Problem/Motivation
We need an API entry point to ensure that hypermedia can be used as the engine of the application state.
Proposed resolution
The entry point could be a read-only resource that contains list of links to all the available resources (in their collection form). The logic used to list all the available resources can copied from the jsonapi_docson
admin list, but turned into a JSON response.
It is OK to have a dedicated controller or core REST plugin to do this.
The output should still be JSON API compliant. I'm proposing:
{
"data": [],
"links": {
"self": "http://example.org/api",
"node--article": "http://example.org/api/node--article",
"node--page": "http://example.org/api/node--page",
"user--user": "http://example.org/api/user--user"
}
}
Note that this response should contain the needed cacheability metadata.
Comment | File | Size | Author |
---|---|---|---|
#26 | jsonapi-fix_entrypoint-2790935-26.patch | 2.02 KB | Grimreaper |
| |||
#19 | 2790935--interdiff--15-19.txt | 1.14 KB | e0ipso |
#19 | 2790935--entry-point--19.patch | 5.54 KB | e0ipso |
#15 | 2790935--interdiff--14-15.txt | 3.55 KB | e0ipso |
#15 | 2790935--entry-point--15.patch | 5.43 KB | e0ipso |
|
Comments
Comment #2
David Hernández CreditAttribution: David Hernández commentedInvestigating a bit about this. If anyone have any ideas about this issue and is in DrupalCon Dublin, ping me and let's talk about this in person.
Comment #3
David Hernández CreditAttribution: David Hernández at Gizra commentedHere is a first approach to the issue to list the available resources on the base path of the API endpoint.
JSON API specification doesn't covers yet this type of entry point, and I didn't found any good example around to use as base for the patch. So, I've developed it based on this Stack Overflow issue: http://stackoverflow.com/questions/19669443/entry-point-to-rest-hateoas-...
Some issues:
Comment #4
David Hernández CreditAttribution: David Hernández at Gizra commentedI think a test for this feature will be cool.
Comment #7
David Hernández CreditAttribution: David Hernández at Gizra commentedThis should put the tests on green.
Comment #8
David Hernández CreditAttribution: David Hernández at Gizra commentedComment #9
e0ipsoOnce there are tests for this approach I'm good with merging it.
Comment #10
e0ipsoGenerating links in D8 is very complex. However, we'll need to generate full paths.
For that we will need to inject the
@jsonapi.link_manager
.See ContentEntityNormalizerValue::98 for an example on how to use this. However we should link to the collection instead to
'individual'
.Comment #11
e0ipsoComment #12
e0ipsoComment #13
e0ipsoNot blocking here.
Comment #14
e0ipsoThe follwing patch generates the following output in my local:
It's noteworthy that this introduces a permission for the module to be able to see this. Not sure if this is the right approach.
Comment #15
e0ipsoAdded some kernel tests.
Comment #16
Wim LeersDoes the JSON API spec provide any guidance for this? It seems like it should?
Comment #17
e0ipsoWe could not find anything in http://jsonapi.org or http://discuss.jsonapi.org.
Comment #18
Wim LeersInteresting. Is this because … the people behind JSON API are more "pragmatic" and the HATEOAS people are more "academic"?
Shouldn't we ensure we have a JSON API extension spec for every addition (extension) we add?
Comment #19
e0ipsoAdded the required
_format
to the URLs.Comment #22
hampercm CreditAttribution: hampercm as a volunteer and at Acquia commentedI think this was a reasonable approach. +1 for the added permission, as some sites probably won't want this information broadcast.
I see a commit; can this be Closed (fixed) at this point?
Comment #23
GrimreaperHello,
I am testing this feature.
To authenticate, I use the basic_auth module, when trying to authenticate I got the following 403 error:
I think it is because there is not the route options
as on the other routes provided by jsonapi.
As
$this->authProviderList()
is a dynamic list of authentification method, is it possible to have a callback in the routing.yml file or should it go in \Drupal\jsonapi\Routing\Routes::routes or a special callback?Comment #24
Wim Leers#23 seems correct.
Comment #25
e0ipsoThanks for the bug report!
@Grimreaper I'm OK with it being in the same class
\Drupal\jsonapi\Routing\Routes
but with a different method. Maybe\Drupal\jsonapi\Routing\Routes::entryPoint
?Comment #26
GrimreaperHello,
Thanks for the suggestions.
Here is a patch to fix the authentification.
Do you want me to create a test for that? If yes, should it be a kernel or functional test?
Thanks for the review.
Comment #27
Wim LeersThanks!
It's not a base path. It's just the route's path.
This is used only once, so it's pointless to put it in a variable.
All of this is also used only once… so again pointless to put it in a variable first.
Comment #29
e0ipsoI made the modifications Wim suggested, and committed.
Great work everyone!!
Comment #30
GrimreaperThanks all ! :)
Comment #31
Wim LeersYay!
Comment #33
Wim LeersFYI: I linked to this issue from https://github.com/json-api/json-api/issues/746#issuecomment-402513695