MuK REST API for Odoo
by MuK IT
| Technical name | muk_rest |
| License | LGPL-3 |
| Website | http://www.mukit.at |
MuK REST API for Odoo
A customizable RESTful API for Odoo
MuK IT GmbH - www.mukit.at
Overview
Enables a REST API for the Odoo server. The API has routes to authenticate and retrieve a token. Afterwards, a set of routes to interact with the server are provided. The API can be used by any language or framework which can make an HTTP requests and receive responses with JSON payloads and works with both the Community and the Enterprise Edition.
In case the module should be active in every database just change
the auto install flag to
True. To activate the routes
even if no database is selected the module should be loaded right
at the server start. This can be done by editing the configuration
file or passing a load parameter to the start script.
Parameter:
--load=web,muk_rest
To access the api in a multi database enviroment without a db filter,
the name of the database must be provided with each request via the
db parameter ?db=database_name.
Key Features
Documentation
The API is documented based on the Open API specification. All endpoints are described in great detail and a number of defined schemas make it possible to keep a good overview of the required parameters as well as the returned results.
Furthermore, the documentation is automatically extended with the addition of another endpoint. Whether it was added as custom endpoint or via Python code does not matter.
Custom Endpoints
In addition to the existing API endpoints, more can easily be added. It is not necessary to write any kind of code. New endpoints can be created in the backend and are immediately available through the API.
Different types of endpoints can be created. For example the domain evaluation can be used to query certain data and return it via the API. While other option are to run a server action or execute custom Python code. Any custom routes are automatically added to the documentation and can be further customized to define parameters and return values.
Connect to the API
The API allows authentication via OAuth1 and OAuth2 as well as with username and password, although an access key can also be used instead of the password. The documentation only allows OAuth2 besides basic authentication. The API has OAuth2 support for all 4 grant types. For OAuth, advanced security can be enabled to allow only certain endpoints and parameters.
Code Example - OAuth2 Authentication
This example shows a login via OAuth2 and then some sample calls to the API.
The Python libraries
requests and
requests_oauthlib are used to connect to the API. Note that this is only
an example, the client and implementation can vary depending on the actual requirements.
import json
import requests
from pprint import pprint
from requests_oauthlib import OAuth2Session
from oauthlib.oauth2 import BackendApplicationClient
class RestAPI:
def __init__(self):
self.url = 'https://demo12.mukit.at'
self.client_id = 'BackendApplicationFlowDemoClientKey'
self.client_secret = 'BackendApplicationFlowDemoClientSecret'
self.client = BackendApplicationClient(client_id=self.client_id)
self.oauth = OAuth2Session(client=self.client)
def route(self, url):
if url.startswith('/'):
url = "%s%s" % (self.url, url)
return url
def authenticate(self):
self.oauth.fetch_token(
token_url=self.route('/api/v1/authentication/oauth2/token'),
client_id=self.client_id, client_secret=self.client_secret
)
def execute(self, enpoint, type="GET", data={}):
if type == "POST":
response = self.oauth.post(self.route(enpoint), data=data)
elif type == "PUT":
response = self.oauth.put(self.route(enpoint), data=data)
elif type == "DELETE":
response = self.oauth.delete(self.route(enpoint), data=data)
else:
response = self.oauth.get(self.route(enpoint), data=data)
if response.status_code != 200:
raise Exception(pprint(response.json()))
else:
return response.json()
# init API
api = RestAPI()
api.authenticate()
# test API
pprint(api.execute('/api/v1'))
pprint(api.execute('/api/v1/user'))
# sampel query
data = {
'model': "res.partner",
'domain': json.dumps([['parent_id.name', '=', "Azure Interior"]]),
'fields': json.dumps(['name', 'image_small']),
}
response = api.execute('/api/v1/search_read', data=data)
for entry in response:
entry['image_small'] = entry.get('image_small')[:5] + "..."
