esperotech / yaade Goto Github PK
View Code? Open in Web Editor NEWYaade is an open-source, self-hosted, collaborative API development environment.
License: MIT License
Yaade is an open-source, self-hosted, collaborative API development environment.
License: MIT License
Sometimes I have to call a request with different parameters. In Postman there's a checkbox in front of each parameter, so I can activate and deactivate them. I find that very convenient and think it would be a nice feature in Yaade, too.
result: the openapi collection is duplicated
looking at the code it seems that the state property is not reset.
Hi team, thanks for this project. I have been looking for awhile on something like this and glad I stumbled on this project.
Would be great tool to use if we can include:
With the above, it can be used as self-hosted stoplight.io
Currently JSON responses are displayed as a single line, even when they are sent with beautified indentation. The request body editor is already able to beautify content for CodeMirror. Would be great to make this an option for the response as well, or at least not remove formatting from the response itself.
At the moment the icon for prettifying the request is a star icon which isn't usually correlated with prettifying code.
I suggest a { } icon which is much more standard and familiar
Would it be possible to add a "global" pre requests script option at the collection level (like Postman)?
Laravel Sanctum's stateful API auth requires the following pre-request actions for every POST request:
This is quite easy to implement in Postman via a collection-level pre request script. These scripts run before every request in the collection.
Then I just need to set the X-XSRF-TOKEN header on post requests to {{xsrfToken}} and everything works as expected.
The OpenApi/Swagger UI generates an example request from the example data defined in the openapi.yaml.
It would be awesome if Yaade would do the same.
in environment with many entries, at some point, the lower part of the modal box is no longer visible.
solution: add a scrollbar to the box
When using different environments and their variables extensively, opening the popup and closing it for each variable change hinders the flow a little bit.
Having a (optional) fixed panel for the environment of the current route could be a good idea.
In case of changes in the openapi.yaml, I need to delete the collection and create a new one with the new openapi.yaml.
The Edit Panel of the Collection only allows for renaming the Collection.
Let's add a feature to re-upload the openapi.yaml for an existing collection from the edit panel.
I have Yaade working fine right now using the extension. However, I would like to configure it to use "Server" to avoid having to install the extension everywhere. The docs talk about this in the "Proxies" section under "Environment", but I find the instructions confusing. Here are my questions:
TIA!
I really like Yaade. Something basic I'm missing though is being able to re-order the collections and requests. This helps me keep stuff organized.
It would be great if we could add folders and sub folders to collections to help keep things organised. Basically the same way Postman does it.
i have two questions about postman collection import
.
depth
.import operation
must occur 500 error.i suggest multi depth of collection.
variables
{{VARIABLE_NAME}}
.${VARIABLE_NAME}
.{{xxx}}
to ${xxx}
. that is not compitible I think.I suggest variable parser
when postman import.
Hello,
thank you for providing this great tool.
Since I just switched from Postman and have to do repetitive steps to set up all the requests I need, I have a few suggestions. One of them:
In my API I have to do a login call first (and save the received token in an environment variable) and then call any other request. In every other request I have to set up the same headers: Authorization with token from the environment and custom headers.
It would be very nice, if I could define the headers in the collection. Or if I could set the headers with the request script (when it works collection-wide: #63).
Something that would add a lot of functionality and improve the users work flow on Yaade would be adding tabs allowing for multiple open requests at once. This is something that Postman does brilliantly and even the likes of Hoppscotch have recently implemented. This would add a lot of value to Yaade and allow it to start competing directly with these other programs.
Add an yaade CORS extension for Firefox
Hello,
Like Hoppscotch do, that would be a very great feature to import Postman collections and environments from files.
This feature would encourage a lot Postman users to migrate to Yaade (that's my case)
For the implementation, the best would obviously be to integrate this feature to the Yaade UI.
But, for a quick-win, this functionality could be a side tool to convert postman files to yaade exports. The user could then be able to import converted files in the Yaade UI.
Thanks you guys for your work !
I have set up Yaade on my cloud server, and it is currently running via Apache2 using the URL https://example.com. Simultaneously, I am developing an springboot application on my localhost that utilizes CORS. The application will be accessible via https://localhost:8080.
