Documentation July 28, 2020
Reference
This document uses the terms may, must, should
as defined in RFC2119
Why you need MetaMate, and what it can do
- MetaMate provides an API for your personal and other interesting data
- Build applications that work with abstract types, your application will work independent of where the data comes from
- Integrate data sources and share them with the world as Docker images
Components
Clients, MetaMate, and Services make up the MetaMate ecosystem.
Clients
A Client connects to a MetaMate instance, and uses the data, the instance can access, to power applications. A Client may need to authenticate itself with the MetaMate instance.
Examples for Clients may be the following:
- Web applications
- Mobile applications
- Command line interfaces
MetaMate
A MetaMate instance facilitates the communication between Clients, and Services with the following:
MetaMate
- protects resources.
- discovers, and looks up Services.
- authenticates to upstream data sources via Services.
- turns Client requests into Service requests, and routes the Service requests to Services.
- merges, filters, and sorts the data, that Service responses return.
Services
Services give MetaMate instances access to upstream data sources. A data source may be, more or less everything, that returns data:
- APIs
- Websites
- Databases
- Files
- Blockchains
Tasks
Deploy & discover services
Integrate data sources
Deployment
Distribution
Security
MetaMate may provide HTTPS, and HTTP Basic authentication for Clients.
HTTPS
If the setup meets the following:
- The
metamate.yaml
setshost.name
. - The
metamate.yaml
setshost.https.autoCert
. - The
metamate.yaml
setshost.https.certPath
. - Let’s Encrypt can reach MetaMate on
host.name
.
MetaMate
- Obtains a SSL certificate.
- Stores the certificate at
host.https.certPath
. - Uses the certificate to provide a secure HTTPS connection.
Authentication
Authentication may happen on the following levels:
- The Client may authenticate to MetaMate with HTTP Basic authentication credentials.
- MetaMate may authenticate to
Services
withServiceAccounts
.
Client authentication
If the metamate.yaml
sets host.basicAuth.user
, and host.basicAuth.password
, MetaMate adds an internal HTTP Basic authentication middleware. Therefore the Browser, and Client SDKs must authenticate to MetaMate with HTTP Basic authentication credentials.
Service authentication
If Service.endpoints.authenticateServiceAccount
is set, MetaMate must authenticate to the Service
with a ServiceAccount
. Service.endpoints.authenticateServiceAccount.filter
specifies what data the ServiceAccount
must contain.
The metamate.yaml
may set multiple serviceAccounts
of the MetaMate internal type ServiceAccountAssignment
.
The MetaMate internal type ServiceAccountAssignment
holds the following fields:
serviceAccount
of TypeServiceAccount
serviceId
of TypeServiceId
, that corresponds to theService
, that theServiceAccount
is designated for
The metamate.yaml
must set a subset of the following Fields for every ServiceAccount
:
username
email
password
clientId
clientSecret
host
If Service.endpoints.authenticateServiceAccount
is set, the following happens before MetaMate sends a ServiceRequest
to a Service
:
- MetaMate finds the
ServiceAccount
, that corresponds to theService
If
ServiceAccount.token
is not yet set, or ifServiceAccount.token.expiresAt
is in the past, the following happens:- MetaMate sends a
AuthenticateServiceAccountServiceRequest
, that contains theServiceAccount
, to theService
The
Service
either obtains an authentication token with- the credentials, provided by the
ServiceAccount
- a Refresh Token, provided by
ServiceAccount.token.refreshToken
from the upstream data source. The token may be a Session Cookie, a JSON Web Token (JWT) or any other kind of token.
- the credentials, provided by the
The
Service
creates aToken
, that- must set
Token.value
to the authentication token - may set
Token.refreshToken
- may set
Token.expiresAt
- must set
The
Service
sends aAuthenticateServiceAccountServiceResponse
, that contains theToken
, back toMetaMate
MetaMate copies
AuthenticateServiceAccountServiceResponse.output.token
toServiceAccount.token
- MetaMate sends a
MetaMate injects the
ServiceAccount
into theServiceRequest
The
Service
authenticates requests withServiceAccount.token.value
to the upstream data source
Authorization
If the metamate.yaml
sets host.basicAuth
, every authenticated User has access to all Endpoints of all Services
.
If the metamate.yaml
doesn’t set host.basicAuth
, every User has access to all Endpoints of all Services
.
If the metamate.yaml
sets endpoints.config.on
, MetaMate exposes the metamate.yaml
at /metamate.yaml
, and therefore all ServiceAccounts
set in the metamate.yaml
. endpoints.config.on
should only be set for debugging in a local environment.
