Yoast\WP\SEO\MyYoast_Client\Infrastructure\Crypto

Client_Authenticator{}Yoast 1.0└─ Client_Authenticator_Interface

Creates signed client_assertion JWTs for private_key_jwt authentication.

Wraps Key_Pair_Manager and JWT_Signer to provide a single method for generating client assertions, hiding key pair lifecycle from the application layer.

Хуков нет.

Использование

$Client_Authenticator = new Client_Authenticator();
// use class methods

Методы

  1. public __construct( Key_Pair_Manager $key_pair_manager, JWT_Signer $jwt_signer )
  2. public create_client_assertion( string $client_id, string $audience )

Код Client_Authenticator{} Yoast 27.7

yoast/src/myyoast-client/infrastructure/crypto/client-authenticator.php 
class Client_Authenticator implements Client_Authenticator_Interface {

	/**
	 * The key pair manager.
	 *
	 * @var Key_Pair_Manager
	 */
	private $key_pair_manager;

	/**
	 * The JWT signer.
	 *
	 * @var JWT_Signer
	 */
	private $jwt_signer;

	/**
	 * Client_Authenticator constructor.
	 *
	 * @param Key_Pair_Manager $key_pair_manager The key pair manager.
	 * @param JWT_Signer       $jwt_signer       The JWT signer.
	 */
	public function __construct( Key_Pair_Manager $key_pair_manager, JWT_Signer $jwt_signer ) {
		$this->key_pair_manager = $key_pair_manager;
		$this->jwt_signer       = $jwt_signer;
	}

	/**
	 * Creates a signed client_assertion JWT for the given audience.
	 *
	 * @param string $client_id The registered client_id.
	 * @param string $audience  The audience URL (typically the token endpoint).
	 *
	 * @return string The signed client_assertion JWT.
	 *
	 * @throws Client_Authentication_Exception If key retrieval or signing fails.
	 */
	public function create_client_assertion( string $client_id, string $audience ): string {
		try {
			$key_pair = $this->key_pair_manager->get_or_create_key_pair( Key_Pair_Manager::PURPOSE_REGISTRATION );

			return $this->jwt_signer->create_client_assertion( $client_id, $audience, $key_pair );
		} catch ( Encryption_Exception | JWT_Signing_Exception $e ) {
			// phpcs:ignore WordPress.Security.EscapeOutput.ExceptionNotEscaped -- Internal exception message.
			throw new Client_Authentication_Exception( 'Client assertion signing failed: ' . $e->getMessage(), 0, $e );
		}
	}
}