Yoast\WP\SEO\MyYoast_Client\Infrastructure\DPoP

DPoP_Handler::create_proofpublicYoast 1.0

Creates a DPoP proof JWT.

Метод класса: DPoP_Handler{}

Хуков нет.

Возвращает

Строку. The signed DPoP proof JWT.

Использование

$DPoP_Handler = new DPoP_Handler();
$DPoP_Handler->create_proof( string $http_method, string $url,;

Код DPoP_Handler::create_proof() Yoast 27.8

yoast/src/myyoast-client/infrastructure/dpop/dpop-handler.php 
public function create_proof(
	string $http_method,
	string $url,
	// phpcs:ignore PHPCompatibility.Attributes.NewAttributes.PHPNativeAttributeFound -- No-op on PHP < 8.2; redacts parameter from stack traces on PHP 8.2+.
	#[SensitiveParameter]
	?string $access_token = null
): string {
	try {
		$key_pair = $this->key_pair_manager->get_or_create_key_pair( Key_Pair_Manager::PURPOSE_DPOP );
	}
	catch ( Encryption_Exception $e ) {
		// phpcs:ignore WordPress.Security.EscapeOutput.ExceptionNotEscaped -- Internal exception message.
		throw new DPoP_Proof_Exception( 'DPoP key pair generation failed: ' . $e->getMessage(), 0, $e );
	}

	$jwk = $this->key_pair_manager->get_public_key_jwk( $key_pair );

	$header = [
		'typ' => 'dpop+jwt',
		'alg' => self::PROOF_ALG,
		'jwk' => $jwk,
	];

	// Strip query and fragment from URL per RFC 9449.
	$htu = $this->normalize_url( $url );
	try {
		$jti = $this->jwt_signer->generate_jti();
	}
	catch ( Exception $e ) {
		// phpcs:ignore WordPress.Security.EscapeOutput.ExceptionNotEscaped -- Internal exception message.
		throw new DPoP_Proof_Exception( 'Failed to generate jti for DPoP proof: ' . $e->getMessage(), 0, $e );
	}

	$payload = [
		'htm' => \strtoupper( $http_method ),
		'htu' => $htu,
		'iat' => \time(),
		'jti' => $jti,
	];

	// Include nonce if the server has provided one.
	$nonce = $this->get_stored_nonce();
	if ( $nonce !== null ) {
		$payload['nonce'] = $nonce;
	}

	// Include ath (access token hash) for resource requests.
	if ( $access_token !== null ) {
		$payload['ath'] = Base64url::encode(
			\hash( 'sha256', $access_token, true ),
		);
	}

	try {
		return $this->jwt_signer->sign( $header, $payload, $key_pair->get_private_key() );
	}
	catch ( JWT_Signing_Exception $e ) {
		// phpcs:ignore WordPress.Security.EscapeOutput.ExceptionNotEscaped -- Internal exception message.
		throw new DPoP_Proof_Exception( 'DPoP proof signing failed: ' . $e->getMessage(), 0, $e );
	}
}