Communication
Clients, MetaMate, and Services use Meta Query Language (MQL) to communicate with one another.
Protocol
The encoding capabilities of MQL are derived as the lowest common denominator of the encoding capabilities of the following serialization technologies:
Therefore MQL requests, and MQL responses seamlessly map onto the following transport technologies:
Special Types
Scalar
Value
Range
Ratio
Unions
A Union is a Type that must hold exactly one value. Every Union has a kind
, that indicates, what value the Union holds.
Identifier
MQL identifies Entities by ServiceIds
, and GlobalIds
.
ServiceId
The Type ServiceId
holds the following fields:
serviceName
, that contains the name of theService
, that returned the Entityvalue
, a distinct string value, that identifies the Entity within the Service. This value may be one of the following:- a row index, in the context of a Service, that integrates a database
- a username, in the context of a Service, that integrates a social network
A Service
must set a ServiceId
for every Entity it returns. The Service
must only set ServiceId.value
. MetaMate sets ServiceId.serviceName
for every ServiceId
, that is returned by a Service
, to Service.name
.
GlobalId
The Type GlobalId
is a Union, and must hold one the following fields:
email
name
username
me
url
A Service
may set one more GlobalIds
for Entities it returns. A Client may request multiple Entities from multiple Services by providing a GlobalId
.
Routing
X
= Name of Endpoint
- Client sends a
XClientRequest
to MetaMate. - MetaMate sends
XServiceRequests
to Services. - Services send
XServiceResponses
back to MetaMate. - MetaMate sends a
XClientResponse
back to Client.
1. Client sends a XClientRequest
to MetaMate.
When MetaMate receives a XClientRequest
, MetaMate looks for Services
that meet the following 4 conditions:
Service.endpoints.X
is set.- If
XClientRequest.serviceFilter
is set, theService
must pass theServiceFilter
. - If
XClientRequest.mode.byServiceId
orXClientRequest.mode.byServiceIdRelation
is set, theService
must correspond to theServiceId
. - If
Service.endpoints.X.requestFilter
is set, theXServiceRequest
, that corresponds to theXClientRequest
, must pass theRequestFilter
.
2. MetaMate sends XServiceRequests
to Services.
MetaMate creates a XServiceRequest
for every Service
.
- If
XClientRequest.pages
of type[]ServicePage
is set, and one of theServicesPages
correspond to theService
, MetaMate setsXServiceRequest.page
toServicesPage.page
Methods
MQL provides multiple methods to interact with MetaMate. Requests, and Responses adhere to one of the following methods:
Get
Action
Get
X
= Name of Type
The Get
method provides multiple modes to get Xs
. The Client can request
- the whole collection of
Xs
- one or more specific
Xs
by providing an identifier Xs
that relate to an identifierXs
by searching for a term
Pagination
A GetXsServiceResponse
, and therefore also the GetXsClientResponse
, may only return a paginated subset of the overall available Xs
.
The Page
union Type
A Page
must set one of the following Fields:
index
of TypeIndexPage
IndexPage.value
must set the page index, starting from 0
offset
of TypeOffsetPage
- As defined in wikipedia.org
OffsetPage.offset
must set the offsetOffsetPage.limit
must set the amount ofXs
to return
cursor
of TypeCursorPage
- As defined in slack.engineering
OffsetPage.value
must set value of cursor
Get
methods modes
The GetXsClientRequest.mode
must set one of the following Fields:
Mode | Behavior |
---|---|
CollectionGetMode | Services return all Xs , or a paginated subset of all Xs |
ByServiceIdGetMode | the Service , that corresponds to ServiceId , may return one X , that corresponds to the ServiceId |
ByGlobalIdGetMode | Services may return each one X , that corresponds to the GlobalId |
RelatedToServiceIdGetMode | the Service , that corresponds to relatedToServiceId.id , may return Xs , which relate to relatedToServiceId.id via relatedToServiceId.path |
RelateToGlobalIdGetMode | Services may return Xs , which relate to relateToGlobalId.id via relateToGlobalId.path |
SearchGetMode | Services may return Xs , which the Services finds for search.term |
Get
method specific Request, and Response field
The Client may set the following GetXsClientRequest
specific Fields:
- The
pages
field of Type[]ServicePage
- The
relations
field of TypeGetRelations
- The
filter
field of TypeXFilter
MetaMate may set the following GetXsServiceRequest
specific Fields:
- The
page
field of TypePage
A Service may set the following GetXsServiceResponse
specific Fields:
- The
pagination
field of TypeServicePagination
MetaMate may set the following GetXsClientResponse
specific Fields:
- The
pagination
field of TypeClientPagination