Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
1
APIinMagento2:
whatyoucanandyoucan'tdo
Andralungu @iamspringerin
2
WhoAmi
Andra Lungu - @iamspringerin
Magento Developer @Bitbull_IT
3+ magento development
3+ .net/java development
Andral...
3
WhY
ERP
SHOPPING
APP
CRM CMS
Javascript
widgets
WAREHOUSE
Andralungu @iamspringerin
4
APIinMagento1
Supported Protocols
● XML-RPC
● SOAP V1
● SOAP V2 since M1.3, WS-I compliant since M1.6
● REST since M1.7 ...
5
APIinMagento2
Supported Protocols
● SOAP
● REST
Authentication:
● OAuth 1.0a 2-legged suggested for third-party applicat...
6
AUTHmagento2
User type
● Administrator or Integration
● Customer
● Guest user
Authorized resources. Example if authorize...
7
AUTHmagento2acl.xml permissions to access the resources
…...
<acl>
<resources>
<resource id="Magento_Backend::admin">
<r...
8
AUTHmagento2
webapi.xml reference the permission needed for each api resource
<route url="/V1/customers/:email/activate"...
9
OAUTH1.0abasedauth
● Requires implementation of the protocol on client side
● Add integration in the admin area and acti...
10
Tokenbasedauthcurl -X POST
"https://magento.host/index.php/rest/V1/integration/customer/token"  -H
"Content-Type:applic...
11
SeSsionbasedauth
Self access enables a user to access resources they own.
For example, GET /V1/customers/me fetches the...
12
BACKWARDSCOMPATIBILITY
&PHPannotations
Semantic Versioning MAJOR.MINOR.PATCH
● MAJOR indicates incompatible API changes...
13
BACKWARDSCOMPATIBILITY
&PHPannotationsBackward compatible applies for classes and methods annotated
with @api within MI...
14
BACKWARDSCOMPATIBILITY
&PHPannotationsMagento uses reflection to automatically create classes and sets data submitted i...
15
BACKWARDSCOMPATIBILITY
&PHPannotationsAll methods exposed by the web API must follow these rules
● Parameters must be d...
16
cuSTOMIZEANAPI:
Extension Attributes
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchem...
17
CREATEANAPI
18
CREATEANAPI
Never been easier !!!
Bitbull/CustomApi/etc/di.xml
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-inst...
19
CREATEANAPI
Bitbull/CustomApi/Api/MagentoSeminarInterface.php
namespace BitbullCustomApiApi;
/**
* @api
*/
interface Ma...
20
CREATEANAPI
Bitbull/CustomApi/Model/MagentoSeminar.php
namespace BitbullCustomApiModel;
class MagentoSeminar implements...
21
QUestions
Thank you
Andralungu @iamspringerin
Upcoming SlideShare
Loading in …5
×

Api in magento 2

597 views

Published on

What protocols are available, what kind of authorization you have available and how to add your own api or customize the ones already in place

