API or custom endpoint

Elgg: Release - 1.8.20, Version - 2014090700

Using plugins:  https://github.com/markharding/elgg-web-services-deprecated and API Admin 1.0


I need to create end point to which other website will send JSON packet with data with which system would create objects and relationships between them.

Is API web services way to go or creating custom end point in the plugin is best?

Thank you.

Example JSON packet sent to endpoint:

{

 "main object title":"AB12",
 "main object description": 1234,
 "sub-objects with relationship to main object" = [

                {
                "sub-object1 title":"AB12",
                "custom metadata1": 1,
                "custom metadata2": 6,
                "relationship": "box_of"

           },

           {

                "sub-object2 title":"AB13",
                "custom metadata1": 1,
                "custom metadata2": 20,
                "relationship": "box_of"

           }

     ]

}
  • First of all I would urge you to use a newer (and still supported) version of Elgg. Elgg 1.8 is no longer supported since a long time already.

    For newer versions of Elgg you can also refer to the webservice docs at http://learn.elgg.org/en/stable/guides/web-services.html (which is very likely not fully valid for Elgg 1.8 either).

  • Thanks for the suggestion, custom plugins are stopping us from updating at the moment but we plan on updating.

    Could 1.8 API accept JSON data and from it create objects?

    Or creating end point url in plugin is best way to go?

    Thanks.

  • The API can accept anything you want

  • Thank you for the help.

    Maybe should open new thread but it is related to API and web services plugin.

    I get "Method call '' has not been implemented." trying to do a basic Site Test method "services/api/rest/json/method=site.test"

    What does that mean in general for Elgg API sense?

    web services API is enabled in admin and in plugins start.php this method is registered automatically:

    //Core Library should be default
    elgg_register_library('webservice:core', elgg_get_plugins_path() . 'web_services/lib/core.php');
    elgg_load_library('webservice:core');
  • Discard previous reply, I was missing ? in front of method= string in url.

  • @OnWeb This is my scenario:

    1. Create your own plugin.

    2. Coding:

    In start.php

    elgg_register_library('webservice:core', __DIR__ . '/lib/core.php');
    elgg_load_library('webservice:core');

    In lib/core.php

    function site_test() {
        $response['success'] = true;
        $response['message'] = "Hello";
        return $response;
    }
    
    elgg_ws_expose_function(
        'site.test',
        'site_test',
        array(),
        'Get site information',
        'GET',
        false,
        false
    );

    Of course, Elgg 2.3

  • Ok I do have more technical question on the endpoint and how data is sent.

    It appears that data is passed in url ( eg services/api/rest/json/?method=user.register&name=joe&email=joe@yahoo.com)

    Data needs to be sent to the api endpoint in JSON format as I posted in first part of this thread.

    Is that done via file_get_contents?

    Or there is another way?

    Thanks.

  • I don't think Elgg webservices can accept json data as a POST body, last time I checked, it expected a URL encoded query string.

    The way I would approach this:
    - create a page handler for e.g. 'incoming'
    - read the first segment which is a unique key (you could use API key admin plugin o generate those)
    - validate signed URL request
    - read POST body and do other things

    Then you would generate unique URLs for each provider. They will be sufficiently unique, so as long as you keep API keys safe and frequently reset, you can ensure security.

    You can also require some sort of md5 key of post body plus private API key to validate the nature of the request (i.e. it's coming from a trusted source).

    So you are working with:

    elgg_get_signed_url("incoming/$method/$api_key");

    In your page handler:
    // to /incoming/$method/$api_key?checksum=
    elgg_signed_request_gatekerper();
    $body = file_get_contents('php://input);
    $checksum = get_input('checksum');
    validate_checksum($body . $private_key);

    // $body is real, can accept and process incoming data

  • @rivervanrain

    Thanks for the help, unfortunately I am still on 1.8, I figured out the problem with that but I appreciate your help.

    @ihayredinov

    I see where you're going with this, my original thought was to create custom page handler/endpoint for this but thought maybe API would work.

    Should I add page handler to existing Web_services plugin which uses API or create new plugin?

    Thank you very much for your help.

  • Sure, I would put it in the same plugin, because much of the logic is shared - you would be validating the same sets of data, so it makes sense to keep them together