Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Adam Wathan:
Preventing API Drift with Contract Tests
Feb 03, 2016 @ 12:11:21

In this post to his site Adam Wathan shares a screencast talking about changing APIs (the structure of your code, not like REST/SOAP APIs) and how "API drift" could cause problems in your testing.

One of the risks of writing your own test doubles is that the API of the double can fall out of sync with the API of the real implementation.

In this screencast I walk through an example that explains: how interfaces can provide a false sense of security, why tests make better contracts than interfaces and how to run multiple implementations against a shared set of contract tests.

You can watch the screencast either through the in-page video player or over on Vimeo directly. It's about 10 minutes long but it covers an interesting topic that could throw you if you're not careful in your testing/code changes.

tagged: screencast contract test unittest api drift interface changes

Link: http://adamwathan.me/2016/02/01/preventing-api-drift-with-contract-tests/

Noupe.com:
How Will REST API Affect WordPress Developers?
Feb 03, 2016 @ 10:48:31

On the Noupe.com site they've posted an article talking about the WordPress REST API that's been included by default in the project and how it will affect developers on the platform.

With the advent of WordPress 4.4 last year in December, we saw the inclusion of the first half of REST API in the WordPress Core, and the rest of it is expected to be with us in the upcoming major release of WordPress. [...] The community is abuzz with all talks about how important REST API will soon be for WordPress development, and how it is going to change the way developers code and interact with WP.

So, how is REST API going to affect the WordPress users and developers, and what exactly will we be able to accomplish using it?

In the article they talk about the impact that the API will have on the "rise of Javascript" in the WordPress application and the role PHP could play in it all. They also talk about cross-platform integrations the REST API makes possible, the Calypso interface that was recently announced and how it opens up a new world of mobile application possibilities.

tagged: wordpress api rest impact developers javascript crossplatform calypso mobile

Link: http://www.noupe.com/development/cms/how-will-rest-api-affect-wordpress-developers.html

Zend Developer Zone:
Z-Ray Tip #4: Getting Rid of It!
Jan 29, 2016 @ 10:44:14

On the Zend Developer Zone they've posted the fourth part in their series of tips around using the Z-Ray profiling tool in your PHP applications. In this fourth tip they show you how to "get rid of it" in certain parts of your application.

Well, while Z-Ray is a great friend to have when developing your apps, there are just some parties you don’t want it to show up at. You might be using PHP scripts for accessing static pages. Or, you might not want Z-Ray to be displayed for one specific request. In production, you most definitely don’t want Z-Ray popping up for users using your app!

There are numerous ways to disable Z-Ray both in development and in production to make sure your development workflow is not interrupted and your live apps are not affected. Here are a few of them.

They include a few different ways to disable the tool including the use of a function call in the code (zray_disable), using a header in the HTTP request and, naturally, from the Z-Ray toolbar itself. They also talk about setting it up to be removed for production in one of two modes, either selective (only showing for certain requests) and completely disabled.

tagged: zray tip disable development production api get header selective

Link: http://devzone.zend.com/7149/z-ray-tip-4-getting-rid-of-it/

Matt Stauffer:
Multiple authentication guard drivers (including API) in Laravel 5.2
Jan 25, 2016 @ 09:24:31

Matt Stauffer has a new post in his series looking at the features in the latest version of the Laravel framework (v5.2) with this look at guard drivers and how 5.2 allows you to use more than one at once.

Let's get back to Laravel 5.2 features, shall we? 5.2 introduced a significant boost to the power of the entire authentication system, including making it much simpler to have multiple "guards" running at once. The default authentication guard in Laravel prior to 5.2 (now named the web guard) is your traditional web-based application authentication layer: username and password post to a controller. [...] But what if you want to have an API running in the same app, and it uses JSON web tokens (or some other stateless, non-session authentication mechanism)? In the past you'd have to jump through a lot of hoops to have multiple authentication drivers running at the same time.

He shows how to edit the auth.php configuration file to add in more "guard" instances to the default request handling. He also talks about the new driver that backends the "api" guard: the token driver. He briefly introduces the driver and talks about how it works with the current authentication setup. He also looks at changes you can make to use non-default drivers in your auth requests and how to set up your own custom drivers.

tagged: multiple authentication api token guard driver tutorial laravel

Link: https://mattstauffer.co/blog/multiple-authentication-guard-drivers-including-api-in-laravel-5-2

NetTuts.com:
WP REST API: Setting Up and Using OAuth 1.0a Authentication
Jan 15, 2016 @ 10:54:12

The NetTuts.com site has a new tutorial posted showing you how to work with the authentication of the WordPress REST API and using its OAuth 1.0a handling. This is part three in their series of tutorials introducing the WordPress REST API.

In the previous part of the series, we set up basic HTTP authentication on the server by installing the plugin available on GitHub by the WP REST API team. [...] For using authentication on production servers, there needs to be a more secure way of sending authenticated requests without risking exposing the login credentials. Thanks to the OAuth authentication method, those requests can be sent without exposing the username and the password in an unsafe manner.

In the current part of the series, we will learn to set up and use the OAuth authentication method to be used with the WP REST API plugin.

