Upgrade to Pro — share decks privately, control downloads, hide ads and more …

aRESTful Development with the Wordpress API

Jeremy Lindblom
May 26, 2016
Programming
0
160

aRESTful Development with the Wordpress API

Don't make "a huge mistake"! You need to learn about the WordPress REST API—yet another way we can bend WordPress to our will and solve problems for our customers in new ways. Jeremy Lindblom (@jeremeamia) will show you how to get started with the WordPress API, and teach you a little about HTTP and APIs, in general, along the way.

You should walk away with "Steve Holt"-like confidence in knowing how to setup the API for a WordPress site and consume the API from other projects using existing tools.

Jeremy Lindblom

May 26, 2016
Tweet

More Decks by Jeremy Lindblom

See All by Jeremy Lindblom
Diagram Like a Principal Engineer
jeremeamia
0
27
Async Guzzle - Concurrent HTTP Requests in PHP
jeremeamia
3
4.3k
What's New in PHP 7.4?
jeremeamia
0
88
Applied OOP Design Patterns: Rolling with the Punches
jeremeamia
1
110
Protecting Your Code From A Mischievous Future
jeremeamia
1
130
Iterators and Decorators and Generators, Oh My!
jeremeamia
1
250
Uploading to S3 from PHP
jeremeamia
0
84
APIs with Lumen, Guzzle, & Swagger
jeremeamia
24
6.9k
New Features in PHP 7
jeremeamia
6
370

Other Decks in Programming

See All in Programming
第1回 AWSとGitHub勉強会 - キックオフ -
ogiwarat
0
190
あの時、Java から PHP へ / Converting from Java to PHP
kizuku_miyagi
2
160
Twillio SDKをFlutterアプリに統合した話/twilio-in-flutter
minma_curama
1
150
まず Container より始めよ
honey32
10
4.6k
UseCaseの凝集度を高める Goのpackage戦略 / Go packaging strategy to increase use case cohesion
deresmos
2
980
技術選定の審美眼(2023年版) / Understanding the Spiral of Technologies 2023 edition
twada
PRO
57
18k
【PHPカンファレンス沖縄 2023】素朴で考慮漏れのある PHP コードをテストコードとともに補強していく(ライブコーディング補足資料) / #phpcon_okinawa 2023 livecoding supplementary material
okashoi
2
160
CSS Subgridが遂に全ブラウザ対応。新時代のグリッドデザインを学ぼう
tonkotsuboy_com
6
6.9k
A sighting of sequence function in Practical FP in Scala
philipschwarz
PRO
0
120
Google Apps Scriptを使いこなさない方法
efbmzwyk999
0
140
CDK Day 2023 - Configure cross-account deployment using CDK
hassaku63
0
160
スキル差があるペア_モブプロで効果的な_ドライバーナビゲータ以外のロールの分け方.pdf
yatasunshine
1
240

Featured

See All Featured
How To Stay Up To Date on Web Technology
chriscoyier
780
250k
The MySQL Ecosystem @ GitHub 2015
samlambert
240
11k
Building Flexible Design Systems
yeseniaperezcruz
317
36k
Documentation Writing (for coders)
carmenintech
55
3.3k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
26
5.5k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
49
16k
The Art of Programming - Codeland 2020
erikaheidi
39
12k
Put a Button on it: Removing Barriers to Going Fast.
kastner
56
2.7k
Testing 201, or: Great Expectations
jmmastey
26
6k
How New CSS Is Changing Everything About Graphic Design on the Web
jensimmons
215
12k
Product Roadmaps are Hard
iamctodd
42
8.8k
Visualization
eitanlees
131
13k

Transcript

  1. aRESTful Development
    with the Wordpress API
    By Jeremy Lindblom (@jeremeamia)

    View Slide

  2. @jeremeamia

    View Slide

  3. Stuff I Work On
    ✘ API Designs
    ✘ API Clients ( e.g., AWS SDK for PHP )
    ✘ API Reviews
    ✘ API Documentation
    ✘ PHP Libraries ( e.g., Guzzle )
    ✘ Testing & Code Quality

    View Slide

  4. View Slide

  5. “There's
    always
    money in
    the banana
    stand!”

    View Slide

  6. http://v2.wp-api.org

    View Slide

  7. UI
    API

    View Slide

  8. API

    View Slide

  9. API

    View Slide

  10. “Headless”
    WordPress

    View Slide

  11. “Come on!”

