MyProfile REST API. from Andrei Sambra on 2012-08-10 (public-rww@w3.org from August 2012)

From: Andrei Sambra <andrei@fcns.eu>
Date: Fri, 10 Aug 2012 23:15:49 +0200
To: public-webid <public-webid@w3.org>, Read-Write-Web <public-rww@w3.org>
Message-ID: <50257A05.9050608@fcns.eu>

Greetings,

Today marks the first release of MyProfile REST API [1], which is 
supposed to be an interface between standard social web applications 
(i.e. MyProfile included), and linked data storage, especially SPARQL 
endpoints (i.e. Virtuoso).

The API offers WebID authentication as well as WebID delegated 
authorization[2]. It will offer access control at the triple level very 
soon (a few weeks maximum). For now I'm just testing that I'm doing it 
right.

A very important feature of the API is that it serves data based on the 
desired Content-Type. This means if you specify in your request that you 
Accept: text/rdf+n3, then you will get the data back in that format.

The API currently supports viewing of user profiles (i.e. GET methods), 
as well as removing cached profiles (i.e. DELETE methods). Once I switch 
the Wall posts and Messages to full RDF storage (probably based on 
SIOC), I will also enable those resources.



Anyway, here is a quick example for viewing a user's profile:

The request:

HTTP/1.1 GET https://auth.my-profile.eu/profile/?webid=<urlencoded WebID>

With these extra header options:

Accept: text/rdf+n3
On-Behalf-Of: https://my-profile.eu/people/deiu/card#me

Returns*:

<https://my-profile.eu/people/deiu/card#me>
     a foaf:Person ;
     foaf:name "Andrei Vlad Sambra" ;
     foaf:givenName "Andrei Vlad" ;
     . . .

*the returned profile matches the access control policies specific to 
the user on whose behalf the request is being made, and optionally the 
agent doing the request.


Another example for deleting the cached copy of a profile:

The request:
HTTP/1.1 DELETE 
https://auth.my-profile.eu/profile/cache/?webid=<urlencoded WebID>

Returns*:
Successfully deleted profile https://my-profile.eu/people/deiu/card#me.

*for now, the operation will be performed only if the request is made by 
profile owner, or on his/her behalf (!)

Andrei

[1] https://auth.my-profile.eu/
[2] http://www.w3.org/wiki/WebID/Authorization_Delegation

Received on Friday, 10 August 2012 21:16:16 UTC