I have a Golang program working with Twirp and I want to create GraphQl server, but as far as I know, twirp build on top of the Rest API
It is definitely possible.
You Just have to make a wrapper over the Twirp based RPC API.
This is a similar case to wrapping a GraphQL API over a Rest API.
You should also read this article, where the wrapping of a graphql api over a rest one is shown.
Related
I want to fetch api and POST data to that api in nodejs which i have created using yo generator.
You can use the Fetch API which provides an interface for fetching resources (including across the network). It will seem familiar to anyone who has used XMLHttpRequest, but the new API provides a more powerful and flexible feature set.
in my Laravel 5.7/mysql app I need to make external api to read some data from external
app with get request and to write some data to my db with post request.
Which tools/scripts are there for this and how to make these requests safe?
MODIFIED :
Thanks for feedbacks, but looks like I badly put my question
The external app(I do not know what is it written with) need to read data from my app
and write data to my Laravel 5 app.
And how have I to test these requests while on development locally ?
Looks like I have to use Guzzle as in provided link?
Which steps have I to take for safety on my side?
Thanks!
These three libraries are popular for your use-case:
Guzzle
Curl
zttp
If the database is local you can use Eloquent, If not, remote connection to that database may help. otherwise, if you only have API access you should consume eighter of above libraries or any alternative options to make an HTTP request your application might require.
Security-wise, as long as you are only making a request to a remote server, the Suggested way is to store any key or secret string related to authorizing your request (if applicable) in your .env to prevent it from committed to your version control systems. Needless to say to always handle any possible HTTP error your remote API might throw in order to prevent any unwanted error on your application side.
And as Abir Adak mentioned in the comment check this thread for further details.
Updated Answer: On the case of MODIFIED part, generally you have 3 popular options,
REST API
This blog post is a detailed walkthrough written for Laravel
This one from Stack Overflow can help you with designing you API
This last one can help you to develop a widely accepted API response and endpoints by following its specifications.
GraphQL
Can save some time for developing your API, but I suggest to make sure that the consumers of your API are happy to use this option.
GraphQ
Laravel Package for GraphQL
If using Laravel isn't a must, and you are using PostgreSQL, you might want to look at Hasura as well.
SOAP
Have little knowledge on this option for Laravel, just know folks coding using C# and .net are happier to expose their API with this protocol. read more about it on WikiPedia
Postman is a great tool for testing your API or any other API.
I am testing a graphql api and I want to integrate with my system in laravel. Is there any documentation to do this? If possible to consume and send the values in graphql?
Note: I wanted to do it right
The question is too generic.
First of all, I recommend to check the official site: https://graphql.org/learn/
If you are going to consume an already existing graphql, you need a graphql client library.
Check a good list of client libraries: https://graphql.org/code/#graphql-clients
Client libraries have good documentation on how to install and use them.
If you are going to create/provide your own graphql api endpoint (that is a different story), you need a graphql server library.
Server libraries: https://graphql.org/code/#php
Laravel package (a wrapper for https://github.com/webonyx/graphql-php): https://github.com/rebing/graphql-laravel
try this library https://github.com/rebing/graphql-laravel, it's simple with good documentation
I would like to access the adwords API through a simple single page web application using javascript. I would like to dynamically stop and start some of my adwords campaigns.
I can't seem to find any documentation on the REST endpoints for the API - only documentation for the various libraries.
Is it possible to do this through javascript only?
The current Adwords API is a SOAP-based interface, so there are no REST endpoints to use. It's of course still possible to construct SOAP messages and call operations without using one of the provided libraries.
Having said that, the next evolution of the API (the "Google Ads API") will support both gRPC and JSON REST-based communication, which would probably fit your scenario better. It's not yet ready for production use, however.
My idea is to create a microservice approch with graphql and serverless.
I'am thinking about creating a service for every table in the dynamodb and then create a apigateway service, and in the apigateway service use graphql-tool to stitch the schemas together.
This work pretty good and I'am satisfied.
But now I want to add authorization to my graphql queries and mutations.
I have added a custom autherizer in the apigateway that resolves the JWT token from the client and sends it to the graphql context with the userId
But now I want to add authorization to my resolvers.
What is the best approach for this?
I want it to be as moduler as possible and and best (i think) is to add the authorization in the apigatway service so my other service stay clean. But I don't know how?
Any ideas?
You may want to look into AppSync from AWS. It will handle a lot of this for you; authorizers, querying DyanmoDB, etc.
I've built Lambda APIs using Apollo GraphQL and exposed them through API Gateway. I then used Apollo's schema stitching to connect them together. There's one really important caveat here: It's slooow. There's already a speed penalty with API Gateway and while it's acceptable, imagine jumping through multiple gateways before returning a response to a user. You can cache the schema which helps a bit. Your tolerance will depend on your app and UX of course. Maybe it's just fine - only you (or your users) can answer that.
That note aside, the way I handled auth was to accept an Authorization header and make a check manually. I did not use any custom authorizers from API Gateway. I was not using Cognito for this so it talked to another service. This all happened before the resolvers. Why are you looking to do the authorization in resolvers? Are there only some that you wish to protect? Access control?
It may not be best to add the custom authorizers to API Gateway in this case...Because you're talking about performing this action at the resolver level in the code.
GraphQL has one POST endpoint for everything. So this is not going to help with configuring API Gateway auth per resource. That means you're now beyond API Gateway and into the invocation of your Lambda anyway. You didn't prevent the invocation so you're being billed and running code now.
So you might as well write your custom logic to authenticate. If you're using Cognito then there is an SDK to help you out. Or take a look at AppSync.