pprint(response)
# check customer
data = {
'model': "res.partner",
'domain': json.dumps([['name', '=', "Sample Customer"]]),
'limit': 1
}
response = api.execute('/api/v1/search', data=data)
customer = next(iter(response), False)
# create customer
if not customer:
values = {
'name': "Sample Customer",
}
data = {
'model': "res.partner",
'values': json.dumps(values),
}
response = api.execute('/api/v1/create', type="POST", data=data)
customer = next(iter(response))
# create product
values = {
'name': "Sample Product",
}
data = {
'model': "product.template",
'values': json.dumps(values),
}
response = api.execute('/api/v1/create', type="POST", data=data)
product = next(iter(response))
# create order
values = {
'partner_id': customer,
'state': 'sale',
'order_line': [(0, 0, {'product_id': product})],
}
data = {
'model': "sale.order",
'values': json.dumps(values),
}
response = api.execute('/api/v1/create', type="POST", data=data)
order = next(iter(response))
The API as a Framework
The REST API is also designed as a framework and can be used as a basis for
an extension to fit the individual requirements. This code example shows how
easy it is to define an endpoint. The parameters in the
@api_docs
annotation are optional. If no parameters are given, dynamic default values
are generated based on the function signature.
class CommonController(http.Controller):
@api_doc(
tags=['Common'],
summary='User',
description='Returns the current user.',
responses={
'200': {
'description': 'Current User',
'content': {
'application/json': {
'schema': {
'$ref': '#/components/schemas/CurrentUser'
},
'example': {
'name': 'Admin',
'uid': 2,
}
}
}
}
},
default_responses=['400', '401', '500'],
)
@tools.http.rest_route(
routes=build_route('/user'),
methods=['GET'],
protected=True,
)
def user(self, **kw):
return make_json_response({
'uid': request.session and request.session.uid,
'name': request.env.user and request.env.user.name
})
Clients
There are already very good REST clients in almost every programming language. For example, in Python there is the Requests library to make HTTP calls and Requests-OAuthlib to authenticate with OAuth, to name just one.
But in case you want to create your own client, you can automatically generate one based on the API documentation. The client is created by Swagger CodeGen and can serve as a good starting point.
Help and Support
Feel free to contact us, if you need any help with your Odoo
integration or additional features.
You will get 30 days of
support in case of any issues (except data recovery, migration or
training).
Our Services
Odoo
Implementation
Odoo
Integration
Odoo
Customization
Odoo
Development
Odoo
Support
MuK REST API for Odoo
Enables a REST API for the Odoo server. The API has routes to authenticate and retrieve a token. Afterwards, a set of routes to interact with the server are provided. The API can be used by any language or framework which can make an HTTP requests and receive responses with JSON payloads and works with both the Community and the Enterprise Edition.
The API allows authentication via OAuth1 and OAuth2 as well as with username and password, although an access key can also be used instead of the password. The documentation only allows OAuth2 besides basic authentication. The API has OAuth2 support for all 4 grant types. More information about the OAuth authentication can be found under the following links:
Requirements
OAuthLib
A generic, spec-compliant, thorough implementation of the OAuth request-signinglogic for Python. To install OAuthLib please follow the instructions or install the library via pip.
pip install oauthlib
Installation
To install this module, you need to:
Download the module and add it to your Odoo addons folder. Afterward, log on to your Odoo server and go to the Apps menu. Trigger the debug mode and update the list by clicking on the "Update Apps List" link. Now install the module by clicking on the install button.
Another way to install this module is via the package management for Python (PyPI).
To install our modules using the package manager make sure odoo-autodiscover is installed correctly. Note that for Odoo version 11.0 and later this is not necessary anymore. Then open a console and install the module by entering the following command:
pip install --extra-index-url https://nexus.mukit.at/repository/odoo/simple <module>
The module name consists of the Odoo version and the module name, where underscores are replaced by a dash.
Module:
odoo<version>-addon-<module_name>
Example:
sudo -H pip3 install --extra-index-url https://nexus.mukit.at/repository/odoo/simple odoo14-addon-muk-rest
Once the installation has been successfully completed, the app is already in the correct folder. Log on to your Odoo server and go to the Apps menu. Trigger the debug mode and update the list by clicking on the "Update Apps List" link. Now install the module by clicking on the install button.
The biggest advantage of this variant is that you can now also update the app using the "pip" command. To do this, enter the following command in your console:
pip install --upgrade --extra-index-url https://nexus.mukit.at/repository/odoo/simple <module>
When the process is finished, restart your server and update the application in Odoo. The steps are the same as for the installation only the button has changed from "Install" to "Upgrade".
You can also view available Apps directly in our repository and find a more detailed installation guide on our website.
For modules licensed under a proprietary license, you will receive the access data after you purchased the module. If the purchase were made at the Odoo store please contact our support with a confirmation of the purchase to receive the corresponding access data.
Upgrade
To upgrade this module, you need to:
Download the module and add it to your Odoo addons folder. Restart the server and log on to your Odoo server. Select the Apps menu and upgrade the module by clicking on the upgrade button.
If you installed the module using the "pip" command, you can also update the module in the same way. Just type the following command into the console:
pip install --upgrade --extra-index-url https://nexus.mukit.at/repository/odoo/simple <module>
When the process is finished, restart your server and update the application in Odoo, just like you would normally.
Configuration
In case the module should be active in every database just change the auto install flag to True. To activate the routes even if no database is selected the module should be loaded right at the server start. This can be done by editing the configuration file or passing a load parameter to the start script.
Parameter: --load=web,muk_rest
To access the api in a multi database enviroment without a db filter, the name of the database must be provided with each request via the db parameter.
Parameter: ?db=<database_name>
To configure this module, you need to:
- Go to Settings -> API -> Dashboard. Here you can see an overview of all your APIs.
- Click on Create or go to either Restful API -> OAuth1 or Restful API -> OAuth2 to create a new API.
To extend the API and to add your own routes, go to Settings -> API -> Endpoints and create a new endpoint. An endpoint can be both public and protected and is then only accessible via authentication. An endpoint can either evaluate a domain, perform a server action or execute python code.
Its possible to further customize the API via a set of parameters insde the config file. The following table shows the possible parameters and their corresponding default value.
| Parameter | Description | Default |
| rest_default_cors | Sets the CORS attribute on all REST routes | None |
| rest_docs_security_group | Reference an access group to protect the API docs for unauthorized users | None |
| rest_docs_codegen_url | Service to generate REST clients | https://generator3.swagger.io/api |
| rest_authentication_basic | Defines if the Basic authentication is active on the REST API | True |
| rest_authentication_oauth1 | Defines if the OAuth1 authentication is active on the REST API | True |
| rest_authentication_oauth2 | Defines if the OAUth2 authentication is active on the REST API | True |
Parameters from an configuration file can be loaded via the --config command.
Usage
You are able to use the API with a client of your choice or use the client generator as a starting point. For documentation go to Settings -> API -> Documentation -> Endpoints
Credit
Contributors
- Mathias Markl <mathias.markl@mukit.at>
Author & Maintainer
This module is maintained by the MuK IT GmbH.
MuK IT is an Austrian company specialized in customizing and extending Odoo. We develop custom solutions for your individual needs to help you focus on your strength and expertise to grow your business.
If you want to get in touch please contact us via mail or visit our website.
This is an unofficial translation of the GNU Lesser General Public License into Vietnamese. It was not published by the Free Software Foundation,
and does not legally state the distribution terms for software that uses the GNU LGPL - only the original English text of the GNU LGPL does
that. However, we hope that this translation will help language speakers understand the GNU LGPL better.
GNU LESSER GENERAL PUBLIC LICENSE
Version 3, 29 June
2007
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
This version of the GNU Lesser General Public License incorporates the terms and conditions of version 3 of the GNU General Public License,
supplemented by the additional permissions listed below.
0. Additional Definitions.
As used herein,"this License" refers to version 3 of the GNU Lesser General Public License, and the "GNU GPL" refers to version 3 of
the GNU "General" Public License.
"The Library" refers to a covered work governed by this License, other than an Application or a Combined Work as defined below.
An "Application" is any work that makes use of an interface provided by the Library, but which is not otherwise based on the Library.
Defining a subclass of a class defined by the Library is deemed a mode of using an interface provided by the Library.
A "Combined Work" is a work produced by combining or linking an Application with the Library. The particular version of the Library
with which the Combined Work was made is also called the "Linked Version".
The "Minimal Corresponding Source" for a Combined Work means the Corresponding Source for the Combined Work, excluding any source code
for portions of the Combined Work that, considered in isolation, are based on the Application, and not on the Linked Version.
The "Corresponding Application Code" for a Combined Work means the object code and/or source code for the Application, including any data
and utility programs needed for reproducing the Combined Work from the Application, but excluding the System Libraries of the Combined Work.
1. Exception to Section 3 of the GNU GPL.
You may convey a covered work under sections 3 and 4 of this License without being bound by section 3 of the GNU GPL.
2. Conveying Modified Versions.
If you modify a copy of the Library, and, in your modifications, a facility refers to a function or data to be supplied by an Application that
uses the facility (other than as an argument passed when the facility is invoked), then you may convey a copy of the modified version:
a) under this License, provided that you make a good faith effort to ensure that, in the event an Application does not supply the function or data, the facility still
operates, and performs whatever part of its purpose remains meaningful, or
b) under the GNU GPL, with none of the additional permissions of this License applicable to that copy.
3. Object Code Incorporating Material from Library Header Files.
The object code form of an Application may incorporate material from a header file that is part of the Library. You may convey such
object code under terms of your choice, provided that, if the incorporated material is not limited to numerical parameters, data structure
layouts and accessors, or small macros, inline functions and templates (ten or fewer lines in length), you do both of the following:
a) Give prominent notice with each copy of the object code that the Library is used in it and that the Library and its use are covered by this License.
b) Accompany the object code with a copy of the GNU GPL and this license document.
4. Combined Works.
You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the
Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following:
a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License.
b) Accompany the Combined Work with a copy of the GNU GPL and this license document.
c) For a Combined Work that displays copyright notices during execution, include the copyright notice for the Library among these notices,
as well as a reference directing the user to the copies of the GNU GPL and this license document.
d) Do one of the following:
0) Convey the Minimal Corresponding Source under the terms of this License, and the Corresponding Application Code in a form suitable for, and
under terms that permit, the user to recombine or relink the Application with a modified version of the Linked Version to produce a modified
Combined Work, in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.
1) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (a) uses at run time a copy of the
Library already present on the user's computer system, and (b) will operate properly with a modified version of the Library
that is interface-compatible with the Linked Version.
e) Provide Installation Information, but only if you would otherwise be required to provide such information under section 6 of the
GNU GPL, and only to the extent that such information is necessary to install and execute a modified version of the Combined Work produced by
recombining or relinking the Application with a modified version of the Linked Version. (If you use option 4d0, the Installation Information
must accompany the Minimal Corresponding Source and Corresponding Application Code. If you use option 4d1, you must provide the Installation
Information in the manner specified by section 6 of the GNU GPL for conveying Corresponding Source.)
5. Combined Libraries.
You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities that
are not Applications and are not covered by this License, and convey such a combined library under terms of your choice, if you do both of
the following:
a)Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities,
conveyed under the terms of this License.
b) Give prominent notice with the combined library that part of it is a work based on the Library, and explaining where to find the accompanying
uncombined form of the same work.
6. Revised Versions of the GNU Lesser General Public License.
The Free Software Foundation may publish revised and/or new versions of the GNU Lesser General Public License from time to time. Such new
versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Library as you received it specifies that a certain numbered
version of the GNU Lesser General Public License "or any later version" applies to it, you have the option of following the terms and
conditions either of that published version or of any later version published by the Free Software Foundation. If the Library as you
received it does not specify a version number of the GNU Lesser General Public License, you may choose any version of the GNU Lesser
General Public License ever published by the Free Software Foundation.
If the Library as you received it specifies that a proxy can decide whether future versions of the GNU Lesser General Public License shall
apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library.