kong / apiembed Goto Github PK

Embeddable API code snippets for your website, blog or API documentation

License: MIT License

JavaScript 32.24% Procfile 0.07% Pug 67.70%

apiembed's Introduction

Kong or Kong API Gateway is a cloud-native, platform-agnostic, scalable API Gateway distinguished for its high performance and extensibility via plugins. It also provides advanced AI capabilities with multi-LLM support.

By providing functionality for proxying, routing, load balancing, health checking, authentication (and more), Kong serves as the central layer for orchestrating microservices or conventional API traffic with ease.

Kong runs natively on Kubernetes thanks to its official Kubernetes Ingress Controller.

Getting Started

Let’s test drive Kong by adding authentication to an API in under 5 minutes.

We suggest using the docker-compose distribution via the instructions below, but there is also a docker installation procedure if you’d prefer to run the Kong API Gateway in DB-less mode.

Whether you’re running in the cloud, on bare metal, or using containers, you can find every supported distribution on our official installation page.

To start, clone the Docker repository and navigate to the compose folder.

  $ git clone https://github.com/Kong/docker-kong
  $ cd docker-kong/compose/

Start the Gateway stack using:

  $ KONG_DATABASE=postgres docker-compose --profile database up

The Gateway is now available on the following ports on localhost:

:8000 - send traffic to your service via Kong
:8001 - configure Kong using Admin API or via decK
:8002 - access Kong's management Web UI (Kong Manager) on localhost:8002

Next, follow the quick start guide to tour the Gateway features.

Features

By centralizing common API functionality across all your organization's services, the Kong API Gateway creates more freedom for engineering teams to focus on the challenges that matter most.

The top Kong features include:

Advanced routing, load balancing, health checking - all configurable via a RESTful admin API or declarative configuration.
Authentication and authorization for APIs using methods like JWT, basic auth, OAuth, ACLs and more.
Proxy, SSL/TLS termination, and connectivity support for L4 or L7 traffic.
Plugins for enforcing traffic controls, rate limiting, req/res transformations, logging, monitoring and including a plugin developer hub.
Plugins for AI traffic to support multi-LLM implementations and no-code AI use cases, with advanced AI prompt engineering, AI observability, AI security and more.
Sophisticated deployment models like Declarative Databaseless Deployment and Hybrid Deployment (control plane/data plane separation) without any vendor lock-in.
Native ingress controller support for serving Kubernetes.

Plugin Hub

Plugins provide advanced functionality that extends the use of the Gateway. Many of the Kong Inc. and community-developed plugins like AWS Lambda, Correlation ID, and Response Transformer are showcased at the Plugin Hub.

Contribute to the Plugin Hub and ensure your next innovative idea is published and available to the broader community!

Contributing

We ❤️ pull requests, and we’re continually working hard to make it as easy as possible for developers to contribute. Before beginning development with the Kong API Gateway, please familiarize yourself with the following developer resources:

Community Pledge (COMMUNITY_PLEDGE.md) for our pledge to interact with you, the open source community.
Contributor Guide (CONTRIBUTING.md) to learn about how to contribute to Kong.
Development Guide (DEVELOPER.md): Setting up your development environment.
CODE_OF_CONDUCT and COPYRIGHT

Use the Plugin Development Guide for building new and creative plugins, or browse the online version of Kong's source code documentation in the Plugin Development Kit (PDK) Reference. Developers can build plugins in Lua, Go or JavaScript.

Releases

Please see the Changelog for more details about a given release. The SemVer Specification is followed when versioning Gateway releases.

Join the Community

Check out the docs
Join the Kong discussions forum
Join the Kong discussions at the Kong Nation forum: https://discuss.konghq.com/
Join our Community Slack
Read up on the latest happenings at our blog
Follow us on X
Subscribe to our YouTube channel
Visit our homepage to learn more

Konnect Cloud

Kong Inc. offers commercial subscriptions that enhance the Kong API Gateway in a variety of ways. Customers of Kong's Konnect Cloud subscription take advantage of additional gateway functionality, commercial support, and access to Kong's managed (SaaS) control plane platform. The Konnect Cloud platform features include real-time analytics, a service catalog, developer portals, and so much more! Get started with Konnect Cloud.

