Skip to content

Commit

Permalink
Merge pull request #152 from auth0/dev
Browse files Browse the repository at this point in the history
2.1.2
  • Loading branch information
glena committed Mar 16, 2016
2 parents 42f66bb + a578e88 commit 0d878d7
Show file tree
Hide file tree
Showing 8 changed files with 128 additions and 45 deletions.
4 changes: 2 additions & 2 deletions WP_Auth0.php
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
/**
* Plugin Name: Auth0 for WordPress
* Description: Implements the Auth0 Single Sign On solution into Wordpress
* Version: 2.1.2
* Version: 2.1.3
* Author: Auth0
* Author URI: https://auth0.com
*/
Expand All @@ -12,7 +12,7 @@
define( 'WPA0_PLUGIN_URL', trailingslashit( plugin_dir_url( __FILE__ ) ) );
define( 'WPA0_LANG', 'wp-auth0' );
define( 'AUTH0_DB_VERSION', 4 );
define( 'WPA0_VERSION', '2.1.2' );
define( 'WPA0_VERSION', '2.1.3' );

/**
* Main plugin class
Expand Down
2 changes: 1 addition & 1 deletion assets/css/initial-setup.css

Large diffs are not rendered by default.

24 changes: 24 additions & 0 deletions assets/css/initial-setup/main.styl
Original file line number Diff line number Diff line change
Expand Up @@ -283,6 +283,11 @@ p.a0-message {
position: relative;
color:text;
padding-left:20px;

&.multiline {
line-height: 25px;
padding:10px 20px;
}

&.a0-notice {
background-color: noticeBG;
Expand All @@ -296,6 +301,10 @@ p.a0-message {
color:text;
}
}
&.a0-warning {
background: #f8edb5;
color: #a78e11;
}

b {
font-weight:bold;
Expand All @@ -313,6 +322,18 @@ p.a0-message {
}
}

.modal-content {
.a0-message {
margin:20px 0;
}

.link {
line-height: 25px;
margin-bottom: 20px;
cursor:pointer;
}
}

.a0-profiles {
margin-top: 50px;
margin-bottom: 30px;
Expand Down Expand Up @@ -789,3 +810,6 @@ p.a0-message {
width: initial;
}

#manuallySetToken {
margin-right:15px;
}
7 changes: 6 additions & 1 deletion lib/WP_Auth0_Api_Client.php
Original file line number Diff line number Diff line change
Expand Up @@ -210,6 +210,8 @@ public static function create_client($domain, $app_token, $name) {
$headers['Authorization'] = "Bearer $app_token";
$headers['content-type'] = "application/json";

$logout_url = home_url();

$response = wp_remote_post( $endpoint , array(
'method' => 'POST',
'headers' => $headers,
Expand All @@ -222,7 +224,10 @@ public static function create_client($domain, $app_token, $name) {
"allowed_origins"=>array(
home_url('/wp-login.php'),
admin_url('/admin.php?page=wpa0-setup&step=2&profile=social')
)
),
"allowed_logout_urls" => array(
$logout_url
),
))
) );

Expand Down
42 changes: 30 additions & 12 deletions lib/WP_Auth0_LoginManager.php
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ public function auth0_sso_footer($previous_html) {
}
}
public function auth0_singlelogout_footer($previous_html) {

echo $previous_html;

if (!is_user_logged_in()) {
Expand All @@ -60,30 +60,48 @@ public function auth0_singlelogout_footer($previous_html) {

$singlelogout = $this->a0_options->get('singlelogout');

if ( $singlelogout ) {
$cdn = $this->a0_options->get('cdn_url');
$client_id = $this->a0_options->get('client_id');
$domain = $this->a0_options->get('domain');
$logout_url = wp_logout_url(get_permalink());

wp_enqueue_script( 'wpa0_lock', $cdn, 'jquery' );
include WPA0_PLUGIN_DIR . 'templates/auth0-singlelogout-handler.php';
if ( ! $singlelogout ) {
return;
}

$db_manager = new WP_Auth0_DBManager();

