Develop Reference

Update WordPress Theme / Plugin from Private GitHub Repo

Background
I am working on a custom theme for my WordPress site which I would like to manage from a private GitHub repo. (This theme will never be pushed into the WordPress market place) The general idea would be that I use the repo to manage the code and then once I tag a new version, the tag would trigger an update for the WordPress theme.
I have this pattern working using the following as a template:
https://github.com/krafit/wp-gitlab-updater
(Yes, I know the repo is for Gitlab and not GitHub)
Since my repo is private, I will need to generate a user token to allow the theme to be updated. And because the user token is capable of accessing all my private repos, the idea of sharing the user token with another plugin is discomforting from a security standpoint. (Meaning, I'm uncomfortable using a plugin like: https://github.com/afragen/git-updater)
Question
The problem is that GitHub has deprecated the use of access_token as a query string parameter, so all tokens must be sent over as an Authorization header.
How do I add an authorization header to the request WordPress sends to download the artifact?
What I've Tried
When I check for new tags I use the code:
protected function fetch_tags_from_repo( $git_url, $repo, $access_token ) {
$request_url = "$git_url/repos/$repo/tags?access_token=$access_token";
$args = [
"headers" => [
"Accept" => "application/vnd.github.v3+json",
"Authorization" => "token " . $access_token
]
];
$request = wp_safe_remote_get( $request_url, $args );
return $request;
}
This works without any issues. However...
During the pre_set_site_transient_update_themes hook I return an object that looks like:
$transient->response[ $theme['name'] ]['theme'] = $theme['name'];
$transient->response[ $theme['name'] ]['new_version'] = $latest_version;
$transient->response[ $theme['name'] ]['package'] = $theme_package;
The problem is, I have no way of adding an Authorization header to the transient response object. Therefore, when WP later tries to download the artifact, it fails.
Note: The $theme_package string is a URL which looks like:
$theme_package = "$git_url/repos/$repo/zipball/refs/tags/$latest_version";
Any support appreciated, thank you!

Honestly, this problem has been exhausting and enough is enough...
Answer
Eject from GitHub and use Gitlab because they still support access_token as a header. They have unlimited free private repos <5gb storage.

If you are planning to distribute the private repo with a license I recommend you not to expose your access credentials in the script.
Instead you should use the GitHub PHP API together with a SSH Key that you setup in your repo settings or a GitHub App with access permission granted on your repo.
Here is a solid SDK to start from:
https://github.com/KnpLabs/php-github-api
Alternatively as you suggested it in your answer, a third party service could be used to manage the credentials on your behalf.
Gitlab is a nice generic and low cost option but if you are looking for something dedicated to Wordpress development I recommend WP Package Editor (WP2E)
Among other things the service uses a registered GitHub App to pull the latest version from public / private GitHub repositories:
https://github.com/marketplace/wp-package-editor
This is quoted from the documentation regarding how it is implemented with GitHub:
For a script to be successfully imported to the library of repositories and later be synchronized as an installer dependency there are 4 conditions :
The GitHub App must be connected to a WP2E account
The “read-only” access to the repository must be granted to the WP2E GitHub App
The script must be a valid WP theme or plugin
The repository must have at least one “release” on GitHub
Note: In order to synchronize with the GitHub account/repo the GitHub App should be integrated via the saas panel ( not directly via the GitHub Marketplace )

#PutChild Upload file with milton webdav in Mac Finder failed

I'm using milton, and my upload code as follows:
#PutChild
#Transactional
public FileContentItem uploadFile(FolderContentItem parent, String name, byte[] bytes){
String traceId = UuidGenUtil.createUuid();
try {
QUERY_LOGGER.info("[uploadFile][NetdiskController],action=Request, name={}, size={},traceId={}",name,bytes.length,traceId);
In windows, i can upload file successfully, but with Mac Finder, the length of bytes is always 0, and the error as follow:
The Finder can't complete the operation because some data in "Shot.png" can't be read or written (Error code -36)
Anyone know why? Thanks
Update: I try ForkLift webdav client in mac and can upload file successfully

