Table Of Content

DLI REST-style API Reference GeneratedbyDoxygen 20221009T204818Z ii 1Overview 1 1.1Targetaudience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2Designgoals. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2RESTarchitecturalstyleintroduction 2 2.1HTTPverbs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2.2HTTPrequestheaders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.3Contenttypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3Basicexamples 4 4Datamodel 7 4.1Scalartypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4.2Singletontypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4.3Containertypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4.4Thesumtype . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 4.5Thecalltype . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 4.6Constraints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 5Supportedstandardinterfaces 10 5.1URIs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 5.2HTTPverbs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 5.3HTTPauthentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.4InputMIMEtypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.4.1application/json . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.4.2text/plain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.4.3application/x-www-form-urlencoded . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 5.5PatchMIMEtypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 5.5.1application/json-patch+json . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 5.5.2application/x-www-form-urlencoded . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.6OutputMIMEtypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.6.1application/json . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.6.2text/html . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.6.3text/plain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.7Preferenceindication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 6Extensionstothestandardinterfaces 14 6.1Cross-siterequestforgeryprotection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 6.2HTTPverbtunneling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 6.3MatrixURIsandworkingwithmultipleresourcesinparallel . . . . . . . . . . . . . . . . . . . . . . 15 6.4Linkrelation'templated' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 6.5Responsedepthlimiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 7Deviationsfromstandardsandcommonpractices 17 DLIREST-styleAPIReference:20221009T204818Z 1Overview 1 7.1Nonstandard207Multipleresponsesformat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 7.2PUTandDELETEmethodsnotalwaysidempotent . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 7.3Semanticallyside-effect-freecallsstillneedPOST . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 7.4PATCHisallowedonread-onlyresources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 7.5SomePATCHoperations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 7.6Templatedand'hackable'URIs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Bibliography 20 1 Overview REST is an architectural style where data are presented and manipulated as an hierarchy of resources, and the underlying communications protocol (commonly HTTP) is used to perform action signaling, content negotiation, etc [11]. In practice this means automated clients for it are easier to implement; they can send and receive state in different formats (representations of resources). The REST-style API follows the principles of REST principles wherepossiblewithoutsacrificingsimplicityoraddingunnecessarybloat. 1.1 Targetaudience TheREST-styleAPIisdesignedtobeusedforautomatingaccesstothedevice,butcanalsobeusedmanuallywith thebrowser. Duetothewaydeviceconfigurationisimplemented,anynewconfigurationvariablesareexposedto theRESTAPIautomatically,whiledesigningwouldtaketime. 1.2 Designgoals • Simpleuniformwidely-implementedinterfaces TheREST-styleAPIidentifiesresourceswithURIs[2]. Justabouteverythingthereistoknowaboutthecon- troller(statesoftheoutletsandtheirnames,differentenvironmentmeters,AutoPingitems,networkinterfaces andauthorizedusers,etc.)hasitsplaceinanhierarchicalURInamespace.Groupsofsimilarresources(e.