Upgrade to Pro — share decks privately, control downloads, hide ads and more …

aRESTful Development with the Wordpress API

Jeremy Lindblom
May 26, 2016
Programming
0
160

aRESTful Development with the Wordpress API

Don't make "a huge mistake"! You need to learn about the WordPress REST API—yet another way we can bend WordPress to our will and solve problems for our customers in new ways. Jeremy Lindblom (@jeremeamia) will show you how to get started with the WordPress API, and teach you a little about HTTP and APIs, in general, along the way.

You should walk away with "Steve Holt"-like confidence in knowing how to setup the API for a WordPress site and consume the API from other projects using existing tools.

Jeremy Lindblom

May 26, 2016
Tweet

More Decks by Jeremy Lindblom

See All by Jeremy Lindblom
Async Guzzle - Concurrent HTTP Requests in PHP
jeremeamia
2
3.9k
What's New in PHP 7.4?
jeremeamia
0
85
Applied OOP Design Patterns: Rolling with the Punches
jeremeamia
1
93
Protecting Your Code From A Mischievous Future
jeremeamia
1
120
Iterators and Decorators and Generators, Oh My!
jeremeamia
1
240
Uploading to S3 from PHP
jeremeamia
0
81
APIs with Lumen, Guzzle, & Swagger
jeremeamia
24
6.8k
New Features in PHP 7
jeremeamia
6
370
Controlling the Cloud with the AWS SDK for PHP
jeremeamia
0
240

Other Decks in Programming

See All in Programming
Money Forward XでのGo利用事例について
keitaro1020
3
320
PHP8によるデザインパターン入門 / Introduction to Design Patterns with PHP8
fendo181
1
570
私がSymfonyはいいぞ、Doctrineはいいぞと言い続ける理由
77web
3
210
GitHub ActionsとDeployGateで始めるAndroidアプリのCICD
yuhei_fujita
2
180
ブラウザの向こう側で「200 OK」を返すまでに何が起きているのか調べてみた #phperkaigi
akase244
4
1.2k
【Symfony超入門】コマンドだけでCRUD画面を作るチート法
kin29
0
130
どこでも動くWebフレームワークをつくる
yusukebe
13
6.5k
NOT A HOTEL
AIコンシェルジュ「Kevin」の開発秘話
codehex
2
3.2k
PHPの配列とデータ構造 / PHPerKaigi 2023
meihei3
0
170
Larastan に自作 OSS ライブラリのテストをぶっ壊された話
mpyw
0
150
Les tests dans une application Symfony
alexandresalome
1
610
トランクベース開発の実現に向けた開発プロセスとCIパイプラインの継続的改善
aanrii
5
960

Featured

See All Featured
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
217
21k
Principles of Awesome APIs and How to Build Them.
keavy
118
16k
The Brand Is Dead. Long Live the Brand.
mthomps
48
3k
BBQ
matthewcrist
75
8.2k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
227
16k
Pencils Down: Stop Designing & Start Developing
hursman
114
10k
GitHub's CSS Performance
jonrohan
1021
430k
Fantastic passwords and where to find them - at NoRuKo
philnash
32
1.9k
Code Reviewing Like a Champion
maltzj
508
38k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
31
20k
Designing for Performance
lara
600
65k
Building Flexible Design Systems
yeseniaperezcruz
314
35k

Transcript

  1. aRESTful Development
    with the Wordpress API
    By Jeremy Lindblom (@jeremeamia)

    View Slide

  2. @jeremeamia

    View Slide

  3. Stuff I Work On
    ✘ API Designs
    ✘ API Clients ( e.g., AWS SDK for PHP )
    ✘ API Reviews
    ✘ API Documentation
    ✘ PHP Libraries ( e.g., Guzzle )
    ✘ Testing & Code Quality

    View Slide

  4. View Slide

  5. “There's
    always
    money in
    the banana
    stand!”

    View Slide

  6. http://v2.wp-api.org

    View Slide

  7. UI
    API

    View Slide

  8. API

    View Slide

  9. API

    View Slide

  10. “Headless”
    WordPress

    View Slide

  11. “Come on!”

