Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SitePoint PHP Blog:
Shopify App Development Made Simple with HTTP APIs and Guzzle
Oct 27, 2016 @ 11:51:09

The SitePoint PHP blog has posted a tutorial from author Wern Ancheta digs into the Shopify API and shows you some simple methods to use it with Guzzle.

In this tutorial, you’re going to get started with developing Shopify apps. You’re going to create a simple app that lists out products from a Shopify store. [...] Shopify apps are a way of extending the functionality of a Shopify store or to provide ecommerce capabilities to websites or mobile apps.

The tutorial then starts in, showing you how to set up a Shopify Partner Account and create the "Store" instance you'll be using for the development. With that created, you'll have to set up a new application inside the store - this is what the script will actually connect with. From there they start in on the demo application, installing Twig, Slim, Guzzle and a few other libraries. They show the code to set up the simple Slim application along with a handful of routes, views and some SQL interaction. The tutorial includes the code for:

  • authenticating users against the API (and your store)
  • making requests to the API for product information
  • outputting the results to a simple page

If you're short on time or just want to jump to the end, you can get the code for this example in this GitHub repository.

tagged: shopify tutorial api http guzzle client shop application

Link: https://www.sitepoint.com/shopify-app-development-made-simple/

How to Secure a REST API With Lumen
Oct 26, 2016 @ 10:56:58

Over on the TutsPlus.com site there's a new tutorial posted for the Lumen users out there building REST APIs. The post walks you through an authentication method for the API making use of Laravel's included "guard" handling and an API token.

Lumen is Laravel's little brother: a fast, lightweight micro-framework for writing RESTful APIs. With just a little bit of code, you can use Lumen to build a secure and extremely fast RESTful API.

In this video tutorial from my course, Create a REST API With Lumen, you'll learn how to use Lumen's built-in authentication middleware to secure a REST API with Lumen.

The post includes the screencast of the tutorial but it also includes all of the content below that in more developer-friendly text form. Screenshots of the code in various states are also included as well as descriptions of what's happening in the auth process along the way.

tagged: lumen security rest api screencast tutorial

Link: https://code.tutsplus.com/tutorials/how-to-secure-a-rest-api-with-lumen--cms-27442

SitePoint PHP Blog:
RESTful Remote Object Proxies with ProxyManager
Sep 13, 2016 @ 11:03:15

The SitePoint PHP blog has posted a tutorial introducing the use of ProxyManager in RESTful APIs to help interface your API endpoints directly with backend objects for the typical CRUD (create, read, update, delete) handling a REST API provides. ProxyManager is a tool created by Marco Pivetta to creating various kinds of proxies through a set of factory classes.

The proxy pattern is another cool design pattern in software development. A proxy is a class working as an interface to another class or web service. For the sake of simplicity, we’ll refer to proxied classes as subjects throughout the rest of the article. A proxy usually implements the same interface as the subject, so it looks like we’re calling the methods directly on the subject.

They start with a brief overview of proxies and the proxy design pattern for those not familiar then "cut to the chase" and show how to hook in ProxyManager via a custom adapter for the REST endpoints. They help you get all dependencies needed installed (via Composer) and the creation of a simple API using Silex and it's provider handling. They then create the application, set up the front controller and configure the relation between endpoint and proxy. Code is then included to create the required factories, interfaces and mappings. The tutorial wraps up with an example of using the API you've just created.

tagged: rest api tutorial proxymanager example factory classes

Link: https://www.sitepoint.com/restful-remote-object-proxies-with-proxymanager/

Cloudways Blog:
How To Create Simple Rest API In Symfony 3.1
Aug 30, 2016 @ 12:59:10

The Cloudways blog has posted a new tutorial helping you get up and running quickly with a simple REST API written using the Symfony framework. In the article they not only explain how to create the API but also include a bit of REST theory for those not completely familiar with the terms and functionality involved.

Symfony is fast becoming the favourite framework among developers for rapid application development. And despite releasing Symfony 3.1 and 3.2 in the previous quarter, they are still introducing many changes and upgrades. If you’re still using the previous versions, you must upgrade Symfony Framework to the latest and stable version 3.1.

Yes! We know that Symfony is one of the best frameworks to develop rest API, so in this article we will make simple rest API in Symfony 3.1. I am assuming that you’ve already setup PHPstack application on Cloudways with Symfony installed, but if you haven’t, follow this installation guide.

