Custom API in Version 9.0

Hi Pradeep,

sorry for the delayed reply.

Here you can find a short explanation on how to convert API projects to API plugins: Api-development-guide

Generally api server examples can be found in the folder \Modules\QBM\dvd\AddOn\ApiSamples of our file set.
And this is the example of a custom api project: 

using System.Collections.Generic;
using System.Threading;
using System.Threading.Tasks;
using QBM.CompositionApi.ApiManager;
using QBM.CompositionApi.Definition;
using QBM.CompositionApi.PlugIns;
using VI.Base;

// This attribute will automatically assign all methods defined by this DLL
// to the CCC module.
[assembly: Module("CCC")]

namespace QBM.CompositionApi.Sdk01_Basics
{
    public class CustomApiProject : IMethodSetProvider
    {
        private readonly MethodSet _project;

        public CustomApiProject(IResolve resolver)
        {
            _project = new MethodSet
            {
                AppId = "customapi"
            };

            var svc = resolver.Resolve<IExtensibilityService>();

            // Configure all API providers that implement IApiProviderFor<CustomApiProject>
            var apiProvidersByAttribute = svc.FindAttributeBasedApiProviders<CustomApiProject>();
            _project.Configure(resolver, apiProvidersByAttribute);

            var authConfig = new Session.SessionAuthDbConfig
            {
                AuthenticationType = Config.AuthType.AllManualModules,
                Product = "WebDesigner",
                SsoAuthentifiers =
                {
                    // Add the names of any single-sign-on authentifiers here
                },
                ExcludedAuthentifiers =
                {
                    // Add the names of any excluded authentifiers here
                }
            };

            // To explicitly set the list allowed authentication modules,
            // set the AuthenticationType to AuthType.Default and set
            // the list of ManualAuthentifiers.

            _project.SessionConfig = authConfig;
        }

        public Task<IEnumerable<IMethodSet>> GetMethodSetsAsync(CancellationToken ct = new CancellationToken())
        {
            return Task.FromResult<IEnumerable<IMethodSet>>(new[] { _project });
        }
    }

    public class CustomApiPlugin : IPlugInMethodSetProvider
    {
        public IMethodSetProvider Build(IResolve resolver)
        {
            return new CustomApiProject(resolver);
        }
    }

    public class CustomApiHelloWorld : IApiProviderFor<CustomApiProject>
    {
        public void Build(IApiBuilder builder)
        {
            builder.AddMethod(Method.Define("helloworld")
                .AllowUnauthenticated()
                .HandleGet(qr => new DataObject { Message = "Hello world!" }));
        }
    }
}

Kind regards

Danny

Hi Pradeep,

sorry for the delayed reply.

Here you can find a short explanation on how to convert API projects to API plugins: Api-development-guide

Generally api server examples can be found in the folder \Modules\QBM\dvd\AddOn\ApiSamples of our file set.
And this is the example of a custom api project: 

using System.Collections.Generic;
using System.Threading;
using System.Threading.Tasks;
using QBM.CompositionApi.ApiManager;
using QBM.CompositionApi.Definition;
using QBM.CompositionApi.PlugIns;
using VI.Base;

// This attribute will automatically assign all methods defined by this DLL
// to the CCC module.
[assembly: Module("CCC")]

namespace QBM.CompositionApi.Sdk01_Basics
{
    public class CustomApiProject : IMethodSetProvider
    {
        private readonly MethodSet _project;

        public CustomApiProject(IResolve resolver)
        {
            _project = new MethodSet
            {
                AppId = "customapi"
            };

            var svc = resolver.Resolve<IExtensibilityService>();

            // Configure all API providers that implement IApiProviderFor<CustomApiProject>
            var apiProvidersByAttribute = svc.FindAttributeBasedApiProviders<CustomApiProject>();
            _project.Configure(resolver, apiProvidersByAttribute);

            var authConfig = new Session.SessionAuthDbConfig
            {
                AuthenticationType = Config.AuthType.AllManualModules,
                Product = "WebDesigner",
                SsoAuthentifiers =
                {
                    // Add the names of any single-sign-on authentifiers here
                },
                ExcludedAuthentifiers =
                {
                    // Add the names of any excluded authentifiers here
                }
            };

            // To explicitly set the list allowed authentication modules,
            // set the AuthenticationType to AuthType.Default and set
            // the list of ManualAuthentifiers.

            _project.SessionConfig = authConfig;
        }

        public Task<IEnumerable<IMethodSet>> GetMethodSetsAsync(CancellationToken ct = new CancellationToken())
        {
            return Task.FromResult<IEnumerable<IMethodSet>>(new[] { _project });
        }
    }

    public class CustomApiPlugin : IPlugInMethodSetProvider
    {
        public IMethodSetProvider Build(IResolve resolver)
        {
            return new CustomApiProject(resolver);
        }
    }

    public class CustomApiHelloWorld : IApiProviderFor<CustomApiProject>
    {
        public void Build(IApiBuilder builder)
        {
            builder.AddMethod(Method.Define("helloworld")
                .AllowUnauthenticated()
                .HandleGet(qr => new DataObject { Message = "Hello world!" }));
        }
    }
}

Kind regards

Danny

Thanks Danny this was helpful

Hi, apologies for my stepping in this thread. Thanks for the code, it helps in one of my projects.

I've read the documentation (9.1.x) and digged deeper in the authentication procedures. Some questions arise:

1. Seems like the AuthenticationType also supportrs FixedCredentials. Does anybody knows how these work?
2. You custom HelloWorld example is configured as .AllowUnauthenticated(). According to the documentation no auth checks will be performed here. In this case and supposing you're querying database objects, which would be the "effective" user that will perform the query? Any mappings for anon users whatsoever are implemented here? Thing is I need to generate events on a table, unauthenticated, and yet I haven't figured out how.

Thanks!

Hello,

The FixedCredentials setting is only intended to be used by special use cases. The connection string for FixedCredentials has to be stored in the web.config file in the <connectionStrings> section with the key "sub:<NAME>"  where <NAME> is the name of the API project.
Keep in mind that all APIs exposed with this setting can access the database without any further authentication!

AllowUnauthenticated() will not use any database connection at all, and the Request.Session object will be null.

Hope this helps!

Hi,

Thanks Hanno. Could you explain further that config setting in web.config for the FixedCredentials conn string ? I've tried some combinations of the "sub:<name>" setting and I got errors.

I can understand the risks, but I need to be able, at the very least, to send an event to a custom table,unauthenticated. The use case? The end user  can request a pin by filling up the username and the recovery methods (either phone or secondary email address). I am able to do it using the web designer app, but not using the api+html5.

Located, added and working. The web.config had this section encrypted. You need to unencrypt it, add the section and restart the api server. In the custom API I removed the .AllowUnauthenticated() .  And it works! This is a big step in our development. Thanks!