12 KiB
Welcome to gCat documentation!
gCat is a RESTful application which exposes operations ...
See the available REST-API on its API docs.
Base URL
In the production environment, its current value is https://api.d4science.org/gcat
Authorization
D4Science adopts state-of-the-art industry standards for authentication and authorization. Specifically, the implementation fully adopts OIDC (OpenID Connect) for authentication and UMA 2 (User Managed Authorization) for authorization flows. JSON Web Token (JWT) Access token are used for both authentication and authorization.
Obtain your Bearer token here: https://dev.d4science.org/how-to-access-resources
Service
The methods of the Web Service can be called by writing your own REST client application or by using already existing REST client plugins.
HTTP Statuses
Any successful operation returns 200 OK status code except for create operation which return 201 Created or for the operations which do not provide any content and returns 204 No Content.
The most common error status a client can obtain are:
- 400 Bad Request used to indicate a clients error https://tools.ietf.org/html/rfc7231#section-6.5.1;
- 401 Unauthorized used to indicate that the client does not provided the gcube-token HTTP Header or the clinet has not enough right to perform such request https://tools.ietf.org/html/rfc7235#section-3.1;
- 404 Not Found used to indicate that the requested instance does not exists https://tools.ietf.org/html/rfc7231#section-6.5.4;
- 405 Method Not Allowed the used HTTP method is not supported for the requested URL https://tools.ietf.org/html/rfc7231#section-6.5.5. The response contains the Allow HTTP Header indicating the supported HTTP method for such URL https://tools.ietf.org/html/rfc7231#section-7.4.1;
- 409 Conflict the request could not be completed due to a conflict with the current state of the target resource (e.g. the name of the resource already exists) https://tools.ietf.org/html/rfc7231#section-6.5.8;
- 500 Internal Server Error indicate a server failure https://tools.ietf.org/html/rfc7231#section-6.6.1.
A complete list of HTTP Status can be found here: https://httpstatuses.com/
If you get a 500 Internal Server Error please report it in the gCube ticketing system <https://support.d4science.org>`_.
Please use this checklist before reporting an error:
- replicate the request;
- the failure could be temporal due to network error, server issue so please retry the request after a certain amount of time;
- indicate how to replicate the error;
- indicate the time when the error occurred (this simplify the identification of the issue).
HTTP Methods
To be RESTful compliant, gCat uses standard HTTP Methods to perform a listing of collections and CRUD (Create Read Update Delete) operations on instances.
|
HTTP Method | URL | Success HTTP Status |
|
Idempotent |
---|---|---|---|---|---|
Supported HTTP Methods | OPTIONS | /{COLLECTION} | 204 No Content ‡ |
|
|
List | GET | /{COLLECTION} | 200 OK |
|
|
Count | GET | /{COLLECTION}?count=true | 200 OK |
|
|
Exists | HEAD | /{COLLECTION} | 204 No Content |
|
|
Create | POST | /{COLLECTION} | 201 Created |
|
|
Supported HTTP Methods | OPTIONS | /{COLLECTION}/{INSTANCE_ID} | 204 No Content ‡ |
|
|
Exist | HEAD | /{COLLECTION}/{INSTANCE_ID} | 204 No Content |
|
|
Read | GET | /{COLLECTION}/{INSTANCE_ID} | 200 OK |
|
|
Update | PUT | /{COLLECTION}/{INSTANCE_ID} | 200 OK |
|
|
Patch | PATCH | /{COLLECTION}/{INSTANCE_ID} | 200 OK |
|
|
Delete | DELETE | /{COLLECTION}/{INSTANCE_ID} | 204 No Content |
|
|
Purge | DELETE | /{COLLECTION}/{INSTANCE_ID}?purge=true | 204 No Content |
|
|
PURGE | /{COLLECTION}/{INSTANCE_ID} | 204 No Content |
|
|
‡ Supported HTTP Methods in Allow HTTP Header
‡‡ DELETE has been defined as idempotent.
Allamaraju argues that DELETE idempotency should be accomplished client-side. The server should inform the client if a delete succeeded because the resource was really deleted or it was not found i.e., 404 Not Found error is suggested instead of 204 No Content. The latter situation should be treated as idempotent by the client.
We share the same vision. For this reason, gCat does not provide server-side idempotency for DELETE and PURGE operations.
- Allamaraju
-
Allamaraju S. RESTful Web Services Cookbook: Solutions for Improving Scalability and Simplicity . O’Reilly. first ed. 2010
About URL:
- {COLLECTION} is the plural name of the entity type;
- {INSTANCE_ID} is an identification which enables to univocally identify the instance in the collection.
About Safety and Idempotency properties:
- A method is Safe if it does not produce any side effects. "This does not prevent an implementation from including behaviour that is potentially harmful, that is not entirely read-only, or that causes side effects while invoking a safe method" https://tools.ietf.org/html/rfc7231#section-4.2.1;
- A method is Idempotent if the same operation repeated multiple times has the same side effect than using it one time. "repeating the request will have the same intended effect, even if the original request succeeded, though the response might differ" https://tools.ietf.org/html/rfc7231#section-4.2.2.
You can find more information about HTTP Methods at https://restfulapi.net/http-methods/
Uncommon HTTP Methods:
- PATCH method allows to perform a differential update (i.e. an update which provide only the differences and not the whole new representation);
- PURGE method is not a standard but is a widely used in service which
requires this action (e.g. Varnish,
Squid).
gCat provide support for this method but to support a wider range of
clients it also provides the Purge action via DELETE with the
additional get parameter
purge=true
Content Type
Any request must contain the indication of the interested content type.
For any operation returning a result, the client must specify the Accept HTTP Header.
Accept: application/json
For any operation sending content to the service, it is necessary to specify the Content-Type HTTP Header.
Content-Type: application/json
Actually, the service accepts and returns only JSON objects.
Except for a Profile Collection which must be manipulated in in XML.
Collections
The following collections are available to any users. Non-safe methods can only be invoked by Catalogue Editor
- Item Collection;
- Resource Collection;
- Profile Collection;
- Namespace Collection;
- License Collection;
The following collections are available only for Catalogue Admin:
- Group Collection;
- Organization Collection;
- User Collection;
- Configuration Collection.
Roles
The catalogue uses the following hierarchic roles:
- Catalogue-Member: a user with such a role is mainly capable of listing and reading items;
- Catalogue-Editor: a user with such a role is capable of managing the items he/she creates and capable of using other safe APIs;
- Catalogue-Admin: a user with such a role is capable of administrating many aspects of the catalogue;
- Catalogue-Manager: a user with such a role is capable of using all the APIs exposed by the service except moderation item APIs (i.e. approve, reject).
Another role that is not in the role hierarchy:
- Catalogue-Moderator: a user with such a role is capable of invoking the item moderation APIs.
Tip
Please note that not all catalogues are moderated.
Java Client
We provide the following Java Client out-of-the-box.
Tip
If you're coding in Java it is recommended that you use this Java Client.
Maven Coordinates
groupId>org.gcube.data-catalogue</groupId>
<artifactId>gcat-client</artifactId>
<version>[2.2.0, 3.0.0-SNAPSHOT)</version> <
Methods Result
The service exposes its methods using a standard naming approach. Moreover, they accept (in case of http POST/PUT methods) JSON objects.
Important
The result of all methods is always a JSON object as per below:
{....
}
Inputs are automatically validated before the request is served.
Usage examples
- Example 1
import org.gcube.gcat.client.Item;
// count item number
= new Item();
Item item int count = item.count();
...