feat: add rest transport client

tests/Unit/Transport/RestTransportClientTest.php

@@ -0,0 +1,99 @@
+<?php
+
+namespace WPContentSync\Tests\Unit\Transport;
+
+use PHPUnit\Framework\TestCase;
+use WPContentSync\Package\ContentPackage;
+use WPContentSync\Package\PackageChecksum;
+use WPContentSync\Transport\RestTransportClient;
+use WPContentSync\Transport\RestTransportException;
+
+class RestTransportClientTest extends TestCase {
+	protected function tearDown(): void {
+		unset( $GLOBALS['wpcs_http_response'], $GLOBALS['wpcs_last_http_request'] );
+
+		parent::tearDown();
+	}
+
+	public function test_it_tests_connections_with_application_password_auth(): void {
+		$client = new RestTransportClient();
+
+		self::assertTrue( $client->testConnection( 'https://destination.test', 'codex', 'app-pass' ) );
+
+		self::assertSame( 'GET', $GLOBALS['wpcs_last_http_request']['method'] );
+		self::assertSame( 'https://destination.test/wp-json/wp-content-sync/v1/status', $GLOBALS['wpcs_last_http_request']['url'] );
+		// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode -- Expected Basic auth value for application-password requests.
+		self::assertSame( 'Basic ' . base64_encode( 'codex:app-pass' ), $GLOBALS['wpcs_last_http_request']['args']['headers']['Authorization'] );
+	}
+
+	public function test_it_sends_packages_to_receive_endpoint(): void {
+		$client = new RestTransportClient();
+
+		self::assertTrue( $client->sendPackage( 'https://destination.test/', 'codex', 'app-pass', $this->package() ) );
+
+		self::assertSame( 'POST', $GLOBALS['wpcs_last_http_request']['method'] );
+		self::assertSame( 'https://destination.test/wp-json/wp-content-sync/v1/package', $GLOBALS['wpcs_last_http_request']['url'] );
+		self::assertStringContainsString( '"package"', $GLOBALS['wpcs_last_http_request']['args']['body'] );
+		self::assertSame( 'application/json', $GLOBALS['wpcs_last_http_request']['args']['headers']['Content-Type'] );
+	}
+
+	public function test_it_throws_authentication_failures_for_unauthorized_status(): void {
+		$GLOBALS['wpcs_http_response'] = array(
+			'response' => array( 'code' => 401 ),
+			'body'     => '{"message":"Unauthorized"}',
+		);
+		$client                        = new RestTransportClient();
+
+		$this->expectException( RestTransportException::class );
+		$this->expectExceptionMessage( 'REST authentication failed.' );
+
+		$client->testConnection( 'https://destination.test', 'codex', 'bad-pass' );
+	}
+
+	public function test_it_throws_remote_rejected_for_invalid_package_response(): void {
+		$GLOBALS['wpcs_http_response'] = array(
+			'response' => array( 'code' => 400 ),
+			'body'     => '{"message":"Invalid package"}',
+		);
+		$client                        = new RestTransportClient();
+
+		$this->expectException( RestTransportException::class );
+		$this->expectExceptionMessage( 'Invalid package' );
+
+		$client->sendPackage( 'https://destination.test', 'codex', 'app-pass', $this->package() );
+	}
+
+	private function package(): ContentPackage {
+		$records = array(
+			'posts'             => array(),
+			'terms'             => array(),
+			'media'             => array(),
+			'custom_post_types' => array(),
+		);
+
+		return ContentPackage::fromArray(
+			array(
+				'schema_version' => '1.0',
+				'generated_at'   => '2026-04-28T12:00:00+00:00',
+				'source'         => array(
+					'site_url' => 'https://example.test',
+					'name'     => 'Example',
+				),
+				'destination'    => array(
+					'site_url' => 'https://destination.test',
+					'name'     => 'Destination',
+				),
+				'manifest'       => array(
+					'posts'             => 0,
+					'terms'             => 0,
+					'media'             => 0,
+					'custom_post_types' => 0,
+				),
+				'records'        => $records,
+				'checksums'      => array(
+					'records' => PackageChecksum::records( $records ),
+				),
+			)
+		);
+	}
+}