    View Slide

  12. Getting Started
    Installing Support for the WP REST API

    View Slide

  13. Step 1
    Step 2

    View Slide

  14. Step 3

    View Slide

  15. Step 4
    Code

    View Slide

  16. Step 4
    Code
    composer require guzzlehttp/guzzle

    View Slide

  17. require 'vendor/autoload.php';
    $client = new GuzzleHttp\Client([
    'base_uri' => $host . '/wp-json/wp/v2/',
    'auth' => ['test', 'j6gk 1Jsh uokR y5vT'],
    ]);
    $response = $client->get('posts');
    $result = json_decode($response->getBody());
    Step 4

    View Slide

  18. Array(
    [0] => Array(
    [id] => 6
    [date] => 2016-05-11T04:12:29
    [date_gmt] => 2016-05-11T04:12:29
    [guid] => Array(
    [rendered] => http://example.com/?p=6
    )
    [modified] => 2016-05-11T04:12:29
    [modified_gmt] => 2016-05-11T04:12:29
    [slug] => great-post
    [type] => post
    [link] => http://example.com/2016/05/11/great-post/
    [title] => Array(
    [rendered] => Great Post
    )
    ...
    Step 5:
    Profit!

    View Slide

  19. View Slide

  20. The Nitty-Gritties
    Details About How the API Works

    View Slide

  21. API Docs

    View Slide

  22. API Docs

    View Slide

  23. Supported Resources
    ✘ Posts
    ✘ Post Revisions
    ✘ Pages
    ✘ Media
    ✘ Post Types
    ✘ Post Statuses
    ✘ Comments
    ✘ Taxonomies
    ✘ Categories
    ✘ Tags
    ✘ Users

    View Slide

  24. Supported Operations
    ✘ Create ⇒ POST
    ✘ Read ⇒ GET
    ✘ Update ⇒ POST
    ✘ Delete ⇒ DELETE
    ✘ List ⇒ GET

    View Slide

  25. General Parameters
    ✘ _jsonp
    ✘ _method
    ✘ _envelope
    ✘ _embed

    View Slide

  26. Have any of you heard of the
    “Hypertext Application Language”?

    View Slide

  27. Have any of you heard of the
    “Hypertext Application Language”?
    “I don’t understand the
    question and I won’t
    respond to it.”

    View Slide

  28. Hypermedia
    Linking Resources With the HAL Spec

    View Slide

  29. HAL = Hypertext Application Language
    Spec for hyperlinking resources
    Makes your API “explorable”
    “Simple” format to consume
    Uses _links & _embedded

    View Slide

  30. require 'vendor/autoload.php';
    $client = new GuzzleHttp\Client([...]);
    $response = $client->get('posts/6');
    $result = json_decode($response->getBody());

    View Slide

  31. [id] => 6
    [slug] => great-post
    ...
    [_links] => Array(
    [collection] => Array(
    [0] => Array(
    [href] => http://demo.wp-api.org/wp-json/wp/v2/posts
    )
    )
    [author] => Array(
    [0] => Array(
    [embeddable] => 1
    [href] => http://demo.wp-api.org/wp-json/wp/v2/users/1
    )
    )
    ...
    )

    View Slide

  32. “I’m here to see the magic”

    View Slide

  33. $client->get('posts/6?_embed=1');

    View Slide

  34. [id] => 6
    [slug] => great-post
    ...
    [_links] => Array(...)
    [_embedded] => Array(
    [author] => Array(
    [0] => Array(
    [id] => 1
    [name] => Jeremy Lindblom
    [slug] => jeremeamia
    ...
    [_links] => Array(...)
    )
    )
    )

    View Slide

  35. [id] => 6
    [slug] => great-post
    ...
    [_links] => Array(...)
    [_embedded] => Array(
    [author] => Array(
    [0] => Array(
    [id] => 1
    [name] => Jeremy Lindblom
    [slug] => jeremeamia
    ...
    [_links] => Array(...)
    )
    )
    )
    Yay! Recursion!

    View Slide

  36. [id] => 6
    [slug] => great-post
    ...
    [_links] => Array(...)
    [_embedded] => Array(
    [author] => Array(
    [0] => Array(
    [id] => 1
    [name] => Jeremy Lindblom
    [slug] => jeremeamia
    ...
    [_links] => Array(...)
    )
    )
    )
    “Simple”
    “Explorable”

    View Slide

  37. “I’m a monster!”

