FormatSetter doesn't set the format to `api_json` when accessing just `/jsonapi`

I just thought of https://www.drupal.org/node/2954953 … because that involved landing #2854543: NegotiationMiddleware calls $request->setRequestFormat('html') when there is no _format request parameter, but shouldn't, which was originally created for JSON API: for #2831137: Remove the need for ?_format=api_json: assume the use of the 'api_json' format for routes managed by JSON API, the issue that made the patch above possible at all!

Now that #2854543: NegotiationMiddleware calls $request->setRequestFormat('html') when there is no _format request parameter, but shouldn't is in, I think much of #2831137: Remove the need for ?_format=api_json: assume the use of the 'api_json' format for routes managed by JSON API is now obsolete? Needs investigating.

Yep … thanks to #2854543: NegotiationMiddleware calls $request->setRequestFormat('html') when there is no _format request parameter, but shouldn't having landed, we can just set the _format route requirement on all JSON API routes to api_json, and \Drupal\Core\Routing\RequestFormatRouteFilter will automatically select it!

#2854543: NegotiationMiddleware calls $request->setRequestFormat('html') when there is no _format request parameter, but shouldn't was a critical bugfix in https://www.drupal.org/project/drupal/releases/8.5.4. The 2.x branch already requires Drupal 8.5. I think it's reasonable to bump that to 8.5.4.

So much complexity … gone! 💀

Also, this makes JSON API more consistent: 404s previously would not have resulted in a JSON API-formatted responses, now they are. The Accept: application/vnd.api+json request header is now optional too! Better DX!

I fixed a bug by mostly deleting code:

 6 files changed, 8 insertions(+), 96 deletions(-)

😀

Let's make this green!

This failed on the 415 response assertions. Because \Drupal\Core\Routing\ContentTypeHeaderMatcher::filter() throws a 415 and the format hasn't been set. I think a 415 itself is a strong enough signal. A response with this status code is all that the JSON API spec requires anyway.

d.o is drunk 🤡

#2949807: Spec Compliance: Error responses are missing the `jsonapi` top-level member and #2991389: Test coverage: relationship response cacheabiliity made changes that requires a change here too.

D'oh.

#14:

This is great 🎉🔥! […] The code itself looks fantastic and is approved. […] Let's make these tests pass and we can RTBC.

😀 Hurray!

I will probably quote this example in other issues 😜

Hah! 😀 I'm not sure which "MUST" you were referring to in the screenshot?

#16:

I am not sure why assertions are changing so much for this issue.

I explained that in #6.

1. Both the old and new assertion are asserting that the response is a 404. The new assert is no longer asserting the message, because the message is no longer there. For a reason similar to that in #6: we do still end up with a 404, but the format is not being set to api_json, since … no route was found, and hence the format never got set to api_json.
   And hence the 404 response does not contain JSON, but HTML (the default).
2. :) Note that the reason this 404 does use the api_json format, is that it's a non-existing UUID on an actual JSON API route. The assertions in point 1 are 404s on a non-existing route. That's the difference!
3. See #6 again.
4. For the same underlying reason as #6, but this time in MethodFilter.

I share your concerns. The only way to make this work then though is to still keep FormatSetter…

As explained in #3 and #4, thanks to #2854543: NegotiationMiddleware calls $request->setRequestFormat('html') when there is no _format request parameter, but shouldn't plus setting requirements: [format: api_json] allows us to remove a lot of custom code. But there's one downside: 4xx exceptions thrown during routing do not result in api_json responses.

So we have a choice to make here:

1. Either we accept that 4xx responses caused during routing do have the correct status code but not the correct format; this allows the JSON API module to be simpler
2. Or we do not accept this, and keep FormatSetter … but make it a little bit simpler

1. Either we accept that 4xx responses caused during routing do have the correct status code but not the correct format; this allows the JSON API module to be simpler
2. Or we do not accept this, and keep FormatSetter … but make it a little bit simpler

If we choose 1, #13 is the patch.

If we choose 2, this is the patch (hopefully green on first try 🤞). No code removal, but best spec compliance, and still code simplification!

I actually prefer option 2 too. Fewer changes, more robust, stronger spec compliance.

I would have loved to do option 1, but alas, it comes with too many downsides.

1. That was fixed a a long time ago, in #2971745: Don't hardcode `/jsonapi/` in FormatSetter, read JSON API base path from container parameter instead.
2. That is fixed in #18, because it specifically checks that the request path starts with /jsonapi/!
3. That is the only thing that is currently not guaranteed to work. But translation support is not yet official, so we can deal with that edge case in #2794431: [META] Formalize translations support. Furthermore, #18 specifically adds test coverage that verifies that only the "404/405/415 triggered during routing" results in a HTML response. The existing \Drupal\Tests\jsonapi\Functional\JsonApiFunctionalMultilingualTest::testReadMultilingual() test coverage proves that multilingual "normal" JSON API responses do in fact work.

So I think #18 actually already addresses 99% of your concerns?! :)

What about requiring the Accept header? Did we reopen that debate?

We haven't yet. But that would violate one of your primary principles AFAIK … because that'd mean going to /jsonapi in your browser would NOT return JSON, but a HTML 4xx response…

RTBCing #13 here.

I'm … confused. I actually would like to do #13 too (because less code, less complexity), but I thought you actually disliked that more, based on your review in #16? And it comes with certain downsides that I explained in #17. So … yeah … I'm confused 🙃 😀

Oddly enough no one ever asked about more than that when it comes to translations.

Moved this to #2794431-53: [META] Formalize translations support! 🙏

Heh, no problem 😁

That was a bit confusing indeed, which is why I did all that extra work to absolutely ensure that you agreed, and had the full set of choices available to you 🙏