[Openid-specs-ab] FYI: Being RESTful with JSON API -- HAL+JSON

Nat Sakimura sakimura at gmail.com
Wed Aug 29 02:42:03 UTC 2012


Thanks for pointing me out.

It might be an interesting exercise to produce JSON schema for OpenID
Connect endpoint responses, as a companion document for Messages spec.

Nat

On Tue, Aug 28, 2012 at 1:07 AM, Pat Cappelaere <pat at cappelaere.com> wrote:
> Nat,
>
> JSON-Schema can be used to describe something like HAL (or you could use Hyper Meta-Schema to represent links.) So this is not one or the other.
> It may be likely that you will have to document the output (hence the need for schemas).
> Many applications are starting to use the Google API Discovery API Service document format to self-document their API (https://developers.google.com/discovery/)
> You will notice the use of JSON-Schema there as well (and the use of OAuth 2.0 for security … ).
> [One problem I have with their scheme is the requirement for a client application to register at all services it tries to access.  This is simply not scalable for us… An OpenID/OAuth Hybrid is more desirable where the app is registered with its own openid and credentials in one place]
>
> Pat.
>
>
> On Aug 27, 2012, at 12:00 PM, Nat Sakimura <sakimura at gmail.com> wrote:
>
>> Yes, I think I have seen (not read in detail) the old version of
>> JSON-Schema a while ago.
>> http://tools.ietf.org/html/draft-zyp-json-schema-03
>> Maybe I should look at them again.
>>
>> HAL is easier to grasp, though, at least on the surface.
>>
>> Nat
>>
>> On Mon, Aug 27, 2012 at 10:05 PM, Pat Cappelaere <pat at cappelaere.com> wrote:
>>> Nat,
>>>
>>> Have you looked at JSON-Schema and Hyper Meta-Schema? http://json-schema.org/
>>> [But I do like HAL links better… but there is a reason why they have been stored in an array…]
>>> Pat.
>>>
>>> On Aug 27, 2012, at 8:57 AM, Nat Sakimura <sakimura at gmail.com> wrote:
>>>
>>>> I was not aware of HAL. http://tools.ietf.org/html/draft-kelly-json-hal-03
>>>> As you know, since JSON has no defined link relation syntax, by
>>>> itself, a JSON API is not quite RESTful.
>>>> See http://norestforjson.blogspot.jp/2012/08/json-is-not-restful.html
>>>>
>>>> There are people who is working to define such. One example is HAL.
>>>> - http://tools.ietf.org/html/draft-kelly-json-hal-03
>>>>
>>>> Interestingly, our Userinfo response is almost like HAL: if we replace
>>>> _claim_sources to _link and
>>>> mandate there be "self" in it, and response type was changed to
>>>> application/hal+json instead of application/json, then it is HAL.
>>>>
>>>> Interesting?
>>>>
>>>> --
>>>> Nat Sakimura (=nat)
>>>> Chairman, OpenID Foundation
>>>> http://nat.sakimura.org/
>>>> @_nat_en
>>>> _______________________________________________
>>>> Openid-specs-ab mailing list
>>>> Openid-specs-ab at lists.openid.net
>>>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>>>
>>
>>
>>
>> --
>> Nat Sakimura (=nat)
>> Chairman, OpenID Foundation
>> http://nat.sakimura.org/
>> @_nat_en
>



-- 
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en


More information about the Openid-specs-ab mailing list