Beefy Boxes and Bandwidth Generously Provided by pair Networks RobOMonk
The stupid question is the question not asked

Proxying web API requests

by Anonymous Monk
on Sep 09, 2012 at 22:45 UTC ( #992634=perlquestion: print w/ replies, xml ) Need Help??
Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

I have a web application that makes requests to another 3rd party RESTful web application. In order to increase security, I want to move all requests to the 3rd party off of my public facing web server and on to a separate server that will act as a proxy. I want the proxy to make a single change to the request it receives (to fill in a secret API key), then forward the request on to the 3rd party and then pass the response on to my public server. What is the simplest way to do this? I would like to change as little as possible in my currently functioning application; ideally I would only need to change the API endpoint that it is connecting to to point to my proxy server instead of the 3rd party, and then let the proxy connect to the 3rd party.

Comment on Proxying web API requests
Re: Proxying web API requests
by Anonymous Monk on Sep 09, 2012 at 22:52 UTC

    What is the simplest way to do this?

    Just go as you described?

        Plack::App::Proxy looks like it might work. Any idea if I can use it to change the authentication credential that gets sent to the 3rd party? That's what I really need to do.
Re: Proxying web API requests
by davido (Archbishop) on Sep 09, 2012 at 23:39 UTC

    I don't know what your authentication scheme is for the 3rd party, but the process ought to be pretty simple using Mojolicious:

    use Mojolicious::Lite; # Hit PerlMonks. If a node ID is supplied, fetch it. get '/*resource' => { resource => '' } => sub { my $self = shift; my $uri = ""; my $resource = $self->stash('resource'); $uri .= length $resource ? "?node_id=$resource" : ''; $self->ua->get( $uri => sub { my ($ua, $tx) = @_; $self->render( text => $tx->res->dom->html ); }); }; app->start;

    Fire it up: ./ daemon. Then hit http://localhost:3000. You'll get the Monastery Gates. Now try http://localhost:3000/992634, and you'll fetch this node.

    This basic example doesn't exercise any care in processing the resource request. That's up to you. And if you need to modify some aspect of the incoming request, the level of difficulty depends on what needs altering. A simple change to the restful request is easy, though. And of course you're not limited to listening on port 3000, but you can read about that in the docs.

    In case you blinked and missed it, this starts up a daemon that listens on a port for http requests. When a request comes in as a 'get', it adds a new domain to the URL, but passes through the resource params to that URL. Then the built-in user agent fetches that resource, and the renderer renders it back to the client as HTML.

    I'd encourage you to watch the mojocast that discusses using the user-agent. It demonstrates using SSL, constructing transations, and a lot more. And for help in dealing with placeholders in your routes, this mojocast.


Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://992634]
Approved by davido
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others exploiting the Monastery: (8)
As of 2014-04-16 11:21 GMT
Find Nodes?
    Voting Booth?

    April first is:

    Results (424 votes), past polls