I'm using the last version of Api-platform, shipped with swagger.io .
I'm having an issue with swagger interface. When I try to use it to Get a resource, it doesn't seem to be able to find any base url or server url.
Logically, I tried to find if I could tell Swagger where to fetch my resources.
I tried to tell swagger what the base path or the url of my server is but I can't find any swagger configuration file.
My question is : is there any swagger configuration file in api_platform files ? Is there any way to create one where I could tell swagger where to look for my resources and what server to fetch them from.
By the way, swagger shows me no 'base url' header below the title of my API.
Thank you for your help.
API Platform create OpenAPI specification automatically based on your resources configuration.
You can use #ApiProperty.attributes.openapi_context annotation or api_platform.swagger.normalizer.documentation decorator for customization.
Related
How can I add a static data file to my web project? It doesn't work in debug mode with IIS Express, and I don't have a web site to deploy to yet.
Details
I have a data file that I want to expose on my web site. I have added that file to my ASP.NET project. When I run the project and attempt to view the file, I get a 404. In other words, I debug the project and type the file url into the browser. That url looks like 'https://localhost:44378/Data/widgetConfigMap.json'.
Rationale:
I need the data file to feed a javascript method. That method has an input parameter for a url with data, i.e. my file. The API in question is Bing Maps. The method name is 'createFromConfig'.
Unsatisfactory Alternative
I can generate the file 'on-the-fly' (via a method in my controller), but that method is slow. Slow enough that it timed-out once.
What I have tried
I tried updating the file properties. Initially, the file Build Action was 'Content', I changed that to 'Page', then to 'Resource' → neither worked. The other property choices look wrong.
Summary
I feel like there should be some way to configure my project, or IIS Express to serve-up the data file, but I can't find it.
It sounds like you just add the json file to your project folder instead of importing the json item into your project.
You can access json file directly when you have imported either new json item or existing json file to your /Data folder under your application.
Besides, please ensure you have let your route ignore the URL so static file handler will handle this.
Of course, you can try to publish it to local IIS not IIS express. Then import the data file and it shouldn't be limited.
I am working on a Laravel api in localhost. How do I create a route that lists everything available in a resource like the WordPress api does here http://example.com/wordpress/wp-json/wp/v2?
Research shows that I can use the command php artisan routes to get a list of routes but how do I make this available to a user as an endpoint?
You can use the Route::getRoutes() method to get all routing data.
Just loop through the routes and use ->getPath() to generate the list of paths.
For all other properties take a look at the API at: https://laravel.com/api/7.x/Illuminate/Routing/RouteCollection.html
An alternative is this useul api document generator https://github.com/mpociot/laravel-apidoc-generator
I am trying to publish my API docs in the same Nodejs application as my API, using Google Cloud Endpoints.
It looks easy following this guide:
Adding Swagger UI
The tricky part is exposing the /docs path via Google Cloud Endpoints (it also uses the same openapi.yaml).
I have tried defining the /docs path in my openapi.yaml like this:
"/docs":
get:
description: "Swagger UI API documentation"
operationId: "docs"
produces:
- "text/html"
responses:
200:
description: "Swagger UI"
The HTML page itself gets served but any assets like swagger-ui.css are not found.
It looks to me I am doing this wrong, as documentation is not an API endpoint. However I haven't been able to find a nice solution. Is there a way to proxy all traffic for /docs path?
I think you're going to find that there is no nice way of doing this. Your best bet is going to be to break off documentation publishing as a separate step in your deployment pipeline. That, or wait 6 months. Google Cloud is evolving rapidly and they've probably got this on their roadmap.
You can try creating the Swagger UI dist in one file (index.html)
or you can add
x-google-allow: all
in your openapi.yaml file to to expose all paths that don't have any form of authentication already set. Please note that this will allow all paths that follow the basepath of the .yaml file to be exposed in your Endpoints. (So for instance, if your basepath is /api then x-google-allow: all will only apply to paths following this (i.e. /api/users)
Also, please see: https://groups.google.com/forum/#!topic/google-cloud-endpoints/2h-2fotar9k
1.
I am managing a website which uses Adobe CQ5 as their management system. I am aware that there is a tool querybuilder.json in the /bin folder -- My question is, if an outside user would use this tool which API-syntax would they use to query "important" or "sensitive information". I need to know this so that I can block access to those syntax strings during GET or POST. Any help is appreciated, thanks!
So, what I'm asking is, if an attacker got access to the query builder link, would he be able to query passwords or internal login's, if so how? And if that, which syntax for the query builder can i remove to provoke this?
2.
Also, would anyone be able to tell me the proper syntax for the adobe querybuilder that can give you the hostname or web location where the directory that it lists is located?
So for example, if I got back /apps/geometrixx/user/login as output, I would also want to get the url that this file path is at on my server. Is there a syntax available for this action?
Please consider disabling all requests to paths starting with /bin prefix for your publish instance.
This is a common storage for all servlets that are very useful for authoring but not as much for the other instance.
If you have any custom servlets in the application please take a look at Apache Sling documentation and consider using resource based servlets.
#SlingServlet(
resourceTypes = "sling/servlet/default",
selectors = "hello",
extensions = "html",
methods = "GET")
public class MyServlet extends SlingSafeMethodsServlet {
This way you can control the access to the servlet using ACLs - if you have an access to the node (i.e. you can see it/render a component based on this resource) you will have an access to the servlet.
The best way to prevent unauthorized access to tools like this, is to deny *.json on your dispatcher and only allow calls to your application specific json. A good start what you should do can be found in the Security Checklist.
A documentation regarding the Query Builder can be found here: http://docs.adobe.com/docs/en/aem/6-0/develop/search/querybuilder-api.html
I loaded files to one of my projects web following their documentation. Now I need to get the URL for those files so I can access them from my application. Sadly, I'm unable to find the URL format for this. Any idea?
Say you uploaded your index.html to /home/project-web/foo_project/htdocs/index.html on web.sourceforge.net
You can than access it using http://foo_project.sourceforge.net/index.html
For details, see https://sourceforge.net/p/forge/documentation/Project%20Web%20Services/
Note that the path SFTP documentation mentions, like /home/groups/f/fo/foo_project/ is actually a link to /home/project-web/foo_project/.