README

Introduction

The APIToolkit PHP Slim SDK designed to provide seamless integration with the APIToolkit service. This middleware captures and logs API requests and responses, redacting sensitive information as configured, and publishes the logs to Google Cloud Pub/Sub for further analysis.

Installation

To install the APIToolkit PHP Middleware, you can use Composer:

composer require apitoolkit/apitoolkit-slim

Usage

Create a new instance of the APIToolkitMiddleware class and register the middleware with Slim Framework, add it to the Slim app:

Example:

use Slim\Factory\AppFactory;
use APIToolkit\APIToolkitMiddleware;

require __DIR__ . '/vendor/autoload.php';

$app = AppFactory::create();

$apitoolkitMiddleware = new APIToolkitMiddleware("<API_KEY>");

$app->add($apitoolkitMiddleware);

$app->get('/', function ($request, $response) {
    $response->getBody()->write('Hello, World!');
    return $response;
});

$app->run();

Configuration Options

The middleware supports several configuration options during initialization:

• $redactHeaders: An array of headers to redact in the logs.
• $redactRequestBody: An array of JSON paths to redact in the request body.
• $redactResponseBody: An array of JSON paths to redact in the response body.
• $debug: Enable or disable debugging mode (default is false).
• $serviceVersion: Specify the service version in the logs.
• $tags: An array of custom tags to include in the logs.

Redaction

Sensitive information in headers, request bodies, and response bodies can be redacted using the specified configuration options. Redacted fields are replaced with [CLIENT_REDACTED].

Example

use Slim\Factory\AppFactory;
use APIToolkit\APIToolkitMiddleware;

require __DIR__ . '/vendor/autoload.php';

$app = AppFactory::create();

$apitoolkitMiddleware = new APIToolkitMiddleware("<API_KEY>", redactHeaders = ["Authorization"], redactRequestBody = ["$.password"], redactResponseBody = ["$.password"]);

$app->add($apitoolkitMiddleware);

$app->get('/', function ($request, $response) {
    $response->getBody()->write('Hello, World!');
    return $response;
});

$app->run();

Observing Outgoing Requests with Guzzle in APIToolkit-Slim SDK

The APIToolkit-Slim SDK facilitates the observation of outgoing requests within your application using Guzzle middleware. This feature allows you to monitor and track details about your API calls, aiding in debugging and performance analysis.

Getting Started

To observe outgoing requests, utilize the observeGuzzle method of the APIToolkitSlim class. Pass the Slim $request object to this method, and it will configure Guzzle with monitoring capabilities.

use Slim\Factory\AppFactory;
use APIToolkit\APIToolkitMiddleware;
use APIToolkit\APIToolkitSlim;

require __DIR__ . '/vendor/autoload.php';

$app = AppFactory::create();

$apitoolkitMiddleware = new APIToolkitMiddleware("<API_KEY>");

$app->add($apitoolkitMiddleware);

$app->get('/', function (Request $request, Response $response) {
    $guzzleClient = APIToolkitSlim::observeGuzzle($request);
    $responseFromGuzzle = $guzzleClient->request('GET', 'https://api.example.com/resource');
    $response->getBody()->write($responseFromGuzzle->getBody()->getContents());
    return $response;
});

$app->run();

Observing Requests with Path Params

If your requests include path parameters, specify a wildcard URL for the path. This ensures proper grouping on the APIToolkit dashboard.

use Slim\Factory\AppFactory;
use APIToolkit\APIToolkitMiddleware;
use APIToolkit\APIToolkitSlim;

require __DIR__ . '/vendor/autoload.php';

$app = AppFactory::create();

$apitoolkitMiddleware = new APIToolkitMiddleware("<API_KEY>");

$app->add($apitoolkitMiddleware);

$app->get('/', function (Request $request, Response $response) {
    $guzzleClient = APIToolkitSlim::observeGuzzle($request, ["pathPattern" => "/repos/{owner}/{repo}"]);
    $responseFromGuzzle = $guzzleClient->request('GET', 'https://api.github.com/repos/guzzle/guzzle');
    $response->getBody()->write($responseFromGuzzle->getBody()->getContents());
    return $response;
});

$app->run();

Field Redaction with observeGuzzle

You can redact headers and fields in the request and response bodies using observeGuzzle. Specify the headers and field keypaths you want to redact.

use Slim\Factory\AppFactory;
use APIToolkit\APIToolkitMiddleware;
use APIToolkit\APIToolkitSlim;


require __DIR__ . '/vendor/autoload.php';

$app = AppFactory::create();

$apioolkitMiddleware = new APIToolkitMiddleware("<API_KEY>");

$app->add($apitoolkitMiddleware);

$app->get('/', function (Request $request, Response $response) {
    $options = [
        "pathPattern" => "/repos/{owner}/{repo}",
        "redactHeaders" => ["Server"],
        "redactRequestBody" => ["$.password"],
        "redactResponseBody" => ["$.password"]
    ];

    $guzzleClient = APIToolkitSlim::observeGuzzle($request, $options);
    $responseFromGuzzle = $guzzleClient->request('GET', 'https://api.github.com/repos/guzzle/guzzle?foobar=123');
    
    $response->getBody()->write($responseFromGuzzle->getBody()->getContents());
    return $response;
});

$app->run();

Reporting Errors to APIToolkit

APIToolkit can automatically detect API issues, but reporting errors manually provides additional details. To report errors, call the reportError method of APIToolkitSlim within the context of a web request.

use Slim\Factory\AppFactory;
use APIToolkit\APIToolkitMiddleware;
use APIToolkit\APIToolkitSlim;

require __DIR__ . '/vendor/autoload.php';

$app = AppFactory::create();

$apitoolkitMiddleware = new APIToolkitMiddleware("<API_KEY>");

$app->add($apitoolkitMiddleware);

$app->get('/', function (Request $request, Response $response) {
    try {
        throw new Exception("Custom user error");
        return $response;
    } catch (Exception $e) {
        // Report the error to APIToolkit
        APIToolkitSlim::reportError($e, $request);
        $response->getBody()->write($e->getMessage());
        return $response;
    }
});

$app->run();

You can report as many errors as you want for each request!

And that's it! Happy hacking.