[Feature Request]: Modify WFP chart requests

[wadhwamatic]

Provide a clear and concise description of what the problem is.

WFP's HDC API is now available via an organizational API Gateway. We have to modify our requests to make use of this new access method. In addition, the request parameters have changed slightly.

Provide a clear and concise description of what you want to happen.

1. A token will be required to access the API through WFP's Gateway. We have tokens available for PRISM which I can share for testing and production when ready.
2. Change request parameters (see instructions below)
   • admin_id becomes id_code
   • new vam code for blended products = rfb
   • change get request URL to https://api.wfp.org/hdc/1.0.0/stats/admin

Instructions for the HDC API:

Get data extractions globally averaged over administrative boundary levels 0, 1 and 2. The extractions are performed for three coverages that can be selected using the 'coverage' argument: full (all pixels), crop (only cropland pixels), past (only pasture pixels).

The endpoint returns a dictionary with entries: - data (containing the extracted data and added indicators) - valids (containing the number of valid pixels for the admin used in the extraction) - date (the corresponding dates of the observations)

Args: id_code: Identifier for administrative region level: Administrative level (0, 1, 2) vam: Three letter vam code for variable to be retrieved (rfh, vim, rfb) coverage: Coverage version of extractions (either full, crop or past) start: Filter by start date (format YYYY-MM-DD) end: Filter by end date (format YYYY-MM-DD)

Example request: curl -X GET "https://api.wfp.org/hdc/1.0.0/stats/admin?id_code=44&level=0&coverage=full&vam=rfh&env=prod" -H "accept: application/json" -H "Authorization: Bearer insert-token"

Is there anything else you can add about the proposal? You might want to link to related issues here, if you haven't already.

No response

[JulienPathtech]

Hello @ericboucher @wadhwamatic If I understand correctly we need to change a public ressource ( which is at the moment something like : https://api.earthobservation.vam.wfp.org/stats/admin/fetch... ) with the new protected ressource directly in the frontend app. It also means that the token will be exposed in the app and hence compromised ? Or am I missing something ?

[ericboucher]

@JulienPathtech - @reed1 will be working on this. But most likely we will do a simple re-routing through the backend API to authenticate the call, as we do for KOBO and ACLED

[reed1]

@JulienPathtech @ericboucher Thanks for pointing that out. I can modify the chart API as such, but the problem is I'm exposing the token. I put it in branch hdc-chart-request.

Deployed here: https://prism.wfp.or.id/demo/hdc-chart-request/

I can take that out if required because it will show token used in Network tab. I couldn't find a way of hiding that without proxifying the request. But if you want to re-route though backend API then I think I can remove the hdc-chart-request branch. It's just changing all chart_data url and renaming admin_id to id_code, the rest are the same. I tried to compare values from api.earthobservation.vam.wfp.org and api.wfp.org/hdc. So far they seem to be identical

[wadhwamatic]

@reed1 - as @ericboucher mentioned, you can look at how ACLED and Kobo tokens were managed. We can have a quick call if you need more info

[reed1]

@wadhwamatic @ericboucher I updated hdc-chart-request with GET "/hdc" in API. Let me know if that's correct

[wadhwamatic]

@ericboucher - can you advise on this?

[ericboucher]

@reed1 can you open a PR? Your approach looks good overall. Were you able to make it work properly?

[reed1]

@ericboucher sure, it's #860. It works on my local api deployment