The problem is that mac finder sends first request for creating new file without any byte
After it - call LOCK, which is not available for Dav Level 1, that's why you have bad response from server and mac stop uploading a file. This method availiable only for Dav level 2, so you have to get enterprise license of milton to make it work
After Locking object Finder uploads the file
After - calls UNLOCK method
SO if you want to use mac finder for webdav in milton you have several options:
Get the trial enterprise license and look into this example:https://github.com/miltonio/milton2/tree/master/examples/milton-anno-ref
Realize these methods by yourself by webdav specs
Mock it - extend from MiltonFilter or look into MyOwnServlet in example and in method doFilter/service write something like this:
//mock method, do not use it in production!
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse) resp;
if(request.getMethod().equals("LOCK")){
response.setStatus(200);
response.addHeader("Lock-Token", "<opaquelocktoken:e71d4fae-5dec-22d6-fea5-00a0c91e6be4>");
} else if(request.getMethod().equals("UNLOCK")){
response.setStatus(204);
}else {
doMiltonProcessing((HttpServletRequest) req, (HttpServletResponse) resp);
}
I've checked this code working in the examble by link above: make in web.xml method serving by MyOwnServlet, disable authentication in init by implementing empty security manager, set controller packages to scan "com.mycompany"
p.s. to build the example project I've to delete milton client dependency from pom.xml file

Upload files to BMC Remedy Mid-Tier

I'm a Java developer, absolutely new in BMC Remedy system, but a I have just one fast task to solve.
Our Remedy use Java Applet to upload files from Remedy browser UI to FTP server. I should replace it with Javascript (upload files via http to the server side, which then upload it to FTP server).
In general web application, I can add a servlet, which would receive Multipart file, connect to FTP, upload it and respond with params. Piece of cake.
But is it a right way to solve this problem in Remedy? I've read documentation and it all about some sort of plugins for Remedy Mid-Tier and there is nothing about simple servlets.
What is the right way to solve my task? Any source samples would be really helpful.
Thank you.

if you are doing it via the API, you could just get the record ID, and field ID and do this:
//First, we retrieve the form
int[] fieldIds = {1};
String formName = "My:Form:Name";
//Request ID. Field ID = 1. Always 14 chars long.
String requestID = "00000000000001";
Entry entry = arsConnection.getEntry(formName, requestID, fieldIds);
//add the attachment
AttachmentValue attachment = new AttachmentValue("name_of_file.ext", "path/to/file.ext");
entry.put(550000011, new Value(attachment));
arsConnection.setEntry(formName, newEntry,null,0);
to do this, you need the request id. this code is using the java API.

Get location from Alexa Skills Kit (ASK)

I'm looking for a way to get the user's location, ideally longitude/latitude but address would work too, from the Alexa Skill Kit request to my custom skill. Also, I don't want to have to have the user link to an account on my app's side.
Is this possible? If so, how?

Amazon has now (2017-04-05) added this capability. See their blog post about their new Device Address API.
Using this new API you can get the address (either postal code or full address) of the device, as specified in the customer’s device settings.
From that you could use a geocoding API (such as is part of the Google Maps API) to translate the address into location coordinates.

As per this thread on the Amazon Developer forums, there is not currently (as of May 2016) a way to get user location via the publicly available APIs. The only skills able to do so, such as Uber or Domino's, are utilizing APIs that are not available through the Alexa Skills Kit. However, there's hope that it may be added, as "Jamie#Amazon" left this reply in that discussion:
Hey there,
Thanks for posting.
This has now been added to the roadmap. Thanks for the feedback.
Jamie
However, at the time of writing, no further update has been provided regarding the implementation of such a feature.

