HTTP REQUEST ACCESS

Unofficial Draft

More details about this document
Latest published version:
https://rml.io/specs/access/httprequest
Editors:
(Ghent University – imec – IDLab)
(Ghent University – imec – IDLab)
Authors:
(Ghent University – imec – IDLab)
(Ghent University – imec – IDLab)
This Version
https://rml.io/specs/access/httprequest/20241212/
Previous Version
https://rml.io/specs/access/httprequest/20241212/
Website
https://rml.io/

Copyright © 2024 the document editors/authors. Text is available under the Creative Commons Attribution 4.0 International Public License; additional terms may apply.

Abstract

In [RML-IO] source and target access descriptions are complemented with external (existing or custom) vocabulary.

The [RML-IO] specification includes several examples of modelling access to web resources with an external vocabulary (DCAT dataset, SPARQL endpoint, WoT...). Because the [RML-IO] specification only includes examples, it does not specify the expected shape per access description or other guidelines to secure an unambiguous implementation by RML processors.

This specification specifies an access description to a web resource, modelled as a simplified HTTP request with optional authentication. The configuration options are intentionally minimized to secure a straightforward implementation by RML processors.

This specification is use-case driven. It was developed to support to access to resources on a Solid pod [Solid], but supports also access to other web resources without having the ambition to cover all cases. It can be extended to cover other use cases, e.g., with additional authentication descriptions.

1. Overview

This section is non-normative.

1.1 Document conventions

We assume readers have basic familiarity with [RDF] and [RML] concepts.

In this document, examples assume the following namespace prefix bindings unless otherwise stated:

Prefix Namespace
rml: http://w3id.org/rml/
rmle: https://rml.io/ns/extensions#
htv: http://www.w3.org/2011/http#
formats: https://www.w3.org/ns/formats/
ex: http://example.org/
foaf: http://xmlns.com/foaf/0.1/

The examples are contained in color-coded boxes. We use the Turtle syntax [Turtle] to write RDF.

1.2 Conformance

As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.

The key words MUST and MUST NOT in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

2. HTTP request access

This specification describes the [RML-IO] access to a web resource, modelled as a simplified HTTP request with optional authentication. The configuration of the HTTP request is restricted to the properties defined in this specification, to limit the needed implementation by an RML processor. The specification reuses the HTTP Vocabulary in RDF 1.0, defines defaults and adds custom vocabulary for access to auxiliary resources and for authentication. The access description complements the description of a source (rml:source) or a target (rml:target).

2.1 HTTP request

An HTTP request (rmle:HttpRequest) an abstract construct describing how a web resource must be accessed by an RML processor, both for source and target.

A HTTP request is a subclass of a request (htv:Request) as specified in the HTTP Vocabulary in RDF 1.0, represented by a resource that MUST contain:

The accept header and the content-type header properties are shortcuts for the nested header description in HTTP Vocabulary in RDF 1.0, as exemplified below. 

<#request1> rmle:acceptHeader "text/plain".
# is a shortcut for
<#request1> htv:headers [
  a htv:RequestHeader ;
  htv:fieldName "Accept" ;
  htv:fieldValue "text/plain" ;
  htv:hdrName <http://www.w3.org/2011/http-headers#accept> ;
 ] .

<#request2> rmle:contentTypeHeader "text/turtle".
# is a shortcut for
<#request2> htv:headers [
  a htv:RequestHeader ;
  htv:fieldName "Content-type" ;
  htv:fieldValue "text/turtle" ;
  htv:hdrName <http://www.w3.org/2011/http-headers#content-type> ;
 ] .

2.1.1 HTTP request as source

When the HTTP request complements the description of a source, the body of the response after its execution contains the data for the source.

If unspecified, the method name is by default "GET".

If unspecified, the accept header is by default derived from the reference formulation (rml:referenceFormulation) of the logical source (rml:LogicalSource) in which it is contained, following the table below:

reference formulation accept header
rml:CSV text/plain
rml:JSONPath application/json
rml:XPath application/xml
rml:XPathReferenceFormulation application/xml
formats:SPARQL_Results_CSV text/plain
formats:SPARQL_Results_TSV text/plain
formats:SPARQL_Results_JSON application/json
formats:SPARQL_Results_XML application/xml

2.1.2 HTTP request as target

When the HTTP request is used to complement the description of a target, the body of the HTTP request contains the generated RDF.

