Public Endpoints
The BeAPI Framework provides public endpoints for simplifying authentication/authorization. Below is a list of those endpoints and what each one does
Create Endpoint
Endpoints in BeAPI are secure by default making most of them PRIVATE. To add an endpoint of your own, you need to follow these instructions:
- Add Your @Controller: create your controller using @Controller annotation and extend the BeapiRequestHandler:
@Controller("company") public class CompanyController extends BeapiRequestHandler{ @Autowired private CompanyService compService; public Company show(HttpServletRequest request, HttpServletResponse response){ ... } - Create/scaffold IO State file: You must then create an IO State file which contains all the rules for the endpoint. If you don't want to do this by hand, you can 'scaffold' it using the CLI tool:
gradle scaffold -Pargs="connector=<domain.package.name>"
Provided Endpoints
The Beapi Starter provides endpoints that are not visible in your project but can be called via API endpoints. These are also secured via IO State files (like all your other endpoints) but generally don't have to be changed. Below we go over each one of these and the endpoints provided...
APIDocs
These are the endpoints for accessing the apidocs. Pretty self explanatory
| Endpoint | Request Params | Response Params |
|---|---|---|
| /{version}/apidoc/show | * |
Authorities/ROLES [ADMIN ONLY]
Since 'authorities' need to be added BUT can be a point of RISK, we maintain strict control of the endpoint in the starter. Below are the endpoints that are provided through the plugin:
| Endpoint | Request Params | Response Params |
|---|---|---|
| /{version}/authority/create | authority | id, authority |
| /{version}/authority/list | (List) id, authority |
Connector [ADMIN ONLY]
The 'connector' controller provides a way to RELOAD your API RULES without restarting your servers.This allows you to apply changes to an IO State file and load it up to a server to update rules on the server and 'PUSH' all changes to subscribing services.
| Endpoint | Request Params | Response Params |
|---|---|---|
| /{version}/connector/listFiles | (List) filename | |
| /{version}/connector/update | *special | *special |
NOTE: Updating our API Rules 'on-the-fly' is VERY special (as no other API tool or framework can do this without changing code and restarting the app/server). We do this by changing the RULES in the IO State file we want to make changes to and then RELOADING the file like so:
curl -v -H "Content-Type: application/json" --data-binary @/home/owen/Desktop/User.json -H "Authorization: Bearer your-token-here" --request POST http://localhost:8080/v1.0/connector/update"Application Properties [ADMIN ONLY]
This provides a way to report the existing application properties/state
| Endpoint | Request Params | Response Params |
|---|---|---|
| /{version}/properties/getAll |
|
|
| /{version}/properties/getProperties |
|
|
| /{version}/properties/throttleProps | ||
| /{version}/properties/webhookProps | ||
| /{version}/properties/securityProps |
Users
These are the endpoints for User management. These are provided for managing all the users in your system.
| Endpoint | Request Params | Response Params |
|---|---|---|
| /{version}/user/show |
|
permitAll
|
| /{version}/user/showById [ADMIN] |
|
|
| /{version}/user/getByUsername |
|
|
| /{version}/user/update [ADMIN] |
|
|
| /{version}/user/create | permitAll[] / ADMIN[id] |
|
| /{version}/user/list [ADMIN] |
|
|
| /{version}/user/delete | id | id |