Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SitePoint PHP Blog:
Can We Use Laravel to Build a Custom Google Drive UI?
Jul 25, 2016 @ 13:57:52

The SitePoint PHP blog has posted a new tutorial that asks the question "Can We Use Laravel to Build a Custom Google Drive UI??" In this case it's a simplified version of the current Google Drive functionality, but it's more of a proof-of-concept than anything.

In this tutorial, we’re going to build an app that talks to the Google Drive API. It will have file search, upload, download and delete features. If you want to follow along, you can clone the repo from Github.

They walk you through the full process of getting the application set up, including creating the project on the Google side and grabbing the API credentials for use in your code. They then switch back over to the code side and create a basic Laravel project and configure it with the Google API credentials you just created. Next up is the creation of all of the routes for the list, upload and delete handling in the Laravel app as well as the controllers/views to make them all work. They also include search functionality, letting you easily query the API for files with names matching a certain string.

tagged: laravel google drive ui tutorial api example

Link: https://www.sitepoint.com/is-laravel-good-enough-to-power-a-custom-google-drive-ui/

Codevate.com:
Securing client-side public API access with OAuth 2 and Symfony
Jul 18, 2016 @ 12:30:26

On the Codevate.com blog there's a tutorial posted by Chris Lush showing you how to secure your client-side public API with OAuth 2 (based on the Symfony platform).

Say you’ll be developing a web application for a customer to create and manage restaurant bookings, exposing restaurant information (name, opening times, menu contents etc.) and booking creation as RESTful API endpoints, which are consumed by secure admin backend. You’ll need to authorise access to the API, but there is no end-user involved since the web app is its own resource owner, so the previous flow doesn’t apply.

[...] However, you also need to develop a booking widget that will be embedded in a company or restaurant’s website for visitors to use. In this case, the client-side is no longer trusted enough to share the OAuth client secret that’s required to authenticate with your API. [...] We encountered a similar use-case for a client project recently, and this blog post details the steps taken to address it.

He then shows how to integrate the FOSOAuthServerBundle bundle into your current Symfony-based application and the updates you'll need to make to your security.yml file. He includes the code needed to create a "client" and associating it with a company already in the customer list. Next is the creation of access tokens and linking them to the restaurants in their system (a unique identifier to use externally for the restaurant rather than an ID). He shows an example of handling the token requests and the code/config changes needed to set it up. Finally he talks about scoping API requests down to certain functionality and an example cURL call to the API to show the results of it all combined.

tagged: clientside api access security oauth2 symfony tutorial bundle

Link: https://www.codevate.com/blog/12-securing-client-side-public-api-access-with-oauth-2-and-symfony

DotDev.co:
Test Driven API Development using Laravel, Dingo and JWT with Documentation
Jun 20, 2016 @ 10:15:04

On the DotDev.co site a tutorial has been posted showing the full set up of an API using Laravel, Dingo and JWT tokens while following test-driven development principles along the way.

As the complexity of API’s increase, improving the ways we create them becomes a necessity. Let’s take a journey exploring an efficient way of building well-tested API’s that are easy to develop and maintain by wiring up several different open-source packages.

In this tutorial, we will build a very simple API for fruits that lists all the fruits, shows one fruit, creates a fruit, and finally deletes a fruit. The API will allow anyone to list and show fruits but we will use JWT Authentication to protect creating and deleting operations so only the registered users can use them.

The tutorial starts by helping you get the TDD environment set up for the application and the required libraries installed. From there they install and configure Dingo and look at the role that transformers play in the API output. With a basic API in place the JWT tokens are integrated and another package is used to generate simple, clean API documentation. Full links to other packages, screenshots of the expected output and all the code you'll need is included.

tagged: testdriven development tdd laravel api dingo jwt token tutorial

Link: https://dotdev.co/test-driven-api-development-using-laravel-dingo-and-jwt-with-documentation-ae4014260148#.tccatytip

SitePoint PHP Blog:
Hacking the Fitbit – Emulating a Pager for Twitter DMs!
Jun 17, 2016 @ 10:27:57

The SitePoint PHP blog has a tutorial they've posted from Christopher Pitt showing you how to hack your Fitbit into a pager for Twitter DMs. This essentially turns your Fitbit into a notification system for when someone on Twitter sends you a direct message. It's not overly useful (as you can't send a message) but it is an interesting integration.

