How to do WordPress Authentication?

I am making cordova/phonegap project that is interacting with WP site. dealing with posts, comments .. etc.
I installed JSON REST API plugin for fetching posts from WP sites.
But some endpoints of JSON API required Authentication. such as ( create new post, create new comments.. )
But I don’t know how to authenticate for wordpress site.
So I’ve read this reference.

What client_id is this?
How do I get this?

Read More

client_id should be set to your application’s client ID as found in the applications manager.

What’s “my application”‘s meaning?
Why does it authenticate from this URL instead of my domain?

https://public-api.wordpress.com/oauth2/authorize?

I am really confused.

Can anybody help me?

Related posts

2 comments

  1. Yes, I was also confused. But there is a better explanation here:
    https://github.com/WP-API/api-console

    Basically you need to run few lines on the server (Step 1), so Key and Secret will be your client_key and client_secret. If you’ll finish what they say you can use them in the future.

    Unfortunately I do not have opportunity to try it by myself because I don’t have access to the server. Hope it helps!

  2. Although this may not exactly answer the question, it might provide a lead. I used xmlrpc to communicate to register and login both of which yield a WP userid.
    Cordova code:

    function register($uname, $pw, $email, $first, $last){
         ActivityIndicator.show("Registering");
         $.xmlrpc({
            url: 'http://www.yourwebsite.com/xmlrpc.php',
            methodName: 'gm.wp_create_user',
            params: ["0", $uname, $pw, $email, $first, $last, "ID", "PW"],   
            success: function(response, status, jqXHR) { 
               ActivityIndicator.hide();
               var num = parseInt(response[0]);
               if (!num){
                  toast(response+', Please re-enter');
                  return;
               }
               $.jStorage.set("usernum",num);
               $.jStorage.set("username",$uname);
               $.jStorage.set("password",$pw);
               $("#new-user").popup("close");
               //alert('success:'+response+" "+status+" "+jqXHR); 
            },
            error: function(jqXHR, status, error) { 
               ActivityIndicator.hide();
               $.jStorage.set("usernum",undefined);
               $("#new-user").popup("close");
            }
         });
      }
    

    xmlrpc.php

        <?php
    /**
     * XML-RPC protocol support for WordPress
     *
     * @package WordPress
     */
    
    /**
     * Whether this is an XML-RPC Request
     *
     * @var bool
     */
    define('XMLRPC_REQUEST', true);
    
    // Some browser-embedded clients send cookies. We don't want them.
    $_COOKIE = array();
    
    // A bug in PHP < 5.2.2 makes $HTTP_RAW_POST_DATA not set by default,
    // but we can do it ourself.
    if ( !isset( $HTTP_RAW_POST_DATA ) ) {
        $HTTP_RAW_POST_DATA = file_get_contents( 'php://input' );
    }
    
    // fix for mozBlog and other cases where '<?xml' isn't on the very first line
    if ( isset($HTTP_RAW_POST_DATA) )
        $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA);
    
    /** Include the bootstrap for setting up WordPress environment */
    include('./wp-load.php');
    
    if ( isset( $_GET['rsd'] ) ) { // http://cyber.law.harvard.edu/blogs/gems/tech/rsd.html
    header('Content-Type: text/xml; charset=' . get_option('blog_charset'), true);
    ?>
    <?php echo '<?xml version="1.0" encoding="'.get_option('blog_charset').'"?'.'>'; ?>
    <rsd version="1.0" xmlns="http://archipelago.phrasewise.com/rsd">
      <service>
        <engineName>WordPress</engineName>
        <engineLink>http://wordpress.org/</engineLink>
        <homePageLink><?php bloginfo_rss('url') ?></homePageLink>
        <apis>
          <api name="WordPress" blogID="1" preferred="true" apiLink="<?php echo site_url('xmlrpc.php', 'rpc') ?>" />
          <api name="Movable Type" blogID="1" preferred="false" apiLink="<?php echo site_url('xmlrpc.php', 'rpc') ?>" />
          <api name="MetaWeblog" blogID="1" preferred="false" apiLink="<?php echo site_url('xmlrpc.php', 'rpc') ?>" />
          <api name="Blogger" blogID="1" preferred="false" apiLink="<?php echo site_url('xmlrpc.php', 'rpc') ?>" />
          <?php
              do_action( 'xmlrpc_rsd_apis' );
          ?>
        </apis>
      </service>
    </rsd>
    <?php
    exit;
    }
    
    include_once(ABSPATH . 'wp-admin/includes/admin.php');
    include_once(ABSPATH . WPINC . '/class-IXR.php');
    include_once(ABSPATH . WPINC . '/class-wp-xmlrpc-server.php');
    
    /**
     * Posts submitted via the XML-RPC interface get that title
     * @name post_default_title
     * @var string
     */
    $post_default_title = "";
    
    /**
     * Filter the class used for handling XML-RPC requests.
         *
     * @since 3.1.0
     *
     * @param string $class The name of the XML-RPC server class.
     */
    $wp_xmlrpc_server_class = apply_filters( 'wp_xmlrpc_server_class', 'wp_xmlrpc_server' );
    $wp_xmlrpc_server = new $wp_xmlrpc_server_class;
    
    // Fire off the request
    $wp_xmlrpc_server->serve_request();
    
    exit;
    
    /**
     * logIO() - Writes logging info to a file.
     *
     * @deprecated 3.4.0
     * @deprecated Use error_log()
     *
     * @param string $io Whether input or output
     * @param string $msg Information describing logging reason.
     */
    function logIO( $io, $msg ) {
        _deprecated_function( __FUNCTION__, '3.4', 'error_log()' );
        if ( ! empty( $GLOBALS['xmlrpc_logging'] ) )
        error_log( $io . ' - ' . $msg );
    }
    

    and in functions.php on wordpress child theme:

        add_filter( 'xmlrpc_methods', 'xml_add_method');
    function xml_add_method( $methods ) {
        $methods['gm.wp_create_user'] = 'gm_wp_create_user';
        return $methods;
    }
    
    function gm_wp_create_user( $args ) {
        $uname = $args[1];
        $pword = $args[2];
        $email = $args[3];
    
        // Return Something
       $user_id = wp_create_user( $uname, $pword, $email ); 
    
       if( is_wp_error( $user_id ) ) {
        return $user_id->get_error_message();
        }
       else return $user_id;
       //return $blog_id.$username.$password.$uname.$pword.$email; 
    }
    

Comments are closed.