RESTful Api client with only GET + POST
Currently, I work on a project based on micro-services and web application. The product is developped with these technologies :
- Micro-service : API in ASP.NET Core
- Web Application : React and TypeScript (with axios)
During the production launch on the client servers, a few problems with different configurations occurred. In fact, on almost all the clients, all the requests returned a result
200 OK
On one particular server, requests with RESTful
verbs like PUT
,PATCH
and DELETE
were returning with the following status:
405 Method not allowed
Indeed, some of them blocked any HTTP request not using the simple GET
+ POST
verbs, for security reasons.
Configuration
The product is hosted on a dedicated server at a service provider. This is behind a Nginx reverse proxy, which is global to all the provider’s servers. From then on, two solutions were available :
- Allow
PUT
,PATCH
,DELETE
requests on the reverse proxy - Adapt the micro-services with
X-Method-Override
header
As the first alternative is not possible, as the change may alter the security of the products hosted by the provider, the second alternative is chosen.
Typescript HTTP Client
The webapp is based on React and TypeScript with axios
library. The purpose is to define a custom API Client based on axios
and set the X-Method-Override
header.
Client interface
Below appears the interface of our custom API client :
With this interface, the client will be able to use the 5 main HTTP verbs : GET
, POST
, PUT
, PATCH
and DELETE
.
The client is designed with Singleton pattern (you can notice the instance
method !).
Client implementation
Now, it is easy to use this client on all our other *.ts files :
import { ApiClient} from "@services/ApiClient"var data1 = await ApiClient.get("/myUrl");var patchData = {
"property": "value"
};// The PATCH method will add a X-HTTP-Method-Override header
var responseToPatch = await ApiClient.patch("/myUrl2", patchData);
Micro-services in ASP.NET Core
Now, it is important to tell to ASP.NET Core to check the X-HTTP-Method-Override
header. It is easily done with the IApplicationBuilder.UseHttpMethodOverride
method !
Conclusion
If you encounter servers that do not allow HTTP verbs to comply with REST principles, don’t worry. It is possible to encapsulate REST verbs in the X-HTTP-Method-Override header, as demonstrated in this article !
Ressources
Illustration : Business vector created by fullvector — www.freepik.com