    View Slide

  12. Getting Started
    Installing Support for the WP REST API

    View Slide

  13. Step 1
    Step 2

    View Slide

  14. Step 3

    View Slide

  15. Step 4
    Code

    View Slide

  16. Step 4
    Code
    composer require guzzlehttp/guzzle

    View Slide

  17. require 'vendor/autoload.php';
    $client = new GuzzleHttp\Client([
    'base_uri' => $host . '/wp-json/wp/v2/',
    'auth' => ['test', 'j6gk 1Jsh uokR y5vT'],
    ]);
    $response = $client->get('posts');
    $result = json_decode($response->getBody());
    Step 4

    View Slide

  18. Array(
    [0] => Array(
    [id] => 6
    [date] => 2016-05-11T04:12:29
    [date_gmt] => 2016-05-11T04:12:29
    [guid] => Array(
    [rendered] => http://example.com/?p=6
    )
    [modified] => 2016-05-11T04:12:29
    [modified_gmt] => 2016-05-11T04:12:29
    [slug] => great-post
    [type] => post
    [link] => http://example.com/2016/05/11/great-post/
    [title] => Array(
    [rendered] => Great Post
    )
    ...
    Step 5:
    Profit!

    View Slide

  19. View Slide

  20. The Nitty-Gritties
    Details About How the API Works

    View Slide

  21. API Docs

    View Slide

  22. API Docs

    View Slide

  23. Supported Resources
    ✘ Posts
    ✘ Post Revisions
    ✘ Pages
    ✘ Media
    ✘ Post Types
    ✘ Post Statuses
    ✘ Comments
    ✘ Taxonomies
    ✘ Categories
    ✘ Tags
    ✘ Users

    View Slide

  24. Supported Operations
    ✘ Create ⇒ POST
    ✘ Read ⇒ GET
    ✘ Update ⇒ POST
    ✘ Delete ⇒ DELETE
    ✘ List ⇒ GET

    View Slide

  25. General Parameters
    ✘ _jsonp
    ✘ _method
    ✘ _envelope
    ✘ _embed

    View Slide

  26. Have any of you heard of the
    “Hypertext Application Language”?

    View Slide

  27. Have any of you heard of the
    “Hypertext Application Language”?
    “I don’t understand the
    question and I won’t
    respond to it.”

    View Slide

  28. Hypermedia
    Linking Resources With the HAL Spec

    View Slide

  29. HAL = Hypertext Application Language
    Spec for hyperlinking resources
    Makes your API “explorable”
    “Simple” format to consume
    Uses _links & _embedded

    View Slide

  30. require 'vendor/autoload.php';
    $client = new GuzzleHttp\Client([...]);
    $response = $client->get('posts/6');
    $result = json_decode($response->getBody());

    View Slide

  31. [id] => 6
    [slug] => great-post
    ...
    [_links] => Array(
    [collection] => Array(
    [0] => Array(
    [href] => http://demo.wp-api.org/wp-json/wp/v2/posts
    )
    )
    [author] => Array(
    [0] => Array(
    [embeddable] => 1
    [href] => http://demo.wp-api.org/wp-json/wp/v2/users/1
    )
    )
    ...
    )

    View Slide

  32. “I’m here to see the magic”

    View Slide

  33. $client->get('posts/6?_embed=1');

    View Slide

  34. [id] => 6
    [slug] => great-post
    ...
    [_links] => Array(...)
    [_embedded] => Array(
    [author] => Array(
    [0] => Array(
    [id] => 1
    [name] => Jeremy Lindblom
    [slug] => jeremeamia
    ...
    [_links] => Array(...)
    )
    )
    )

    View Slide

  35. [id] => 6
    [slug] => great-post
    ...
    [_links] => Array(...)
    [_embedded] => Array(
    [author] => Array(
    [0] => Array(
    [id] => 1
    [name] => Jeremy Lindblom
    [slug] => jeremeamia
    ...
    [_links] => Array(...)
    )
    )
    )
    Yay! Recursion!

    View Slide

  36. [id] => 6
    [slug] => great-post
    ...
    [_links] => Array(...)
    [_embedded] => Array(
    [author] => Array(
    [0] => Array(
    [id] => 1
    [name] => Jeremy Lindblom
    [slug] => jeremeamia
    ...
    [_links] => Array(...)
    )
    )
    )
    “Simple”
    “Explorable”

    View Slide

  37. “I’m a monster!”

    View Slide

  38. HAL Data Model

    View Slide

  39. Authentication
    Giving Your Consumers Access

    View Slide

  40. Types of Authentication
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  41. “ I was never really clear on that.”

