API Examples & Usage
Below we show several different ways to access and test your API using CURL and Javascript including getting your token, passing your token and doing basic GET and PUT calls.
Authorization Calls
BeAPI has built in OAuth so you do not have to worry about auth/validation... you merely USE IT! So before you can call any API, you have to first validate and get a token back; that token is then used for all subsequent calls. Below are example in Curl and Javascript on how to make these calls.
Authorizing Via Curl
The first thing you will need to do before you make any API calls is you will need to AUTHORIZE and get a token that you can then pass to the API's. To do this, you will pass the 'root' login/password that you entered in your '~/.beapi/beapi_api.yml' file when initially doing your setup in the following command:
curl -H Origin: http://localhost -H "Content-Type: application/json"--request POST -d '{"username":"login","password":"password"}' http://localhost:8080/authenticate
...or if you are calling from a remote machine...
curl -H Origin: http://your.ip.address -H "Access-Control-Request-Headers: Origin,X-Requested-With" -H "Content-Type: application/json"--request POST -d '{"username":"login","password":"password"}' http://localhost:8080/authenticate
If you configured your environment properly, you should get something like this:
{"token":"eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbiIsImV4cCI6MTY2MDA4NzM1OSwiaWF0IjoxNjYwMDY5MzU5fQ.bR8lgrGlzCmHKhXC1D_LF-vVmFINAVX9kgA2n-EiIbslYaix......"}
That weird 'token' value is what you pass to ALL API calls to validate who you are and your security ROLES.
Authorizing Via Javascript
To do the same thing and get your token in Javascript for your frontend, you can do something similar to the following and store it in a token for use on following calls:
$.ajax({
type: 'POST',
url: window.url + "/authenticate",
cache:false,
async:true,
contentType: 'application/json',
data: JSON.stringify(jsonData),
//dataType:'json',
headers: {
'Access-Control-Allow-Origin': '*'
},
xhrFields:{
withCredentials: true
},
crossDomain: true,
success: function (data, textStatus, xhr){
...
},
complete: function (xhr, textStatus) {
...
}
}).done(function(data, textStatus, jqXHR) {
...
}).fail(function(jqXHR, textStatus, errorThrown) {
...
})
API Call Examples
Getting started with making API calls can be messy, so we provided some basic API calls to provide as templates for you to get started...
Calling API Via Curl
GET Example
curl -H "Content-Type: application/json" -H "Authorization: Bearer {token}" --request GET "http://localhost:8080/v{appVersion}/user/show/test"
PUT Example
curl -H "Content-Type: application/json" -H "Authorization: Bearer " --request PUT -d "{'title':'testamundo'"} "http://localhost:8080/v1.0/dept/update"
NOTE: Always remember to replace version (here represented by v{appVersion}) with the current version of your application. If you are unsure, check your gradle.properties for 'apiFrameworkVersion'.
Calling API Via Javascript
GET Example
$.ajax({
type: 'GET',
url: window.url+"/v1.2.0/"+path+"?"+string,
crossDomain: true,
cache:false,
xhrFields: {
withCredentials: false
},
beforeSend: function(request){
request.setRequestHeader('Authorization','Bearer '+window.token.access_token);
},
headers:{
'Content-Type': contenttype
},
dataType: datatype,
success: function(data) {
if(data){
...
}
},
error: function(jqXHR, textStatus, errorThrown) {
document.getElementById("output_"+count).innerHTML = jqXHR.status+" : "+jqXHR.statusText;
},
});
PUT Example
$.ajax({
type: 'PUT',
url: window.url+"/v1.2.0/"+path,
data: JSON.stringify(jsonData),
crossDomain: true,
cache:false,
xhrFields: {
withCredentials: false
},
beforeSend: function(request){
request.setRequestHeader('Authorization','Bearer '+window.token.access_token);
},
headers:{
'Content-Type': contenttype
},
dataType: datatype,
success: function(data) {
if(data){
...
}
},
error: function(jqXHR, textStatus, errorThrown) {
document.getElementById("output_"+count).innerHTML = jqXHR.status+" : "+jqXHR.statusText;
},
});
NOTE: Always remember to replace version (here represented by v1.2.x) with the current version of the BeAPI Framework. If you are unsure, check the gradle.propertiesb> for 'apiFrameworkVersion'.
User Management
Once you have most of your application setup, you will want to add/edit users & user roles. This can be done very easily through the API's.
User API's
Create User Example
curl -v -H "Content-Type: application/json" -H "Authorization: Bearer " --request POST -d "{'username': 'guesttest1','password':'testamundo','email':'guest1@guesttest.com'}" "http://localhost:8080/v1.2.0/person/create"
Show User (SuperUser Call Example)
curl -v -H "Content-Type: application/json" -H "Authorization: Bearer " --request GET "http://localhost:8080/v1.2.0/person/show/1"
Show Self Example
curl -v -H "Content-Type: application/json" -H "Authorization: Bearer " --request GET "http://localhost:8080/v1.2.0/person/show
Update User (SuperUser Call Example)
curl -v -H "Content-Type: application/json" -H "Authorization: Bearer " --request POST -d "{'username': 'guesttest1','password':'testamundo','email':'guest1@guesttest.com'}" "http://localhost:8080/v1.2.0/person/update/56"
Update Self Example
curl -v -H "Content-Type: application/json" -H "Authorization: Bearer " --request POST -d "{'username': 'guesttest1','password':'testamundo','email':'guest1@guesttest.com'}" "http://localhost:8080/v1.2.0/person/update"
Delete User (SuperUser Call Example)
curl -v -H "Content-Type: application/json" -H "Authorization: Bearer " --request DELETE "http://localhost:8080/v1.2.0/person/delete/1"
NOTE: Always remember to replace version (here represented by v1.2.x) with the current version of the BeAPI Framework. If you are unsure, check the gradle.properties for 'apiFrameworkVersion'.
User Role API's
Even though you created a user, they can't access anything until you assign them a 'ROLE' and this ROLE is assigned to an endpoint. Think of a 'ROLE' like a SECURITY GROUP that users belong to that grants them access.
Create User Role Example
curl -v -H "Content-Type: application/json" -H "Authorization: Bearer " --request POST -d "{'personId': '56','roleId':'1'}" "http://localhost:8080/v1.2.0/personRole/create"
Delete User Role Example
curl -v -H "Content-Type: application/json" -H "Authorization: Bearer " --request DELETE "http://localhost:8080/v1.2.0/personRole/delete/56"
NOTE: Always remember to replace version (here represented by v1.2.x) with the current version of the BeAPI Framework. If you are unsure, check the gradle.properties for 'apiFrameworkVersion'.
NOTE: While you will ALWAYS have to delete dependencies (such as THE USER ROLE) prior to deleting PERSON due to the foreign key dependency, this is taken care of for you in the current implamentation. All you have to do is 'delete person' and the related 'person role' record is automatically deleted as well.
Troubleshooting
- Check that the IO State request values for your ROLE, match what you are sending
- Check that you are calling the correct endpoint.
- Check that you are sending the proper headers and token.
- Make sure the version you are using is correct.
- 9 times out of 10, if you have any kind of error, the thrown stacktrace will tell you precisely what was misconfigured.