In my application's configuration, I have added the following line: configuration.setAllowedOrigins(Arrays.asList(frontendUrl, "https://example.com"));
However, when I send a POST request from Yaade to https://localhost:8080/register, I receive an invalid CORS request error in the response body.
To address this issue, I attempted to modify the configuration line to configuration.setAllowedOrigins("*');, which resolved the problem. Even though I specified "https://example.com" as the allowed origin, which is where I access Yaade, I'm still encountering this issue.
I would appreciate assistance in understanding why I am facing this problem despite configuring the allowed origins correctly.
Hi π
I would like to find out if yaade supports mutiple users, and/or does it have single sign on capabilities?
I would like to install it in our company network and share requests/responses for different users and customer projects!
Thank you for you work!
Greetings
Niklas
Didn't find an information about base path variable, do you have this setting?
Take a look into the video to checkout the bug. The groups are not created, when I create a user.
https://github.com/EsperoTech/yaade/assets/12643853/52dd57ac-38b9-4843-bfd4-0dee4be01f14
I just deployed a new docker, added a collection and a request. I click save and it remembers the URL but all of the body of the request is lost any time I switch to a different request and go back to the request I clicked save on.
When searching in the response body for some text by pressing CTRL + F, I only find passages that are visible in the browser window. Means I don't find text, I didn't scroll to. Could you fix this?
I'm not sure about this, but is it even technically possible to set the user agent when using the Chrome extension? At the moment it always says "chrome" as user agent. I worked around this by accepting a custom header as user agent in my API, so it's not a big problem for me. But would be nice if it worked "out of the box".
It would be very helpful, if it was possible to duplicate requests (not just copy the ID) and move requests from one collection to another.
i cannot create a new user group only admin is there by default
I'm trying to use keycloak as provider with the following configuration
{
"providers": [{
"id": "b2b",
"label": "Login with Keycloak",
"provider": "keycloak",
"params": {
"site": "https://url_to_keycloak",
"clientId": "yaade",
"clientSecret": "SECRET",
"callbackUrl": "http://url_to_callback",
"fields": {
"username": "/username"
"groups": "/groups"
},
"scopes": ["openid", "email"]
}
}]
}
but after signing in on keycloak page get this error in web browser:
{"classLoaderName":null,"moduleName":"java.base","moduleVersion":"11.0.11","methodName":"run","fileName":"Thread.java","lineNumber":829,"className":"java.lang.Thread","nativeMethod":false}],"code":500,"message":"Username not found: /username","suppressed":[],"localizedMessage":"Username not found: /username"}
yaade launched with
$ docker run -d --restart=always -p 9339:9339 \
-e YAADE_ADMIN_USERNAME=admin -v yaade:/app/data \
--name yaade esperotech/yaade:latest
there are no revers proxy or any front
in docker log i see these messages
[vert.x-eventloop-thread-0] ERROR com.espero.yaade.server.Server - [Thu, 1 Jun 2023 11:44:09 GMT] "GET /api/login?providerid=b2b HTTP_1_1" 500 Username not found: /username "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[vert.x-eventloop-thread-0] ERROR io.vertx.ext.web.handler.impl.LoggerHandlerImpl - 3.28.85.101 - - [Thu, 1 Jun 2023 11:44:09 GMT] "GET /api/login?providerid=b2b HTTP/1.1" 500 20022 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
also i have not found any examples with keycloak configuration regarding "fields"
Groups for a collection can only be set when it's created. Editable collection groups would allow collections to be rolled out to different groups when ready.
Hello team,
creator of Password4j here.
I've created a PR to upgrade Password4j from 1.5.4 to 1.7.1 maintaining backward compatibility with the hashes produced so far.
In general it's better to always specify the parameters of Argon2 (or any other algorithm) in the code or in a properties file, like I did in my PR. In 1.6.1 the implicit configurations were changed in order to fit OWASP's minimum security requirements and without the properties file you would had inconsistencies.
Enjoy π
Hosting a demo site so that users could try out the app in one click would be helpful.
Great work guys! Weβve been looking for an alternative to Hoppscotch (fully self hosted with auth). Just started experimenting with Yaade and itβs looking promising.