←(cid:45) g. all locked outlets, or all voltage meters, or all enabled AutoPing items) have matrix URIs (see later) to referencethemasagroup. TheAPIreliesonHTTP,awidelyimplementedprotocol,toperform: – actionsignaling(whattodowiththespecifiedresource); – contentnegotiation(whatformatyouwanttoinputdatainandhowyouwanttoreceiveoutput); – limitingoutputverbosityornesting(onlygetthedatayouneed); – relatedresourcediscovery(withtheLinkheaders). • FeaturecompatibilitywithexistingwebUIandlegacyAPI Ifyouarereadingthis, youhaveprobablyusedsomescriptstoaccesstheDLIpowercontrollers. Itwasn't convenient,sometimesinvolvedreverseengineeringthewebpagesoutputbythedevices,etc. Butitallowed youtoautomatealotofdeviceconfigurationandcontroltasks. TheREST-styleAPIintendstoallowaccess tothesame,andmoreparameters,inauniformfashion.ThelegacyAPIswillremaininplace,butnowthere's analternative. DLIREST-styleAPIReference:20221009T204818Z 2 • Discoverability YoucanuseyourwebbrowsertoaccesstheAPI,todiscoverthevisibleconfigurationandstateresources, andmanipulatethem. That'sactuallywhatthewebUIadvisesyoutodo. Discovering the API without a browser is also possible, just less convenient. For example, you can get a representation of the whole configuration by issuing a GET request to the API root (/restapi/) requesting output as JSON (Accept: application/json). However, without extra information it's not obvious what further actionsyoucantake,andHTMLoutputexplainsmostofittoyou(andprovidesformsforyou). • Extensibility ThewaytheAPIisdesignedmakesiteasierforustointegratenewfeaturesintothecontrollers,andforyouto findthem.Forexample,ifyouhaveascripttocyclealloutlets,itwillreallycyclethemall,evenifthecontroller hasmoreoutletsthanyouexpected. • Easeofuseforcommonoperations TheunderlyingdatamodelandprimaryinterchangeformatarebasedonJSON,acompactwidelysupported notation[3]. Forexample,youcanswitchoffallnon-lockedoutlets,orretrievethestatesofalloutletsatonce, withasinglerequest(inthelattercaseyouwilljustreceiveanarrayofstatesifyouneed,youwon'thaveto parseHTML),andthatwithoutsacrificingtheuniformity. • Flexibility RequestswithdifferentHTTPheaderswillmayacceptdifferentargumenttypesandyielddifferentrepresen- tationsofresources(e.g. plaintext,HTML,JSON,etc.). Ifyouareinterestedinayetunsupportedencoding, pleaseletusknowandwe'llhappilyaddit,withoutsacrificingcompatibility. • Consistency Differentmeansofachievingseeminglysameresultsshouldbeasequivalentaspossible. Forexample,you couldchangeapropertyofanobjectbyissuingaPUTrequesttothatproperty,orbyissuinganappropriate PATCHrequesttoparent(object's)URL,andthebehaviorshouldbethesame;samegoesforDELETE. 2 REST architectural style introduction RESTexposesthemanipulatedobjectsasanhierarchicalcollectionofresources. Youmaythinkofsuchcollection asofadirectoryinafilesystem, anSNMPOIDsubtree, etc. Resourcescanberetrieved, modified, createdand deleted; all of these operations are performed using standard HTTP methods, with well-defined semantics and behavioradjustablebystandardHTTPheaders. 2.1 HTTPverbs IntheRESTarchitecturalstyle,HTTPverbsareusedtoindicatewhatyouwanttodowiththeresource. ThefollowingHTTPverbsaresupported: • GET GETisusedtoretrieverepresentationoftheresource. • HEAD HEADissimilartoGET,butreturnsonlytheheadersfortheresource. • POST POSTisusedtocreateanewelementinthecollectionresource,orperformthefunctioncall. • PUT PUTisusedtocreateoroverwritetheresource. DLIREST-styleAPIReference:20221009T204818Z 2.2 HTTPrequestheaders 3 • PATCH PATCHisusedtoupdatetheresourceinplace,possiblyconditionally. • DELETE DELETEisusedtodeletetheresourcefromitscollection. • OPTIONS OPTIONSisusedtopreflightcross-originrequests(it'susuallysentinternallybybrowsers). 2.2 HTTPrequestheaders Request headers inform the server about what and how the client wants the server to return. Here are the more importantones: • Authorization Authorizationcontainsaccesscredentials;it'susuallysentinternallybyclients. • Accept Acceptindicatesclient'spreferencesinthecontenttypeofrepresentationtobereturnedbytheserver. • Content-Type,Content-Length Content-TypeandContent-Lengthintherequestindicatethekindandsizeofpayloadtheclientsendstothe server. • Range Rangeallowstoselectonlyaportionoftheresourcetoberetrieved. Wedefineaspecifickindofrangethat limitstreenesting. • Prefer Preferallowstocustomizedifferentaspectsofserverbehaviour,e.g. whetherthefullrepresentationoftheresource shouldbereturned,etc. • X-Requested-With AnX-Requested-With: XMLHttpRequestheaderindicatesthatXMLHttpRequesthasbeenusedtoissuethe