$profiles = $db_manager->get_current_user_profiles();

if ( empty($profiles) ) {
return;
}

$ids = array();

foreach($profiles as $profile) {
$ids[] = $profile->user_id;
}

$cdn = $this->a0_options->get('cdn_url');
$client_id = $this->a0_options->get('client_id');
$domain = $this->a0_options->get('domain');
$logout_url = wp_logout_url(get_permalink()) . '&SLO=1';

wp_enqueue_script( 'wpa0_lock', $cdn, 'jquery' );
include WPA0_PLUGIN_DIR . 'templates/auth0-singlelogout-handler.php';
}

public function logout() {
$this->end_session();

$sso = $this->a0_options->get( 'sso' );
$slo = $this->a0_options->get( 'singlelogout' );
$auto_login = absint( $this->a0_options->get( 'auto_login' ) );

if ( isset( $_REQUEST['redirect_to'] ) ) {
if ($slo && isset($_REQUEST['SLO'])) {
$redirect_to = $_REQUEST['redirect_to'];
} else {
$redirect_to = home_url();
wp_redirect($redirect_to);
die();
}

if ( $sso ) {
$redirect_to = home_url();
wp_redirect( 'https://' . $this->a0_options->get( 'domain' ) . '/v2/logout?returnTo=' . urlencode( $redirect_to ) . '&auth0Client=' . WP_Auth0_Api_Client::get_info_headers() );
die();
}
Expand Down
56 changes: 40 additions & 16 deletions lib/initial-setup/WP_Auth0_InitialSetup_Consent.php
Original file line number Diff line number Diff line change
Expand Up @@ -110,14 +110,25 @@ public function consent_callback($name) {
$client_id = $client_response->client_id;
}

$db_connection_name = 'DB-' . str_replace(' ', '-', get_bloginfo('name'));
$connection_exists = false;
$connection_pwd_policy = null;

$connections = WP_Auth0_Api_Client::search_connection($domain, $app_token);

foreach ($connections as $connection) {

if ( in_array( $client_id, $connection->enabled_clients ) ) {
if ( $connection->strategy === 'auth0' && $should_create_and_update_connection) {
$enabled_clients = array_diff($connection->enabled_clients, array($client_id));
WP_Auth0_Api_Client::update_connection($domain, $app_token, $connection->id, array('enabled_clients' => array_values($enabled_clients)));

if ($db_connection_name === $connection->name) {
$connection_exists = $connection->id;
$connection_pwd_policy = (isset($connection->options) && isset($connection->options->passwordPolicy)) ? $connection->options->passwordPolicy : null;
} else {
$enabled_clients = array_diff($connection->enabled_clients, array($client_id));
WP_Auth0_Api_Client::update_connection($domain, $app_token, $connection->id, array('enabled_clients' => array_values($enabled_clients)));
}

} elseif ($connection->strategy !== 'auth0') {
$this->a0_options->set_connection( "social_{$connection->name}" , 1 );
$this->a0_options->set_connection( "social_{$connection->name}_key" , isset($connection->options->client_id) ? $connection->options->client_id : null );
Expand All @@ -127,20 +138,33 @@ public function consent_callback($name) {
}

if ($should_create_and_update_connection) {
$secret = $this->a0_options->get( 'client_secret' );
$token_id = uniqid();
$migration_token = JWT::encode(array('scope' => 'migration_ws', 'jti' => $token_id), JWT::urlsafeB64Decode( $secret ));
$migration_token_id = $token_id;

$operations = new WP_Auth0_Api_Operations($this->a0_options);
$response = $operations->create_wordpress_connection($this->a0_options->get( 'auth0_app_token' ), $this->hasInternetConnection, $migration_token);