If unspecified, the method name is by default "PUT".

If unspecified, the content-type header is by default derived from the serialization format (rml:serialization) of the logical target (rml:LogicalTarget) in which it is contained, following the table below:

serialization format content-type header
formats:N-Triples application/n-triples
formats:Turtle text/turtle
formats:JSON-LD application/ld+json
formats:TriG application/trig
formats:N-Quads application/n-quads

2.2 Direct HTTP request

A direct HTTP request (rmle:DirectHttpRequest) is an HTTP request (rmle:HttpRequest) that MUST contain:

In the example below generated RDF triples are exported using an HTTP PUT request to URI https://mypod/persons, with the generated RDF triples as body and with application/n-triples as content-type.

2.3 Linked HTTP request

A linked HTTP request (rmle:LinkedHttpRequest) describes how to access a web resource linked from another web resource, via the HTTP Link header with a specified relation. We refer to the web resource that links to that linked web resource as linking web resource.

One use case for a linked HTTP request is access to ACL resources. Clients discover the ACL resource associated with a resource by making an HTTP request on the URI of the linking web resource to which the ACL resource applies. The URI of the ACL resource is exposed with relation acl in the HTTP Link header.

A linked HTTP request is an HTTP request (rmle:HttpRequest) that MUST contain:

A linked HTTP request MUST NOT contain an explicit absolute URI property (htv:absoluteURI). The absolute URI is by default discovered by making an HTTP HEAD request on the linking web resource absolute URI, and checking the HTTP Link header whose relation property equals the specified link relation.

The following example shows a Solid ACL target that exports RDF triples to an ACL file for a linking web resource with URI https://mypod/persons.

In the example below, the absolute URI for the linked HTTP request is discovered by making an HTTP HEAD request on https://mypod/persons, and extracting the value of the HTTP Link header with relation acl. The generated RDF triples are exported using a HTTP PUT request to the discovered URI, with the generated RDF triples as body and with text/turtle as content-type.

2.4 User Authentication

A resource of the type user authentication (rmle:UserAuthentication) describes authentication details. The required authentication information depends on the authentication type. This terminology is aligned with the International Data Spaces Information Model.

This specification specifies following types of user authentication:

2.4.1 CSS Client Credentials Authentication

A CSS client credentials authentication is represented by a resource that MUST contain:

  • exactly one authentication email property (rmle:authEmail), whose value is a string denoting the email for the authentication.
  • exactly one authentication password property (rmle:authPassword), whose value is a string denoting the password for the authentication.
  • exactly one authentication webID property (rmle:authWebId), whose value is named node denoting the webID for the authentication.
  • exactly one authentication OIDC issuer property (rmle:authOidcIssuer), whose value is a named node denoting the OpenID Connect issuer for the authentication.

3. Example

In this example the content of a web resource are used as source data. The generate RDF triples are exported resp. to a Solid resource with URI https://mypod/profile/persons and to the ACL resource linked to this resource. User you gets read access to https://mypod/profile/persons, the owner of the POD, i.e., me, gets read, write, and control access. It is important that the owner rights are added, because the ACL resources (and consequently any existing access rights) are overwritten.

A. References

A.1 Normative references

[RDF]
RDF 1.1 Concepts and Abstract Syntax. W3C. 25 February 2014. W3C Recommendation. URL: https://www.w3.org/TR/rdf11-concepts/
[RFC2119]
Key words for use in RFCs to Indicate Requirement Levels. S. Bradner. IETF. March 1997. Best Current Practice. URL: https://www.rfc-editor.org/rfc/rfc2119
[RFC8174]
Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words. B. Leiba. IETF. May 2017. Best Current Practice. URL: https://www.rfc-editor.org/rfc/rfc8174
[RML]
RDF Mapping Language. URL: https://kg-construct.github.io/rml-resources/portal/
[RML-IO]
RML-IO. W3C. 27 September 2023. Draft Community Group Report. URL: https://w3id.org/rml/io/spec
[Turtle]
RDF 1.1 Turtle. W3C. 25 February 2014. W3C Recommendation. URL: https://www.w3.org/TR/turtle/

A.2 Informative references

[Solid]
Solid project. URL: https://solidproject.org/specification