The source code for the StatPro Revolution Web API Explorer website. Acts as a sample Server-side Web Application that talks to the StatPro Revolution OAuth2 Server and Web API.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.nuget
WebApiExplorer
WebApiExplorerTests
.gitattributes
.gitignore
WebApiExplorer.sln
readme.md

readme.md

Introduction

This repository contains the source code for the StatPro Revolution Web API Explorer web application.

The StatPro Revolution Web API Explorer allows users to extract their Revolution data from the Revolution Web API interactively, using a simple web interface. It allows you to explore the features of the Web API, and shows what types of data the Web API can (and by inference) can't extract.

The Web API Explorer exposes only a subset of available functionality of the StatPro Revolution Web API, intended for illustrative and tutorial purposes.

The source code for the Web API Explorer is provided as Open Source under the MIT License.

You should not expect the application as listed here to build and/or run successfully. Various items of information relating to security have been intentionally removed from this version.

Revolution Web API

The StatPro Revolution Web API allows client applications to access user data from the StatPro Revolution system programmatically.

User authentication and authorization is handled by StatPro OAuth2 Server, which in the case of Server-side Web applications (as well as Native applications) uses OAuth 2.0's 'Authorization Code' flow.

To run your own Server-side Web application, you must first register it with StatPro.

For more information:-

What the code demonstrates

The application's source code shows developers how to:-

Guide to the code

On the server-side, the application is written using C# 5, .NET 4.5 and ASP.NET MVC 4. The website's views use Razor.

It is on the server that the code talks to the OAuth2 Server and the Web API; the client-side code (i.e. JavaScript) is not able to do either of these things because:-

  • the StatPro Revolution OAuth2 Server does not support the OAuth 2.0 'Implicit Grant' flow
  • the browser's Same Origin policy only allows the JavaScript to talk to its own webserver via AJAX
  • JSONP cannot be used to talk to the Web API due to the need to set to request headers (e.g. to specify the access token)
  • the Web API does not support CORS.

The main logic of the application is in the client-side code, which essentially uses the webserver as a proxy for talking to the OAuth2 Server and the Web API. These two tasks are performed by the code in the following files:-

  • Code\Decoupling\Implementations\OAuth2ServerAccess.cs
  • Code\Decoupling\Implementations\WebApiAccess.cs
  • Code\Decoupling\Implementations\GlobalStateAccess.cs

Caveats

This repository may not reflect the latest version of the StatPro Revolution Web API Explorer website.

The Visual Studio solution in this repository is a cut-down version of the full solution. Various items of information relating to application security (including the OAuth 2.0 client secret) have been removed.

The Web API Explorer does not surface every single feature of the Revolution Web API. See the Web API's documentation website for full details of its capabilities.

License

(c) Copyright 2013-2017 StatPro Ltd. - a member of StatPro Group plc

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.