rusticisoftware / scormcloud-api-v2-client-ruby Goto Github PK

I've just installed the gem and have fired up rspec to validate that all tests have passed, and receive this:

Failures:

  1) RusticiSoftwareCloudV2::ApiClient#build_request when the content type is multipart sends multipart to request
     Failure/Error: request = Typhoeus::Request.new(url, req_opts)
     
       #<Typhoeus::Request (class)> received :new with unexpected arguments
         expected: (anything, hash_including(:multipart=>true))
              got: ("https://cloud.scorm.com/api/v2/test", {:headers=>{"Content-Type"=>"multipart/form-data", "User-Agent"=>"Swagger-Codegen/2.1.0/ruby"}, :meth...ssl_verifyhost=>2, :ssl_verifypeer=>true, :sslcert=>nil, :sslkey=>nil, :timeout=>0, :verbose=>false})
       Diff:
       @@ -1,13 +1,25 @@
       -["anything", "hash_including(:multipart=>true)"]
       +["https://cloud.scorm.com/api/v2/test",
       + {:headers=>
       +   {"Content-Type"=>"multipart/form-data",
       +    "User-Agent"=>"Swagger-Codegen/2.1.0/ruby"},
       +  :method=>:get,
       +  :params=>{},
       +  :params_encoding=>nil,
       +  :ssl_verifyhost=>2,
       +  :ssl_verifypeer=>true,
       +  :sslcert=>nil,
       +  :sslkey=>nil,
       +  :timeout=>0,
       +  :verbose=>false}]
       
     # ./lib/rustici_software_cloud_v2/api_client.rb:126:in `build_request'
     # ./spec/api_client_spec.rb:104:in `block (4 levels) in <top (required)>'

My environment:

rvm info

ruby-2.7.6@scormcloud-api-v2-client-ruby:

  system:
    uname:        "Darwin MacBook-Pro.local 21.5.0 Darwin Kernel Version 21.5.0: Tue Apr 26 21:08:22 PDT 2022; root:xnu-8020.121.3~4/RELEASE_X86_64 x86_64"
    name:         "OSX"
    version:      "12.4"
    architecture: "x86_64"
    bash:         "/bin/bash => GNU bash, version 3.2.57(1)-release (x86_64-apple-darwin21)"
    zsh:          "/bin/zsh => zsh 5.8.1 (x86_64-apple-darwin21.0)"
    remote_path:  "osx/12.4/x86_64"
    xcode:        "13.2.1"

  rvm:
    version:      "1.29.12-next (master)"
    updated:      "3 months 23 days 20 hours 46 minutes 50 seconds ago"
    path:         
    autolibs:     "[4] Allow RVM to use package manager if found, install missing dependencies, install package manager (only OS X)."

  ruby:
    interpreter:  "ruby"
    version:      "2.7.6p219"
    date:         "2022-04-12"
    platform:     "x86_64-darwin21"
    patchlevel:   "2022-04-12 revision c9c2245c0a"
    full_version: "ruby 2.7.6p219 (2022-04-12 revision c9c2245c0a) [x86_64-darwin21]"

I understand that this API client code is auto generated by Swagger. But this is a very awkward client to use.

The README.md shows example code:

RusticiSoftwareCloudV2.configure do |config|
  # Configure HTTP basic authorization: APP_NORMAL
  config.username = 'YOUR USERNAME'
  config.password = 'YOUR PASSWORD'

  # Configure OAuth2 access token for authorization: OAUTH
  config.access_token = 'YOUR ACCESS TOKEN'
end

Ignoring the fact that username and password aren't good variable names for what is actually app_id and secret_key, and ignoring the fact that the links further down to documentation are all broken. Ignoring the fact that nowhere is a link to basic request/response examples. Ignoring the fact that methods like getRegistration returns nil on success...

I'll focus on the issues around using a global config with an access_token.

