right now I'm building a project with the laravel framework. I'm not a professional or whatever, in the past I built all my applications from scratch without the use of such frameworks.
Right now I'm implenting the Twitch API for certain parts of my website. While doing that I encoutered situations where the Twitch API returns an http error code (40x) even though it provides a "valid" response. Right now I'm using a pretty popular Twitch API package from packagist.org. As soon as I receive an 40x error code an exception will be thrown which would would break my application.
Reason for that is, that the response request looks like this:
$response = $this->client->send($request);
As a workaround I changed this to:
$response = $this->client->send($request, ['http_errors' => false]);
Obviously I could also make use of GuzzleHttp\Exception to handle these errors aswell. But from what I get, all of this would have to happen inside the package I downloaded via composer which means that as soon as the author releases an update and I run a composer update my changes would be overwritten and my app might be broken until I fix it again.
I guess not everyone is familiar with the Twitch API. An easy example for my question is an API call where you can check wether a specific user is following a a specific channel. When the user does NOT, the response looks like that:
{
"error": "Not Found",
"message": "12345 is not following 67890",
"status": 404 }
So this is a perfectly fine and valid response that would be easy to handle but instead of an 200 http status response the api responds with a 404 http status code which will throw an exception.
So my question is, is it really good practice in APIs to return a 40x status code even though you send and receive perfectly fine requests? It's not like there's an error like missing parameters, ids or whatever. It's just some kind of "bool" query where return can be true or false and where false will always return a 40x http status code but still contains a valid response.
Thank you
Package that is throwing an exception is the best kind, because you can simply write "global" handler for those exceptions and simply "display" error that is sent along, nevertheless you should not.
You should write an API adaptor for Twitch API package and handle errors / exceptions inside those methods instead of using Twitch package right in controller or model. Further more you should delegate making request to dedicated server (such as Twitch) for queued job.
To answer your question:
Are HTTP status codes in APIs good practice?
Yes, where else would you want to use status codes? API is the perfect place.
Status codes are easy to compare, easy to understand. Messages sent along are just meta information for human to "understand" what is going on.
Part below is way off the scope of the question:
You should never change package code itself (except when testing), instead clone/fork package, make changes you need and use composer to load your version instead.
composer.json
"repositories": [
{
"type": "vcs",
"url": "https://github.com/username/repository"
}
],
"require": {
.
.
.
"original-repo-package": "dev-branch-form-your-repo as 1.0.0"
}
Related
I'm building an api at my company using laravel.
The problem I'm encountering is that if you send an api request without defining the correct header with the request you will get html back if there is a failure e.g. authorization failure or findOrFail() failure.
My thinking is that you never want to return html (even if the user has the wrong header).
I have a couple of solutions. In BeforeMiddleware.php I can manually insert a header into the request such as:
// Check if we are on an api route
$apiRoute = strncmp($uri, '/api/', 5) == 0;
// Insert the request header to force json response
if ($apiRoute){
$language = $request->header->add('Accept', 'application/json');
}
The 2nd solutions would be to throw an error if they don't have the correct header.
What would be the best way to enforce a json response, what is a good practice for handling api responses in laravel?
Once you detected that you are on your api path you are out of the woods and can indeed tackle your problem in the app\Exceptions\Handler.php file like suggested on How do you force a JSON response on every response in Laravel?.
For an open source project I created JSON exception objects by Microsoft format as output, but you can choose the jsonapi format (http://jsonapi.org/examples/#error-objects-basics) as you like:
https://github.com/StadGent/laravel_site_opening-hours/blob/develop/app/Exceptions/Handler.php
(note that on this implementation it is indeed depending from the headers, but you can use your path detection I think)
I'm trying to create a web hook notification. The documentation of the service i want to use requires that i specify a URL where POST requests can be performed. This URL will receive the following object, in json format, and must respond with a Status Code between 200-299.
{
"type": "ping"
}
I don't know how to proceed making my server on localhost respond with a 200 status code. http_response_code(200) works well on live server but nothing seem to be happening on localhost.
Is there any way i can make it work with localhost?
I've included the link to the documentation here (i hope it's not against the rule).
I am thinking that you wouldn't have to send them the response. The webhook would know about the response. If it reached your URL successfully, it would be a 200 OK right off the bat. If the API is requesting a response back then I imagine that you would have to call it back somehow. Is this a well-known API? Any documentation?
The response code is in the response header, not in the content.
PHP defaults to a response code of 200, so if you don't mess with it at all, you should be good.