License

Copyright 2016-2024 Kong Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

   https://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

apiembed's People

Contributors

Stargazers

Watchers

apiembed's Issues

Great work! License?

Very nice work guys really like it! Says Open Source but the repo has no license that I saw - Without a license its fully under Copywrite. Things like Kong have a license file - https://github.com/Mashape/kong/blob/master/LICENSE

Oversight maybe?

C# code gen

Showing target choices when there is only one target

If there is only one implementation for a target then we shouldn't ask.

Could not load JSON source, please review the documentation and try again

Hello, please i need your help, I'm using
<iframe src="//api.apiembed.com/?source=http://localhost/test/demo.json&targets=all" frameborder="0" scrolling="no" width="100%" height="300px" seamless></iframe>

but it gives me this error
Could not load JSON source, please review the documentation and try again

my jsonfile is saved locally, I am stilling in localhost, and it's as follows:
`{
"method": "POST",
"url": "http://localhost/test/web/app_dev.php/v1/photos",
"httpVersion": "HTTP/1.1",
"queryString": [
{ "image": "photos/1.jpg", "value": "photos/1.jpg" }
],
"headers": [
{ "name": "Accept", "value": "application/json" },
{ "name": "Content-Type", "value": "application/json" }
],

"postData": {
"mimeType": "application/json",
"image": "{"photos/1.jpg": "photos/1.jpg"}"
}
}
`

Pure C#

C# without RestClient

var request = WebRequest.CreateHttp("https://api.whispir.com/messages?apikey=<REPLACE_ME>");
request.Method = "POST";
request.ContentType = "application/vnd.whispir.message-v1+json";
request.Accept = "application/vnd.whispir.message-v1+json";
request.Headers.Add("authorization", "<REPLACE_ME>");

var bytes = Encoding.UTF8.GetBytes("{\"to\":\"<REPLACE_ME>\",\"subject\":\"<REPLACE_ME>\",\"body\":\"<REPLACE_ME>\"}");

request.ContentLength = bytes.Length;

using (var stream = request.GetRequestStream()) {
	stream.Write(bytes, 0, bytes.Length);
	try {
		using (var response = request.GetResponse()) {
			var result = (new StreamReader(response.GetResponseStream())).ReadToEnd();
		}
	}
	catch (WebException wex) {
		using (var response = wex.Response) {
			var error = (new StreamReader(response.GetResponseStream())).ReadToEnd();
		}
	}
}

Dynamic height resizing

Some snippets are shorter than others so it would be cool to dynamically update the height.

"Loading" spinner

Sometimes it takes a while to load the widget. It would be nice to show a spinner instead of blank space.

Documenting witch part of the HAR format is implemented

It would be very nice to know witch part of the the HAR format is implemented and what is the result of each non-evident options.

Enhancing the PHP code templates

Hello,

very nice tool!

My suggestion:

In case of

...
"postData": {
    "mimeType": "application/x-www-form-urlencoded",
    "params" : [           
        {
            "name": "params[IDENTIFIER]",
            "value": "DUMMY_ACCOUNT"
        },
        {
            "name": "params[OPERATIONTYPE]",
            "value": "create"
        },
}
...

it would be nice that in the php code to have something like

...
CURLOPT_POSTFIELDS => http_build_query([
    'params[IDENTIFIER]' => 'DUMMY_ACCOUNT',
    'params[OPERATIONTYPE]' => 'create',
])
...

instead of

...
CURLOPT_POSTFIELDS => "params%5BIDENTIFIER%5D=DUMMY_ACCOUNT&params%5BOPERATIONTYPE%5D=create"
...

Add options to widget as an option

A lot of the snippets have various options, would be nice to somehow allow them to be configurable from within the widget or during widget creation.