I’ve been trying to wake up earlier in the morning. The trouble is that alarms wake everybody up, not just me. To get around this problem, I recently bought the cheapest Fitbit I could find, having learned that they have a neat silent alarm.

The truth is, if I had the cash I would rather have bought an Apple watch. When I got the Fitbit, my programmer brain immediately jumped to the question; “How can I hack this thing?” I ended up learning a bit about Fitbit, OAuth and the Twitter API. I also learned that sometimes it’s better just to get an Apple watch…

His application uses Lumen as the framework and makes connections to both the Twitter and Fitbit JSON APIs. He defines a few routes for the OAuth handling (with callbacks) and a simple view with the "Connect To" links. He shows the creation of applications on both the Twitter and Fitbit side and how to define their keys in your configuration. He sets up the Socialite providers for both connections and a bit of caching to prevent the need for a full pull. He then uses the Fitbit API to set "silent alarms" on your device that are timed to go off immediately when the app detects a new DM on the Twitter stream.

tagged: tutorial fitbit twitter api connect application alarm directmessage

Link: https://www.sitepoint.com/hacking-the-fitbit-emulating-a-pager-for-twitter-dms/

Ignace Butera:
DatePeriod demystified
May 17, 2016 @ 12:16:37

Ignace Butera has shared a post to his site giving some advice about using the DatePeriod functionality from PHP's DateTime handling. The DatePeriod makes it easier to work with dates at certain intervals without having to calculate them manually.

With the introduction of the DateTimeImmutable object in PHP5.5, and a subsequent bug fix to DatePeriod in PHP5.5.8, the object results became rather interesting. To sum it up, when iterating over a DatePeriod, the datepoint returned is of the same instance as the starting datepoint. Let’s illustrate this by taking the first example and using a DateTimeImmutable object instead as the starting datepoint.

The post starts with a brief overview of the DatePeriod functionality and a code example of it in use (along with two DateTime objects for start/end dates). He shows how it returns DateTimeImmutable objects and the properties they expose to get more information about the objects. He points out a few buggy points in the API, though, and makes a recommendation of a library that's a bit more consistent.

tagged: datetime dateperiod example introduction api

Link: http://nyamsprod.com/blog/2016/dateperiod-demystified/

SitePoint PHP Blog:
We’re Building a Marvel Catalog Reader! Avengers, Assemble!
May 16, 2016 @ 13:23:08

On the SitePoint PHP blog they've shared a tutorial covering the construction of a Marvel Catalog Reader that hooks in to the Marvel API for its data.

In this tutorial, we’re going to take a look at the Marvel API, a tool provided by Marvel for developers to get access to the 70-plus years of Marvel comics data. First, we’ll walk through the steps in which one can acquire the keys needed to make requests to the API. Then, we’ll look at the tools we can use to test out the API. Finally, we’re going to build a website that uses the API.

They start out on the API side of things, showing you how to sign up for an account, get your token information and include a note about using the API (rate limiting and referencing the source of the images). There's a mention and example of working with the interactive API documentation and the first part of the code you'll need to make the connection. They then get into the construction of the site itself using the Laravel framework and a simple caching command. This is used to store the results from a query made via a Guzzle client. The focus then shifts to the frontend where they create the HomeController and define both the main endpoint and two others: one for viewing a specific comic and the other for the character listing. The tutorial continues on showing you how to handle the (paginated) responses from each of the calls and push the results into a cache record. Finally, they create the matching views of the API query results and some example screenshots of the results.

tagged: marvel api tutorial laravel frontend cache reader guzzle

Link: http://www.sitepoint.com/were-building-a-marvel-catalog-reader-avengers-assemble/

Medium.com:
Don’t try to be too smart. Be boring, predictable and consistent.
May 11, 2016 @ 12:06:45

In this post on Medium.com Gediminas Rapolavicius provides a word of warning to those creating APIs (interfaces for tools, not like REST APIs) - "don't try to be too smart", favor consistency over cleverness.

When designing an API, it’s tempting to do a bit of extra work and surprise the developers using it. It might be returning some additional information that would require an additional call otherwise, or try to predict the intentions and handle some specific cases differently. The intentions are perfectly fine?—?provide a pleasant, simple interface.

The problem is that it requires making assumptions which, sometimes, are inevitably wrong. The worst case is when the API makes an assumption of what the developer expect to get back, gets it wrong, and returns something unexpected. More work with docs, more bug fixing.

