Is it possible to set default headers for boto requests? Basically I want to include a couple of headers in every API call I make to S3.
Right now, extra headers have to be specified on each request. The various methods of the bucket and key class all take an optional headers parameter and the contents of that dict gets merged into the request headers.
Being able to specify extra headers at the bucket level and then have those merged into all requests automatically sounds like a great feature. I'll add that to boto in the near future.
Related
I have a REST API that has a database with table with two columns, product_id and server_id, that it serves product_ids to specific servers which request the data(based on the server_id from table).
Let's say I have three servers with server_ids 1,2 and 3.
My design is like this: /products/server_id/1 and with GET request I get json list of product_ids with server_id = 1, similarly /products/server_id/2 would output list of product_ids for server_id = 2.
Should I remove these routes and make a requirement to send POST request with instructions to receive product_ids for specific server_id in /products route only?
For example sending payload {"server_id":1} would yield a response of list of product_ids for server_id = 1.
Should I remove these routes and make a requirement to send POST request with instructions to receive product_ids for specific server_id in /products route only?
Not usually, no.
GET communicates to general purpose components that the semantics of the request message are effectively read only (see "safe"). That affordance alone makes a number of things possible; for instance, spiders can crawl and index your API, just as they would for a web site. User agents can "pre-fetch" resources, and so on.
All of that goes right out the window when you decide to use POST.
Furthermore, the URI itself serves a number of useful purposes - caches use the URI as the primary key for matching a request. Therefore we can reduce the load on the origin server by re-using representations have have been stored using a specific identifier. We can also perform magic like sticking that URI into an email message, without the context of any specific HTTP request, and the receiver of the message will be able to GET that identifier and fetch the resource we intend.
Again, we lose all of that when the identifying information is in the request payload, rather than in the identifier metadata where it belongs.
That said, we sometimes do use the payload for identifying information, as a work around: for example, if we need so much identifying information that we start seeing 414 URI Too Long responses, then we may need to change our interaction protocol to use a POST request with the identifying information in the payload (losing, as above, the advantages of using GET).
An online example of this might be something like an HTML validator, that accepts a candidate document and returns a representation of the problems found. That's effectively a read only action, but in the general case an HTML document is too long to comfortably fit in the target-uri of an HTTP request.
So we punt.
In a hypermedia api, like those used on the world wide web, we can get away with it, because the HTTP method to use is provided by the server as part of the metadata of the form itself. You as the client don't need to know the server's preferred semantics, you just need to know how to process the form data.
For instance, as I type this answer into my browser, I don't need to know what the target URI is, or what HTTP method is going to be used, because the browser already knows what to do (based on the HTML and whatever scripts are running "on demand").
In REST APIs, POST requests should only be used in order to create new resource, so in order to retrieve data from server, the best practice is to perform a GET request.
If you want to load products 1,2,4,8 on server 9 for example, you can use this kind of request :
GET https://website/servers/9/products/1,2,4,8
On server side, if products value contains a coma separated list, then return an array with all results, if not return just an array with only one item in order to keep consistency between calls.
In case you need to get all products, you can keep only the following url :
GET https://website/servers/9/products
As there is no id provided in products parameter, then the server should return all existing products for requested server parameter.
Note : in case of big amount of results, they must by paginated.
I was making an API call to a Bottle service and was passing headers in the call using Python's request Library.
requests.get('http://localhost/API/call', headers={"cat":"tax"})
I wanted to get the custom headers passed in the function that gets called through the API call.
Using bottle.request.headers I get the following data:
Now, the custom header I passed is present in the environ dictionary with key/value 'HTTP_CAT':tax.
Same thing for cookies. Cookie data can be retrieved using bottle.request.cookies
How can I filter out only the custom header that I am passing in the request?
I'm not sure exactly what you mean by "filter," but the typical way to retrieve request headers from Bottle is with get_header:
cat_value = request.get_header('cat')
Bottle also has a specific API for retrieving individual cookies. Perhaps there's a good reason you're going down to the raw environ, but if not, then you should be using these built-in methods.
PS, you may also want to prefix your custom headers with "X-", e.g. X-Cat.
I use Google APIs Client Library for Python to work with Fusion Tables API. importRows method here requires to provide the data in the body. How should I do it?
response = service.table().importRows(tableId=TABLE_ID, body='zzz,yyy').execute()
returns the error - Got an unexpected keyword argument "body".
There's a slight subtlety here -- the body of the request should be the Table resource, if you want to update it; the contents (in this case, the rows) should actually be passed as a media upload.
In the python client, this means you want to pass something in to the media_body argument, not body. You can't just pass a literal string -- you need to wrap the data in either a MediaFileUpload or MediaInMemoryUpload. (For the case here, you want the latter, but if you've got a file with rows on disk, you want the former.)
I'm trying to support OAuth2 login through Python Flask, so I want to handle a URL that looks like this:
http://myserver/loggedIn#accessToken=thisIsReallyImportant
but when I handle the callback it just seems to drop all the characters after the # in the URL, which contains the important Oauth access token. How do I get this info? It's not included in request.url
ETA: I can retrieve it in client-side javascript using window.location in Javascript, but then I'd have to pass it back to the server, which feels a little hokey but maybe Oauth2 is meant to be done that way?
From the RFC:
Fragment identifiers have a special role in information retrieval
systems as the primary form of client-side indirect referencing
[...]
the fragment identifier is not used in the scheme-specific
processing of a URI; instead, the fragment identifier is separated
from the rest of the URI prior to a dereference
As such, flask drops everything after the '#'. If you want to forward these to the server, you'll have to extract them on the client and pass them to the server via a query parameter or part of the URL path.
You are using the incorrect OAuth 2 grant type (implicit grant) for what you want to do. Implicit grant supplies the token in the fragment as you observed to be used by a javascript client. There is another type of grant, authorization code, which is similar but supplies it in the URI query which you can access from Flask.
You can tell the two apart from the the redirect URI you create for authorization, if it has response_code=code you are on the right track. You currently use response_code=token.
If you are using Facebook look at https://developers.facebook.com/docs/facebook-login/login-flow-for-web-no-jssdk/
For Google look at https://developers.google.com/accounts/docs/OAuth2WebServer
You might also be interested in https://flask-oauthlib.readthedocs.org/en/latest/ which can help you with OAuth.
I have a web service that accepts passed in params using http POST but in a specific order, eg (name,password,data). I have tried to use httplib but all the Python http POST libraries seem to take a dictionary, which is an unordered data structure. Any thoughts on how to http POST params in order for Python?
Thanks!
Why would you need a specific order in the POST parameters in the first place? As far as I know there are no requirements that POST parameter order is preserved by web servers.
Every language I have used, has used a dictionary type object to hold these parameters as they are inherently key/value pairs.