Default target option when using targets=all

When using a comma separated list of all the desired targets (e.g., targets=php:curl,php:http1,php:http2,javascript:jquery,javascript:xhr,shell:curl,shell:wget,shell:httpie), some browser extensions, such as the Netcraft Extension for Google Chrome, will report the iFrame as a suspected XSS attack:

If we change the source URL to use targets=all, the Netcraft Extension doesn't complain, however we then have no way of specifying a default target, so we end up with the default of C, which for our particular use-case doesn't make sense (we'd like to use php:curl as the default):

If there was another option, e.g., default-target, that could be used in conjunction with targets=all, then we could specify targets=all&default-target=php:curl, so that PHP would be the default option selected in the widget.

change code sample

How can I change the content of the code?

Let me paste a HAR object as text just to try it

[golang example] Use http.DefaultClient instead of your own client

package main

import (
    "fmt"
    "strings"
    "net/http"
    "io/ioutil"
)

func main() {

    url := "http://mockbin.com/request?foo=bar&foo=baz"

    payload := strings.NewReader("{\"foo\": \"bar\"}")

    req, _ := http.NewRequest("POST", url, payload)

    req.Header.Add("cookie", "foo=bar; bar=baz")
    req.Header.Add("accept", "application/json")
    req.Header.Add("content-type", "application/json")

    res, _ := http.DefaultClient.Do(req)

    defer res.Body.Close()
    body, _ := ioutil.ReadAll(res.Body)

    fmt.Println(res)
    fmt.Println(string(body))

}

'Copy to clipboard' button not working

On hover over the button, throwing this error

Uncaught Error: Error: An invalid exception was thrown.

Embedding the documentation in JS

Without requiring to link a doc from a third-party location.

Something like:

<div id="frame-container"></div>
<script type="text/javascript">
  var doc = {
    // Endpoint Documentation
  };
  render_iframe(doc, 'frame-container');
</script>

Invalid snippet on homepage

curl --request POST \
  --url "http://httpconsole.com/debug?foo=bar&foo=baz" \
  --cookie "foo=bar; bar=baz" \
  --header "Accept: text/plain" \
  --header "Content-Type: application/json" \
  --data "{\"foo\": \"bar\"}"

Gives:

Cannot POST /debug?foo=bar&amp;foo=baz

Is Apiembed.com still working?

I get a 404 page in Github when I try to use Apiembed.com. Is it still up and running?

Angular 2+ Support?

Hello, I want to ask, is there anyway you will create angular 2+ support? Or anyway I could contribute? Thanks

Ruby code gen

public API

Headers in Node Http not working

Config Example:

{
    "method": "POST",
    "url": "https://api.z-api.io/instances/SUA_INSTANCIA/token/SEU_TOKEN/send-text",
    "httpVersion": "HTTP/1.1",
    "queryString": [],
    "headers": [
        {
            "name": "Content-Type",
            "value": "application/json"
        }
    ],
    etc.....

Result:

var http = require("https");

var options = {
 "method": "POST",
 "hostname": "example.com",
 "port": null,
 "path": "/save",
 "headers": {} // headers empty
};

package the widget/api separately from the website

Http basic auth

Is prompting for http basic auth possible? How would that work?

C# Code Snippet needs a clear handlers to work.

Our API requires that customers send vnd mime types in both the Accept and Content-Type headers.

With the C# example, the following code is provided:

var client = new RestClient("https://api.whispir.com/messages?apikey=REPLACE_ME");
var request = new RestRequest(Method.POST);
request.AddHeader("content-type", "application/vnd.whispir.message-v1+json");
request.AddHeader("accept", "application/vnd.whispir.message-v1+json");
request.AddHeader("authorization", "<REPLACE_ME>");
request.AddParameter("application/vnd.whispir.message-v1+json", "{\"to\":\"<REPLACE_ME>\",\"subject\":\"<REPLACE_ME>\",\"body\":\"<REPLACE_ME>\"}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);

The problem though is that the request.AddHeader method is not respected unless the following code is provided on line 2:

client.ClearHandlers();

This code clears the default handlers allowing the user to set custom headers.

