Blog

REST

Representational State Transfer

REST is a paradigma for data transfer between client and server. It’s using the verbs GET, POST, PUT, DELETE (and some others) from the HTTP-protokoll,
hence there is almost everywhere a solid infrastructure. For Machine-2-Machine communication REST is a smart choice.

REST deals with resources uniquely identified by URL’s. For Example: http://test.com/restapi/user/5 could be a user ressource with 5 as an user id. By requesting this resource via different types of HTTP verbs typical CRUD (create, read, update, delete) actions can be performed on the ressource.

I will show some very simple ways how to get startet with REST.

Imagine you would call a REST service with curl from the commandline like this (thats a GET request):

curl 'http://test.com/restapi/user/5'

or with a POST request:

curl --data 'firstname=max&lastname=miller' 'http://test.com/restapi/user/5'

The responding server-side could look somewhat like this.
We deal here with pseude-code. Depending on the framework you use, it differs how to access parameters passed alongside the request.

$method = $_SERVER['REQUEST_METHOD'];
        
switch ($method) {
  case 'GET':
    // fetching the user by the id and return it
       break;
  case 'PUT':
    // create a new user and return it
       break;
  case 'POST':
    // alter a user by its id
       break;
  case 'DELETE':
     // delete the user by its id ...
       break;
}

 

CURL

CURL is a mighty tool for transfering data to URLS. It supports a wide range of protocols.

Lets have a closer look on some handy snippets for daily work on the commandline:

Fetching content from a URL

curl http://www.myurl.com

When a page redirects to another location (the respondet http-status is somewhat 3xx)
curl can follow the redirection with the -L (- -location) flag.

curl -L http://www.myurl.com

Want to see what the request and response headers like?
It’s as simple as using the -v (- -verbose) flag.

curl -v http://www.myurl.com

For POSTing data to an URL u can use the parameter -d (- -data) .

curl --data "param1=value1&param2=value2" http://www.myurl.com

You want to upload a file (image.jpg is located in the folder from where you run this command) to a php-script running at localhost/upload.php:

curl -F "data=@image.jpg" localhost/upload.php

a upload-script for taking the uploaded file and store it in a file – the filename is the current timestamp – looks like this:

<?php
if (isset($_FILES)) {
  move_uploaded_file($_FILES['data']['tmp_name'], date('YmdHis'));
}
?>

This is for windows using the cmd. Parsing a folder recursively for all pdf files and send them as a POST request to a certain URI:

for /R %f in (*.pdf) do curl -F "data=@%f" www.mydomain.com/upload

 

ssh / openssh

Introduction – learn some words

It’s easy to get lost in the jungle of certificates, certificate signing requests, private-keys, public-keys, pem’s, crt’s and keys. So first we’re going to learn some basics about ssh. This explanations are meant for Linux-Systems. Let’s learn some common files related to ssh issues. Usually, you have a folder ~/.ssh in your home directory (the Tilde „~“ before the .ssh directory is a shell replacement for your home directory). Here you can find files like:

authorized_keys
contains public-keys from others. Compare the format of the content inside authorized_keys and compare it with the format of your id_rsa.pub key

id_rsa and id_rsa.pub
after creating a keypair (ssh-keygen) you get a private-key (which is by default stored in ~/.ssh/id_rsa) and a public-key (which lives in ~/.ssh/id_rsa.pub). Your private-key is for you alone, your public-key goes public. Private keys can have no extension but also can have a .pem extension. There are also .ppk private-keys, these are created from the windows-ssh tool putty. A private key looks somethoing like:

-----BEGIN RSA PRIVATE KEY-----
MgIEpAIBAAKtAQEArypWA0S/NWUgya212ytPfHkA20jko/M4+CV+3kHbGPYCS1g/
XKVudbfvkmAnHSmfMItb61pGcuztRX7cDu1mrVHohH73ue3IQ88hmtbAaQQTYYwR
...
h4HtH3nA9sN38brZI5/vd+o3ty96nMM8O+PBI0qxUbKzxxhNKrEMeg==
-----END RSA PRIVATE KEY-----

whereas a public key looks like:

ssh-rsa AAAAB3NzaC1yc .... 1cGWoe4+R7ZohrNJp username@yourcomputer

known_hosts
here are all servers stored that had already an established connection before. Whenever you accept something like „add these computer to the trusted ones“, they’ll write their public key into the known_hosts file.

config
with the file ~/.ssh/config you have a very handy config place to make ssh logins much easier. Check „man ssh_config“ for further information. If the config file does not exist you simply can create it.

 

Dealing with Certificate signing requests

Create a certificate signing request (csr)

In order to obtain a valid certificate from an authorized issuer, you need to create a certificate signing request.
The following command creates a private-key and a csr to it:

openssl req -nodes -new -newkey rsa:2048 -sha256 -out csr.pem

 

Check if private-key matches with the csr and the generated certificate

This commandos deliver strings. If the deliver all the same string they belong together.

openssl pkey -in private-key.key -pubout -outform pem | sha256sum 
openssl x509 -in certificate.crt -pubkey -noout -outform pem | sha256sum 
openssl req -in CSR.csr -pubkey -noout -outform pem | sha256sum

 

create a private key, a certificate signature request and a self signed certificate (windows)

create the private-key, we name it server.key

openssl.exe genrsa -des3 -out server.key 1024
openssl.exe rsa -out server.key 1024

create .pem file

openssl rsa -in server.key -out server.pem

create server.csr (certificate signature request)

openssl req -config c:\openssl.cnf -new -key server.key -out server.csr

create unsigned certificate for 1 year

openssl x509 -req -days 30 -in server.csr -signkey server.key -out server.crt

 

check if private-key fits to a certificate (windows)

you need to compare the hash-value of the certificate against the hash-value of the private-key get the certificates hash-value

openssl x509 -noout -modulus -in server.crt | openssl md5

get the private-keys hash-value

openssl rsa -noout -modulus -in myserver.key | openssl md5

 

Other usefull commands

Push your public-key to a server you want to communicate with:

ssh-copy-id username@host

 

show the random generated image of an ssh key

ssh-keygen -lv -f sgb-id_rsa

check details for a https certified website from the shell:

openssl s_client -showcerts -servername gnupg.org -connect gnupg.org:443

remove passphrase from private key

openssl rsa -in server.key -out server.key

 

rename certificate postfix cer to crt

you can just rename the file

 

OpenSSL is a open-source version of the SSL/TLS-protocol

 

 

image handling with ImageMagic

ImageMagic is the tool of choice when you have to manipulate images on the command line.

 

You can easily install it from a shell with the following command:

sudo apt-get install imagemagick

Change all images in the current folder to a with of 800 pixels with a quality of 80%:

for file in *.jpg; do convert $file -resize 800 -quality 80 $file; done

Convert a *.gif image to a *.jpg image

convert -strip test.gif test.jpg