They start the tutorial with a brief look at what OAuth is and how it's used to authenticate the end user/client/software/etc. They then walk through the flow of a simple OAuth-based authentication system and the pieces that make it up. Then the article gets into how to install the plugin for your WordPress instance and activate it from the command line. They show how to test that it's enabled and how to use a command line client to create tokens you can then use to access the API in your own clients.

tagged: wordpress tutorial wpapi api rest oauth authentication series part3

Link: http://code.tutsplus.com/tutorials/wp-rest-api-setting-up-and-using-oauth-10a-authentication--cms-24797

BitExpert Blog:
Using Doctrine, ramsey/uuid-doctrine and willdurand/hateoas
Jan 13, 2016 @ 10:29:30

The BitExpert blog has a post sharing some of author Stephan Hochdörfer's experience in combining Doctrine and the ramsey/uuid-doctrine and willdurand/hateoas packages to create a system that follows the HATEOAS API documentation structure for his Doctrine-based objects.

Recently I experimented a bit with Doctrine ORM and the willdurand/Hateoas library to expose my Doctrine objects via an HATEOAS api which luckily is a fairly trivial thing to do. All you need to do is set up the Hateoas serializer and call the respective serialize() method passing your Doctrine object as well the serialization type.

He shares the code to make the integration work, pointing out that the ramsey/uuid-doctrine library makes masking the autoincrement database identifiers (their "id" column) with UUIDs easier. He shows how to integrate this Uuid data type into the Doctrine docblock configuration and how to use the HateoasBuilder to handle the serializer instance containing the Doctrine object/results.

tagged: doctrine uuiddoctrine hateoas api integration builder tutorial

Link: https://blog.bitexpert.de/blog/using-doctrine-ramsey-uuid-and-willdurand-hateoas/

SitePoint PHP Blog:
Crash Course of Wunderlist’s API with Guzzle
Jan 11, 2016 @ 11:14:31

The SitePoint PHP blog has a tutorial posted giving you a crash course on the Wunderlist API and using Guzzle to connect with it. Wunderlist is a task-tracking, to-do list kind of application with support for multiple platforms and, for developers, a nice and relatively easy to use API.

Wunderlist is one of the most popular task management and list keeping applications out there. It allows you to create lists to which you can then add tasks that are easily checkable and have all sorts of functionality built into them. It has native apps for all the major OS’s and all your data syncs effectively over the cloud. It’s very nice to work with if you are trying to keep yourself organized and you can get a lot done even with the free version.

They've posted the final product in a demo repository but they still walk you through the whole process of setting up a simple application that can get, submit and update data via the API:

  • Creating the Wunderlist class (a HTTP client)
  • Returning data using the Wunderlist API
  • Creating and updating data with the Wunderlist API

They also talk a bit more about the OAuth flow the API uses for authentication and points out that the repository also includes a bit more functionality allowing you to get a list and mark the items as complete with a little Ajax.

tagged: crash course wunderlist api guzzle tutorial task list todo

Link: http://www.sitepoint.com/crash-course-of-wunderlists-api-with-guzzle/

NetTuts.com:
WP REST API: Setting Up and Using Basic Authentication
Jan 08, 2016 @ 11:37:58

On the NetTuts.com site there's a tutorial posted showing you how to set up and use basic authentication in the WordPress REST API. This is part two in their series introducing the WordPress REST API.

In the introductory part of this series, we had a quick refresher on REST architecture and how it can help us create better applications. [...] In the current part of the series, we will set up a basic authentication protocol on the server to send authenticated requests to perform various tasks through the REST API.

They talk about the methods that are available for authentication and how to configure your server and WordPress instance to use it. From there they show how to make authenticated requests to the API using various tools:

  • Postman
  • a Javascript framework (jQuery)
  • the command line via curl
  • using the WP HTTP API

Example code and screenshots are provided for each (where appropriate) helping to ensure you're up and working quickly.

tagged: wordpress rest api tutorial authentication basic postman javascript commandline

Link: http://code.tutsplus.com/tutorials/wp-rest-api-setting-up-and-using-basic-authentication--cms-24762

php[architect]:
January 2016 Issue Released - Front-End Polish
Jan 05, 2016 @ 12:50:47

The January edition of php[architect] magazine has officially been released: "APIs: Doorways to Your Apps".

The first issue for 2016 of php[architect] magazine is ready for download. To start off the new year, we look at solutions to help you easily add an API to an existing appliction.

This month includes articles on using Zend’s Apigility, the API Platform, adding a PHP web server to a Raspberry Pi, and Symfony’s component for command line scripts. Our columns discuss how to use Carbon for Datetime, the role of passwords in Security, finding the actual solution to problems, an interview with Jeff Carouth, and how the other ‘P’ languages have fared recently.

This issue also includes the usual columns covering handy libraries, "leveling up" as a developer and application security. You can pick up an issue of your own (or a year subscription) over on the php[architect] site.

tagged: phparchitect magazine january2016 api issue release

Link: https://www.phparch.com/magazine/2016-2/january/

Lakion Blog:
TDD your API with Symfony and PHPUnit
Dec 31, 2015 @ 09:16:52

On the Lakion blog there's a post showing you how to use a simple test class/tool they've created to unit test your APIs with PHPUnit.

At Lakion we truly believe in TDD approach. We are convinced that rapid development can not be achieved without proper testing and SOLID code. We always start with defining our needs and writing scenarios, specifications or tests that reflect them. Thanks to this approach, we get exactly what we need and tests are protecting us from regressions. [...] We have come up with a very simple but useful PHPUnit test case for testing APIs. - ApiTestCase.

They start with a bit about the ApiTestCase library and some background on why they created it and some of the features it provides (and other libraries it includes). They then show an example of a simple project using the testing tool to make a request to an endpoint (POST) and check the response matches what's expected. According to the TDD approach, the test fails first then they go back and create the functionality behind to to make it all work.

tagged: tdd phpunit api testing unittest integration apitestcase library tool

Link: http://lakion.com/blog/tdd-your-api-with-symfony-and-phpunit