Skip to content

23408 fix ai consent related classes in the old ai folder structure#23410

Merged
leonidasmi merged 5 commits into
trunkfrom
23408-fix-ai-consent-related-classes-in-the-old-ai-folder-structure
Jul 1, 2026
Merged

23408 fix ai consent related classes in the old ai folder structure#23410
leonidasmi merged 5 commits into
trunkfrom
23408-fix-ai-consent-related-classes-in-the-old-ai-folder-structure

Conversation

@pls78

@pls78 pls78 commented Jun 25, 2026

Copy link
Copy Markdown
Member

Context

  • In Manage user consent through Yoast AI #23302 we refactored the AI consent flow, but some changes were not mirrored in the old Yoast\WP\SEO\AI_Consent\Application\Consent_Handler and Yoast\WP\SEO\AI_Authorization\Application\Token_Manager classes. Thee old classes are used in case the use has an old version of Yoast SEO Premium and a recent version of Yoast.

Summary

This PR can be summarized in the following changelog entry:

  • Mirrors the changes made in the Yoast\WP\SEO\AI\ classes in the old Yoast\WP\SEO\AI_* ones.

Relevant technical choices:

  • N/A

Test instructions

Test instructions for the acceptance test before the PR gets merged

This PR can be acceptance tested by following these steps:

  • Make sure you have the latest Free trunk and an older version of Premium installed

Test granting consent from the user profile

  • Go to Users -> Profile and grant consent
    • Confirm now the button says Revoke consent and no errors are shown in the browser console network tab
    • Use an AI-based feature (e.g. the AI Optimize) and confirm you're not asked for consent

Test revoking consent from the user profile

  • Go to Users -> Profile and revoke consent
    • Confirm now the button says Grant consent and no errors are shown in the browser console network tab
  • With a MySQL client open the wp_usermeta table
    • Verify that there are no lines where the meta_name column is _yoast_wpseo_ai_generator_access_jwt and the user_id column equals to your logged in user id ❌ this fails, that's why we created this PR on top: Revoke consent by invalidating tokens #23425. Same with the below step
    • Verify the same for meta_name = _yoast_wpseo_ai_generator_refresh_jwt

Test granting consent from the block editor

  • Edit a post
  • Try to use any AI-based feature
    • Verify you get asked for consent
    • Verify you can use the feature and no errors are shown in the browser console network tab

Relevant test scenarios

  • Changes should be tested with the browser console open
  • Changes should be tested on different posts/pages/taxonomies/custom post types/custom taxonomies
  • Changes should be tested on different editors (Default Block/Gutenberg/Classic/Elementor/other)
  • Changes should be tested on different browsers
  • Changes should be tested on multisite

Test instructions for QA when the code is in the RC

  • QA should use the same steps as above.

Impact check

This PR affects the following parts of the plugin, which may require extra testing:

  • One of the changes I made impacts also the Free trunk and Premium trunk scenario: please perform a smoke test by granting consent and using an AI-based feature in that scenario, too.

Other environments

  • This PR also affects Shopify. I have added a changelog entry starting with [shopify-seo], added test instructions for Shopify and attached the Shopify label to this PR.
  • This PR also affects Yoast SEO for Google Docs. I have added a changelog entry starting with [yoast-doc-extension], added test instructions for Yoast SEO for Google Docs and attached the Google Docs Add-on label to this PR.

Documentation

  • I have written documentation for this change. For example, comments in the Relevant technical choices, comments in the code, documentation on Confluence / shared Google Drive / Yoast developer portal, or other.

Quality assurance

  • I have tested this code to the best of my abilities.
  • During testing, I had activated all plugins that Yoast SEO provides integrations for.
  • I have added unit tests to verify the code works as intended.
  • If any part of the code is behind a feature flag, my test instructions also cover cases where the feature flag is switched off.
  • I have written this PR in accordance with my team's definition of done.
  • I have checked that the base branch is correctly set.
  • I have run grunt build:images and committed the results, if my PR introduces or edits images or SVGs.

Innovation

  • No innovation project is applicable for this PR.
  • This PR falls under an innovation project. I have attached the innovation label.
  • I have added my hours to the WBSO document.