request(it'susedforcross-siterequestforgeryprevention). Additionally,thefollowingnonstandardheadersaresupported: • X-HTTP-Method X-HTTP-MethodcanbeusedtoemulateaPUT/DELETE/PATCHrequestiftheclientdoesn'tsupportit(itis honoredinPOSTrequestsonly). • X-CSRF An X-CSRF header with any value can be used to mark legitimate requests (used for cross-site request forgeryprevention). DLIREST-styleAPIReference:20221009T204818Z 4 2.3 Contenttypes 3 Basic examples TheseexamplesdonotintendtodescribetheAPIcompletely;rather,theyshowthewaysinwhichitcanbeused to encourage further reading. They use 'curl', a popular HTTP command-line client, and assume you have a unit accessibleat http://admin:1234@192.168.0.100/ Commandsandresponsesareformattedandsometimestruncatedforreadability. • Retrievealltop-levelresourcesintheRESTAPI: curl -H "Range: dli-depth=1" -H "Accept: application/json" \ --digest ’http://admin:1234@192.168.0.100/restapi/’ Result: 200 OK { "relay": {"$ref":"relay\/", "title":"Relay object"}, "auth": {"$ref":"auth\/", "title":"Authentication server object"}, "config": {"$ref":"config\/", "title":"Configuration server object"}, "network": {"$ref":"network\/", "title":"Network configuration data"}, "autoping": {"$ref":"autoping\/", "title":"Autoping server object"}, "script": {"$ref":"script\/", "title":"Scripting server object"}, "meter": {"$ref":"meter\/", "title":"Meter server object"}, "renderer": {"$ref":"renderer\/", "title":"Renderer object"} } • Retrievetwolevelsofgenericconfiguration-relatedresourcesintheRESTAPIinfreeformtext: curl -H "Range: dli-depth=2" -H "Accept: text/plain" \ --digest ’http://admin:1234@192.168.0.100/restapi/config/’ Result: 200 OK object: allow_plaintext_logins = false protect_private_config = false hide_wifi_key = false custom_brand_url = false syslog_ip_address = 192.168.0.1 protect_firmware = false is_registered = false hide_passwords = true protect_network = false custom_brand_name = false known_quantities = illuminance=(...Quantity...), current=(...Quantity...), [truncated] allow_jsonrpc = false https_port = 443 custom_brand_logo_height = false refresh_enabled = true protect_maintenance = true custom_brand_logo_width = false http_port = 80 known_timezones = UTC-6=(...Timezone...), UTC+4=(...Timezone...), [truncated] protect_admin = false allow_restapi = true relax_nonhtml_content_types = false lockout_delay = 60 DLIREST-styleAPIReference:20221009T204818Z 3Basicexamples 5 plots = (...Plot...),(...Plot...), [truncated] ssh_enabled = true timezone = UTC ssh_port = 22 upgrade_notify_beep = false meters = (...Meter configuration...),(...Meter configuration...), [truncated] custom_brand_company_name = false refresh_delay_minutes = 1 links = (...Link...) version = (...Version...) hardware_id = (...) custom_brand_logo = false image_format = svg hostname = (...Hostname...) serial = (...Serial...) relax_nonhtml_methods = false upgrade_notify_blink = false • Switchalloutletsoff: curl -v -X PUT -H ’X-CSRF: x’ -H "Accept: application/json" --data ’value=false’ --digest ’http://admin:1234@192.168.0.100/restapi/relay/outlets/all;/state/’ Result: 207 Responses from multiple resources follow • AddalinktothewebUI: curl -H ’X-CSRF: x’ --data ’href=http://www.digital-loggers.com/&description=Digital+Loggers’ \ --digest ’http://admin:1234@192.168.0.100/restapi/config/links/’ Result: 201 created • Getstatesofoutlets#1,#2and#5inasingleJSONarray: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/relay/outlets/=0,1,4/state/’ Result: 207Responsesfrommultipleresourcesfollow [true,true,true] • GetnamesandphysicalstatesofalllockedoutletsinasingleJSONarray: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/relay/outlets/all;locked=true/=name,physical_state/’ Result: 207Responsesfrommultipleresourcesfollow ["a9999",true,"Outlet 4",false] • Add a user, and also return the representation for the user object (when showing non-administrative user passwordsisenabled): curl -H "Accept: application/json" -H ’Prefer: return=representation’ -H ’X-CSRF: x’ \ --data ’name=fred&password=foobar&is_allowed=true&outlet_access=false,false,false,false,false,false,false,false’ --digest \ ’http://admin:1234@192.168.0.100/restapi/auth/users/’ Result: 201 Created DLIREST-styleAPIReference:20221009T204818Z 6 { "name":"fred", "password":"foobar", "is_allowed":true, "is_admin":false, "outlet_access":[false,false,false,false,false,false,false,false] } • Gettheindicesofallowedusers: curl -H "Accept: application/json" --digest ’http://admin:1234@192.168.0.100/restapi/auth/users/is_allowed=true/=/’ Result: 207 Responses from multiple resources follow [0,1,2] • Gettheindexoftheadminuser(expectingexactlyoneadmin): curl -H "Accept: application/json" --digest ’http://admin:1234@192.168.0.100/restapi/auth/users/one;is_admin=true/one;=/’ Result: 200 OK 1 • GetunitfirmwareversionandserialnumberinasingleJSONarray: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/config/=version,serial/’ Result: 207 Responses from multiple resources follow ["(...Version...)","(...Serial...)"] • GetindicesandnamesforallmetersinasingleJSONarray: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/meter/values/all;/=,name/’ Result: 207 Responses from multiple resources follow [ "bus.0.current","current", "bus.0.voltage","voltage", "bus.0.total_energy","total energy", ] • GetnamesandvaluesforallbusBmetersinasingleJSONarray: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/meter/values/all;bus=1/=name,value/’ Result: 207 Responses from multiple resources follow DLIREST-styleAPIReference:20221009T204818Z 4Datamodel 7 [ "current",0, "voltage",167, "total energy",645501.064831 ] • Change the administrator password, and return the administrator configuration (the administrator password isnevershown): curl -H "Accept: application/json" -H ’Prefer: return=representation’ -H ’X-CSRF: x’ \ -X PATCH --data ’old_password=1234&new_password=4321’ --digest \ ’http://admin:1234@192.168.0.100/restapi/auth/users/is_admin=true/’ Result: 200 OK { "name":"admin", "password":{"$ref":"password/","title":"Password"}, "is_allowed":true, "is_admin":true, "outlet_access":[true,true,true,true,true,true,true,true] } • Runscriptingfunction'test'withoutarguments: curl -H ’X-CSRF: x’ -H "Content-Type: application/json" -H "Accept: application/json" --digest \ --data-binary ’[{"user_function":"test"}]’ ’http://admin:1234@192.168.0.100/restapi/script/start/’ Result(returnsthreadidentifier,whichisaJSONstring): 200 OK "11" • Runscriptingfunction'test'witharguments1.5and"hello": curl -H ’X-CSRF: x’ -H "Content-Type: application/json" -H "Accept: application/json" --digest \ --data-binary ’[{"user_function":"test","source":"test(1.5,\"hello\")"}]’ \ ’http://admin:1234@192.168.0.100/restapi/script/start/’ Result(returnsthreadidentifier,whichisaJSONstring): 200 OK "12" • ObtaintheIPaddressoftheclientsendingtherequestasseenbythecontroller: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/cred/ip_address/’ Result: 200 OK "192.168.0.2" 4 Data model ThedatamodelisbasedontheJSONdataformat,andborrowsmosttypedefinitionsfromthere. Wewillstartwith thetypespresentinJSON. DLIREST-styleAPIReference:20221009T204818Z 8 4.1 Scalartypes Scalardatatypes(havingnointernalstructureandcorrespondingtosimpleproperties)are: • astringliteral; • anumberliteral(followingJSONrules,itmustbeafinitenumber,sonoinfinitiesorNaNs). 4.2 Singletontypes Singletondatatypesareaspecialtypeofscalartypes. Theyarealsoknownasunittypes, andtheyhaveonlya singlevalue: • theconstantvaluetrue; • theconstantvaluefalse; • theconstantvaluenull. Youmaywonderwhythere'snoseparatebooleantype.Surprisingly,theJSONspecificationdoesn'tmentionit.true andfalsearejustseparatespecialvalues,likenull. Seebelowforhowthebooleantypeishandled. 4.3 Containertypes JSONdefinestwocontainertypes: • arraysareorderedlistswithintegerkeyslike: [1,"a",true] • objectsareunorderedmapswithstringkeyslike: {"name":"fred","is_admin":true} Inourdatamodel,acontainercaneitherhaveanarbitrarynumberofkeys,allwiththesametype(calledtheelement type,andwewillcallsuchcontainershomogeneous),orasetofpre-specifiedkeys(whichwewillcallfields),each withitsowntype(whichwewillcallheterogeneous). So, wedistinguishthefollowingfourtypes, whicharebased ontheJSONonesbutadditionallyconstraintheirvalues: container object-based array-based heterogeneous object tuple homogeneous map array Themostimportantdifferenceisthatyoucanonlyaddorremoveelementsfromhomogeneouscontainers(maps andarrays). Additionally,allJSONobject-basedvalueshaveanadditionalimplicitconstraintonthekeys: theycannotbeempty. Forexample, {"":"I am empty!"} DLIREST-styleAPIReference:20221009T204818Z

Description:
1 curl -H "Range: dli-depth=1" -H "Accept: application/json" < .. Such "convenience", however, comes at a cost: if, while being logged in to the
ebook img

Rest API PDF

570 Pages·2017·1.85 MB·English
by  Digital LoggersInc.
