as the JWT token is already base64 encoded.
This fixes authentication issues using the cubicweb_web login forms.Arnaud VergnetArnaud Vergnethttps://forge.extranet.logilab.fr/cubicweb/cubes/api/-/merge_requests/22feat: allow configuring openapi server url2022-06-16T13:54:03ZArnaud Vergnetfeat: allow configuring openapi server urlAdds a new configuration key in all-in-one.conf named `api-server-name`. This key allows users to specify the server name openapi should use for validation. Useful in case the CubicWeb instance runs in a sub-path and not the host root.
...Adds a new configuration key in all-in-one.conf named `api-server-name`. This key allows users to specify the server name openapi should use for validation. Useful in case the CubicWeb instance runs in a sub-path and not the host root.
This key is optional and the default instance base url (using hostname+port) is used if the config is not specified.
Closes #19Arnaud VergnetArnaud Vergnet