Can you please include this in your out of the box rendering of C# code.

Tested a few API both failed, invalid JSON source / [object Object]

Hello, looks like a really cool service!

Things I noticed are both of the below are compress and also json-escape for URLs.

I had trouble with the below API which is from the json REST API being built into WordPress.
https://loqu.st/wp-json/
invalid JSON source, please review the documentation and try again

Also this API from contentDM
https://server16622.contentdm.oclc.org/dmwebservices/index.php?q=dmGetCollectionList/json

The message I get is :
[object Object],[object Object], please review the documentation and try again

Mod_security blocks as no User Agent is specified in the request

I am using a PHP script to generate the HAR object based on request parameters. This allows me to pass a source URL to APIEmbed, and generate different outputs based on what the user requires.

What i have noticed since pushing this script into production is that the APIEmbed function doesn't work when attempting to run the PHP script hosted on apache running mod-security.

The key violation is that there is no User Agent specified in the request.

[Thu Nov 05 10:04:49.863381 2015] [:error] [pid xxxxx] [client xxxxxx] 
ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file 
"/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_21_protocol_anomalies.conf"] 
[line "66"] [id "960009"] [rev "1"] 
[msg "Request Missing a User Agent Header"] 
[severity "NOTICE"] 
[ver OWASP_CRS/2.2.6"] 
[maturity "9"] 
[accuracy "9"] 
[tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] 
[tag "WASCTC/WASC-21"] 
[tag "OWASP_TOP_10/A7"] 
[tag "PCI/6.5.10"] 
[hostname "xxxxxxxxx"]
[uri "xxxxxxxxxxx/generateSampleCode.php"] 
[unique_id "xxxxxxxxxx"]

This means that I need to modify my security to allow this through. The better function would be for the APIEmbed solution to specify a User-Agent when requesting the JSON source.

Literals in JSON text body are invalid

For some reason, this is okay (notice the prefer_sms field):

{"cookies": [], "postData": {"mimeType": "application/json", "text": "{\"foo\": \"bar\", \"name\": \"Will Gates\", \"prefer_sms\": \"false\"}"}, "url": "http://mockbin.com/request", "queryString": [], "headers": [{"name": "Accept", "value": "application/json"}, {"name": "Content-Type", "value": "application/json"}], "method": "POST", "httpVersion": "HTTP/1.1"}

But this isn't:

{"cookies": [], "postData": {"mimeType": "application/json", "text": "{\"foo\": \"bar\", \"name\": \"Will Gates\", \"prefer_sms\": false}"}, "url": "http://mockbin.com/request", "queryString": [], "headers": [{"name": "Accept", "value": "application/json"}, {"name": "Content-Type", "value": "application/json"}], "method": "POST", "httpVersion": "HTTP/1.1"}

Even though both are valid JSON. Not sure what to do about this.

Selecting targets UI

Instead of having an all checkbox it might be wise to have a "select all" / "unselect all" action and by default have them all selected.

The problem with it currently is that none are selected when loading the page even though they all show up in the preview and if you select all it disables the other checkboxes, causing a lot of clicks to get rid of httpie and wget.

Current:

Proposed:

Support Data Urls or another way to embed the HAR directly

The current method for passing HAR data to the apiembed server is clunky and/or hard to use in cases where the HAR information is available at page load, or is generated at runtime, or when debugging an integration from a local development environment (which is not visible to external servers).

Some way of embedding the HAR data directly in the request would be extremely helpful in these situations. Data urls (which currently don't work) seem like an obvious choice, are completely backwards compatible, and require no additional parameters or interface changes.

The support for data urls could be done either at the unirest level, or by checking the source parameter before sending it to unirest, and decoding it directly if it is a data url.

Alternately an "har" parameter or similar which accepts the har data directly, and is mutually exclusive with the source parameter, would work.

I can submit a pull request with the necessary changes if there is any interest in either form of this functionality.

apiembed.com down

It looks like the hosted website is down. Is this a temporary situation or should we be looking at alternatives?