Fixes #23408

@pls78 pls78 added the changelog: bugfix Needs to be included in the 'Bugfixes' category in the changelog label Jun 25, 2026
@pls78 pls78 marked this pull request as ready for review June 25, 2026 20:37
@coveralls

Copy link
Copy Markdown

Coverage Report for CI Build 0

Warning

Build has drifted: This PR's base is out of sync with its target branch, so coverage data may include unrelated changes.
Quick fix: rebase this PR. Learn more →

Coverage decreased (-0.3%) to 53.509%

Details

  • Coverage decreased (-0.3%) from the base build.
  • Patch coverage: 7 uncovered changes across 2 files (1 of 8 lines covered, 12.5%).
  • 324 coverage regressions across 14 files.

Uncovered Changes

File Changed Covered %
src/ai-authorization/application/token-manager.php 5 0 0.0%
src/ai-consent/application/consent-handler.php 2 0 0.0%
Total (3 files) 8 1 12.5%

Coverage Regressions

324 previously-covered lines in 14 files lost coverage.

Top 10 Files by Coverage Loss Lines Losing Coverage Coverage
src/myyoast-client/user-interface/auth-command.php 84 0.0%
src/myyoast-client/infrastructure/registration/client-registration.php 84 55.56%
src/myyoast-client/infrastructure/http/http-client.php 52 40.4%
src/myyoast-client/application/authorization-code-handler.php 31 70.09%
src/myyoast-client/application/myyoast-client.php 24 78.15%
src/ai/content-planner/application/content-suggestion-command-handler.php 9 76.0%
src/ai/http-request/domain/response.php 9 0.0%
src/ai/http-request/domain/request.php 7 0.0%
src/ai/http-request/domain/exceptions/remote-request-exception.php 6 0.0%
src/ai/http-request/infrastructure/api-client.php 6 81.82%

Coverage Stats

Coverage Status
Relevant Lines: 68347
Covered Lines: 36364
Line Coverage: 53.2%
Relevant Branches: 16669
Covered Branches: 9127
Branch Coverage: 54.75%
Branches in Coverage %: Yes
Coverage Strength: 44030.95 hits per line

💛 - Coveralls

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Mirrors recent AI consent/authorization refactor behavior into the legacy src/ai-* folder structure to keep compatibility working when Free is updated but Premium is still on an older version.

Changes:

  • Switched stale-token cleanup to go through the access/refresh token repositories (via clear_tokens) in both the new and legacy Token_Manager.
  • Added explicit “user not found” handling in the legacy AI_Consent Consent_Handler.
  • Updated a unit test to expect repository-based token deletion when callback URLs change.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

File Description
tests/Unit/AI/Authorization/Application/Token_Manager/Callback_Url_Change_Test.php Updates expectations to match repository-based token deletion when callback URLs are stale.
src/ai/authorization/application/token-manager.php Uses clear_tokens() (repository-based) instead of direct user meta deletion and adjusts docblocks.
src/ai-consent/application/consent-handler.php Adds/aligns legacy consent handler behavior to throw when the WP user cannot be resolved.
src/ai-authorization/application/token-manager.php Introduces clear_tokens() in the legacy token manager and uses it for token invalidation and stale-token cleanup.

Comment thread src/ai-authorization/application/token-manager.php
Comment thread src/ai-consent/application/consent-handler.php
Comment thread src/ai-consent/application/consent-handler.php
@leonidasmi leonidasmi added changelog: non-user-facing Needs to be included in the 'Non-userfacing' category in the changelog and removed changelog: bugfix Needs to be included in the 'Bugfixes' category in the changelog labels Jul 1, 2026
@leonidasmi leonidasmi added this to the 28.1 milestone Jul 1, 2026
@leonidasmi leonidasmi merged commit c495e70 into trunk Jul 1, 2026
38 checks passed
@leonidasmi leonidasmi deleted the 23408-fix-ai-consent-related-classes-in-the-old-ai-folder-structure branch July 1, 2026 10:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

changelog: non-user-facing Needs to be included in the 'Non-userfacing' category in the changelog

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Fix AI consent-related classes in the old src/ai-* folder structure

4 participants