Any plans to add a testing feature? Would be great if we could define tests in the UI and run them via CLI in our CI/CD pipeline
Currently, in order to duplicate a full collection, you would need to create the new collection and duplicate/move each request from the old collection.
Hi.
One thing that this great app is missing for me is API documentation like postman and insomnia have.
Meaning to be able to write documentation for each API and request in yaade.
example:
https://gitlab.ow2.org/bonita/bonita-openapi/-/tree/master
currently there is no way of importing this openapi spec into yajsw.
import of the entry point openapi/openapi.yaml causes the following error:
java.lang.RuntimeException: Unable to load RELATIVE ref: ./paths/loginservice.yaml path: /tmp
Suggestion: allow import of a .zip file with input of relative path to the entry point file.
This also raises the general question of support for http uris. I think that supporting http uris could lead to security issues or require authentication.
I am trying to run yaade on my ubuntu machine using npm. I tried setting the env using export YAADE_ADMIN_USERNAME=admin but I doesn't work. ofc it works while I run it using the executable jar file but when I use npm run dev it doesn't work. what's the workaround for this ?
Hi.
Thanks for the great project.
A very small thing that I noticed is there is no link to the repository from the About page and no version number.
I think it's pretty standard to have them there.
Hi guys
Any chance of getting a pre-request script feature like Postman? See: https://learning.postman.com/docs/writing-scripts/pre-request-scripts/
This is required for Laravel's session-based Sanctum authentication. See this gist for more details: https://gist.github.com/janzikmund/3047ba4b7031efbabd7ade115f1e3317
Hi.
So, using an environment variable in the request body like this:
{
"token": ${token},
"startRow": 0,
"dateFilter": "all",
"data": [{
"field": "equipmentId",
"operator": "iContains",
"value": ["sample"]
}]
}
And after pressing prettify, it looks like this:
{
"token": $ {
token
},
"startRow": 0,
"dateFilter": "all",
"data": [{
"field": "equipmentId",
"operator": "iContains",
"value": ["sample"]
}]
}
Which doesn't work anymore.
how to configure azure login? Giving an error "username not found"
Hello Contributors,
how can I add Azure AD (https://docs.yaade.io/users-groups.html#azuread) in my running docker environment as auth provider? It's possible for you to give me a exact path and config file / snippet to configure this auth provider?
Thanks.
It would be great to have a timestamp next to the info of a sent request (next to Status, Time, Size).
This would help to better identify if a request has been sent and to later recall when it has been sent.
Unable to send requests even after installing the chrome extension and adding my yaade URL (eg, https://xx.xxxxx.xxx). Unable to add a trailing "/" since the extension strips it out. Should this work with Edge (and chrome extension)?
Receive this error:
Failed to connect to extension
The extension could not be connected. Please install the extension and copy the URL of this window into the host field of the extension. Then click retry.
I'm following the docs for OpenID Connect but can't seem to get it to work with my Authentik deployment.
If I set the provider config to this:
{
"providers": [{
"id": "authentik",
"label": "Sign in with Authentik",
"provider": "oidc-discovery",
"params": {
"scopes": ["openid", "email"],
"site": "https://<REDACTED>/application/o/yaade/.well-known/openid-configuration",
"clientId": "<REDACTED>",
"clientSecret": "<REDACTED>"
}
}]
}
But if I set the provider config to this (i.e. change the site
param):
{
"providers": [{
"id": "authentik",
"label": "Sign in with Authentik",
"provider": "oidc-discovery",
"params": {
"scopes": ["openid", "email"],
"site": "https://<REDACTED>/application/o/yaade",
"clientId": "<REDACTED>",
"clientSecret": "<REDACTED>"
}
}]
}
Setting the {"validateIssuer": false}
parameter as per the API docs results in all attempts failing with null
as shown in the second example.
As the title and this comment say. π
Thank you for your work! π
Hi
Laravel has an endpoint which sets a CSRF cookie. This endpoint doesn't return a body, just headers that are used to obtain the XSRF token value which can be used for Laravel's stateful API auth.
When calling this endpoint I'm getting the following error:
res.bodyAsString() must not be null
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.