    View Slide

  42. Types of Authentication
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  43. require 'vendor/autoload.php';
    $client = new GuzzleHttp\Client([
    'base_uri' => $host . '/wp-json/wp/v2/',
    'auth' => ['test', 'j6gk 1Jsh uokR y5vT'],
    ]);
    $response = $client->get('posts');
    $result = json_decode($response->getBody());

    View Slide

  44. GET /wp-json/wp/v2/posts HTTP/1.1
    Host: http://demo.wp-api.org
    User-Agent: GuzzleHttp/6.2.0 curl/7.43.0 PHP/5.6.12
    Authorization: Basic dGVzdC1jbGllbnQ6ZlpuBrYyIHNtQjkgWmtqVw==
    HTTP Basic Authentication

    View Slide

  45. GET /wp-json/wp/v2/posts HTTP/1.1
    Host: http://demo.wp-api.org
    User-Agent: GuzzleHttp/6.2.0 curl/7.43.0 PHP/5.6.12
    Authorization: Basic dGVzdC1jbGllbnQ6ZlpuBrYyIHNtQjkgWmtqVw==
    base64_encode(“{$username}:{$password}”)
    e.g.,
    base64_encode(‘test:j6gk 1Jsh uokR y5vT’)

    View Slide

  46. “hot ham water”

    View Slide

  47. Types of Authentication
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  48. Types of Authentication
    ➔ Cookies + NONCE
    ➔ Designed for JavaScript
    ➔ Use within themes/plugins
    ➔ Session-based
    ➔ Safe for HTTP
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  49. Types of Authentication
    ➔ 3-legged OAuth 1.0a
    ➔ Requires Plugin
    ➔ Session-based
    ➔ Safe for HTTP
    ➔ Most recommended
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  50. Types of Authentication
    ➔ HTTP Basic Auth
    ➔ Requires Plugin
    ➔ Application-based
    ➔ USE HTTPS!
    ➔ Easily Revokable
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  51. Types of Authentication
    ➔ HTTP Basic Auth
    ➔ Requires Plugin
    ➔ Application-based
    ➔ USE HTTPS!
    ➔ Uses Admin’s credentials!
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  52. GET /wp-json/wp/v2/posts HTTP/1.1
    Host: http://demo.wp-api.org
    User-Agent: GuzzleHttp/6.2.0 curl/7.43.0 PHP/5.6.12
    Authorization: Basic aGVz47gjbGllbcf9ZlpuBrYIHNtQjkgWmtqVw8=
    base64_encode(admin:[email protected]$$w0rd12345’)

    View Slide

  53. “I’ve made a huge mistake”

    View Slide

  54. Types of Authentication
    ➔ Easy setup
    ➔ Requires Plugin
    ➔ HTTP Basic Auth
    ➔ Application-based
    ➔ USE HTTPS!
    ➔ DEVELOPMENT ONLY!
    DO NOT DISTRIBUTE
    YOUR CREDENTIALS!
    ✘ Cookie Authentication
    ✘ OAuth Authentication
    ✘ Application Passwords
    ✘ Basic Auth

    View Slide

  55. Tools & Resources
    Working Effectively with the Wordpress API

    View Slide

  56. Tools
    ✘ Wordpress itself

    View Slide

  57. $auth = base64_encode("{$user}:{$pass}");
    $response = wp_remote_post(
    rest_url('wp/v2/posts/1'),
    [
    'method' => 'POST',
    'headers' => [
    'Authorization' => "Basic {$auth}",
    ],
    'body' => $data
    ]
    );

    View Slide

  58. wp.api.loadPromise.done(function() {
    var post = new wp.api.models.Post({
    title: 'This is a test post'
    });
    post.save();
    });

    View Slide

  59. Tools
    ✘ Wordpress itself
    ✘ Recommended in Docs:
    ✗ https://github.com/WP-API/example-client
    ✗ https://github.com/WP-API/client-cli
    ✗ https://github.com/WP-API/api-console
    ✘ HTTP Clients (Guzzle, cURL, etc.)

    View Slide

  60. View Slide

  61. THANKS!
    Any questions?
    You can find me at...
    ✘ @jeremeamia
    [email protected]
    ✘ the @azPHP Meetups

    View Slide