How easy to call external Web APIs in Meteor? - asp.net-web-api

Does (or will) Meteor provide a library to handle external Web API calls? E.g. to build a Meteor app that integrates with Facebook Graph API or Google Spreadsheet API.

Meteor now includes the http package. First, run meteor add http. Then you can make HTTP requests on the server in either sync or async style:
// server sync
res = Meteor.http.get(SOME_URL);
console.log(res.statusCode, res.data);
// server async
Meteor.http.get(SOME_URL, function (err, res) {
console.log(res.statusCode, res.data);
});
Same thing works on the client, but you have to use the async form.

if (Meteor.is_server) {
var http = __meteor_bootstrap__.require("http")
// talk to external HTTP API like you would in node.js
}

HTTP
HTTP provides an HTTP request API on the client and server. To use these functions, add the HTTP package to your project with $ meteor add http.

Related

intercepting third party calls in Cypress

I am able to use cy.intercept() to intercept a backend API. But this backend API internally makes a call to a third party server. I want to intercept this internal call and stub it, but it's not happening. This internal call cannot be 'seen' in the Network requests of a browser, but it's definitely happening since it's coded in the backend API.
So to summarize, I can intercept a request but not the second request that the first request makes internally. How do I intercept this second internal request?
Many thanks in advance!
You cannot with Cypress commands, they will only work with requests sent from the browser.
Cypress sets up a network proxy in the browser and catch requests made from the app and response back to the browser.
You can add a mock reply to the frontend intercept in order to cut out the backend API altogether.
This makes sense if you are testing the browser app, since you do not care what happens outside browser.
If you also wish to test then backend API, then call it directly (in a different test) and check it's response. See Example API Test
context("GET /users", () => {
it("gets a list of users", () => {
cy.request("GET", "/users").then((response) => {
expect(response.status).to.eq(200)
expect(response.body.results).length.to.be.greaterThan(1)
})
})
})
See the discussion here which asks the same question.

How exactly Angular flows between Client and Server?

I was exploring about Angular 8 Recently and I am new to this technology. Here is what I understood..
You build your spring rest API project, and deploy that .war file on the web server (Like tomcat)
You build your Angular client application
.ts files will be translated to equivalent .js files
The build process create a 'dist' folder. The dist folder will have .js and .html files with angular tags and directives.
You deploy dist folder on a server where node.js is installed
You go to browser and ask for index.html file
Server sends all the files in the 'dist' folder to the client, up on initial request. We now have entire client app in the browser
For all the subsequent requests, the client app will make a webservcie call to spring app through Ajax requests
Javascript will use DOM to update the part of the page with new data.
For all this to work, browser must support angular directives and must also know how to render custom components
Please help me understand!
Via HttpCLient
Most front-end applications communicate with backend services over the
HTTP protocol. Modern browsers support two different APIs for making
HTTP requests: the XMLHttpRequest interface and the fetch() API.
The HttpClient in #angular/common/http offers a simplified client HTTP
API for Angular applications that rests on the XMLHttpRequest interface exposed by browsers.
In the example below, we are creating a post call, params for this post are the posted object, the url, and httpOptions(Headers, httpParms etc ...)
addHero (hero: Hero): Observable<Hero> {
return this.http.post<Hero>(this.heroesUrl, hero, httpOptions)
.pipe(
catchError(this.handleError('addHero', hero))
);
}
addHero (hero: Hero): Observable<Hero> {
return this.http.post<Hero>(this.heroesUrl, hero, httpOptions)
.pipe(
catchError(this.handleError('addHero', hero))
);
}
Just like when you post from Postman, you should configure your call with the right parameters.
You call should be in a Service that will be injected in application, module, or component.

Ajax request to cloud run service that requires authentication

I'm having a CORS related issue with google cloud run on a service that
requires authentication.
If I try to execute a curl command through the cli, with a Bearer token,
everything works fine.
Unfortunately if I try to execute the same call through ajax in javascript,
I receive a 403.
const http = new XMLHttpRequest();
const url = 'https://my-app.run.app';
http.open("GET", url);
http.withCredentials = true;
http.setRequestHeader("authorization", 'Bearer ' + id_token);
http.send();
http.onreadystatechange = (e) => {
console.log(http.responseText)
}
The error in the cloud run logs is this :
The request was not authenticated. Either allow unauthenticated invocations or set the proper Authorization header. Read more at https://cloud.google.com/run/docs/securing/authenticating
The container is never hit.
The issue I'm seeing is that, as I'm making the call using ajax, in a web
browser. The web browser is making a pre flight request ( OPTIONS on the
url ) without sending the Authorization header ( which is an expected
behavior )
The problem seems to be that cloud run tries to authenticate the OPTIONS
request and never makes it to my container, which, as far as I understand,
shouldn't be done. (
https://www.w3.org/TR/cors/#cross-origin-request-with-preflight-0 )
Is that a known issue with cloud run ?
How could I make an ajax request to an authenticated cloud run service ?
(Cloud Run PM)
This is a known issue. There are a few options:
Allow unauthenticated requests and do CORS/auth yourself
There is a variation of this that uses Cloud Endpoints running on Cloud Run in front of your compute. Have Endpoints do your end-user auth, then forward the request to your backend.
Serve from the same domain (e.g. use the Firebase Hosting proxy)
We've considered implementing Istio CORSPolicy, which would return CORS headers before the auth check, though we're not committed to this as of now.

Create function in Parse Cloud Code that does not require authorisation

I have my own instance of Parse Server running on AWS and until now Cloud Functions have been working great, but with one caveat: they cannot be successfully called publicly, i.e. they require an authorisation key be sent in the REST request header.
I want to set up a Slack Slash Command to my server, and it has to be able to POST a payload without any headers or extra parameters. As a result, my requests are currently unauthorised (returning 403 statuses).
Is there a way to create granular control over a Parse Cloud Function's authorisation (i.e. if it requires master-key header or not), and if not — is there a way of forwarding the request but still through the Parse server?—Or even a way of manipulating the headers of a Slack request? I would rather not have to use another service just for request forwarding.
Thanks!
Two options
Pass in the master key on the client request which should bypass authorization. It's a blunt approach but might be okay in your case (without knowing more details).
Or run a new express endpoint alongside parse and from there call the parse cloud function using the masker key.
var api = new ParseServer(...)
var app = express();
app.use('/parse', api);
app.get('/api/slack', function(req, res) {
//call cloud function passing in master key
// add X-Parse-Master-Key as http header
unirest.post("http://myhost.com:1337/parse/functions/mycloudfunction")
.headers({'X-Parse-Master-Key', MASTER_KEY)
.end(function(response) {
}

How to get HTTP request and response from WebSocket connection

Currently, we are using a fairly standard setup with Node.js + Passport + AJAX as the webserver, Backbone on the client, and an app server exposing APIs for the back-end. The client makes AJAX request to Node, which does some housecleaning such as checking the session authentication, then passes the request along to the app server.
We are experimenting with replacing the AJAX portion between the client and Node with WebSockets. That part I have working fine. Previously we were using passport to check if the request was authenticated. With a standard Node route, the request and response is always included so this is a trivial task, but I'm not sure how to get it from the socket.
var server = http.createServer(app).listen(port);
var io = socketio.listen(server);
var namespaced = io.of('/socket/test');
namespaced.on('connection', function (socket) {
console.log('a user connected to /socket/test');
socket.on('fetch', function (args) {
// the client has sent a socket message which will functionally replace an AJAX request
// authenticate session here - how to get the request??
});
});

Resources