search

dyne / restroom-mw

🛠 Easy REST API builder executing Zencode
https://restroom.dyne.org
GNU Affero General Public License v3.0
3 stars 11 forks source link

http endpoint does not return error and continues #256

Open jaromil opened 1 year ago

jaromil commented 1 year ago

Steps to reproduce

Run the Http: read the output of an endpoint example on apiroom.net

Expected behavior

The HTTP endpoint for getting a timestamp is some random and obscure site that doesn't works anymore: "timeServer": "http://showcase.api.linx.twenty57.net/UnixTime/tounix?date=now"

Instead of returning an error, restroom goes on using the error string instead of the timestamp

   "timestamp-output": {
      "status": "ENOTFOUND"
   }

This is very dangerous in use-cases explained by this example, where a timestamp is used to enhance the random generation, but instead it will damage its entropy by using a constant error string.

Actual behavior

Restroom should block execution and return an error when an HTTP endpoint is not reachable, indicating clearly the endpoint and its error status and code. I suspect this should be the behavior also in case of database connections failing or DB objects not found: the zencode developer should know that the string returned is a constant error.

System configuration

Latest Apiroom deployment on 22 June 2023

andrea-dintino commented 1 year ago

Not a Beelzebug :-)

The service http://showcase.api.linx.twenty57.net/UnixTime/tounix?date=now is often offline, I will update the example with an endpoint that is more stable

jaromil commented 1 year ago

The bug is on error signaling

to reproduce, old example:


# Always use 'Rule caller restroom-mw' when using Restroom
Rule caller restroom-mw

# we'll need to create a keyring to produce an ECDSA signature later
Scenario 'ecdh': Create the keyring
Given that I am known as 'Alice'

# Those are restroom-mw statements: define the endpoints
Given that I have an endpoint named 'endpoint' 
Given that I have an endpoint named 'timeServer' 

# We need those object to store the output of the endpoints
Given I have a 'string dictionary' named 'dataFromEndpoint'
Given I have a 'string dictionary' named 'timestamp-output'

# Those are restroom-mw statements: connect to endpoints and store their output into Zenroom's objects
Given I connect to 'endpoint' and save the output into 'dataFromEndpoint'
Given I connect to 'timeServer' and save the output into 'timestamp-output'

# The output of a GET is always an object containing the string 'status' (200, 404, 500 etc)
# as well as the output of the query, named 'result' which can be meaningful data or an error message.
# Therefore, we want to extract the result and reanme it
When I create the copy of 'result' from dictionary 'timestamp-output'
When I rename the 'copy' to 'timestamp'

When I create the copy of 'result' from dictionary 'dataFromEndpoint'
When I rename the 'copy' to 'random-from-endpoint'

# Create a string dictionary to format the output 
When I create the 'string dictionary'
and I rename the 'string dictionary' to 'outputData'

# Organize the output of the endpoints in the string dictionary
When I insert 'timestamp' in 'outputData'
When I insert 'random-from-endpoint' in 'outputData'

# ECDSA signature
When I create the ecdh key
When I create the signature of 'outputData'
When I rename the 'signature' to 'outputData.signature'

# Printing the output
Then print the 'outputData'
Then print the 'outputData.signature'

KEYS:

{
    "endpoint": "https://apiroom.net/api/dyneorg/512-bits-random-generator",
    "timeServer": "http://showcase.api.linx.twenty57.net/UnixTime/tounix?date=now"
}