In the most recent post of this series (which is admittedly some time ago), I talked at length about Composer and its lock file.
I recommend reading the previous two articles because Composer is eventually going to play a role in this material that this and future posts are going to share. But if you opt not to catch up on them (or are already familiar with Composer) then the gist of the previous posts are, respectively, as follows:
I don’t recommend checking the vendor directory into your repository. That can become a huge directory later, and it can undermine the whole purpose of Composer.
With that said, there are numerous dependencies or packages that we can install that help us to make sure that we’re writing the highest quality code possible.
Sure, some of these may be in the form of something like coding standards, but those are really more rules than they are elements of writing high quality code (though I don’t think they should be left out of the discussion – just left out at this time 🙃).
Back to the tools in question: What are some tools that help write high quality WordPress code? I’m going to share a few of my favorites and them I’m going to talk about how we can run them all against a code base.
First, let’s take a look at static analysis with PHPStan.
And, yes, sometimes we’ll be using cURL depending on the nature of the project, but that’s outside the content of this post.
For this article, I want to talk specifically about making remote requests and specifying headers against a third-party API.
Authorization Headers with WordPress
Whenever it comes making asynchronous requests with WordPress, the process often goes like this:
Have the server-side perform the request using one of the aforementioned functions,
Return the response either in the form of a success or error message,
But what if the API request you need to make from the server requires something more than a basic endpoint with a few parameters?
More specifically, what if what you’re writing requires that you provide some type of authorization for your work? Luckily, WordPress allows us to set headers that solve exactly this.
If you want to implement something like this, then I’m going to assume the content type will be that of JSON and that the authorization will be some type of token (however, your implementation may vary based on the system with which you’re working).
In this case, my token will simply be identified as $token. And here’s a simple example:
Something Worth Noting
If your host is running on Apache and this type of request does not work, then you’re likely going to need to update your htaccess file so that it includes the following rule: SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1.
This is something I’ve been doing for a while now, and it’s something that I’ve found useful both for my personal and professional life.
And I don’t want to try to come up with some other reason for doing this so I’ll quote my previous post (because quoting yourself isn’t narcissistic or anything, is it?):
Every time I end up taking time off of social media in general, I never regret it. At the same time, I also find new things I want to do during that time.
But one of the things I like do during this post other than share that I am doing it (because I see this site as the primary place to keep up with me – not Twitter, not Instagram, not AIM, not ICQ), I like also to cover what I plan to do.
It’s one thing to be using PHP CodeSniffer manually but if you’re using a utility such as GrumPHP to check your work before committing it to the repository, then you’re likely going to want to use the version that you’re installing with your project.
This assumes that:
You are installing PHP CodeSniffer local to your project,
You want to install a specific set of coding standards to run against your code.
Remember, this is also done in the context of wanting to run automated scripts during the commit process and in a local environment (versus a global setting) with Composer.