有没有办法发现 REST API 的所有端点?
Is there a way to discover all endpoints of a REST API?
我想知道是否有可能以编程方式发现特定 API 的所有端点。
例如,如果我使用浏览器或 curl 获取此 URL:
https://api.twitter.com/1.1/
我可能会收到这样的 JSON 回复:
"TwitterAPI":{
"version" : 1.1,
"GET" : {
"search/" : ["users", "trending"],
"users/" : ["id", "handle"]
}
}
当然Twitter可以选择发布或不发布这种格式。因此,作为附带问题,是否有任何 Java 或 Java 脚本的库可以自动映射和发布您在控制器中创建的 API 路由?
一些 RESTful API 发布了 Web 应用程序描述语言资源(WADL - 发音像鸭子走路一样 - 简称)。 JAX-RS,或者至少 Jersy webapps 将默认在应用程序根 URL /application.wadl 上执行此操作。 Twitter 的 API 似乎不是其中之一。许多 REST 纯粹主义者会争辩说,API 应该是自我描述和自我发现的,只需与它交互并查看它会给您提供哪些其他端点。
There is no way of programmatically discovering REST services as they
do not have a standard registry service.
除了疯狂的暴力搜索之外,没有办法找到正确的 URL(更不用说正确的参数了)。所以唯一的选择是记录你的 API。为此,我目前看到的最佳选择是:
- Swagger
- 人们也喜欢 API Blueprint。
您应该能够发现您需要了解的有关 REST API 的所有信息,只需知道初始入口点即可。这是 REST 的基本要点之一;它应该是超媒体驱动和自我描述的。这也是最不被理解的原则之一。资源的发现取决于服务器响应中的超媒体 links。
早在 2008 Roy Fielding started to get annoyed about people writing HTTP based APIs and calling them REST 之前,就因为它是热门的新事物。以下是他提出的几点;
A REST API must not define fixed resource names or hierarchies (an
obvious coupling of client and server). Servers must have the freedom
to control their own namespace. Instead, allow servers to instruct
clients on how to construct appropriate URIs, such as is done in HTML
forms and URI templates, by defining those instructions within media
types and link relations. [Failure here implies that clients are
assuming a resource structure due to out-of band information, such as
a domain-specific standard, which is the data-oriented equivalent to
RPC’s functional coupling].
和
A REST API should be entered with no prior knowledge beyond the
initial URI (bookmark) and set of standardized media types that are
appropriate for the intended audience (i.e., expected to be understood
by any client that might use the API). From that point on, all
application state transitions must be driven by client selection of
server-provided choices that are present in the received
representations or implied by the user’s manipulation of those
representations. The transitions may be determined (or limited by) the
client’s knowledge of media types and resource communication
mechanisms, both of which may be improved on-the-fly (e.g.,
code-on-demand). [Failure here implies that out-of-band information is
driving interaction instead of hypertext.]
这实际上意味着入口点(通常使用“/”的根 URI)包含到其他 REST API 的 link。那些 APIs 将包含 links 到其他 APIs 等等。不应该有没有 link 的 API。那将意味着它不可被发现。
这里的其他答案从根本上是错误的,因为他们没有承认 REST 的最基本原则。
有一种方法可以从 website.Follow 这个 documentation.
内部获取大部分隐藏的 REst-Apis
我想知道是否有可能以编程方式发现特定 API 的所有端点。
例如,如果我使用浏览器或 curl 获取此 URL: https://api.twitter.com/1.1/
我可能会收到这样的 JSON 回复:
"TwitterAPI":{
"version" : 1.1,
"GET" : {
"search/" : ["users", "trending"],
"users/" : ["id", "handle"]
}
}
当然Twitter可以选择发布或不发布这种格式。因此,作为附带问题,是否有任何 Java 或 Java 脚本的库可以自动映射和发布您在控制器中创建的 API 路由?
一些 RESTful API 发布了 Web 应用程序描述语言资源(WADL - 发音像鸭子走路一样 - 简称)。 JAX-RS,或者至少 Jersy webapps 将默认在应用程序根 URL /application.wadl 上执行此操作。 Twitter 的 API 似乎不是其中之一。许多 REST 纯粹主义者会争辩说,API 应该是自我描述和自我发现的,只需与它交互并查看它会给您提供哪些其他端点。
There is no way of programmatically discovering REST services as they do not have a standard registry service.
除了疯狂的暴力搜索之外,没有办法找到正确的 URL(更不用说正确的参数了)。所以唯一的选择是记录你的 API。为此,我目前看到的最佳选择是:
- Swagger
- 人们也喜欢 API Blueprint。
您应该能够发现您需要了解的有关 REST API 的所有信息,只需知道初始入口点即可。这是 REST 的基本要点之一;它应该是超媒体驱动和自我描述的。这也是最不被理解的原则之一。资源的发现取决于服务器响应中的超媒体 links。
早在 2008 Roy Fielding started to get annoyed about people writing HTTP based APIs and calling them REST 之前,就因为它是热门的新事物。以下是他提出的几点;
A REST API must not define fixed resource names or hierarchies (an obvious coupling of client and server). Servers must have the freedom to control their own namespace. Instead, allow servers to instruct clients on how to construct appropriate URIs, such as is done in HTML forms and URI templates, by defining those instructions within media types and link relations. [Failure here implies that clients are assuming a resource structure due to out-of band information, such as a domain-specific standard, which is the data-oriented equivalent to RPC’s functional coupling].
和
A REST API should be entered with no prior knowledge beyond the initial URI (bookmark) and set of standardized media types that are appropriate for the intended audience (i.e., expected to be understood by any client that might use the API). From that point on, all application state transitions must be driven by client selection of server-provided choices that are present in the received representations or implied by the user’s manipulation of those representations. The transitions may be determined (or limited by) the client’s knowledge of media types and resource communication mechanisms, both of which may be improved on-the-fly (e.g., code-on-demand). [Failure here implies that out-of-band information is driving interaction instead of hypertext.]
这实际上意味着入口点(通常使用“/”的根 URI)包含到其他 REST API 的 link。那些 APIs 将包含 links 到其他 APIs 等等。不应该有没有 link 的 API。那将意味着它不可被发现。
这里的其他答案从根本上是错误的,因为他们没有承认 REST 的最基本原则。
有一种方法可以从 website.Follow 这个 documentation.
内部获取大部分隐藏的 REst-Apis