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Api in magento 2

  1. 1. 1 APIinMagento2: whatyoucanandyoucan'tdo Andralungu @iamspringerin
  2. 2. 2 WhoAmi Andra Lungu - @iamspringerin Magento Developer @Bitbull_IT 3+ magento development 3+ .net/java development Andralungu @iamspringerin
  3. 3. 3 WhY ERP SHOPPING APP CRM CMS Javascript widgets WAREHOUSE Andralungu @iamspringerin
  4. 4. 4 APIinMagento1 Supported Protocols ● XML-RPC ● SOAP V1 ● SOAP V2 since M1.3, WS-I compliant since M1.6 ● REST since M1.7 with less business logic then others protocols * Authentication: ● API user with assigned roles similar to ACL roles ● * 3-legged OAuth 1.0a Documentation ● http://devdocs.magento.com/guides/m1x/api/soap/introduction.html ● http://devdocs.magento.com/guides/m1x/api/rest-api-index.html Andralungu @iamspringerin
  5. 5. 5 APIinMagento2 Supported Protocols ● SOAP ● REST Authentication: ● OAuth 1.0a 2-legged suggested for third-party applications ● Tokens suggested for mobile applications ● Session based Documentation ● http://devdocs.magento.com/guides/v2.1/rest/bk-rest.html ● http://devdocs.magento.com/guides/v2.1/soap/bk-soap.html Andralungu @iamspringerin
  6. 6. 6 AUTHmagento2 User type ● Administrator or Integration ● Customer ● Guest user Authorized resources. Example if authorized for the Magento_Customer::group resource, they can make a GET /V1/customerGroups/:id call. Resources with anonymous or self permission. Resources with anonymous permission. Andralungu @iamspringerin
  7. 7. 7 AUTHmagento2acl.xml permissions to access the resources …... <acl> <resources> <resource id="Magento_Backend::admin"> <resource id="Magento_Backend::stores"> <resource id="Magento_Backend::stores_settings"> <resource id="Magento_Config::config"> <resource id="Magento_Customer::config_customer" title="Customers Section" translate="title" sortOrder="50" /> </resource> </resource> <resource id="Magento_Backend::stores_other_settings"> <resource id="Magento_Customer::group" title="Customer Groups" translate="title" sortOrder="10" /> </resource> </resource> ………. Andralungu @iamspringerin
  8. 8. 8 AUTHmagento2 webapi.xml reference the permission needed for each api resource <route url="/V1/customers/:email/activate" method="PUT"> <service class="MagentoCustomerApiAccountManagementInterface" method="activate"/> <resources> <resource ref="Magento_Customer::manage"/> </resources> </route> <route url="/V1/customers/me/password" method="PUT"> <service class="MagentoCustomerApiAccountManagementInterface" method="changePasswordById"/> <resources> <resource ref="self"/> </resources> <data> <parameter name="customerId" force="true">%customer_id%</parameter> </data> </route> <route url="/V1/customers/:customerId/password/resetLinkToken/:resetPasswordLinkToken" method="GET"> <service class="MagentoCustomerApiAccountManagementInterface" method="validateResetPasswordLinkToken"/> <resources> <resource ref="anonymous"/> </resources> Andralungu @iamspringerin
  9. 9. 9 OAUTH1.0abasedauth ● Requires implementation of the protocol on client side ● Add integration in the admin area and activate it Andralungu @iamspringerin
  10. 10. 10 Tokenbasedauthcurl -X POST "https://magento.host/index.php/rest/V1/integration/customer/token" -H "Content-Type:application/json" -d '{"username":"customer1@example.com", "password":"customer1pw"}' authorization: Bearer nj9plnx828w23ppp5u8e0po9sjrkqe0d Andralungu @iamspringerin
  11. 11. 11 SeSsionbasedauth Self access enables a user to access resources they own. For example, GET /V1/customers/me fetches the logged-in customer's details typically useful for JavaScript-based widgets. Andralungu @iamspringerin
  12. 12. 12 BACKWARDSCOMPATIBILITY &PHPannotations Semantic Versioning MAJOR.MINOR.PATCH ● MAJOR indicates incompatible API changes ● MINOR indicates backward-compatible functionality has been added ● PATCH indicates backward-compatible bug fixes Andralungu @iamspringerin
  13. 13. 13 BACKWARDSCOMPATIBILITY &PHPannotationsBackward compatible applies for classes and methods annotated with @api within MINOR and PATCH updates to our components. As changes are introduced, methods are annotated with @deprecated and removed only with the next MAJOR component version. BACKWARDSCOMPATIBILITY &PHPannotations Andralungu @iamspringerin
  14. 14. 14 BACKWARDSCOMPATIBILITY &PHPannotationsMagento uses reflection to automatically create classes and sets data submitted in JSON or HTTP array syntax onto an instance of the expected PHP class when calling the service method. Conversely, if an object is returned from one of these methods, Magento automatically converts that PHP object into a JSON or SOAP object before sending it over the web API. BACKWARDSCOMPATIBILITY &PHPannotations Andralungu @iamspringerin
  15. 15. 15 BACKWARDSCOMPATIBILITY &PHPannotationsAll methods exposed by the web API must follow these rules ● Parameters must be defined in the doc block as * @param type $paramName ● Return type must be defined in the doc block as * @return type ● Valid object types include a fully qualified class name or a fully qualified interface name. ● Any parameters or return values of type array can be denoted by following any of the previous types by an empty set of square brackets [] BACKWARDSCOMPATIBILITY &PHPannotations Andralungu @iamspringerin
  16. 16. 16 cuSTOMIZEANAPI: Extension Attributes <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Api/etc/extension_attributes.xsd"> <extension_attributes for="MagentoCatalogApiDataProductInterface"> <attribute code="stock_item" type="MagentoCatalogInventoryApiDataStockItemInterface"> <resources> <resource ref="Magento_CatalogInventory::cataloginventory"/> </resources> </attribute> </extension_attributes> </config> Andralungu @iamspringerin
  17. 17. 17 CREATEANAPI
  18. 18. 18 CREATEANAPI Never been easier !!! Bitbull/CustomApi/etc/di.xml <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd"> <preference for="BitbullCustomApiApiMagentoSeminarInterface" type="BitbullCustomApiModelMagentoSeminar" /> </config> Bitbull/CustomApi/etc/webapi.xml <routes xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Webapi:etc/webapi.xsd"> <route url="/V1/magentoseminar/:eventName" method="GET"> <service class="BitbullCustomApiApiMagentoSeminarInterface" method="getAwesomeEvent"/> <resources> <resource ref="Magento_Catalog::products" /> </resources> </route> </routes> Andralungu @iamspringerin
  19. 19. 19 CREATEANAPI Bitbull/CustomApi/Api/MagentoSeminarInterface.php namespace BitbullCustomApiApi; /** * @api */ interface MagentoSeminarInterface { /** * Get info about the conference * @api * @param string $eventName * @return string */ public function getAwesomeEvent($eventName); } Andralungu @iamspringerin
  20. 20. 20 CREATEANAPI Bitbull/CustomApi/Model/MagentoSeminar.php namespace BitbullCustomApiModel; class MagentoSeminar implements BitbullCustomApiApiMagentoSeminarInterface { /* * @api * @param string $conferenceName * @return string */ public function getAwesomeEvent($eventName) { return $eventName . ' is an awesome event'; } } Andralungu @iamspringerin
  21. 21. 21 QUestions Thank you Andralungu @iamspringerin

×