He gives two examples of things he's encountered where the idea of the API was simple but assumptions made turned out to make things a bit more difficult: PHP's own array_rand function and WordPress' update_post_meta. He briefly covers each and explains that, while the intentions seemed good, the implementation was a bit confusing (and at times inconsistent), causing troubles when not functioning as expected.

tagged: api design boring smart consistency predictable arrayrand updatepostmeta

Link: https://medium.com/@GedRap/dont-try-to-be-too-smart-be-boring-predictable-and-consistent-d63ff2a8e5d1#.ihdjg6j99

Freek Van der Herten:
How to setup and use the Google Calendar API
May 10, 2016 @ 12:10:32

In this new tutorial posted to his site Freek Van der Herten shows you how to connect your application to the Google Calendar API, complete with screenshots for a step-by-step process.

For a project I’m working on I needed to interact with a Google Calendar. I’ve your ever worked with some API’s by Google then you know their documentation can be very confusing. It’s not that they don’t have documentation, but code examples of common use cases are simply not present. You must wade through a lot of pages to learn basic things such as how to make an authorized request let alone how to fetch calendar events. In this post I’d like to explain in a human readable way how setup and use the Google Calendar API.

He starts on the Google side with the setup of the application and getting the credentials you'll need for the connection. Next up is setting up the calendar itself and the permissions to allow access to all event information. The post then finishes with a PHP example using the "google/apiclient" library to make the Calendar connection and get all events currently on the calendar. As a bonus he also points out a library he's creating to make it easier to work with events in Laravel-based applications.

tagged: google calendar tutorial api setup configuration connection

Link: https://murze.be/2016/05/how-to-setup-and-use-the-google-calendar-api/

Liip Blog:
Using the new Drupal 8 Migration API / Module
May 06, 2016 @ 10:14:23

On the Liip blog there's a post from Jon Minder talking about the new Drupal 8 migration API/module and includes a guide to get you started using it in your Drupal application.

We at Liip AG believe, that the migration API is the best and most efficient way to import data into Drupal. [...] The Migrate 8 module in core is only an API. There is no user interface. This makes it difficult for new developer to start with Migrate 8.

I suggest you, to install the [several] extension modules right away before you start developing if you want to realize the full potential of migrate.

The post starts with a list of reasons they see to use the migration module over other methods including the fact that it's sponsored and supported by Acquia. He provides a list of modules to install before getting started with Migrate and links to a GitHub repository if you'd like a "quickstart" environment to follow his examples. He then compares the previous version (from Drupal 7) of the migration handling with the newer Drupal 8 functionality, most notably the change over to YAML configuration rather than PHP code. He helps you understand the structure of these files and gives an example. He shows how to run the migration, gives a more advanced JSON source example and mentions the included process plugin.

tagged: drupal8 migrate module api drupal7 example yaml configuration

Link: https://blog.liip.ch/archive/2016/05/04/using-the-new-drupal-8-migration-api-module.html

SitePoint PHP Blog:
Building a SparkPost Client: TDD with PhpUnit and Mockery
May 04, 2016 @ 12:26:32

On the SitePoint PHP blog they've continued their series covering the SparkPost mail delivery service and integrating it in to your application. In this latest part of the series author Christopher Pitt starts looking at the SparkPost API and uses it as a chance to practice some TDD (Test Driven Development) skills.

In a previous post, we looked at SparkPost (as an alternative to Mandrill), and explored a bit of the official PHP client. The official client handles a decent amount of work, but I got to thinking about what it would take to build a new client.

The more I thought about it, the more it made sense. I could learn about the SparkPost API, and practice Test Driven Development at the same time. So, in this post we’ll look to do just that!

He uses a few different libraries to explore the API and its endpoints: Guzzle for the HTTP requests and the Mockery+PHPUnit combination for the testing. He includes the setup and configuration for the testing environment and some sample tests for making sure things are connected. He then integrates Mockery into the testing, using it to mock the Guzzle requests and still have the tests pass even without the actual connection. He then works through several other tests and finishes the post with a mention of building coverage results for the "Client" class.

tagged: sparkpost client tutorial series tdd testdriven development mockery phpunit guzzle api

Link: http://www.sitepoint.com/building-a-sparkpost-client-tdd-with-phpunit-and-mockery/