8dbb17dd027bdca8154ad419c37e397e58556d21

Committed 12 May 2026 10:00AM UTC coverage: 51.862%. First build

Build # 8dbb17dd027bdca8154ad419c37e397e58556d21

Build Type

push

github

Committed by

vraja-pro

Commit Message

Merge branch 'trunk' into feature/editor-focus-keyphrase-redesign

Coverage Stats

1899 of 3333 branches covered (56.98%)

Branch coverage included in aggregate %.

1142 of 2108 new or added lines in 60 files covered. (54.17%)

6040 of 11975 relevant lines covered (50.44%)

251201.9 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

62.5

/src/myyoast-client/infrastructure/crypto/client-authenticator.php

<?php
// phpcs:disable Yoast.NamingConventions.NamespaceName.TooLong -- Needed in the folder structure.

namespace Yoast\WP\SEO\MyYoast_Client\Infrastructure\Crypto;

use Yoast\WP\SEO\MyYoast_Client\Application\Exceptions\Client_Authentication_Exception;
use Yoast\WP\SEO\MyYoast_Client\Application\Ports\Client_Authenticator_Interface;

/**
 * Creates signed client_assertion JWTs for private_key_jwt authentication.
 *
 * Wraps Key_Pair_Manager and JWT_Signer to provide a single method for
 * generating client assertions, hiding key pair lifecycle from the application layer.
 */
class Client_Authenticator implements Client_Authenticator_Interface {

        /**
         * The key pair manager.
         *
         * @var Key_Pair_Manager
         */
        private $key_pair_manager;

        /**
         * The JWT signer.
         *
         * @var JWT_Signer
         */
        private $jwt_signer;

        /**
         * Client_Authenticator constructor.
         *
         * @param Key_Pair_Manager $key_pair_manager The key pair manager.
         * @param JWT_Signer       $jwt_signer       The JWT signer.
         */
        public function __construct( Key_Pair_Manager $key_pair_manager, JWT_Signer $jwt_signer ) {
                $this->key_pair_manager = $key_pair_manager;
                $this->jwt_signer       = $jwt_signer;
        }

        /**
         * Creates a signed client_assertion JWT for the given audience.
         *
         * @param string $client_id The registered client_id.
         * @param string $audience  The audience URL (typically the token endpoint).
         *
         * @return string The signed client_assertion JWT.
         *
         * @throws Client_Authentication_Exception If key retrieval or signing fails.
         */
        public function create_client_assertion( string $client_id, string $audience ): string {
                try {
                        $key_pair = $this->key_pair_manager->get_or_create_key_pair( Key_Pair_Manager::PURPOSE_REGISTRATION );

                        return $this->jwt_signer->create_client_assertion( $client_id, $audience, $key_pair );
                } catch ( Encryption_Exception | JWT_Signing_Exception $e ) {
                        // phpcs:ignore WordPress.Security.EscapeOutput.ExceptionNotEscaped -- Internal exception message.
                        throw new Client_Authentication_Exception( 'Client assertion signing failed: ' . $e->getMessage(), 0, $e );
                }
        }
}

1	<?php
2	// phpcs:disable Yoast.NamingConventions.NamespaceName.TooLong -- Needed in the folder structure.
3
4	namespace Yoast\WP\SEO\MyYoast_Client\Infrastructure\Crypto;
5
6	use Yoast\WP\SEO\MyYoast_Client\Application\Exceptions\Client_Authentication_Exception;
7	use Yoast\WP\SEO\MyYoast_Client\Application\Ports\Client_Authenticator_Interface;
8
9	/**
10	* Creates signed client_assertion JWTs for private_key_jwt authentication.
11	*
12	* Wraps Key_Pair_Manager and JWT_Signer to provide a single method for
13	* generating client assertions, hiding key pair lifecycle from the application layer.
14	*/
15	class Client_Authenticator implements Client_Authenticator_Interface {
16
17	/**
18	* The key pair manager.
19	*
20	* @var Key_Pair_Manager
21	*/
22	private $key_pair_manager;
23
24	/**
25	* The JWT signer.
26	*
27	* @var JWT_Signer
28	*/
29	private $jwt_signer;
30
31	/**
32	* Client_Authenticator constructor.
33	*
34	* @param Key_Pair_Manager $key_pair_manager The key pair manager.
35	* @param JWT_Signer $jwt_signer The JWT signer.
36	*/
NEW 37	public function __construct( Key_Pair_Manager $key_pair_manager, JWT_Signer $jwt_signer ) {	×
NEW 38	$this->key_pair_manager = $key_pair_manager;	×
NEW 39	$this->jwt_signer = $jwt_signer;	×
40	}
41
42	/**
43	* Creates a signed client_assertion JWT for the given audience.
44	*
45	* @param string $client_id The registered client_id.
46	* @param string $audience The audience URL (typically the token endpoint).
47	*
48	* @return string The signed client_assertion JWT.
49	*
50	* @throws Client_Authentication_Exception If key retrieval or signing fails.
51	*/
52	public function create_client_assertion( string $client_id, string $audience ): string {	6✔
53	try {
54	$key_pair = $this->key_pair_manager->get_or_create_key_pair( Key_Pair_Manager::PURPOSE_REGISTRATION );	6✔
55
56	return $this->jwt_signer->create_client_assertion( $client_id, $audience, $key_pair );	4✔
57	} catch ( Encryption_Exception \| JWT_Signing_Exception $e ) {	4✔
58	// phpcs:ignore WordPress.Security.EscapeOutput.ExceptionNotEscaped -- Internal exception message.
59	throw new Client_Authentication_Exception( 'Client assertion signing failed: ' . $e->getMessage(), 0, $e );	4✔
60	}
61	}
62	}

Yoast / wordpress-seo / 8dbb17dd027bdca8154ad419c37e397e58556d21

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous