indieweb / wordpress-micropub Goto Github PK

I noticed this in the log...Something tried to pull from my endpoint..not me...it shouldn't generate notices. May try to fix this.

017/01/03 07:59:04 [error] 6832#6832: *12666 FastCGI sent in stderr: "PHP message: Micropub Data: a:1:{s:8:"micropub";s:8:"endpoint";} a:1:{s:8:"micropub";s:8:"endpoint";}
PHP message: PHP Notice: Undefined index: authorization in /srv/html/tiny.n9n.us/wp-content/plugins/wordpress-micropub/micropub.php on line 882
PHP message: PHP Notice: Undefined index: access_token in /srv/html/tiny.n9n.us/wp-content/plugins/wordpress-micropub/micropub.php on line 157" while reading response header from upstream, client: 123.125.71.20, server: tiny.n9n.us, request: "GET /?micropub=endpoint HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "tiny.n9n.us"

Adjust the query handlier to allow the function to be taken over or expanded by another plugin.

For example. Post Kinds could add the Kind Taxonomy properties when source was queried. A media endpoint could be added to the config. Or an experimental query return could be added.

I discovered that Micropub discards the timezone data because it uses a function that requires it to be passed, iso8601_to_datetime.

This needs to be addressed. Going to try my hand at patching this as it affects me.

My tt-rss-micropub plugin creates bookmarks with only the bookmark-of property set. The wordpress micropub endpoint then returns an error, declaring that

Content, title, and excerpt are empty.

We had this for "like" posts already in #41. Is there a reason that bookmark posts do not work with the URL only?

(Followup to https://github.com/cweiske/tt-rss-micropub/issues/1)

https://indieweb.org/Micropub-extensions#Post_Status

As Quill at least now supports this, worth supporting, you think?

Post Status

*post-status=published (or no post-status set) - The post is published, or when the published date is in the future, the post is scheduled.

• post-status=draft - The post is a draft, and should not be shown in lists. (Of course it's up to the implementation whether it wants to use a capability URL for draft posts or actually restrict it to logged-in users.)

Visibility

• visibility=public (or no visibility set)
• visibility=private

it comes through in the request, and gets stored in post meta, but doesn't get added to the post content.

(thanks to @anomalily for reporting at IWS 2017!)

https://www.w3.org/TR/micropub/#json-syntax

e.g.

{
  "type": ["h-entry"],
  "properties": {
    "content": ["hello world"],
    "category": ["foo","bar"],
    "photo": ["https://photos.example.com/592829482876343254.jpg"]
  }
}

BTW. Here is an example how to build a plugin, completely based on WP-API https://github.com/swissspidy/oEmbed-API

I recently posted for the first time with Micropub + OwnYourGram. The date appeared as 1969.

HTTP headers are meant to be processed case-insensitive, but the code only accepts Authorization (word case) and not authorization (lowercase).

HTTP 1.1 RFC 2616 section 4.2 says:

Field names are case-insensitive.

The MicroPub plugin shouldn't support syndication. It should support discovering targets using a WordPress filter, which can be modified outside of the plugin. So, by default, it would return an empty list.

@aaronpk and @dissolve have been iterating on the micropub spec a fair amount. it now uses mp-* params for control. we need to port our handling of url to mp-url, action to mp-action, and maybe more? there's also mp-add and mp-remove, among others. see https://indiewebcamp.com/micropub#Syntax

i'm not using this regularly myself, so if we're going to keep developing it, i'd like to have unit tests to give me confidence in our changes. @voxpelli pointed out these repos with good boilerplate and examples for phpunit + wp unit tests:

• https://github.com/frozzare/wp-plugin-boilerplate
• https://github.com/frozzare/wp-test-suite
• https://github.com/twitter/wordpress

the right level to test at is probably HTTP requests, ie the tests should construct top-level HTTP requests with different params and headers for each use case, send them to wordpress (within the same PHP runtime, not running WP as a server separately), and then check that they get the expected responses and that the right data is in the db.

cc @dshanske. excited!

ideally we'd be able to see just the style issues that each new PR introduces, if any. at minimum, we'd see the full output for every PR.

we'd need to install WordPress-Coding-Standards and PHPCS in dependencies.post (in circle.yml) and then run it in test.post. see the circle docs and bridgy's circle.yml as an example.

@dshanske maybe you can tackle this at some point?

...i thought the plugin already did this, so maybe it's a bug that it doesn't? feature request from @anomalily at IWS 2017 when she saw that OwnYourSwarm checkin posts don't have an author set.

So, I've been thinking about finding a way of storing the token with each token - or at least the client_id. Am I missing something or would that require a pretty substantial rewrite?

Hi @snarfed. Hope you can help.

I'm not getting the 'syndicate' URL passed from photos posted on Instagram. I think I've tracked it down to this plugin. Brid.gy and OwnYourGram all seem to be doing what they should, but I cannot see in the plugin code, or resulting HTML of the WP post, the link back to the gram.

You can see an example at http://davidjohnmead.com/blog/2015/12/08/2864/.

Any ideas?

https://micropub.rocks/server-tests/205?endpoint=107

205: Create an h-entry post with a photo with alt text (JSON)

I see the photo of a sunset but the associated alt text is ""

<div id='gallery-2' class='gallery galleryid-9230 gallery-columns-1 gallery-size-full'><dl class='gallery-item'>
			<dt class='gallery-icon landscape'>
				<a href='https://be.a.cloudgeni.us/9230-2/photo-of-a-sunset-2/'><img width="1600" height="1200" src="https://be.a.cloudgeni.us/wp-content/uploads/sunset-9.jpg" class="attachment-full size-full" alt="" /></a>
			</dt></dl>
</div>

What am I missing?

Hi! I installed the plugin the other day and so far everything seems to work just fine. Great! But I was wondering is there a way to configure the plugin so that it uses the "Default" post format which is set by the user/me). At the moment it seems it is posting to the "Aside" format, whereas I would prefer to post it to the "Status" format, which I have configured in Wordpress' settings to be the standard. Is this something that is possible?

Any help appreciated.

I set up OwnYourSwarm, but it hasn't been able to publish anything to my Wordpress micropub endpoint yet. I do have version 1.1 of the plugin installed.

When I try have OwnYourSwarm try again for the last checkin from the dashboard, it shows this response:

HTTP/1.1 401 Unauthorized
Date: Tue, 02 May 2017 00:48:44 GMT
Server: Apache
Link: <https://tokens.indieauth.com/token>; rel="token_endpoint", <https://www.darkglass.org/wp-json/webmention/1.0/endpoint>; rel="webmention", <https://www.darkglass.org/wp-json/webmention/1.0/endpoint>; rel="http://webmention.org/"
Content-Type: application/json; charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked

"missing access token"

It also shows a Swarm Checkin Object:

{
    "id": "5907d03dee628b2f2d74ee77",
    "createdAt": 1493684285,
    "type": "checkin",
    "entities": [],
    "shout": "Gotta get my Rita's fix!",
    "timeZoneOffset": -240,
    "user": {
        "id": "1133595",
        "firstName": "Tamara",
        "lastName": "Ng",
        "gender": "female",
        "relationship": "self",
        "photo": {
            "prefix": "https://igx.4sqi.net/img/user/",
            "suffix": "/3AC0EL3N1VK1AXPZ.jpg"
        }
    },
    "venue": {
        "id": "4ba39acbf964a520314b38e3",
        "name": "Rita's Italian Ice",
        "contact": {
            "phone": "7177318275",
            "formattedPhone": "(717) 731-8275",
            "twitter": "ritasitalianice"
        },
        "location": {
            "address": "842 Market St",
            "lat": 40.243203064685,
            "lng": -76.90323472023,
            "labeledLatLngs": [
                {
                    "label": "display",
                    "lat": 40.243203064685,
                    "lng": -76.90323472023
                }
            ],
            "postalCode": "17043",
            "cc": "US",
            "city": "Lemoyne",
            "state": "PA",
            "country": "United States",
            "formattedAddress": [
                "842 Market St",
                "Lemoyne, PA 17043"
            ]
        },
        "categories": [
            {
                "id": "4bf58dd8d48988d1d0941735",
                "name": "Dessert Shop",
                "pluralName": "Dessert Shops",
                "shortName": "Desserts",
                "icon": {
                    "prefix": "https://ss3.4sqi.net/img/categories_v2/food/dessert_",
                    "suffix": ".png"
                },
                "primary": true
            }
        ],
        "verified": false,
        "stats": {
            "checkinsCount": 700,
            "usersCount": 309,
            "tipCount": 5
        },
        "url": "http://www.ritasice.com",
        "allowMenuUrlEdit": true,
        "beenHere": {
            "lastCheckinExpiredAt": 0
        }
    }
}

and an h-entry checkin object:

{
    "type": [
        "h-entry"
    ],
    "properties": {
        "published": [
            "2017-05-01T20:18:05-04:00"
        ],
        "syndication": [
            "https://www.swarmapp.com/user/1133595/checkin/5907d03dee628b2f2d74ee77"
        ],
        "content": [
            "Gotta get my Rita's fix!"
        ],
        "checkin": [
            {
                "type": [
                    "h-card"
                ],
                "properties": {
                    "name": [
                        "Rita's Italian Ice"
                    ],
                    "url": [
                        "https://foursquare.com/v/4ba39acbf964a520314b38e3",
                        "http://www.ritasice.com",
                        "https://twitter.com/ritasitalianice"
                    ],
                    "tel": [
                        "(717) 731-8275"
                    ],
                    "latitude": [
                        40.243203064685
                    ],
                    "longitude": [
                        -76.90323472023
                    ],
                    "street-address": [
                        "842 Market St"
                    ],
                    "locality": [
                        "Lemoyne"
                    ],
                    "region": [
                        "PA"
                    ],
                    "country-name": [
                        "United States"
                    ],
                    "postal-code": [
                        "17043"
                    ]
                }
            }
        ]
    }
}

It looks like a post author is not set right now. I think you could reasonable assume that the "me" value that the token is granted for can be looked up in the users table, the same way the IndieAuth plugin allows people to sign in to their Wordpress sites using their domain.

I think this would have the added benefit of being immediately useful for multi-author sites.

As far as I can tell, this here seems to not work anymore. The code in the plugin looks good to me, though.

With properties like mf2_content, it really should fetch post content for two reasons.

1. If I change the post in the editor, it does not update this field.
2. If I try to update a post that was not originally published via Micropub, I can't.

I think the plugin is not setting the post_date_gmt field when creating the post. It looks like a new post that was created with the published date set in the micropub request has the gmt date set to 0.

This only happens when I'm using it offline without internet access:

$ curl -i -X POST -H 'Authorization: Bearer abc' --data 'h=entry&like-of=http%3A%2F%2Fanoweco.bogo%2F' 'http://wordpress.bogo/?micropub=endpoint'HTTP/1.1 200 OK
Date: Wed, 07 Sep 2016 06:40:40 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.19
Link: <http://wordpress.bogo/?micropub=endpoint>; rel="micropub"
Link: <http://anoweco.bogo/auth.php>; rel="authorization_endpoint"
Link: <http://anoweco.bogo/token.php>; rel="token_endpoint"
Content-Length: 24
Content-Type: text/plain; charset=UTF-8

invalid access token: 

(there is no message. when I'm online, there is a message and the correct status code is there)

#9 seems to be happening for me.
Weirdly enough only with ownyourgram/ownyourswarm posts, it is working fine with Quill. I'll do some more research.

As @aaronpk pointed out in #indieweb-dev "Technically charset=utf-8 is unnecessary with JSON content type since JSON is utf-8 already"

See also: cweiske/shpub#6

The plugin is currently total broken; every try to post returns a wordpress HTML error page.

git bisect told me:

$ git bisect good
ac82cba16b6cb109db9dea38fedb176bfb15304d is the first bad commit
commit ac82cba16b6cb109db9dea38fedb176bfb15304d
Author: Ryan Barrett <[email protected]>
Date:   Wed Jun 29 12:02:20 2016 -0700

    switch from exit to wp_die()

    makes unit testing easier. also misc style tweaks.

And indeed, this is the first commit that breaks.

A successful request now returns:

HTTP/1.1 500 Internal Server Error
Date: Wed, 07 Sep 2016 19:15:03 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.19
Link: <http://wordpress.bogo/?micropub=endpoint>; rel="micropub"
Link: <http://anoweco.bogo/auth.php>; rel="authorization_endpoint"
Link: <http://anoweco.bogo/token.php>; rel="token_endpoint"
...
<body id="error-page">
    <p>Unknown WordPress error: 0</p></body>
</html>

Hi @snarfed.

Around the same time of the update my posts from Instagram are returning errors where the image should be. Also Twitter syndication using @dshanske's Bridgy Publish doesn't seem to be working.

Have you heard of these issues from anyone else?

You can see the issues at my blog.

https://gist.github.com/dougbeal/7cafc487e32de13c314bfe3fb8e38468

If place_name is set as a property, this should be mapped to geo_address.

Support location to be stored using the WordPress Geodata( http://codex.wordpress.org/Geodata) standard.

The edit functions overwrite the entire post. Need to be rewritten. 'published' should be setting post_modified instead of post_date. Should be checking for blank fields.

Solution is to pull existing data to compare with new data.

When #40 is fixed you will see that sending a "like" request will fail unless the name property is also given.

Submitting likes via micropub should not require a title.

...specifically, a way to opt into either wordpress's internal auth or a different auth/token server than indieauth. details in https://github.com/snarfed/wordpress-micropub/#authentication-and-authorization .

@miklb graciously volunteered to look into this. thank you! i've never done wordpress admin UI before, so i'm pretty open to ideas or direction here.

Add the ability to authorize using a local endpoint that authenticates locally instead of Indieauth.com

I've been thinking about this. There are two modes the plugin works in.

1. Marks up the Content
2. If the theme supports microformats2(current_theme_supports) then it doesn't mark up the content.

I'm starting to think the conditional might be a mistake. If the theme supports microformats2, you still might want Micropub to mark up the content, as opposed to letting something else do it.

Then, what happens if you change your mind and want to switch themes, or switch options?

I'm not sure what the right move is here. Wanted to throw it open for consideration.

Trying to post an image from Quill while traveling I got an error.

400 Bad Request

{"error": "invalid_request", "error_description": "Sorry, this file type is not permitted for security reasons."}

Is this something with my server config or an issue with the plugin? Thanks!

The WP-API team provides a OAuth 1 lib that should work independent/separate from the WP-API plugin https://github.com/WP-API/OAuth1

currently we ignore it. heh.

inspired by @kylewm's super cool https://github.com/kylewm/micropub-xmpp-bot!

I'm not sure if it's something that would fit in here or quite how -- perhaps a setting toggle?, but for clients that push photos (OwnYourGram.com, https://ownyourcheckin.wirres.net/, Quill, et al), it would be nice on WordPress (especially for many modern themes) to have the (primary) photo from the client post as a "Featured Image" rather than in the main body of the post.

Other potential settings-based functionalities I can imagine being useful (based on experience with Twitter clients) include

• being able to set future posting times
• saving posts as draft, private, pending, etc. rather than automatically publishing
• allowing one to set Post Format (or if using the IndieWeb Post Kinds plugin: Post Kind)
  Naturally supporting some of this would also depend on the posting client having support for these options as well.

While trying to do this:

Create a reply via micropub that contains HTML tags

$ curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' -H 'Authorization: Bearer abc'\
    -d 'name=simple!' -d 'h=entry'\
    -d 'in-reply-to=http://www.bogo/how-to-make-html-headline'\
    -d 'content=use <h1>test</h1>'\
    'http://wordpress.bogo/...'

I encountered this error:

Content is automatically interpreted as HTML altough the property content is used (which means plain text), and not content[html] (which means "this is really html").

Some other notes:

wordpress-micropub must not automatically detect HTML.

Known has the same problem: idno/known#1519

very low priority, since the big style stuff is ok now - tabs for indents, spaces inside parens, braces around if/elseif blocks.

PHPCS details in the readme. WordPress coding standards here.

It appears it isn't coming from the client. Thinking the logic of create/edit needs to be reviewed after the specification is finalized to figure out what is resetting it.

Support the option of saving a plaintext location property into geo_address.

The versions released on wordpress don't have any tag in git.

via @aaronpk - "Feature request for the Wordpress micropub plugin: add categories or tags to posts based on the contents of the micropub request, like based on certain client_id or hashtags in the post"

...ideally user configurable, since some users (and some plugins/themes) will want title, but others won't.

feature request from @anomalily at IWS 2017!

https://micropub.rocks/server-tests/700?endpoint=107

Wonder why all other tests pass but this one --> 700: Upload a jpg to the Media Endpoint

What is expected?

a JSON object with a media-endpoint property with the full URL of the endpoint

What is received?

HTTP/1.1 200 OK
Server: nginx/1.9.15
Date: Wed, 05 Jul 2017 22:34:29 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 19
Connection: keep-alive
X-Powered-By: PHP/7.1.2
Set-Cookie: PHPSESSID=02d7a88842f04e6221696077fc1c1b32; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://tokens.indieauth.com/token>; rel="token_endpoint"
Vary: User-Agent
strict-transport-security: max-age=31536000
strict-transport-security: max-age=31536000

{
    "syndicate-to": []
}

What am I missing?
Do I need to degine a media endpoint somewhere in my wordpress setup?
I would not locate any doc mentioning this.

PS: I notice similar failure on tests 701 and 702

https://www.w3.org/TR/micropub/#syndication-targets

The goal is to improve the plugin to the point it can support a path from a Micropub client to a POSSE plugin.

_The endpoint MUST return the response in [JSON] format, with a key of syndicate-to and the values being objects descriptive of the supported syndication targets.

At a minimum, a syndication destination MUST have uid and name properties. The uid property is opaque to the client, and is the value the client sends in the Micropub request to indicate the targets to syndicate to. The name property is the value the client can display to the user. The name should be unambiguously descriptive of the destination, so that if for example there are two destinations on the same service, the name can disambiguate them.

The Micropub server MAY also include additional information about the destination service and user account. This is accomplished with the additional properties service and user, both of which can have three properties, name (a human-readable name), url and photo (both URLs).

The client may use the service and user properties to enhance the display of the syndication options, for example by including the user or service photos on the syndication buttons._

So, the current implementation of syndication target is not in JSON. But the specification has moved toward JSON for some things, and the current plugin design doesn't support that.

But the issue is the support for multiple POSSE plugins. The easiest way is the UID, except if you have multiple different plugins, they could set the same UID. So, this is what I am thinking...

1. The UIDs have to be managed by the Micropub plugin, as opposed to the individual POSSE plugins...otherwise there could be a collision.
2. The Micropub plugin needs a function that adds in the syndication targets, replacing the existing system, so it can require all parts be filed in.

I'm going to try to put something together, and then add support to Bridgy Publish, my simple plugin for Bridgy Publish support. But it needs to be clear how to add support in any arbitrary POSSE plugin, and that has to be documented in the Micropub literature.

Looking for ideas.

http://micropub.net/draft/#error-response says micropub error responses have to be encoded as JSON, but the micropub plugin does not:

$  curl -i -X POST -H 'Authorization: Bearer abc' --data 'h=entry&like-of=http%3A%2F%2Fanoweco.bogo%2F' 'http://wordpress.bogo/?micropub=endpoint'
HTTP/1.1 400 Bad Request
Date: Wed, 07 Sep 2016 06:44:02 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.19
Link: <http://wordpress.bogo/?micropub=endpoint>; rel="micropub"
Link: <http://anoweco.bogo/auth.php>; rel="authorization_endpoint"
Link: <http://anoweco.bogo/token.php>; rel="token_endpoint"
Content-Length: 93
Connection: close
Content-Type: text/plain; charset=UTF-8

invalid access token: error=unauthorized&error_description=The+token+provided+was+malformed

Related to #25. Known also has this problem - idno/known#1506.