Download
Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Rest API

DLI REST-style API Reference GeneratedbyDoxygen 20221009T204818Z ii 1Overview 1 1.1Targetaudience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2Designgoals. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2RESTarchitecturalstyleintroduction 2 2.1HTTPverbs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2.2HTTPrequestheaders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.3Contenttypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3Basicexamples 4 4Datamodel 7 4.1Scalartypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4.2Singletontypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4.3Containertypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4.4Thesumtype . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 4.5Thecalltype . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 4.6Constraints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 5Supportedstandardinterfaces 10 5.1URIs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 5.2HTTPverbs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 5.3HTTPauthentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.4InputMIMEtypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.4.1application/json . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.4.2text/plain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.4.3application/x-www-form-urlencoded . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 5.5PatchMIMEtypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 5.5.1application/json-patch+json . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 5.5.2application/x-www-form-urlencoded . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.6OutputMIMEtypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.6.1application/json . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.6.2text/html . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.6.3text/plain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 5.7Preferenceindication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 6Extensionstothestandardinterfaces 14 6.1Cross-siterequestforgeryprotection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 6.2HTTPverbtunneling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 6.3MatrixURIsandworkingwithmultipleresourcesinparallel . . . . . . . . . . . . . . . . . . . . . . 15 6.4Linkrelation'templated' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 6.5Responsedepthlimiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 7Deviationsfromstandardsandcommonpractices 17 DLIREST-styleAPIReference:20221009T204818Z 1Overview 1 7.1Nonstandard207Multipleresponsesformat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 7.2PUTandDELETEmethodsnotalwaysidempotent . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 7.3Semanticallyside-effect-freecallsstillneedPOST . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 7.4PATCHisallowedonread-onlyresources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 7.5SomePATCHoperations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 7.6Templatedand'hackable'URIs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Bibliography 20 1 Overview REST is an architectural style where data are presented and manipulated as an hierarchy of resources, and the underlying communications protocol (commonly HTTP) is used to perform action signaling, content negotiation, etc [11]. In practice this means automated clients for it are easier to implement; they can send and receive state in different formats (representations of resources). The REST-style API follows the principles of REST principles wherepossiblewithoutsacrificingsimplicityoraddingunnecessarybloat. 1.1 Targetaudience TheREST-styleAPIisdesignedtobeusedforautomatingaccesstothedevice,butcanalsobeusedmanuallywith thebrowser. Duetothewaydeviceconfigurationisimplemented,anynewconfigurationvariablesareexposedto theRESTAPIautomatically,whiledesigningwouldtaketime. 1.2 Designgoals • Simpleuniformwidely-implementedinterfaces TheREST-styleAPIidentifiesresourceswithURIs[2]. Justabouteverythingthereistoknowaboutthecon- troller(statesoftheoutletsandtheirnames,differentenvironmentmeters,AutoPingitems,networkinterfaces andauthorizedusers,etc.)hasitsplaceinanhierarchicalURInamespace.Groupsofsimilarresources(e.