# Welcome to the Wonderful World of APIs

Welcome to our exciting journey into the world of APIs! An API, or Application Programming Interface, is like a magical bridge that allows different software applications to talk to each other. Imagine being able to make your favorite apps and websites work together seamlessly—that's the power of APIs! In this worksheet, we will explore the basics of how APIs work, why they are so important in the tech world, and even try out some fun exercises to see them in action. Get ready to unlock the secrets of connecting apps and making technology more powerful and interactive!

First, we need to import all the necessary libraries to run our code.

##### What is a library? 
In programming, libraries are collections of pre-written code that developers can use to perform specific tasks more efficiently.

In [None]:
import requests

Next, we need to set up some global variables.

##### What is a global variable?
In computer programming, a global variable is a variable that can be accessed by any part of a program. In our case, any code blocks on this page will be able to use these variables. This is achieved using the `%store` function, which saves the variable in memory.

In [None]:
contextRoot = 'https://api-kidternship.thegonzalezes.io'
%store contextRoot

wordCloudUrl = contextRoot + '/wordcloud/words'
%store wordCloudUrl

helloWorldUrl = contextRoot + '/introduction/hello-world'
%store helloWorldUrl

userIdUrl = contextRoot + '/introduction/user-id'
%store userIdUrl

foodUrl = contextRoot + '/introduction/food'
%store foodUrl

menuUrl = contextRoot + '/bakery/menu'
%store menuUrl

ordersUrl = contextRoot + '/bakery/orders'
%store ordersUrl

## What is an API?

Find `'INSERT YOUR WORD(S) HERE'` in the next code block and replace with one or two words that come to mind when you think of 'Application Programming Interface'. Remember to maintain the single quotes `''` around your words.

In [None]:
myWords = {'word': 'INSERT YOUR WORD(S) HERE'}

response = requests.post(wordCloudUrl, json = myWords)

print('Response Code: ' + str(response.status_code))
print('Response Message: ' + response.json().get('message'))

API stands for Application Programming Interface, and it’s like the secret handshake that lets different software applications talk to each other!

In the world of APIs:
- 'Application' is any software that has a unique job to do.
- 'Interface' is like a friendly agreement between two applications on how they will communicate.

APIs are the magic tools that allow two software components to chat with each other using a common language and set of rules. Ready to explore this amazing world of digital conversation? Let’s dive in!

### Dissection of an API Call

#### HTTP Methods

- GET request
    - Retrieve data
- POST request
    - Send new data
- PUT request
    - Update data
- DELETE request
    - Remove data

#### Endpoint Naming Convention

##### Context Roots
In an API, a context root identifies a web application archive (WAR) file in an application server and determines which URLs the server will delegate to the web application.

In the contexts of this class and this API, the context root is listed above in the second block of code:

    contextRoot = 'https://api-kidternship.thegonzalezes.io'

##### URI
URI stands for Uniform Resource Identifiers. A URI represents address resources to an API. URIs can be singltons (related to only one thing) or collections (related to multiple things). A resource can also contain sub-collection resources.

In the contexts of this class and this API, we have two resources with a series of sub-collections:

    /wordcloud
        /words 
            - POST (submit words to the word cloud server)
        /display
            - GET (generate a word cloud with all the words submitted)
    /introduction
        /hello-world
            - GET (sends you a hello world message)
        /user-id/{your-name}
            - GET (your unique user id)
        /food
            - POST (submit a fruit or vegetable)
    /bakery
        *MORE TO COME*

#### HTTP Status Codes

Important Codes for this class:
- 200 OK 
    - everything went as expected
- 400 Bad Request
    - something is wrong with your inputs
- 404 Not Found
    - something you are looking for doesn't exist
- 405 Method Not Allowed
    - you are using a HTTP method that isn't allowed for this endpoint


#### Get Hello World Message

Let's dive into some hands-on fun by testing out a simple GET request! A GET request is like asking a website for information, and it sends back a message with the details you asked for. Ready to see what kind of cool data we can get back? Let's give it a try and explore the response together!

In [None]:
response = requests.get(helloWorldUrl)

print('URL: ' + helloWorldUrl)
print('Response Code: ' + str(response.status_code))
print('Response Message: ' + response.json().get('message'))

#### Get User Id

Now that we've tried a basic GET request, let's take it up a notch and add a parameter to our request. 

##### But what exactly is a parameter? 
In the context of APIs, a parameter is like extra information you provide to fine-tune your request. It’s similar to specifying what kind of ice cream you want at a shop—chocolate or vanilla. By adding parameters, you can get more specific data based on your needs.

In this exercise, we’ll add a parameter to our GET request to see how we can control and customize the information we receive. Ready to get more specific? Let's go!

Below you will find `'insert-your-name-here'` replace that with your first name or a nickname and hit `Run`.

In [None]:
userIdUrlWithParam = userIdUrl + '/insert-your-name-here'

response = requests.get(userIdUrlWithParam)

print('URL: ' + userIdUrlWithParam)
print('Response Code: ' + str(response.status_code))
print('Response Message: ' + response.json().get('message'))

#### Nonexistant Endpoint

Let's put our curiosity to the test by exploring what happens when we try to access a nonexistent endpoint. An endpoint is like a specific address on a website where you can request information. But what if we knock on a door that isn't there? In this exercise, we’ll see how the server responds when we ask for data from an endpoint that doesn't exist. It's a great way to understand error messages and learn how to handle them gracefully in our code. Ready to discover the unknown? Let's give it a try!

