Does OSRM acutally provide pubic http API for bikes? - osrm

I want to use OSRM http api. In particular, I want to use the "route" service, with the "bike" profile.
However, when requesting https://router.project-osrm.org/route/v1/bike/48.4292,-3.8013;48.2539,-2.9004, I get a "Not found" response.
I tried the same request, with "driving" profile. I does work. https://router.project-osrm.org/route/v1/driving/48.4292,-3.8013;48.2539,-2.9004
I can't find what is wrong in my request. I'm wondering if OSRM actually provides a http service for the "bike" profile.

Looks like the the front-facing OSRM instance only has "car" implemented:
https://github.com/ropensci/stplanr/issues/246#issuecomment-378281881

Related

Uber API map endpoint

I'm trying to to get a response from this sandbox endpoint
sandbox-api.uber.com/v1/requests/resource_id/map
instead of getting something like this
{
"request_id":"b5512127-a134-4bf4-b1ba-fe9f48f56d9d",
"href":"https://sandbox-api.uber.com/v1/sandbox/map"
}
why am I getting this response?
{
"message": null,
"code": "conflict"
}
With the same Bearer token and resource_id I'm getting the right response to this endpoint sandbox-api.uber.com/v1/requests/resource_id/map
Thank you!
It looks like the receipt_id is being used instead of the request_id.
The 409 error can happen for a few different reasons: no_drivers_available, missing_payment_method, surge, fare_expired, retry_request, current_trip_exists. Details can be found here - https://developer.uber.com/docs/rides/api/v1-requests
I don't see the different between the two api requests examples you provided. The sandbox will always show a static map.
In production, maps are only available after a ride has been accepted by a driver and is in the accepted state. Attempting to GET this resource before that will result in a 404 not found error. The sandbox environment provides /v1/sandbox/map for testing, but it provides a static map.

How to use postman API client with openchain API server

I have just installed openchain (http://openchain.org)
I can check it on http://nossl.wallet.openchain.org/ but I would like to check API using Postman Rest client tool on my PC.
I'm using postman rest client and I have tried URI many times but response is empty : https://docs.openchain.org/en/latest/api/method-calls.html
Please give some advises, thanks in advance !
You should want it to look like something like this picture. Check your headers also, when I use the URL https://www.openchain.org/endpoint/query/recordversion?key=FFFF I get nothing and then when I check the headers I see there is a 404 status which means I was able to communicate with the server but it couldn't find my key. Which makes sense since I am just passing a random key. So see if you are getting a 404 error in your headers and if so then make sure your key is correct.

silhouette rest seed : how to use a social provider?

https://github.com/merle-/silhouette-rest-seed
I am trying to use this as I don't want to use the scala.html template files, and this seemed to do exactly what I wanted. I can CURL to create a user and get a token, but I don't know what to do with the redirects when trying to authenticate with a social provider, such as Facebook. There don't seem to be any instructions, either. Any help would be appreciated.
The readme gets you to the point where you have signed up a user and with the credentials POST retrieved the X-Auth-Token.
After a little debugging you will submit a POST request to the auth/link route to associate the user with the returned X-Auth-Token with a social provider as in:
http :9000/auth/link/facebook 'accessToken=xxxxx' X-Auth-Token:tokenfromearlier
Note the syntax of httpie is specific and must use = for json and : for headers. You obtain accessToken from here: https://developers.facebook.com/tools/access_token/
This will return the following JSON:
{
"message": "link with social completed!",
"status": "ok"
}
Not yet sure how to accomplish the next step which is to invoke the
/auth/signin/facebook POST route as this requires the ID of the provider and I am still figuring out the fb graph access approach.

How to demo a REST API without a REST client

I need to build a way to demo a REST API that takes three or four inputs, makes a REST call to an external server, then displays the response. This demo needs to be performed by a rather limited technical audience to business so REST clients are out.
It seemed like a simple HTML page that would do an ajax call would be fine for this, except I ran into the No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access fun messages because my localhost domain does not match the target domain. I don't have access to the target REST web service, so I can't make the necessary changes for the CORS headers.
Any ideas?
Build a very small and simple web application that shows the same HTML but does the REST call with its own REST client and shows the results.
Then run that on a local server.
Can you use a product where you can host your REST API? (There are number of API hosting products available. )If so you can try wso2 APImanager.? It is free and opensource. You do not need to develop any HTML page. You can try available swagger client or REST tool to test your APIs. You can do CORS settings too..
You can also use ExploREST, a project created with this goal in mind (production demo here).
With this tool, you can make GET/POST/PUT/DEL requests, but you can also create special links in the text documenting your API so that each time someone click on it, it will make the request you defined.
Example:
## My API is very good, I am documenting it. Try
%{
"text": "to post",
"post": {
"address": "/character",
"data": {
"name":"Dark Vador",
"type": "sith"
}
}
}%
Will result in a link that make a post when the user clicks on it.
The project is open source so do not hesitate to contribute !

Should I expose my authentication URI in a 401 error response?

I use OAuth 2 in a REST API and I my API returns a 401 error, if my access token is invalid.
My 401 response isn't meaningful right now and I wonder if I could place my authentication URI in my response? Something like
{
"error": 401,
"authentication_uri": "https://example.com/login?client_id=123&response_type=token&redirect_uri=http://example.com/app/"
}
Can I do that? Is this secure? (It seems that all these params are exposed in the URL anyway...) Are there other common methods to get a meaningful response from 401? I couldn't find something useful about this topic.
I am not a security expert, but I don't see a problem with doing this. I'm not aware of any value in hiding how to authenticate, and I don't see you exposing anything that they don't already have (assuming client_id and redirect_uri were in the original request).
To answer my own question: While it is certainly possible to do this and has benefits as you don't need to know the authentication URI beforehand, it has some pitfalls.
Say you develop multiple apps separately at http://localhost and you want to communicate the same REST API. The REST API can't deduce your client_id just from your Referer or Origin header field as it is always http://localhost. You could develop "App 1" or "App 2" and each has a different client_id. Therefor you would need to support URI templates. E.g.:
{
"error": 401,
"authentication_uri": "https://example.com/login?redirect_uri=http://localhost&response_type=token{&client_id}"
}
See here for more examples about URI templates.