ed2f09d63cc1d52576867547263198acaf3ad466

Committed 20 Mar 2026 01:43PM UTC coverage: 53.47% (-0.4%) from 53.917%

Build # ed2f09d63cc1d52576867547263198acaf3ad466

Build Type

push

github

Committed by

vraja-pro

Commit Message

Merge branch 'trunk' into feature/next-post

Coverage Stats

9048 of 16621 branches covered (54.44%)

Branch coverage included in aggregate %.

860 of 946 new or added lines in 55 files covered. (90.91%)

709 existing lines in 34 files now uncovered.

34343 of 64529 relevant lines covered (53.22%)

46616.39 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/ai-authorization/user-interface/abstract-callback-route.php

<?php

// phpcs:disable Yoast.NamingConventions.NamespaceName.TooLong -- Needed in the folder structure.
namespace Yoast\WP\SEO\AI_Authorization\User_Interface;

use RuntimeException;
use WP_REST_Request;
use WP_REST_Response;
use Yoast\WP\SEO\AI_Authorization\Infrastructure\Access_Token_User_Meta_Repository_Interface;
use Yoast\WP\SEO\AI_Authorization\Infrastructure\Code_Verifier_User_Meta_Repository_Interface;
use Yoast\WP\SEO\AI_Authorization\Infrastructure\Refresh_Token_User_Meta_Repository_Interface;
use Yoast\WP\SEO\AI_HTTP_Request\Domain\Exceptions\Unauthorized_Exception;
use Yoast\WP\SEO\Conditionals\AI_Conditional;
use Yoast\WP\SEO\Main;
use Yoast\WP\SEO\Routes\Route_Interface;

/**
 * The base class for the callback routes.
 */
abstract class Abstract_Callback_Route implements Route_Interface {

        /**
         *  The namespace for this route.
         *
         * @var string
         */
        public const ROUTE_NAMESPACE = Main::API_V1_NAMESPACE;

        /**
         * The access token repository instance.
         *
         * @var Access_Token_User_Meta_Repository_Interface
         */
        protected $access_token_repository;

        /**
         * The refresh token repository instance.
         *
         * @var Refresh_Token_User_Meta_Repository_Interface
         */
        protected $refresh_token_repository;

        /**
         * The code verifier instance.
         *
         * @var Code_Verifier_User_Meta_Repository_Interface
         */
        protected $code_verifier_repository;

        /**
         * Returns the conditionals based in which this loadable should be active.
         *
         * @return array<string> The conditionals.
         */
        public static function get_conditionals() {
                return [ AI_Conditional::class ];
        }

        /**
         * Callback_Route constructor.
         *
         * @param Access_Token_User_Meta_Repository_Interface  $access_token_repository  The access token repository instance.
         * @param Refresh_Token_User_Meta_Repository_Interface $refresh_token_repository The refresh token repository instance.
         * @param Code_Verifier_User_Meta_Repository_Interface $code_verifier_repository The code verifier instance.
         */
        public function __construct( Access_Token_User_Meta_Repository_Interface $access_token_repository, Refresh_Token_User_Meta_Repository_Interface $refresh_token_repository, Code_Verifier_User_Meta_Repository_Interface $code_verifier_repository ) {
                $this->access_token_repository  = $access_token_repository;
                $this->refresh_token_repository = $refresh_token_repository;
                $this->code_verifier_repository = $code_verifier_repository;
        }

        // phpcs:disable Squiz.Commenting.FunctionCommentThrowTag.WrongNumber -- PHPCS doesn't take into account exceptions thrown in called methods.

        /**
         * Runs the callback to store connection credentials and the tokens locally.
         *
         * @param WP_REST_Request $request The request object.
         *
         * @return WP_REST_Response The response of the callback action.
         *
         * @throws Unauthorized_Exception If the code challenge  is not valid.
         * @throws RuntimeException If the verification code is not found.
         */
        public function callback( WP_REST_Request $request ): WP_REST_Response {
                $user_id = $request->get_param( 'user_id' );
                try {
                        $code_verifier = $this->code_verifier_repository->get_code_verifier( $user_id );

                        if ( $request->get_param( 'code_challenge' ) !== \hash( 'sha256', $code_verifier->get_code() ) ) {
                                throw new Unauthorized_Exception( 'Unauthorized' );
                        }

                        $this->access_token_repository->store_token( $user_id, $request->get_param( 'access_jwt' ) );
                        $this->refresh_token_repository->store_token( $user_id, $request->get_param( 'refresh_jwt' ) );
                        $this->code_verifier_repository->delete_code_verifier( $user_id );
                } catch ( Unauthorized_Exception | RuntimeException $e ) {
                        return new WP_REST_Response( 'Unauthorized.', 401 );
                }

                return new WP_REST_Response(
                        [
                                'message'       => 'Tokens successfully stored.',
                                'code_verifier' => $code_verifier->get_code(),
                        ],
                );
        }

        // phpcs:enable Squiz.Commenting.FunctionCommentThrowTag.WrongNumber -- PHPCS doesn't take into account exceptions thrown in called methods.
}