If you want to set a different response code (202 for example), just call:
http_response_code(202);
Or set the full header yourself:
header('HTTP/1.1 202 Accepted');
Proper way to explicitly set 200 (or any other) status code with http_response_code function is just as following (don't echo or json_encode it):
http_response_code(200);
It should force webserver to use 200 status code in it's response. However, webserver could possibly ignore it. To check what response code your webserver sends, use telnet or any REST tool like Postman
I have an interesting situation when calling the Shopify API. I use the standard procedure for calling the url and get the data, like this:
define('SHOPIFY_SHOP', 'myteststore.myshopify.com');
define('SHOPIFY_APP_API_KEY', 'xxxx');
define('SHOPIFY_APP_PASSWORD', 'yyy');
$shop_url = 'https://'.SHOPIFY_APP_API_KEY.':'.SHOPIFY_APP_PASSWORD.'#'.SHOPIFY_SHOP;
$response = Requests::get($shop_url.'/admin/products.json');
And I correctly get the response, parse the data and all works great. Now, when I put it to the actual server (Ubuntu 12.04), I noticed a weird message from the Spotify API:
[API] Invalid API key or access token (unrecognized login or wrong password)
I tried creating a new app, but still its the same. So the same file and the same set works on my machine, but not on the server. (only difference in the file is the path to requests library, require_once './Requests/library/Requests.php'; for Linux and require_once '..\Requests\library\Requests.php'; for Windows) As stated, I use the requests library and I assume there has to be some trick where the library (or something else) rewrites the URl and it doesn't get to Shopify correctly.
I tried using CURL with the URL directly, and it works that way as well. Can anyone point me what might be causing this?
Update: I moved to another library which solved the issue, but would like to know what was causing this since I had great experience with Requests up to this point.
I'm starting to use the same lib, and I stumbled upon something relevant right after finding this question:
https://github.com/rmccue/Requests/issues/142#issuecomment-147276906
Quoting relevant part:
This is an intentional part of the API design; in a typical use case,
you won't necessarily need data sent along with a request. Building
the URL for you is just a convenience.
Requests::get is a helper function designed to make GET requests
lightweight in the code, which is why there's no $data parameter
there. If you need to send data, use Requests::request instead
$response = Requests::request( 'http://httpbin.org/get', $headers, $data, Requests::GET, $options );
// GET is the default for type, and $options can be blank, so this can be shortened:
$response = Requests::request( 'http://httpbin.org/get', $headers, $data );
I couldn't figure why is this happening, it appears the Requests library is stripping the parameters from GET requests, so I moved to unirest library and this solved the issue.
I'm trying to get a JSON string from a page in my Laravel Project. Using this:
$json = file_get_contents($url);
$data = json_decode($json, TRUE);
return View::make('adventuretime.marceline')
->with('json', $json)
->with('title', 'ICE KING')
->with('description', 'I am the Ice King')
->with('content', 'ice king');
But since I'm only using a localhost, I think this doesn't work that's why it doesn't output anything. I want to know what is the proper way for it to be flexible and be able to get the JSON string with any $url value using php?
Looking at the comments above, it is possible that the $url you are using is not valid, check it out by pointing your browser there and see what happens.
If you are sure that the $url is fine, but you still get the 404 Not Found error - verify that you have proper Laravel routing defined for that address. If the routes are fine, maybe you forgot to do
composer dump-autoload
after making modifications in your routes.php. If so, try the above and refresh the browser to see if it helps.
Furthermore, bear in mind that using your current function, you can submit only GET requests. What is more, this function might not be available for fetching remote urls, on some hosting servers due to security reasons. If you still want to use it, it'd be good to check
if($json !== FALSE)
before you process the $json response. If the file_get_contents fails it will return false.
Reffering to the part of your question
what is the proper way for it to be flexible and be able to get the JSON string with any $url
I'd suggest using cURL, as a standard and convenient way to fetch remote content. Using cURL you have better control over the process of sending the http request and receiving the "answer" it returns. Personaly, in my Laravel 4 apps I often use this package jyggen/curl. You can read the docs for it here: jyggen docs
If you are not satisfied with cURL and you want greater control try Guzzle As the authors state, Guzzle is a PHP HTTP client & framework for building RESTful web service clients.
I have a HTTP JSON API, which runs on php, on a small framework. This API is a wrapper for a databases pgsql functions.
Php framework returns responses in such way:
{
code: 200,
data: []
}
Codes are HTTP code responses (such as 200, 301, 302, etc). pgsql functions returns their own code (negative values for errors, positive for success results), message (meaning of code) and result data:
{
code: -1,
message: 'Wrong data',
data: []
}
So, my packages from API are:
{
code: 200,
data: {
code: 1
message: 'Succeed'
data: []
}
}
Isn't it messy?
Occur some confusions when writing client code, that requests this API.
Maybe there are some standard patterns for making some kind of packages of API.
Your API layout is not messy. As Botond suggested, it is actually pretty logical. The only change I would make to it would be to move your status codes into HTTP headers rather than in the JSON data, to reduce the format a bit. This will also allow you to easily differentiate between successful calls and errors.
Suppose your API can answer with 4 different codes: 200, 201, 403, 404. Respectively: done, not changed, forbidden, not found. Instead of passing this as a JSON variable, you could easily bind it into the HTTP response header, as the values already exist and are well understood. This, as in this question, is a pretty well-accepted method of providing status codes, provided that you are not using this specific header for anything else.
See you have to read the responses in Iterative manner. You can read the JSON response and then check if the data field has another object/array.
You have to assess the code and show error messages on all codes except 200.