REST GET URL Naming - rest

What is the best way to design or name an API URL that would get a specific user with a given unique identifier? I'm using cognitoId as the unique identifier.
Which of the following should I use?
/profiles/profile, then pass the cognitoId as URL Query String Parameters
/profiles/{id}
/profiles/profile then check 'Invoke with caller credentials'

If it is an API where any authorized user can get anyone's username by passing a unique ID, then you could use something like this: /profiles/{id} For example, https://api.github.com/user/1
If it is an API that returns the username of the caller by using the cognito ID, then /profiles/profile should work. See $context.identity variables in documentation to fetch the cognito ID.

Related

Obtaining the Identity of a Reviewer

I am getting the Policy Configurations (GET https://dev.azure.com/{organization}/{project}/_apis/policy/configurations) and for the policy of type "Required reviewers" (response array item's type.displayName), there is a property named "ReviewerIds" which is an array of what looks like GUIDs.
However, I do not know how to retrieve information about the user(s) or user group(s) identified by the GUID(s) in that array.
I suspect you're looking either for IdentityByID or IdentityByDescriptor:
https://learn.microsoft.com/en-us/rest/api/azure/devops/ims/identities/read-identities?view=azure-devops-rest-7.0&tabs=HTTP#by-ids
https://learn.microsoft.com/en-us/rest/api/azure/devops/ims/identities/read-identities?view=azure-devops-rest-7.0&tabs=HTTP#by-identitydescriptors
Be sure to call the right endpoint, identity information is from https://vssps.dev.azure.com.

Get specific product with id via Rest API Magento 2

I want to get the information from an specific product.
I am using this reference in this moment, and get all the products in given searchCriteria:
http://www.mysite.co/rest/V1/products-render-info?storeId=1&currencyCode=cop
Is there a way I can send the product id in the url and get only all its information?
You can add the filter
http://www.mysite.co/rest/V1/products?searchCriteria[filterGroups][0][filters][0][field]=entity_id&searchCriteria[filterGroups][0][filters][0][value]=1&searchCriteria[filterGroups][0][filters][0][condition_type]=eq
use field entity_id instead of id, value is product id here 1, condition_type is equal to here eq.
You can fetch product info by SKU, not ID.
API endpoint (get method) will pull product info. vendor/magento/module-catalog/etc/webapi.xml
/V1/products/:sku
So, your rest API calling URL should be like this
http://www.mysite.co/rest/V1/products/productsku
Note: If you want to fetch product info by id, you probably need to create a simple rest API. you can check this out.
https://magento.stackexchange.com/questions/282480/i-am-new-here-i-want-to-know-how-can-i-create-my-own-simple-api/282730

Like parameter in REST api url endpoint

Is it possible to pass parameters with 'like' keyword in REST api endpoints. Basically I'm trying to create an endpoint wherein I would query a db to get list of items based on '%name%'.
The corresponding query in DB would be like:
SELECT * FROM users WHERE user_id like "%arjun%"
So I would need to add parameters to my REST endpoint wherein i can fetch teh data based on name=%arjun%
Is that really possible?
Thanks
Arjun
I would recommend to user name=value and then create your sql with %%. You can put % into your GET call but it can cause bugs because % is special character which is used to encode other special characters.
But if you really want to go with name=%value% then you can put %25 instead of %. So something like this name=%25value%25

REST API parameter with multiple value types

I have the API route /api/users/:user_id, which takes a number as a parameter.
I want to have now the same route, but taking the username instead of the id, like this: /api/users/:username.
In my code, I have the route set up as /api/users/:user and I check the user URI parameter and do different actions if it is a number or a string.
Is it good practice / efficient to have the same route, but with a different parameter type? Both the username and user id's are unique.
It works, I just want to know if this is a practical solution, or if I should do separate routes.
we solved it by parsing the path variable.
psuedo code
long id;
String name;
try{
id = parselong(input);
}catch(parse exception){
name = input;
}
findbynameorid(id,name)
select * from customer where name = ? or id = ?
Assuming that both IDs and usernames are unique, it's valid solution.
Regarding implementation, you could use a regular expression to match the user identifier and check if it's an ID or a username.
It isn't really "good practice" to share a route parameter on a route, but as long as the IDs and usernames are both unique, you should be fine. Both act as unique identifiers for a user so both can be used to find the user in that route.
You can accept both the ID and username as the same parameter by first making the route param more permissive. Next, you can use the following (pseudo) query to look up whether that param matches the ID or the username:
SELECT id, name FROM users WHERE id={param} OR username={param}
Remember to pass that param in as a real query parameter; do NOT simply concatenate strings. Doing so will open you up to an SQL injection attack.
Solution
Make Parameter value as string and send one Request parameter as additional flag which describe request mode.
/api/users/:user_key?type=boolean > true(default) userid & false for username or vice versa.
Modify your api which then can answer two different apis
/api/users/user/userid/:id & /api/users/user/username/:name
Recommended
Above can resolve your issue. But is not recommended way of dealing with fetching user profile information using REST api. Presuming you will introduced user authentication in you rest application.
Self api : /api/users/me : this will fetch user info of the once who is currently logged with respect to that session/token.
User api : api/users/:id : this will fetch fetch specific user info
Username api: api/users?filters={username=some_username, }: this will fetch info of those users which have username matching with given filter.

How Can I filter Facebook Events Using Location by FQL

How Can I fitler Facebook Events Using Location By FQL
ex. I want to get all event which will be in Egypt
SELECT name FROM event
WHERE strpos(lower(name), 'Egypt') >= 0
https://developers.facebook.com/tools/explorer?fql=SELECT%20name%0AFROM%20event%20%0AWHERE%20strpos%28lower%28name%29%2C%20%27Egypt%27%29%20%3E%3D%200
But when I try to use the above Query it returns that for me:
Your statement is not indexable. The WHERE clause must contain an
indexable column. Such columns are marked with * in the tables linked
from http://developers.facebook.com/docs/reference/fql
Note : I hope to get the public events filtered by event name contains.
With the changes that they have made, queries using an app access_token cannot
use the above query:
SELECT name,location FROM event WHERE contains('egypt')
The query works with session tokens (user access_tokens), however, with an app access_token
it just returns:
{
"error": {
"message": "(#200) Must have a valid access_token to access this endpoint",
"type": "OAuthException",
"code": 200
}
It was surprising to me since I could still use any other query else than contains on the events table with an app access_token
UPDATE:
After looking at their documentations, I found out that you can only use the app access token for very limited set of queries:
https://developers.facebook.com/docs/reference/api/search/
What I finally did was I used the following to obtain a session access_token from my user as a page_manager
https://www.facebook.com/dialog/oauth?client_id={MY_CLIENT_ID}&scope=manage_pages&redirect_uri={MY_REDIRECT_URI}&response_type=token
The above query returns your your access_token and you can use it to run your query successfully. What it basically does is that it appends your access_token to you as a hashed attributed
{MY_REDIRECT_URI}#access_token={MY_ACCESS_TOKEN}
If you would like to parse the access token on the server, this would not work for you, since the hashed attribute is not sent with the request to your server. What you can do is to append type=web_server to the above request to facebook. In that case the access_token will be returned as a request parameter named code
The closest you can get is to use the contains predicate
SELECT name,location FROM event WHERE contains('egypt')
Which will get you some events that contain "egypt" in the text