    View Slide

  38. HAL Data Model

    View Slide

  39. Authentication
    Giving Your Consumers Access

    View Slide

  40. Types of Authentication
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  41. “ I was never really clear on that.”

    View Slide

  42. Types of Authentication
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  43. require 'vendor/autoload.php';
    $client = new GuzzleHttp\Client([
    'base_uri' => $host . '/wp-json/wp/v2/',
    'auth' => ['test', 'j6gk 1Jsh uokR y5vT'],
    ]);
    $response = $client->get('posts');
    $result = json_decode($response->getBody());

    View Slide

  44. GET /wp-json/wp/v2/posts HTTP/1.1
    Host: http://demo.wp-api.org
    User-Agent: GuzzleHttp/6.2.0 curl/7.43.0 PHP/5.6.12
    Authorization: Basic dGVzdC1jbGllbnQ6ZlpuBrYyIHNtQjkgWmtqVw==
    HTTP Basic Authentication

    View Slide

  45. GET /wp-json/wp/v2/posts HTTP/1.1
    Host: http://demo.wp-api.org
    User-Agent: GuzzleHttp/6.2.0 curl/7.43.0 PHP/5.6.12
    Authorization: Basic dGVzdC1jbGllbnQ6ZlpuBrYyIHNtQjkgWmtqVw==
    base64_encode(“{$username}:{$password}”)
    e.g.,
    base64_encode(‘test:j6gk 1Jsh uokR y5vT’)

    View Slide

  46. “hot ham water”

    View Slide

  47. Types of Authentication
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  48. Types of Authentication
    ➔ Cookies + NONCE
    ➔ Designed for JavaScript
    ➔ Use within themes/plugins
    ➔ Session-based
    ➔ Safe for HTTP
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  49. Types of Authentication
    ➔ 3-legged OAuth 1.0a
    ➔ Requires Plugin
    ➔ Session-based
    ➔ Safe for HTTP
    ➔ Most recommended
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  50. Types of Authentication
    ➔ HTTP Basic Auth
    ➔ Requires Plugin
    ➔ Application-based
    ➔ USE HTTPS!
    ➔ Easily Revokable
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  51. Types of Authentication
    ➔ HTTP Basic Auth
    ➔ Requires Plugin
    ➔ Application-based
    ➔ USE HTTPS!
    ➔ Uses Admin’s credentials!
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  52. GET /wp-json/wp/v2/posts HTTP/1.1
    Host: http://demo.wp-api.org
    User-Agent: GuzzleHttp/6.2.0 curl/7.43.0 PHP/5.6.12
    Authorization: Basic aGVz47gjbGllbcf9ZlpuBrYIHNtQjkgWmtqVw8=
    base64_encode(admin:p@$$w0rd12345’)

    View Slide

  53. “I’ve made a huge mistake”

    View Slide

  54. Types of Authentication
    ➔ Easy setup
    ➔ Requires Plugin
    ➔ HTTP Basic Auth
    ➔ Application-based
    ➔ USE HTTPS!
    ➔ DEVELOPMENT ONLY!
    DO NOT DISTRIBUTE
    YOUR CREDENTIALS!
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  55. Tools & Resources
    Working Effectively with the Wordpress API

    View Slide

  56. Tools
    ✘ Wordpress itself

    View Slide

  57. $auth = base64_encode("{$user}:{$pass}");
    $response = wp_remote_post(
    rest_url('wp/v2/posts/1'),
    [
    'method' => 'POST',
    'headers' => [
    'Authorization' => "Basic {$auth}",
    ],
    'body' => $data
    ]
    );

    View Slide

  58. wp.api.loadPromise.done(function() {
    var post = new wp.api.models.Post({
    title: 'This is a test post'
    });
    post.save();
    });

    View Slide

  59. Tools
    ✘ Wordpress itself
    ✘ Recommended in Docs:
    ✗ https://github.com/WP-API/example-client
    ✗ https://github.com/WP-API/client-cli
    ✗ https://github.com/WP-API/api-console
    ✘ HTTP Clients (Guzzle, cURL, etc.)

    View Slide

  60. View Slide

  61. THANKS!
    Any questions?
    You can find me at...
    ✘ @jeremeamia
    [email protected]
    ✘ the @azPHP Meetups

    View Slide