PluginProbe ʕ •ᴥ•ʔ
Yoast SEO – Advanced SEO with real-time guidance and built-in AI / 27.7
Yoast SEO – Advanced SEO with real-time guidance and built-in AI v27.7
27.7 27.6 27.5 trunk 18.0 18.1 18.2 18.3 18.4 18.4.1 18.5 18.5.1 18.6 18.7 18.8 18.9 19.0 19.1 19.10 19.11 19.12 19.13 19.14 19.2 19.3 19.4 19.5 19.5.1 19.6 19.6.1 19.7 19.7.1 19.7.2 19.8 19.9 20.0 20.1 20.10 20.11 20.12 20.13 20.2 20.2.1 20.3 20.4 20.5 20.6 20.7 20.8 20.9 21.0 21.1 21.2 21.3 21.4 21.5 21.6 21.7 21.8 21.8.1 21.9 21.9.1 22.0 22.1 22.2 22.3 22.4 22.5 22.6 22.7 22.8 22.9 23.0 23.1 23.2 23.3 23.4 23.5 23.6 23.7 23.8 23.9 24.0 24.1 24.2 24.3 24.4 24.5 24.6 24.7 24.8 24.8.1 24.9 25.0 25.1 25.2 25.3 25.3.1 25.4 25.5 25.6 25.7 25.8 25.9 26.0 26.1 26.1.1 26.2 26.3 26.4 26.5 26.6 26.7 26.8 26.9 27.0 27.1 27.1.1 27.2 27.3 27.4
wordpress-seo / src / ai-authorization / user-interface / abstract-callback-route.php
wordpress-seo / src / ai-authorization / user-interface Last commit date
abstract-callback-route.php 3 weeks ago callback-route.php 3 months ago refresh-callback-route.php 3 months ago
abstract-callback-route.php
111 lines
1 <?php
2
3 // phpcs:disable Yoast.NamingConventions.NamespaceName.TooLong -- Needed in the folder structure.
4 namespace Yoast\WP\SEO\AI_Authorization\User_Interface;
5
6 use RuntimeException;
7 use WP_REST_Request;
8 use WP_REST_Response;
9 use Yoast\WP\SEO\AI_Authorization\Infrastructure\Access_Token_User_Meta_Repository_Interface;
10 use Yoast\WP\SEO\AI_Authorization\Infrastructure\Code_Verifier_User_Meta_Repository_Interface;
11 use Yoast\WP\SEO\AI_Authorization\Infrastructure\Refresh_Token_User_Meta_Repository_Interface;
12 use Yoast\WP\SEO\AI_HTTP_Request\Domain\Exceptions\Unauthorized_Exception;
13 use Yoast\WP\SEO\Conditionals\AI_Conditional;
14 use Yoast\WP\SEO\Conditionals\Old_Premium_AI_Conditional;
15 use Yoast\WP\SEO\Main;
16 use Yoast\WP\SEO\Routes\Route_Interface;
17
18 /**
19 * The base class for the callback routes.
20 */
21 abstract class Abstract_Callback_Route implements Route_Interface {
22
23 /**
24 * The namespace for this route.
25 *
26 * @var string
27 */
28 public const ROUTE_NAMESPACE = Main::API_V1_NAMESPACE;
29
30 /**
31 * The access token repository instance.
32 *
33 * @var Access_Token_User_Meta_Repository_Interface
34 */
35 protected $access_token_repository;
36
37 /**
38 * The refresh token repository instance.
39 *
40 * @var Refresh_Token_User_Meta_Repository_Interface
41 */
42 protected $refresh_token_repository;
43
44 /**
45 * The code verifier instance.
46 *
47 * @var Code_Verifier_User_Meta_Repository_Interface
48 */
49 protected $code_verifier_repository;
50
51 /**
52 * Returns the conditionals based in which this loadable should be active.
53 *
54 * @return array<string> The conditionals.
55 */
56 public static function get_conditionals() {
57 return [ AI_Conditional::class, Old_Premium_AI_Conditional::class ];
58 }
59
60 /**
61 * Callback_Route constructor.
62 *
63 * @param Access_Token_User_Meta_Repository_Interface $access_token_repository The access token repository instance.
64 * @param Refresh_Token_User_Meta_Repository_Interface $refresh_token_repository The refresh token repository instance.
65 * @param Code_Verifier_User_Meta_Repository_Interface $code_verifier_repository The code verifier instance.
66 */
67 public function __construct( Access_Token_User_Meta_Repository_Interface $access_token_repository, Refresh_Token_User_Meta_Repository_Interface $refresh_token_repository, Code_Verifier_User_Meta_Repository_Interface $code_verifier_repository ) {
68 $this->access_token_repository = $access_token_repository;
69 $this->refresh_token_repository = $refresh_token_repository;
70 $this->code_verifier_repository = $code_verifier_repository;
71 }
72
73 // phpcs:disable Squiz.Commenting.FunctionCommentThrowTag.WrongNumber -- PHPCS doesn't take into account exceptions thrown in called methods.
74
75 /**
76 * Runs the callback to store connection credentials and the tokens locally.
77 *
78 * @param WP_REST_Request $request The request object.
79 *
80 * @return WP_REST_Response The response of the callback action.
81 *
82 * @throws Unauthorized_Exception If the code challenge is not valid.
83 * @throws RuntimeException If the verification code is not found.
84 */
85 public function callback( WP_REST_Request $request ): WP_REST_Response {
86 $user_id = $request->get_param( 'user_id' );
87 try {
88 $code_verifier = $this->code_verifier_repository->get_code_verifier( $user_id );
89
90 if ( $request->get_param( 'code_challenge' ) !== \hash( 'sha256', $code_verifier->get_code() ) ) {
91 throw new Unauthorized_Exception( 'Unauthorized' );
92 }
93
94 $this->access_token_repository->store_token( $user_id, $request->get_param( 'access_jwt' ) );
95 $this->refresh_token_repository->store_token( $user_id, $request->get_param( 'refresh_jwt' ) );
96 $this->code_verifier_repository->delete_code_verifier( $user_id );
97 } catch ( Unauthorized_Exception | RuntimeException $e ) {
98 return new WP_REST_Response( 'Unauthorized.', 401 );
99 }
100
101 return new WP_REST_Response(
102 [
103 'message' => 'Tokens successfully stored.',
104 'code_verifier' => $code_verifier->get_code(),
105 ],
106 );
107 }
108
109 // phpcs:enable Squiz.Commenting.FunctionCommentThrowTag.WrongNumber -- PHPCS doesn't take into account exceptions thrown in called methods.
110 }
111