Call Map Logger


This resource allows you to log calls to external APIs without writing a full plugin to proxy the requests


Documentation and Examples

Forwarding logging is the normal way to log public, client-side API calls. To use it, reconfigure the client application to make its call to the forwarding controller instead of the actual API endpoint. The URL to the forwarding logger service is:

//assets.euractiv.com/call-log/forward.php

It accepts a single query parameter: provider. This parameter is the location that the client will forward to after the call is logged.

For example, imagine you want to make an API call to the following endpoint:

http://httpbin.org/get?a=1&b=2&c=3

You would configure the calling application to use this URL instead:

//assets.euractiv.com/call-log/forward.php?provider=http%3A%2F%2Fhttpbin.org%2Fget%3Fa%3D1%26b%3D2%26c%3D3

That's it. You can click here to see it in action.

Note: the URL specified in provider must be whitelisted in the http_allowed_* settings.

Proxy logging is an alternative way to log public, client-side API calls. As opposed to the forward logging method, the proxy will make the user's request on their behalf and send the response directly back to the user rather than forwarding.

The proxy endpoint can be useful for situations where CORS headers interfere with the normal redirect flow or where redirecting is causing too much request overhead. However, beware of two things:

  • The proxy logger will cause greater load on webserver hosting VSAC because it may need to make lots of requests.
  • For services that use IP-based throttling (such as the FaceBook graph API), the VSAC server will probably get banned quickly if you've got any traffic.

To use the proxy API, reconfigure the consumer application to call the following URL:

//assets.euractiv.com/call-log/proxy.php

It accepts a single query parameter: provider. This parameter is the location that the proxy will make its request to.

For example, imagine you want to make an API call to the following endpoint:

http://httpbin.org/get?a=1&b=2&c=3

You would configure the calling application to use this URL instead:

//assets.euractiv.com/call-log/proxy.php?provider=http%3A%2F%2Fhttpbin.org%2Fget%3Fa%3D1%26b%3D2%26c%3D3

That's it. You can click here to see it in action.

Note: the URL specified in provider must be whitelisted in the http_allowed_* settings.


Direct logging is the normal way to log private, server-to-server API calls. It has the advantage of not interfering with the original call in any way; however some care must be taken to protect the API key and not expose it to clients. An leaked API key is not catastrohpic, but it can cause your call log to be filled with garbage.

To use direct logging, have either the consumer or provider (or both) make a GET request to the following URL:

//assets.euractiv.com/call-log/direct.php

It requires the following query parameters:

  • api_key: the API key for this service.
  • consumer: the label (eg, URL) of the consumer service (ie, the application making the call).
  • provider: the label (eg, URL) of the provider service (ie, the application answering the call).

The endpoint will return a JSON object with the following offsets:

  • logged (bool): whether the call was successfully logged
  • error (string): if there was an error, the error message

please log in to view this example

<p>please log in to view this example</p>

Configuration

Configuration is located in the file /config/call-log.php. If you do not have the ability to modify this file, contact your administrator to have options changed. The configuration file should contain an array with the name $config containing the following offsets:

NameTypeDescriptionCurrent Setting
callmap_driverstringThe callmap driver to use, either "sqlite", "fsstore" or "noop"
noop
callmap_labelsarrayLabels for the callmap, where the key is the regular expression to match and the value is the label to useLogin to view this setting
callmap_visualize_defaultarrayNodes to visualize by defaultLogin to view this setting
callmap_probabilityintegerProbability that a given hit will log. Important for high traffic sites. Set higher for lower probability.
1000
http_allowed_domainsarrayAllowed domains for fetching assets or generating URLsLogin to view this setting
http_allowed_urlsarraySpecified URLs or regular expressions of specified URLs match for fetching assets or generating URLsLogin to view this setting
http_connect_timeoutintegerThe amount of time, in seconds, that cURL should wait before returning an error status. 15 is a good value for most cases.
15
api_keystringThe key to access protected API calls. This key should only be used in server-to-server communication to avoid exposing it to the broader internet. In requests, the key can be set in the query as the "api_key" value (eg http://example.com?api_key=keyboard_cat), in a POST request body as the "api_key" value, or as a header with the name "X-Vsac-Api-Key".Login to view this setting