Below you will find `insert-a-random-endpoint-here` replace that with an endpoint keyword that you think doesn't exist in this API and hit `Run`.

In [None]:
notFoundEndpoint = contextRoot + '/insert-a-random-endpoint-here'

response = requests.get(notFoundEndpoint)

print('URL: ' + notFoundEndpoint)
print('Response Code: ' + str(response.status_code))
print('Response Message:')
print(response.text)

#### Wrong HTTP Method

Let’s continue our adventure by experimenting with different HTTP methods. HTTP methods are like different types of requests we can send to a server, such as GET, POST, PUT, and DELETE. But what happens if we use the wrong method for a particular endpoint? For example, what if an endpoint expects a GET request, but we send a POST request instead? In this exercise, we'll intentionally use the wrong HTTP method to see how the server responds. It's a fun way to learn about error handling and the importance of using the correct methods. Ready to see what happens? Let’s go!

Earlier in this class we did a `POST` to the `wordCloudUrl`, now let's see what happens if we try to do a `GET` call to that same method.

In [None]:
response = requests.get(wordCloudUrl)

print('URL: ' + wordCloudUrl)
print('Response Code: ' + str(response.status_code))
print('Response Message:')
print(response.text)

#### Input Validation and Sanitization

In this exercise, we're diving into the important world of input validation and sanitization. Input validation is like a security guard that checks if the data being entered is correct and safe. Sanitization, on the other hand, cleans up the input to remove any unwanted or harmful parts. This is crucial to ensure that our applications are secure and work as expected.

We'll pass in a list of fruits and vegetables to see how the system handles our inputs. But here’s the twist: we have a "forbidden list" of fruits that aren't allowed. What do you think will happen if we try to sneak one of these forbidden fruits into our list? This exercise will show us how input validation and sanitization catch and handle such cases. Ready to test the boundaries? Let’s find out what happens!

Find `INSERT FRUIT OR VEGETABLE HERE` in the code block below and replace the sentence with a fruit or vegetable and hit `Run`.

There are 7 fruits and vegetables that aren't allowed. Try and find them all!

In [None]:
food = {'food': 'INSERT FRUIT OR VEGETABLE HERE'}

response = requests.post(foodUrl, json = food)

print('URL: ' + foodUrl)
print('Response Code: ' + str(response.status_code))
print('Response Message: '+ response.json().get('message'))

In [None]:
Keep track of the fruits and vegetables that are banned here:
    

Keep track of the fruits and vegetables that are not banned here:
    

#### Data Formatting using JSON 

JSON, which stands for JavaScript Object Notation, is a lightweight and easy-to-read format for storing and exchanging data. Imagine it as a way to organize information so that both humans and computers can easily understand it. JSON looks like a collection of key-value pairs, kind of like a dictionary or a list of items with labels. It's widely used in APIs to send data between a server and a client. In this section, we'll explore how JSON works, how to read and write it, and why it's such a powerful tool in programming. Get ready to unlock the secrets of data exchange with JSON!

### Welcome to the Bakery API Playground!

In this section, you’re free to explore and interact with our delightful bakery API. Imagine being the master chef, placing orders, and checking out the delicious menu — all with the power of APIs!

Endpoints for this section:

    /bakery
        /menu
            - GET (returns all menu items)
            /<category>
                - GET (returns all menu items for a given category)
        /orders
            - POST (send a new order)
            - GET (returns all orders)
            - PUT (update the status for a specific order)
            /<orderNumber>
                - GET (return a specific order)
                
Get creative with different inputs and see the magic unfold! Let’s have some fun in our digital bakery kitchen!

#### Get All Menu Items

In [None]:
response = requests.get(menuUrl)

print('URL: ' + menuUrl)
print('Response Code: ' + str(response.status_code))
print('Response Message:')
print(response.text)

#### Get All Menu Items For A Given Category

In [None]:
menuUrlWithParam = menuUrl + '/coffee'

response = requests.get(menuUrlWithParam)

print('URL: ' + menuUrlWithParam)
print('Response Code: ' + str(response.status_code))
print('Response Message:')
print(response.text)

#### Get All Orders

In [None]:
response = requests.get(ordersUrl)

print('URL: ' + ordersUrl)
print('Response Code: ' + str(response.status_code))
print('Response Message:')
print(response.text)

#### Post An Order

In [None]:
myOrder = {
    'orderItem': '',
    'flavor': '',
    'size': '',
    'temp': ''
}

response = requests.post(ordersUrl, json = myOrder)

print('URL: ' + ordersUrl)
print('Response Code: ' + str(response.status_code))
print('Order Id: ' + response.text)

Keep track of order ids:
    

#### Get A Specific Order

In [None]:
ordersUrlWithParam = ordersUrl + '/insert-order-number-here'

response = requests.get(ordersUrlWithParam)

print('URL: ' + ordersUrlWithParam)
print('Response Code: ' + str(response.status_code))
print('Response Message:')
print(response.text)

#### Update An Order Status

In [None]:
myOrder = {
    'orderNumber': '',
    'status': ''
}

response = requests.put(ordersUrl, json = myOrder)

print('URL: ' + ordersUrl)
print('Response Code: ' + str(response.status_code))
print('Response Message:')
print(response.text)