APIness

Transcript

1. APIness

2. NOPE

3. APIs in WordPress ➔ Dashboard Widgets API ➔ Database API

   ➔ HTTP API ➔ File Header API ➔ Filesystem API ➔ Metadata API ➔ Options API ➔ Plugin API ➔ Quicktags API ➔ Rewrite API ➔ Settings API ➔ Shortcode API ➔ Theme Modification API ➔ Theme Customization API ➔ Transients API ➔ Widgets API ➔ XML-RPC WordPress API

4. douglas adams “the fundamental interconnectedness of all things”

5. douglas adams “the fundamental interconnectedness of all things”

6. data in / data out / events

7. RSS

8. $feed = fetch_feed( $uri ); // feed cache defaults to

   12 hours add_filter( 'wp_feed_cache_transient_lifetime', function( $seconds ) { return 60*60; // 1 hour } );

9. oEmbed

10. 2 ways to extend oEmbed: // For sites that have

    an oEmbed endpoint wp_oembed_add_provider( $format, $provider, $regex ); // For everything else wp_embed_register_handler( $id, $regex, $callback, $priority ); function custom_embed( $matches, $attr, $url, $rawattr ) { // scrape target page, implement iframe embed etc... }

11. Register handler for github gists: wp_embed_register_handler( ‘github-gists’, ‘#^(https?://gist.github.com/[^/]+/.+)$#i’, ‘github_embed’ );

    function github_embed( $matches, $attr, $url, $rawattr ) { return ‘<script src="’. $matches[1] .’.js"></script>’; }
12. None

13. what about something more custom? using the HTTP API in

    WordPress

14. making requests

15. wp_remote_* // Performs a GET request wp_remote_get( $url, $args );

    // POST request wp_remote_post( $url, $args );

16. wp_remote_* // use $args[ ‘body’ ] to POST // variables

    to $url wp_remote_get( $url, array( ‘body’ => array( ‘parameter’ => $value ) ) );

17. // Fetch new auth keys for wp-config.php $url = ‘https://api.wordpress.org/secret-key/1.1/salt/’;

    $result = wp_remote_get( $url ); $keys = false; if ( ! is_wp_error( $result ) ) { // response contains information about the request if ( $result[ ‘response’ ][ ‘code’ ] === 200 ) $keys = $result[ ‘body’ ]; } // do something with $keys ¯\(°_o)/¯

18. // Convert some markdown to HTML using Github $url =

    ‘https://api.github.com/markdown’; $result = wp_remote_post( $url, array( ‘body’ => array( ‘text’ => ‘# Air Hair Lair! #’ ) ) ); echo $result[ ‘body’ ]; // <h1>Air Hair Lair!</h1>

19. performance wait right there, just nipping out for some milk

20. None

21. caching obvs

22. using options persistent

23. $text = $_POST[ ‘markdown’ ]; $option_key = ‘markdown_’ . md5(

    $text ); // Check if we have the conversion already // using a hash as the key if ( false === ( $markdown = get_option( $option_key ) ) ) { $result = wp_remote_post( $url, ... ); $markdown = $result[ ‘body’ ]; update_option( $option_key, $markdown ); } echo $markdown;

24. using transients expiring caches

25. $text = $_POST[ ‘markdown’ ]; $transient_key = ‘markdown_’ . md5(

    $text ); // Check if we have the conversion already // using a hash as the key if ( false === ( $rsp = get_transient( $transient_key ) ) ) { $result = wp_remote_post( $url, ... ); $rsp = $result[ ‘body’ ]; set_transient( $transient_key, $rsp, 60*60 ); // 1 hour } echo $rsp;

26. delayed gratification making requests in the background

27. wp_schedule_event() wp_schedule_event( $timestamp, $recurrence, $hook, $args ); Instead of making

    the API call immediately, defer it.

28. wp_schedule_single_event() wp_schedule_single_event( $timestamp, $hook, $args ); Adds an event that

    will only run once after $timestamp has passed

29. add_action( ‘trigger_api’, ‘do_api_call’, 10, 2 ); function do_api_call( $url, $args

    ) { // fetch / send data & cache response } function api_call( $url, $args ) { $key = md5( $url . serialize( $args ) ); if ( false === ( $data = get_transient( $key ) ) ) { wp_schedule_single_event( time(), ‘trigger_api’, array( ‘url’ => $url, ‘args’ => $args ) ); } return $data; }

30. TLC Transients https://github.com/markjaquith/WP-TLC-Transients

31. witness the fitness echo tlc_transient( 'example-feed' ) ->updates_with( 'my_callback', $args

    ) ->expires_in( 300 ) ->background_only() ->get();

32. rate limiting the accidental DOS attack

33. None

34. headers are useful $result = wp_remote_post( $url ); // number

    of requests per rate limit window $result[ ‘headers’ ][ ‘X-Rate-Limit-Limit’ ]; // number of requests you have left $result[ ‘headers’ ][ ‘X-Rate-Limit-Remaining’ ]; // the unix time when the limit remaining resets $result[ ‘headers’ ][ ‘X-Rate-Limit-Reset’ ];

35. $limits = get_option( ‘ratelimit_’ . md5( $url ) ); if

    ( false === ( $data = get_option( $key ) ) && $limits && $limits[‘remaining’] > 0 ) { $result = wp_remote_post( $url ); $limits = array( ‘remaining’ => $result[‘headers’][‘X-Rate-Limit-Remaining’], ‘reset’ => $result[‘headers’][‘X-Rate-Limit-Reset’] ); update_option( ‘ratelimit_’ . md5( $url ), $limits ); update_option( $key, $result[ ‘body’ ] ); }

36. OAuth because security

37. tmhOAuth https://github.com/themattharris/tmhOAuth

38. tmhOAuth $api = new tmhOAuth( array( ‘host’ => ‘api.twitter.com’ 'consumer_key'

    => '', 'consumer_secret' => '', 'token' => '', 'secret' => '', ) ); $data = $api->request( ‘POST’, $url, $params );

39. WordPress as an API

40. Jetpack JSON API requires wordpress.com

41. JSON API http://wordpress.org/plugins/json-api/

42. WP-API https://github.com/WP-API/WP-API

43. None

44. in practice // you can make requests to URLs like

    the following /wp-json/posts/<id> // the above supports the following methods: // "HEAD", // "GET", returns an entity // "POST", adds a new entity // "PUT", updates an entity // "DELETE" deletes the entity

45. Thanks for listening @sanchothefat