They briefly talk about the REST HTTP verb types and what kind of actions they relate to. With that defined the tutorial then gets into the requirements including the installation of two bundles: JMSSerializerBundle and NelmioCorsBundle. From there examples of configuration changes, commands to make users and execute migrations on the local database are included. With this system set up they include sample code for each HTTP verb type letting you perform the actions on the User entity (create, read, update and delete).

tagged: symfony rest api simple tutorial introduction phpstack

Link: https://www.cloudways.com/blog/rest-api-in-symfony-3-1/

JoliCode.com Blog:
The journey of writing an API Client with PHP and some wise advices
Aug 25, 2016 @ 10:49:01

On the JoliCode.com blog there's a post sharing the experience of writing an API client with PHP including some advice to those out there considering doing the same.

My (love-)story with Docker started in December 2013, after having lost a 2 years long battle against Chef. I had been attracted to Docker for a couple of months, and I finally made the switch the day when I learned that it was built on a REST API. This meant that I could control all my infrastructure from PHP, which is the language I’m most partial to.

After some research, I found the library docker-php built by ubermuda, but, like all the things around Docker at that time, there was only a very limited support of the API. Like any decent developer (yes, it’s a troll), I started to write pull requests to fulfill my needs, and it was both the greatest and the worst thing that happened to me.

The post starts off with a brief history of PHP libraries working with HTTP requests (and the difficulties he had with Guzzle). This includes the fast pace that the library was changing at the time, making it difficult to keep the code maintained. He took a "step back" and decided to look more into HTTPlug and some changes to help bring it up to date. With that choice made, he got into the automation portion and using it work with the Docker API. He talks about some of the other technologies and tools he investigated along the way including Jane for working with JSON message schemas.

Maintaining an open source library is hard and takes time. However, these last years made me realize that we can control it, by moving features into other projects, trust people behind it, and by reducing the feature sets.
tagged: api client library advice http httplug jane json schema

Link: https://jolicode.com/blog/the-journey-of-writing-an-api-client-with-php-and-some-wise-advices

Laravel News:
How to use WordPress as a backend for a Laravel Application
Aug 17, 2016 @ 12:51:08

The Laravel News site has posted an interesting tutorial where they describe the use of WordPress as a backend for a Laravel application. This setup is based on the Laravel News' own experience with it in the recent refactoring of the site.

Last week I relaunched Laravel News, and the new site is running on Laravel with WordPress as the backend. I’ve been using WordPress for the past two years, and I’ve grown to enjoy the features that it provides. The publishing experience, the media manager, the mobile app, and Jetpack for tracking stats.

I wasn’t ready to give these features up, and I didn’t have the time to build my own system, so I decided to keep WordPress and just use an API plugin to pull all the content I needed out, then store it in my Laravel application. In this tutorial, I wanted to outline how I set it all up.

While he did find other methods for linking the two, they didn't quite fit with what he wanted so he worked up his own. The content is then synced via a recurring task pulling over posts, categories and tags. He gets into the WordPress REST API first, showing the extraction of the posts from the API and pushing them into a Laravel collection. There's also an example of how to sync a post with the database (API) and how to create a new post in a similar way. Also included is the code to get the featured image, get the category for a post and sync the tag values. The tutorial finishes with the code for the sync command and pushing it into the scheduler.

tagged: wordpress backend laravel application tutorial rest api

Link: https://laravel-news.com/2016/08/wordpress-api-with-laravel/

Building a WordPress-Powered Front End With the WP REST API and AngularJS: Intro & Set
Aug 05, 2016 @ 11:17:36

The TutsPlus.com site has kicked off a new tutorial series today with part one of a look at using the WordPress REST API and AngularJS to create an API-powered frontend application.

In this series about building a WordPress-powered front end with the WP REST API and AngularJS, we will put the knowledge acquired in the introductory series to use. We will learn how we can leverage this knowledge to decouple the conventional theme-admin model supported by WordPress until now. We will plan and build a single-page application (that I've named Quiescent) with a WordPress back end which will feature posts, users, and categories listing pages. We will configure AngularJS routing and build a custom directive and controllers for the resources mentioned above.

