A Hyperlambda web service, is a web service that allows a client to securely supply an algorithm, or a “lambda object”, which the server will evaluate on its side, and (optionally) return the results of its evaluation back to the client. This completely reverses the responsibility between the “client” and the “server”, and allows for a whole range of really interesting scenarios, arguably facilitating for that your machines can engage in a “meaningful semantic discussion”, communicating intent back and forth, the same way two human beings can. Watch the video below for a demonstration.
If you make sure you have the latest version of Hypereval and Phosphorus Five, you can reproduce what I did above with the following code. Copy and paste this code into Hypereval, then save it and make sure you save it as a “page”.
/* * Creates an example page, which allows the caller to invoke a lambda web service, * passing in his own Hyperlambda to be evaluated. */ create-widget class:container oninit /* * Including Micro CSS file, serious skin, and fonts. */ micro.css.include widgets div class:row widgets div class:col widgets div:code class:bg shaded rounded air-inner air-top widgets h1 innerValue:Invoke lambda web service /* * Hyperlambda editor, which allows user to supply his own Hyperlambda. */ micro.widgets.codemirror mode:hyperlambda class:air-bottom .data-field:hyperlambda /* * "Save button" and URL textbox wrapper. */ div class:strip fill widgets /* * URL textbox, for where we should pass in the specified Hyperlambda. */ input type:text .data-field:url placeholder:Web service endpoint URL ... /* * "Invoke" button. */ button innerValue:Invoke onclick /* * Serializes our form, and invokes the specified web service endpoint, passing * in the specified Hyperlambda. */ micro.form.serialize:code /* * The actual invocation to the web service endpoint. */ p5.http.post:x:/@micro.form.serialize/*/url?value Content-Type:application/x-www-form-urlencoded content:x:/@micro.form.serialize/*/hyperlambda?value p5.html.html-encode:x:/-/**/content?value /* * Creating a modal widget, displaying the results of our invocation. */ create-widgets micro.widgets.modal:modal-results widgets h3 innerValue:Results pre innerValue:x:/@p5.html.html-encode?value div class:right widgets button innerValue:Close onclick delete-widget:modal-results
When you have saved the above Hyperlambda as a “page”, click the “play” button in Hypereval to preview your page. Then paste in the following code into the CodeMirror editor on your page.
+:int:20 _:1 return:x:/-?value
Then make sure you supply the following URL in the URL field.
And click “Invoke”.
What is happening here, is that your client is serialising your Hyperlambda, for then to pass YOUR CODE TO MY SERVER. My server will evaluate your Hyperlambda, with a small subset of my server’s Active Events as its legal whitelisted “vocabulary”.
If you try to invoke an Active Event which I have not explicitly whitelisted, my server will throw an exception, and prevent your code from being executed on my server. This effectively allows two servers to **SECURELY** communicate code, logic and intentions back and forth, the same two (intelligent) human beings are capable of …
When two human beings are engaging in a dialogue, what we are actually doing to some extent, is not merely communicating data back and forth. We are in fact also passing on algorithms to the other party. A great example is “remember to turn off the lights before you leave home”. Depending upon what relationship the receiver of these “algorithms” have with the sending party, he might choose to execute the “algorithm” that the sender gave him. Hyperlambda Web Services allows computer to do the same. As far as I know, this has never been securely done before, throughout the history of computing. However, feel free to prove me wrong if you can.
Additional steps can also be easily implemented, to further secure these invocations, such as demanding the client to have cryptographically signed the MIME message containing the Hyperlambda, for then to create a whitelist of PGP keys that are allows to invoke web services, the code can be encrypted, etc, etc, etc. Below is the code for the web service endpoint.
/* * Creates a lambda Web Service endpoint. */ /* * Sanity checking invocation. */ if p5.web.request.get-method !=:POST p5.web.response.set-status-code:405 p5.web.response.set-status-description:405 Only POST method is allowed p5.web.echo:Only HTTP POST requests are allowed in here ... return /* * De-serialising request. */ p5.web.request.parse-mime /* * Evaluating specified Hyperlambda in a "whitelist" invocation to [eval]. * * Notice, whatever keywords you wish to allow your clients to be legally allowed to evaluate, * must be declared in the [events] lambda below. */ hyper2lambda:x:/@p5.web.request.parse-mime/**/content?value eval-whitelist:x:/@hyper2lambda events set add insert-before insert-after src + - / * return /* * Yielding results of above evaluation back to client. */ p5.web.echo:x:/@eval-whitelist <span data-mce-type="bookmark" style="display: inline-block; width: 0px; overflow: hidden; line-height: 0;" class="mce_SELRES_start"></span>