I released Slim 3 RC 2 today after a longer than expected gap from RC1. The gap was caused by two things: Real LifeTM was busy for all the core team members People test RCs, but not betas! Obviously, the important one here was testing. Thank your everyone who tested RC1! As a result, a number of important issues were raised after RC1 was released which we had to address. Two key BC-breaking ones involved… continue reading.
Within Slim 3's Request object, there's a method called getIp() which is determines the client's IP address. However it's rather simplistic and potentially risky as it checks the X-Forwarded-For header with no ability to ignore this header or whitelist whether we trust the final proxy in the chain. Determining the client's IP address is an ideal use-case for middleware as we can inspect the headers in the request and then set an attribute so that… continue reading.
By default, the OAuth 2 token that is generated in an Apigility app expires in 1 hour. Upon expiry, the client is expected to use the refresh token to get a new access token. You can see this when you authenticate via a POST to /oauth as you get this response back:
If you need longer than 1 hour, then simply add this top level configuration setting:
'zf-oauth2' => [
'access_lifetime' => 7200,
The access_lifetime key controls the expiry… continue reading.
I'm currently working on an API using Slim 3 and needed a generic way to render arrays to XML, JSON or HTML based on the Request's Accept header. This is just good practice. The Accept header is used by a client to specify the media types that it accepts. Therefore if our client would like XML, I'd like to give it XML. Similarly for JSON. I also like to support an HTML rendering on my… continue reading.
Today is Ada Lovelace day which exists to highlight the many amazing and talented women in STEM. I'm bending the rules a little as I'm going to talk about Kathy today though she is not in STEM. I've never known anyone so excited by what's new in technology. She has always embraced technology to do her job better, she was one of the first in her office to be assigned a computer (back in the… continue reading.
You've successfully created a PR and it's in the queue to be merged. A maintainer looks at the code and asks you to rebase your PR so that they can merge it. Say what? The maintainer means that there have been other code changes on the project since you branched which means that your branch cannot be merged without conflicts and they would like to you to sort this out. These are the steps you… continue reading.
This is a guide to contributing to an open source project that uses GitHub. It's mostly based on how I've seen Zend Framework, Slim Framework and joind.in operate. However, this is a general guide so check your project's README for specifics. TL;DR Skip to the summary. Step 1: Set up a working copy on your computer Firstly you need a local fork of the the project, so go ahead and press the "fork" button in… continue reading.
There's been a discussion on Twitter this evening about ad-blockers now that Apple has enabled users of iOS to install ad-blocking plugins into their Safari browser. Note that this is not at the OS level and there is no default ad-blocker. The user has to choose to go to the App Store, install an ad-blocker app and then go to Settings->Safari and enable the app. As we all know, Twitter isn't ideal for conversations requiring… continue reading.
Recently, Zend made available a Z-Ray Technology Preview which takes the Z-Ray feature of Zend Server and makes it stand-alone. This is very interesting as it means that I can run it with the PHP 5.6 on Ubuntu 14.04 LTS Vagrant set up that I prefer. I decided to create an Ansible playbook to install Z-Ray into my VM. The Z-Ray instructions are clear enough, so it was simply a case of converting them to… continue reading.
From RC1 of Slim 3, we have improved our error handling. We've always had error handling for HTML so that when an exception occurs, you get a nice error page that looks like this: However, if you're writing an API that sends and expects JSON, then it still sends back HTML: At least we set the right Content-Type and status code! However, this isn't really good enough. We should send back JSON if the client… continue reading.