As #Tom has pointed out, it is now possible to get the device address in your custom skill. If you are using Python to create your skill, it's pretty easy to implement the new API. I've written a detailed blog post about it here. It also describes how to get the corresponding coordinates for the retrieved address, so it might be useful for you. In short, here is a Python function to get you started. I use the very handy Flask-Ask library for my skill. Thus, it is easy to get the value of the deviceId and consentToken objects. These are included by Alexa in the JSON request sent to your skill. They are needed for constructing the request to the Amazon address API endpoint:
import requests
from flask_ask import Ask, context
def get_alexa_location():
URL = "https://api.amazonalexa.com/v1/devices/{}/settings" \
"/address".format(context.System.device.deviceId)
TOKEN = context.System.user.permissions.consentToken
HEADER = {'Accept': 'application/json',
'Authorization': 'Bearer {}'.format(TOKEN)}
r = requests.get(URL, headers=HEADER)
if r.status_code == 200:
return(r.json())
The function will return something like this on a successful call:
{u'city': u'Berlin', u'countryCode': u'DE',
u'addressLine1': u'42 Unter den Linden',
u'addressLine2': None, u'stateOrRegion': u'Berlin',
u'districtOrCounty': u'Berlin', u'postalCode': u'10117',
u'addressLine3': None}
You can use geopy to convert this address to coordinates.

It is now possible to get the user's real-time geolocation (longitude/latitude) using the Alexa Location Services, which avoids having to integrate with a separate geocoding API as suggested by other answers. See the related blogpost for official information about this feature's release.
Provided that the device is compatible (context.System.device.supportedInterfaces.Geolocation exists), the location services are running and the alexa::devices:all:geolocation:read permission has been granted to your skill , you can retrieve a Geolocation object through the request's context, which will be equivalent to the following JSON payload:
"Geolocation":{
"locationServices": {
"access": "ENABLED",
"status": "RUNNING",
},
"timestamp": "2018-03-25T00:00:00Z+00:00",
"coordinate": {
"latitudeInDegrees": 38.2,
"longitudeInDegrees": 28.3,
"accuracyInMeters": 12.1
},
"altitude": {
"altitudeInMeters": 120.1,
"accuracyInMeters": 30.1
},
"heading": {
"directionInDegrees": 180.0,
"accuracyInDegrees": 5.0
},
"speed": {
"speedInMetersPerSecond": 10.0,
"accuracyInMetresPerSecond": 1.1
}
}

Please follow the below URL to Get location from Alexa Skills Kit (ASK)
URL:
https://api.eu.amazonalexa.com/v1/devices/{devicesId}/settings/address/countryAndPostalCode
Your Header would be something like below :
Host:api.eu.amazonalexa.com[keep your host you can get is from developer account during testing from json]
Accept:application/json
Authorization:Bearer [KEEP YOUR apiAccessToken here]
if request went success your will get response as below:
{
"countryCode": "IN",
"postalCode": "560102"
}
Make sure you have enabled permission in the Alexa app, and grants the permission of the respective skill please refer the bellow URL for more details of permission configuration
https://developer.amazon.com/blogs/alexa/post/0c975fc7-17dd-4f5c-8343-a37024b66c99/alexa-skill-recipe-using-the-device-address-api-to-request-information

Multiple threads in POCO HttpClient?

I am working on a project in C++, with POCO/NET. The Network code can be seen below:
URI uri("http://my.url.se" );
HTTPClientSession session(uri.getHost(), uri.getPort());
// prepare path
string path(uri.getPathAndQuery());
if (path. empty()) path = "/";
// send request
HTTPRequest req(HTTPRequest::HTTP_GET, path, HTTPMessage::HTTP_1_1);
req.set("Accept", "AcceptString");
req.set("Consumer", "ALL");
req.set("Contract", "ALL");
session.sendRequest(req);
// recieve response
HTTPResponse res;
istream &is = session.receiveResponse(res);
The application is working on both Android 2.3.6 (Samsung Galaxy Gio) and the latest Android version, but according to the following post (and developer.android):
https://stackoverflow.com/questions/15606791/android-httppost-freezes-and-crashes-app
a NetworkOnMainThreadException would be thrown on the newest Android version (Honeycomb or higher) if the Networking part would not be in a separate thread. I have not created a new thread, so my question is:
Can anyone confirm my assumption that it is implemented already/automatically uses a new thread in the Poco Net library?
Greatful for help!

Can anyone confirm my assumption that it is implemented
already/automatically uses a new thread in the Poco Net library?
HTTPClientSession will not run on a separate thread, you will have to do that explicitly. You can use Poco:: Thread, Task or Activity.