Open jaromil opened 1 year ago
Not a Beelzebug :-)
The service http://showcase.api.linx.twenty57.net/UnixTime/tounix?date=now is often offline, I will update the example with an endpoint that is more stable
The bug is on error signaling
to reproduce, old example:
# Always use 'Rule caller restroom-mw' when using Restroom
Rule caller restroom-mw
# we'll need to create a keyring to produce an ECDSA signature later
Scenario 'ecdh': Create the keyring
Given that I am known as 'Alice'
# Those are restroom-mw statements: define the endpoints
Given that I have an endpoint named 'endpoint'
Given that I have an endpoint named 'timeServer'
# We need those object to store the output of the endpoints
Given I have a 'string dictionary' named 'dataFromEndpoint'
Given I have a 'string dictionary' named 'timestamp-output'
# Those are restroom-mw statements: connect to endpoints and store their output into Zenroom's objects
Given I connect to 'endpoint' and save the output into 'dataFromEndpoint'
Given I connect to 'timeServer' and save the output into 'timestamp-output'
# The output of a GET is always an object containing the string 'status' (200, 404, 500 etc)
# as well as the output of the query, named 'result' which can be meaningful data or an error message.
# Therefore, we want to extract the result and reanme it
When I create the copy of 'result' from dictionary 'timestamp-output'
When I rename the 'copy' to 'timestamp'
When I create the copy of 'result' from dictionary 'dataFromEndpoint'
When I rename the 'copy' to 'random-from-endpoint'
# Create a string dictionary to format the output
When I create the 'string dictionary'
and I rename the 'string dictionary' to 'outputData'
# Organize the output of the endpoints in the string dictionary
When I insert 'timestamp' in 'outputData'
When I insert 'random-from-endpoint' in 'outputData'
# ECDSA signature
When I create the ecdh key
When I create the signature of 'outputData'
When I rename the 'signature' to 'outputData.signature'
# Printing the output
Then print the 'outputData'
Then print the 'outputData.signature'
KEYS:
{
"endpoint": "https://apiroom.net/api/dyneorg/512-bits-random-generator",
"timeServer": "http://showcase.api.linx.twenty57.net/UnixTime/tounix?date=now"
}
Steps to reproduce
Run the
Http: read the output of an endpoint
example on apiroom.netExpected behavior
The HTTP endpoint for getting a timestamp is some random and obscure site that doesn't works anymore:
"timeServer": "http://showcase.api.linx.twenty57.net/UnixTime/tounix?date=now"
Instead of returning an error, restroom goes on using the error string instead of the timestamp
This is very dangerous in use-cases explained by this example, where a timestamp is used to enhance the random generation, but instead it will damage its entropy by using a constant error string.
Actual behavior
Restroom should block execution and return an error when an HTTP endpoint is not reachable, indicating clearly the endpoint and its error status and code. I suspect this should be the behavior also in case of database connections failing or DB objects not found: the zencode developer should know that the string returned is a constant error.
System configuration
Latest Apiroom deployment on 22 June 2023