1	<?php
2
3	// phpcs:disable Yoast.NamingConventions.NamespaceName.TooLong -- Needed in the folder structure.
4	namespace Yoast\WP\SEO\AI_Authorization\User_Interface;
5
6	use RuntimeException;
7	use WP_REST_Request;
8	use WP_REST_Response;
9	use Yoast\WP\SEO\AI_Authorization\Infrastructure\Access_Token_User_Meta_Repository_Interface;
10	use Yoast\WP\SEO\AI_Authorization\Infrastructure\Code_Verifier_User_Meta_Repository_Interface;
11	use Yoast\WP\SEO\AI_Authorization\Infrastructure\Refresh_Token_User_Meta_Repository_Interface;
12	use Yoast\WP\SEO\AI_HTTP_Request\Domain\Exceptions\Unauthorized_Exception;
13	use Yoast\WP\SEO\Conditionals\AI_Conditional;
14	use Yoast\WP\SEO\Main;
15	use Yoast\WP\SEO\Routes\Route_Interface;
16
17	/**
18	* The base class for the callback routes.
19	*/
20	abstract class Abstract_Callback_Route implements Route_Interface {
21
22	/**
23	* The namespace for this route.
24	*
25	* @var string
26	*/
27	public const ROUTE_NAMESPACE = Main::API_V1_NAMESPACE;
28
29	/**
30	* The access token repository instance.
31	*
32	* @var Access_Token_User_Meta_Repository_Interface
33	*/
34	protected $access_token_repository;
35
36	/**
37	* The refresh token repository instance.
38	*
39	* @var Refresh_Token_User_Meta_Repository_Interface
40	*/
41	protected $refresh_token_repository;
42
43	/**
44	* The code verifier instance.
45	*
46	* @var Code_Verifier_User_Meta_Repository_Interface
47	*/
48	protected $code_verifier_repository;
49
50	/**
51	* Returns the conditionals based in which this loadable should be active.
52	*
53	* @return array<string> The conditionals.
54	*/
UNCOV 55	public static function get_conditionals() {	×
UNCOV 56	return [ AI_Conditional::class ];	×
57	}
58
59	/**
60	* Callback_Route constructor.
61	*
62	* @param Access_Token_User_Meta_Repository_Interface $access_token_repository The access token repository instance.
63	* @param Refresh_Token_User_Meta_Repository_Interface $refresh_token_repository The refresh token repository instance.
64	* @param Code_Verifier_User_Meta_Repository_Interface $code_verifier_repository The code verifier instance.
65	*/
UNCOV 66	public function __construct( Access_Token_User_Meta_Repository_Interface $access_token_repository, Refresh_Token_User_Meta_Repository_Interface $refresh_token_repository, Code_Verifier_User_Meta_Repository_Interface $code_verifier_repository ) {	×
UNCOV 67	$this->access_token_repository = $access_token_repository;	×
UNCOV 68	$this->refresh_token_repository = $refresh_token_repository;	×
UNCOV 69	$this->code_verifier_repository = $code_verifier_repository;	×
70	}
71
72	// phpcs:disable Squiz.Commenting.FunctionCommentThrowTag.WrongNumber -- PHPCS doesn't take into account exceptions thrown in called methods.
73
74	/**
75	* Runs the callback to store connection credentials and the tokens locally.
76	*
77	* @param WP_REST_Request $request The request object.
78	*
79	* @return WP_REST_Response The response of the callback action.
80	*
81	* @throws Unauthorized_Exception If the code challenge is not valid.
82	* @throws RuntimeException If the verification code is not found.
83	*/
UNCOV 84	public function callback( WP_REST_Request $request ): WP_REST_Response {	×
UNCOV 85	$user_id = $request->get_param( 'user_id' );	×
86	try {
UNCOV 87	$code_verifier = $this->code_verifier_repository->get_code_verifier( $user_id );	×
88
UNCOV 89	if ( $request->get_param( 'code_challenge' ) !== \hash( 'sha256', $code_verifier->get_code() ) ) {	×
UNCOV 90	throw new Unauthorized_Exception( 'Unauthorized' );	×
91	}
92
UNCOV 93	$this->access_token_repository->store_token( $user_id, $request->get_param( 'access_jwt' ) );	×
UNCOV 94	$this->refresh_token_repository->store_token( $user_id, $request->get_param( 'refresh_jwt' ) );	×
UNCOV 95	$this->code_verifier_repository->delete_code_verifier( $user_id );	×
UNCOV 96	} catch ( Unauthorized_Exception \| RuntimeException $e ) {	×
UNCOV 97	return new WP_REST_Response( 'Unauthorized.', 401 );	×
98	}
99
UNCOV 100	return new WP_REST_Response(	×
UNCOV 101	[	×
UNCOV 102	'message' => 'Tokens successfully stored.',	×
UNCOV 103	'code_verifier' => $code_verifier->get_code(),	×
UNCOV 104	],	×
UNCOV 105	);	×
106	}
107
108	// phpcs:enable Squiz.Commenting.FunctionCommentThrowTag.WrongNumber -- PHPCS doesn't take into account exceptions thrown in called methods.
109	}

Yoast / wordpress-seo / ed2f09d63cc1d52576867547263198acaf3ad466

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous