Greetings.
On 19 Sep 2022, at 17:54, Howard Chu wrote:
Then, I would like to propose a full Open Source first realease of a CRUD REST Web Service to manipulate OpenLDAP's Directory Objects.
This is a nice idea!
However, as something of a terminology quibble, I'd say this was a 'web service', rather than a 'REST web service'.
As I understand the term, I take 'REST' to refer to a web service which, at a minimum,
* describes a URL-based scheme for _naming_ the things being manipulated, and * retrieves and manipulates those things via the HTTP verbs, GET, POST, PUT, DELETE, etc.
Thus the 'JSON query string' sent to the server via HTTP POST wouldn't qualify as 'REST'.
For a REST scheme, I can imagine something like supporting service objects named, eg
https://ldapcrud.service/dc=fr/dc=oldapws/cn=Olivier%20Chator
Calling GET on that obtains the attributes of the corresponding object; calling PUT on it replaces or creates it; calling DELETE deletes it, and so on.
One might also have
.../cn=Olivier%20Chator/cn
to name a single attribute of the object (retrieved or edited with GET/POST/PUT/DELETE).
Parameters such as 'nbbypage' might naturally fit in using URL path parameters. RFC 3986, Sect.3.3 'Path', gestures towards these without committing itself to a particular standard, but
.../dc=fr/dc=oldapws;nbbypage=10;numpage=2
might work as a way of naming, and thus retrieving, the second 10 results which <.../dc=fr/dc=oldaps> would produce (ie, paging through the results of <.../dc=fr/dc=oldapws>).
The Accept header in the HTTP query, containing a MIME type, can be used to request a result format.
I'm not 100% sure that this scheme is optimal (is it unambiguous when distinguishing 'I want an entry' from 'I want attribute "x" from an entry'?), but this sort of scheme is very easy to use: no creating query strings, just retrieve a URL. The obligation to think about the naming of objects, and to separate that from the understanding of the HTTP verbs, produces in my experience a great deal of design clarity.
It also gets a fair amount of specification for free, in that the semantics of the HTTP verbs are well-defined, in terms of idempotency and the like.
Best wishes,
Norman