←(cid:45) g. all locked outlets, or all voltage meters, or all enabled AutoPing items) have matrix URIs (see later) to referencethemasagroup. TheAPIreliesonHTTP,awidelyimplementedprotocol,toperform: – actionsignaling(whattodowiththespecifiedresource); – contentnegotiation(whatformatyouwanttoinputdatainandhowyouwanttoreceiveoutput); – limitingoutputverbosityornesting(onlygetthedatayouneed); – relatedresourcediscovery(withtheLinkheaders). • FeaturecompatibilitywithexistingwebUIandlegacyAPI Ifyouarereadingthis, youhaveprobablyusedsomescriptstoaccesstheDLIpowercontrollers. Itwasn't convenient,sometimesinvolvedreverseengineeringthewebpagesoutputbythedevices,etc. Butitallowed youtoautomatealotofdeviceconfigurationandcontroltasks. TheREST-styleAPIintendstoallowaccess tothesame,andmoreparameters,inauniformfashion.ThelegacyAPIswillremaininplace,butnowthere's analternative. DLIREST-styleAPIReference:20221009T204818Z 2 • Discoverability YoucanuseyourwebbrowsertoaccesstheAPI,todiscoverthevisibleconfigurationandstateresources, andmanipulatethem. That'sactuallywhatthewebUIadvisesyoutodo. Discovering the API without a browser is also possible, just less convenient. For example, you can get a representation of the whole configuration by issuing a GET request to the API root (/restapi/) requesting output as JSON (Accept: application/json). However, without extra information it's not obvious what further actionsyoucantake,andHTMLoutputexplainsmostofittoyou(andprovidesformsforyou). • Extensibility ThewaytheAPIisdesignedmakesiteasierforustointegratenewfeaturesintothecontrollers,andforyouto findthem.Forexample,ifyouhaveascripttocyclealloutlets,itwillreallycyclethemall,evenifthecontroller hasmoreoutletsthanyouexpected. • Easeofuseforcommonoperations TheunderlyingdatamodelandprimaryinterchangeformatarebasedonJSON,acompactwidelysupported notation[3]. Forexample,youcanswitchoffallnon-lockedoutlets,orretrievethestatesofalloutletsatonce, withasinglerequest(inthelattercaseyouwilljustreceiveanarrayofstatesifyouneed,youwon'thaveto parseHTML),andthatwithoutsacrificingtheuniformity. • Flexibility RequestswithdifferentHTTPheaderswillmayacceptdifferentargumenttypesandyielddifferentrepresen- tationsofresources(e.g. plaintext,HTML,JSON,etc.). Ifyouareinterestedinayetunsupportedencoding, pleaseletusknowandwe'llhappilyaddit,withoutsacrificingcompatibility. • Consistency Differentmeansofachievingseeminglysameresultsshouldbeasequivalentaspossible. Forexample,you couldchangeapropertyofanobjectbyissuingaPUTrequesttothatproperty,orbyissuinganappropriate PATCHrequesttoparent(object's)URL,andthebehaviorshouldbethesame;samegoesforDELETE. 2 REST architectural style introduction RESTexposesthemanipulatedobjectsasanhierarchicalcollectionofresources. Youmaythinkofsuchcollection asofadirectoryinafilesystem, anSNMPOIDsubtree, etc. Resourcescanberetrieved, modified, createdand deleted; all of these operations are performed using standard HTTP methods, with well-defined semantics and behavioradjustablebystandardHTTPheaders. 2.1 HTTPverbs IntheRESTarchitecturalstyle,HTTPverbsareusedtoindicatewhatyouwanttodowiththeresource. ThefollowingHTTPverbsaresupported: • GET GETisusedtoretrieverepresentationoftheresource. • HEAD HEADissimilartoGET,butreturnsonlytheheadersfortheresource. • POST POSTisusedtocreateanewelementinthecollectionresource,orperformthefunctioncall. • PUT PUTisusedtocreateoroverwritetheresource. DLIREST-styleAPIReference:20221009T204818Z 2.2 HTTPrequestheaders 3 • PATCH PATCHisusedtoupdatetheresourceinplace,possiblyconditionally. • DELETE DELETEisusedtodeletetheresourcefromitscollection. • OPTIONS OPTIONSisusedtopreflightcross-originrequests(it'susuallysentinternallybybrowsers). 2.2 HTTPrequestheaders Request headers inform the server about what and how the client wants the server to return. Here are the more importantones: • Authorization Authorizationcontainsaccesscredentials;it'susuallysentinternallybyclients. • Accept Acceptindicatesclient'spreferencesinthecontenttypeofrepresentationtobereturnedbytheserver. • Content-Type,Content-Length Content-TypeandContent-Lengthintherequestindicatethekindandsizeofpayloadtheclientsendstothe server. • Range Rangeallowstoselectonlyaportionoftheresourcetoberetrieved. Wedefineaspecifickindofrangethat limitstreenesting. • Prefer Preferallowstocustomizedifferentaspectsofserverbehaviour,e.g. whetherthefullrepresentationoftheresource shouldbereturned,etc. • X-Requested-With AnX-Requested-With: XMLHttpRequestheaderindicatesthatXMLHttpRequesthasbeenusedtoissuethe request(it'susedforcross-siterequestforgeryprevention). Additionally,thefollowingnonstandardheadersaresupported: • X-HTTP-Method X-HTTP-MethodcanbeusedtoemulateaPUT/DELETE/PATCHrequestiftheclientdoesn'tsupportit(itis honoredinPOSTrequestsonly). • X-CSRF An X-CSRF header