The example is demonstrating setting a global default configuration with an access_token. However access_tokens should be short lived, and should be generated with narrow scope/permissions for each specific task. Right? An admin interface would ideally request a very different access_token scope than code checking learner progress in a course.

By default the behaviour of this client is such that the access_token will be shared across all clients instantiated - globally:

c1 = RusticiSoftwareCloudV2::CourseApi.new
c2 = RusticiSoftwareCloudV2::CourseApi.new
c1.api_client.config === c2.api_client.config
> true
c1.api_client.config.access_token = "foo"
c2.api_client.config.access_token
> "foo"

In a multi-threaded environment (running Puma server), wouldn't changing the access_token to a less permissive scope affect code running simultaneously in another thread expecting a different access_token?

The README.md example code is similar to other common Rails initializer examples intended to be placed in a rails' apps config/initializers directory. Code that is ran once on startup of the server to initialize global values and services. Rails users are likely to see the example code and place it in an initializer not realizing they're creating a potential thread safety issue.

Furthermore the design/structure of the client makes it tedious to actually make isolated clients with isolated configs. You have to initialize a new configuration instance, set the access_token on it, then create the generic api_client passing in that config object, then finally initialize the api client for the domain (ie RegistrationApi) passing in the generic api_client.

For example:

config = RusticiSoftwareCloudV2::Configuration.new
config.access_token = unique_oauth_token_for_this_purpose
api_client = RusticiSoftwareCloudV2::ApiClient.new(config)
client = RusticiSoftwareCloudV2::RegistrationApi.new(api_client)

#finally we can use our client
client.get_registration_configuration

If you don't manually initialize config and api_client the API library will default to the global default config/api_client.

A note for the documentation or maybe even a fix.

Being that until is a reserved word in Ruby, you one cannot make an api call like

api.get_course_list(since: ..., until: ...)

it must be

api.get_course_list(since: ..., _until: ...)

I guess that Swagger does this.

If one looks at the code though it is unnecessary and is just a artifact of the code generator.

We are trying to install this gem in our project, and currently the gem is restricted to using the JSON gem less limited to less that version 2.0. Unfortunately, that JSON library is up to 2.3.0 now and we have other dependencies that require greater that 2.0.

Would be we able to update the requirements for JSON in this SDK to be greater than 1.8, maybe something like this: https://github.com/lessonly/scormcloud-api-v2-client-ruby/commit/115901a746a8837a4dd21d1a11968aa57aadcf6d

Thanks! Let me know if opening a PR would be helpful.

Hello! We are trying to get up and running with v2 of the API and ran into a problem with the get registrations endpoint. When I try to retrieve registrations I get:

development > RusticiSoftwareCloudV2::RegistrationApi.new.get_registrations
ETHON: Libcurl initialized
ETHON: performed EASY effective_url=https://cloud.scorm.com/api/v2/registrations response_code=200 return_code=ok total_time=0.729265
NoMethodError: undefined method `build_from_hash' for #<RusticiSoftwareCloudV2::RegistrationCompletion:0x00007fcb421c5c18>
from /Users/rossreinhardt/dev/lessonly/vendor/bundle/bundler/gems/scormcloud-api-v2-client-ruby-115901a746a8/lib/rustici_software_cloud_v2/models/registration_schema.rb:327:in `_deserialize'

Looking further into the code, it looks like that RegistrationCompletion and RegistrationSuccess are both two custom data types (mapped in the RegistrationSchema#swagger_types method)

The problem comes in when we get to the else branch of the _deserialize method (since they don't match any know types in that case statement) it tries to call build_from_hash on them. I don't know that calling that method on them makes sense anyway, since they will be strings and not hashes.

I'm not too familiar with swagger, but I think this gets generated from a central definition so individual contributions to this project might not help right?

I see two ways we could fix this:

• We could add these custom types to the case statement and make then respond to something like to_s in the deserialize method
• We could make their types just String instead of a custom RegistrationCompletion and RegistrationSuccess types.

Let me know what you think and if we can help!