In this first part of the series they walk you through some of the planning steps before the application even gets written (including wireframes). From there they get a bare-bones HTML structure setup for the Angular app to live in and make a matching WordPress plugin. This plugin will return a featured image, author name, associated categories and image resize data related to a post. The code for the plugin is included.

tagged: wordpress api frontend angularjs tutorial plugin wireframe planning series part1

Link: http://code.tutsplus.com/tutorials/building-a-wordpress-powered-front-end-with-the-wp-rest-api-and-angularjs-introduction-and-setup--cms-26115

Matt Stauffer:
Introducing Laravel Passport
Aug 01, 2016 @ 09:35:05

In his continuing series of posts looking at the upcoming features in the next version of the Laravel framework (v5.3) Matt Stauffer has posted about a new security-related offering that was recently announced at the Laracon US conference: Laravel Passport.

API authentication can be tricky. OAuth 2 is the reigning ruler of the various standards that you might consider, but it's complex and difficult to implement—even with the great packages available (League and Luca).

[...] Laravel Passport is native OAuth 2 server for Laravel apps. Like Cashier and Scout, you'll bring it into your app with Composer. It uses the League OAuth2 Server package as a dependency but provides a simple, easy-to-learn and easy-to-implement syntax.

He briefly mentions the "groundwork" that was laid for Passport in v5.2 and the application of different authentication mechanisms at different times. He then moves into the installation and configuration of the Passport system (it's not bundled so it's a separate install). He then talks about the management API that's automatically set up, the Vue.js frontend for managing clients and tokens and what it looks like when one is requested. He also provides a bit of sample code you can use to test it out for yourself once you've created a client and token on your system. He ends the post talking about the command line token generation of "personal" tokens and using middleware "scopes" to allow for easier cross-authorizations between routes.

tagged: laravel passport oauth api package release vuejs client token tutorial

Link: https://mattstauffer.co/blog/introducing-laravel-passport

SitePoint PHP Blog:
Can We Use Laravel to Build a Custom Google Drive UI?
Jul 25, 2016 @ 13:57:52

The SitePoint PHP blog has posted a new tutorial that asks the question "Can We Use Laravel to Build a Custom Google Drive UI??" In this case it's a simplified version of the current Google Drive functionality, but it's more of a proof-of-concept than anything.

In this tutorial, we’re going to build an app that talks to the Google Drive API. It will have file search, upload, download and delete features. If you want to follow along, you can clone the repo from Github.

They walk you through the full process of getting the application set up, including creating the project on the Google side and grabbing the API credentials for use in your code. They then switch back over to the code side and create a basic Laravel project and configure it with the Google API credentials you just created. Next up is the creation of all of the routes for the list, upload and delete handling in the Laravel app as well as the controllers/views to make them all work. They also include search functionality, letting you easily query the API for files with names matching a certain string.

tagged: laravel google drive ui tutorial api example

Link: https://www.sitepoint.com/is-laravel-good-enough-to-power-a-custom-google-drive-ui/

Securing client-side public API access with OAuth 2 and Symfony
Jul 18, 2016 @ 12:30:26

On the Codevate.com blog there's a tutorial posted by Chris Lush showing you how to secure your client-side public API with OAuth 2 (based on the Symfony platform).

Say you’ll be developing a web application for a customer to create and manage restaurant bookings, exposing restaurant information (name, opening times, menu contents etc.) and booking creation as RESTful API endpoints, which are consumed by secure admin backend. You’ll need to authorise access to the API, but there is no end-user involved since the web app is its own resource owner, so the previous flow doesn’t apply.

[...] However, you also need to develop a booking widget that will be embedded in a company or restaurant’s website for visitors to use. In this case, the client-side is no longer trusted enough to share the OAuth client secret that’s required to authenticate with your API. [...] We encountered a similar use-case for a client project recently, and this blog post details the steps taken to address it.

He then shows how to integrate the FOSOAuthServerBundle bundle into your current Symfony-based application and the updates you'll need to make to your security.yml file. He includes the code needed to create a "client" and associating it with a company already in the customer list. Next is the creation of access tokens and linking them to the restaurants in their system (a unique identifier to use externally for the restaurant rather than an ID). He shows an example of handling the token requests and the code/config changes needed to set it up. Finally he talks about scoping API requests down to certain functionality and an example cURL call to the API to show the results of it all combined.

tagged: clientside api access security oauth2 symfony tutorial bundle

Link: https://www.codevate.com/blog/12-securing-client-side-public-api-access-with-oauth-2-and-symfony