with any value can be used to mark legitimate requests (used for cross-site request forgeryprevention). DLIREST-styleAPIReference:20221009T204818Z 4 2.3 Contenttypes 3 Basic examples TheseexamplesdonotintendtodescribetheAPIcompletely;rather,theyshowthewaysinwhichitcanbeused to encourage further reading. They use 'curl', a popular HTTP command-line client, and assume you have a unit accessibleat http://admin:1234@192.168.0.100/ Commandsandresponsesareformattedandsometimestruncatedforreadability. • Retrievealltop-levelresourcesintheRESTAPI: curl -H "Range: dli-depth=1" -H "Accept: application/json" \ --digest ’http://admin:1234@192.168.0.100/restapi/’ Result: 200 OK { "relay": {"$ref":"relay\/", "title":"Relay object"}, "auth": {"$ref":"auth\/", "title":"Authentication server object"}, "config": {"$ref":"config\/", "title":"Configuration server object"}, "network": {"$ref":"network\/", "title":"Network configuration data"}, "autoping": {"$ref":"autoping\/", "title":"Autoping server object"}, "script": {"$ref":"script\/", "title":"Scripting server object"}, "meter": {"$ref":"meter\/", "title":"Meter server object"}, "renderer": {"$ref":"renderer\/", "title":"Renderer object"} } • Retrievetwolevelsofgenericconfiguration-relatedresourcesintheRESTAPIinfreeformtext: curl -H "Range: dli-depth=2" -H "Accept: text/plain" \ --digest ’http://admin:1234@192.168.0.100/restapi/config/’ Result: 200 OK object: allow_plaintext_logins = false protect_private_config = false hide_wifi_key = false custom_brand_url = false syslog_ip_address = 192.168.0.1 protect_firmware = false is_registered = false hide_passwords = true protect_network = false custom_brand_name = false known_quantities = illuminance=(...Quantity...), current=(...Quantity...), [truncated] allow_jsonrpc = false https_port = 443 custom_brand_logo_height = false refresh_enabled = true protect_maintenance = true custom_brand_logo_width = false http_port = 80 known_timezones = UTC-6=(...Timezone...), UTC+4=(...Timezone...), [truncated] protect_admin = false allow_restapi = true relax_nonhtml_content_types = false lockout_delay = 60 DLIREST-styleAPIReference:20221009T204818Z 3Basicexamples 5 plots = (...Plot...),(...Plot...), [truncated] ssh_enabled = true timezone = UTC ssh_port = 22 upgrade_notify_beep = false meters = (...Meter configuration...),(...Meter configuration...), [truncated] custom_brand_company_name = false refresh_delay_minutes = 1 links = (...Link...) version = (...Version...) hardware_id = (...) custom_brand_logo = false image_format = svg hostname = (...Hostname...) serial = (...Serial...) relax_nonhtml_methods = false upgrade_notify_blink = false • Switchalloutletsoff: curl -v -X PUT -H ’X-CSRF: x’ -H "Accept: application/json" --data ’value=false’ --digest ’http://admin:1234@192.168.0.100/restapi/relay/outlets/all;/state/’ Result: 207 Responses from multiple resources follow • AddalinktothewebUI: curl -H ’X-CSRF: x’ --data ’href=http://www.digital-loggers.com/&description=Digital+Loggers’ \ --digest ’http://admin:1234@192.168.0.100/restapi/config/links/’ Result: 201 created • Getstatesofoutlets#1,#2and#5inasingleJSONarray: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/relay/outlets/=0,1,4/state/’ Result: 207Responsesfrommultipleresourcesfollow [true,true,true] • GetnamesandphysicalstatesofalllockedoutletsinasingleJSONarray: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/relay/outlets/all;locked=true/=name,physical_state/’ Result: 207Responsesfrommultipleresourcesfollow ["a9999",true,"Outlet 4",false] • Add a user, and also return the representation for the user object (when showing non-administrative user passwordsisenabled): curl -H "Accept: application/json" -H ’Prefer: return=representation’ -H ’X-CSRF: x’ \ --data ’name=fred&password=foobar&is_allowed=true&outlet_access=false,false,false,false,false,false,false,false’ --digest \ ’http://admin:1234@192.168.0.100/restapi/auth/users/’ Result: 201 Created DLIREST-styleAPIReference:20221009T204818Z 6 { "name":"fred", "password":"foobar", "is_allowed":true, "is_admin":false, "outlet_access":[false,false,false,false,false,false,false,false] } • Gettheindicesofallowedusers: curl -H "Accept: application/json" --digest ’http://admin:1234@192.168.0.100/restapi/auth/users/is_allowed=true/=/’ Result: 207 Responses from multiple resources follow [0,1,2] • Gettheindexoftheadminuser(expectingexactlyoneadmin): curl -H "Accept: application/json" --digest ’http://admin:1234@192.168.0.100/restapi/auth/users/one;is_admin=true/one;=/’ Result: 200 OK 1 • GetunitfirmwareversionandserialnumberinasingleJSONarray: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/config/=version,serial/’ Result: 207 Responses from multiple resources follow ["(...Version...)","(...Serial...)"] • GetindicesandnamesforallmetersinasingleJSONarray: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/meter/values/all;/=,name/’ Result: 207 Responses from multiple resources follow [ "bus.0.current","current", "bus.0.voltage","voltage", "bus.0.total_energy","total energy", ] • GetnamesandvaluesforallbusBmetersinasingleJSONarray: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/meter/values/all;bus=1/=name,value/’ Result: 207 Responses from multiple resources follow DLIREST-styleAPIReference:20221009T204818Z 4Datamodel 7 [ "current",0, "voltage",167, "total energy",645501.064831 ] • Change the administrator password, and return the administrator configuration (the administrator password isnevershown): curl -H "Accept: application/json" -H ’Prefer: return=representation’ -H ’X-CSRF: x’ \ -X PATCH --data ’old_password=1234&new_password=4321’ --digest \ ’http://admin:1234@192.168.0.100/restapi/auth/users/is_admin=true/’ Result: 200 OK { "name":"admin", "password":{"$ref":"password/","title":"Password"}, "is_allowed":true, "is_admin":true, "outlet_access":[true,true,true,true,true,true,true,true] } • Runscriptingfunction'test'withoutarguments: curl -H ’X-CSRF: x’ -H "Content-Type: application/json" -H "Accept: application/json" --digest \ --data-binary ’[{"user_function":"test"}]’ ’http://admin:1234@192.168.0.100/restapi/script/start/’ Result(returnsthreadidentifier,whichisaJSONstring): 200 OK "11" • Runscriptingfunction'test'witharguments1.5and"hello": curl -H ’X-CSRF: x’ -H "Content-Type: application/json" -H "Accept: application/json" --digest \ --data-binary ’[{"user_function":"test","source":"test(1.5,\"hello\")"}]’ \ ’http://admin:1234@192.168.0.100/restapi/script/start/’ Result(returnsthreadidentifier,whichisaJSONstring): 200 OK "12" • ObtaintheIPaddressoftheclientsendingtherequestasseenbythecontroller: curl -H "Accept: application/json" --digest \ ’http://admin:1234@192.168.0.100/restapi/cred/ip_address/’ Result: 200 OK "192.168.0.2" 4 Data model ThedatamodelisbasedontheJSONdataformat,andborrowsmosttypedefinitionsfromthere. Wewillstartwith thetypespresentinJSON. DLIREST-styleAPIReference:20221009T204818Z 8 4.1 Scalartypes Scalardatatypes(havingnointernalstructureandcorrespondingtosimpleproperties)are: • astringliteral; • anumberliteral(followingJSONrules,itmustbeafinitenumber,sonoinfinitiesorNaNs). 4.2 Singletontypes Singletondatatypesareaspecialtypeofscalartypes. Theyarealsoknownasunittypes, andtheyhaveonlya singlevalue: • theconstantvaluetrue; • theconstantvaluefalse; • theconstantvaluenull. Youmaywonderwhythere'snoseparatebooleantype.Surprisingly,theJSONspecificationdoesn'tmentionit.true andfalsearejustseparatespecialvalues,likenull. Seebelowforhowthebooleantypeishandled. 4.3 Containertypes JSONdefinestwocontainertypes: • arraysareorderedlistswithintegerkeyslike: [1,"a",true] • objectsareunorderedmapswithstringkeyslike: {"name":"fred","is_admin":true} Inourdatamodel,acontainercaneitherhaveanarbitrarynumberofkeys,allwiththesametype(calledtheelement type,andwewillcallsuchcontainershomogeneous),orasetofpre-specifiedkeys(whichwewillcallfields),each withitsowntype(whichwewillcallheterogeneous). So, wedistinguishthefollowingfourtypes, whicharebased ontheJSONonesbutadditionallyconstraintheirvalues: container object-based array-based heterogeneous object tuple homogeneous map array Themostimportantdifferenceisthatyoucanonlyaddorremoveelementsfromhomogeneouscontainers(maps andarrays). Additionally,allJSONobject-basedvalueshaveanadditionalimplicitconstraintonthekeys: theycannotbeempty. Forexample, {"":"I am empty!"} DLIREST-styleAPIReference:20221009T204818Z

Description:
1 curl -H "Range: dli-depth=1" -H "Accept: application/json" < .. Such "convenience", however, comes at a cost: if, while being logged in to the
See more

The list of books you might like

Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.
We use cookies

We use cookies to ensure you get the best browsing experience on our website. By clicking "Accept Cookies", you agree that we can store cookies on your device in accordance with our Terms and Privacy.

DMCA & Copyright: Dear all, most of the website is community built, users are uploading hundred of books everyday, which makes really hard for us to identify copyrighted material, please contact us if you want any material removed.
Copyright @ PDFdrive.to, 2022 | We love our users