$this->a0_options->set( "db_connection_id" , $response );
$this->a0_options->set( "db_connection_enabled" , $response ? 1 : 0 );
$this->a0_options->set( "migration_ws" , $this->hasInternetConnection );
$this->a0_options->set( "migration_token" , $migration_token );
$this->a0_options->set( "migration_token_id" , $migration_token_id );
$this->a0_options->set( "password_policy" , null );

if ($connection_exists === false) {

$secret = $this->a0_options->get( 'client_secret' );
$token_id = uniqid();
$migration_token = JWT::encode(array('scope' => 'migration_ws', 'jti' => $token_id), JWT::urlsafeB64Decode( $secret ));
$migration_token_id = $token_id;

$operations = new WP_Auth0_Api_Operations($this->a0_options);
$response = $operations->create_wordpress_connection($this->a0_options->get( 'auth0_app_token' ), $this->hasInternetConnection, $migration_token);

$this->a0_options->set( "migration_ws" , $this->hasInternetConnection );
$this->a0_options->set( "migration_token" , $migration_token );
$this->a0_options->set( "migration_token_id" , $migration_token_id );
$this->a0_options->set( "db_connection_enabled" , $response ? 1 : 0 );
$this->a0_options->set( "db_connection_id" , $response );
$this->a0_options->set( "password_policy" , null );

} else {

$this->a0_options->set( "db_connection_enabled" , 1 );
$this->a0_options->set( "db_connection_id" , $connection_exists );
$this->a0_options->set( "password_policy" , $connection_pwd_policy );

}


}


Expand Down
21 changes: 14 additions & 7 deletions templates/auth0-singlelogout-handler.php
Original file line number Diff line number Diff line change
@@ -1,11 +1,18 @@
<script id="auth0" src="<?php echo $cdn ?>"></script>
<script type="text/javascript">
document.addEventListener("DOMContentLoaded", function() {
var lock = new Auth0Lock('<?php echo $client_id; ?>', '<?php echo $domain; ?>');
lock.$auth0.getSSOData(function(err, data) {
if (!err && !data.sso) {
window.location = '<?php echo html_entity_decode($logout_url); ?>';
(function(){

var uuids = <?php echo json_encode($ids); ?>;
document.addEventListener("DOMContentLoaded", function() {
var lock = new Auth0Lock('<?php echo $client_id; ?>', '<?php echo $domain; ?>');
lock.$auth0.getSSOData(function(err, data) {
if (!err && ( !data.sso || uuids.indexOf(data.lastUsedUserID) === -1 ) ) {

window.location = '<?php echo html_entity_decode($logout_url); ?>';

}
});
});
});
</script>

})();
</script>
17 changes: 11 additions & 6 deletions templates/initial-setup/connection_profile.php
Original file line number Diff line number Diff line change
Expand Up @@ -51,14 +51,19 @@
</div>
<div class="modal-body no-padding-bottom">
<p><?php _e('This wizard gets you started with the Auth0 for WordPress plug-in. You\'ll be transferred to Auth0 and can login or sign-up. Then you\'ll authorize the plug-in and configure identity providers, whether social or enterprise connections.', WPA0_LANG); ?></p>
<p><?php _e('Finally, you\'ll migrate your own WordPress administrator account to Auth0, ready to configure the plug-in through the WordPress dashboard.', WPA0_LANG); ?></p>
<p><b><?php _e('This plug-in replaces the standard WordPress login screen. The experience is improved of course, but different. By default, there is a link to the regular WordPress login screen should you need it.', WPA0_LANG); ?></b>b></p>
<p><b><?php _e('Note: For this plugin to work, your server/host needs an inbound connection from auth0.com. This is necessary as Auth0 needs to fetch some information as it pertains to your API token.', WPA0_LANG); ?></b>b></p>
<p class="text-center"><span class="a0-button link" id="manuallySetToken">This website is not accesible from the internet and requires manual intervention for Auth0 to set the token on your behalf.</span></p>
<p><b><?php _e('This plug-in replaces the standard WordPress login screen. The experience is improved of course, but different. By default, there is a link to the regular WordPress login screen should you need it.', WPA0_LANG); ?></b></p>

<p class="a0-message a0-warning multiline">

<b>Note:</b>
<?php _e('For this plugin to work, your server/host needs an inbound connection from auth0.com, as Auth0 needs to fetch some information to complete the process. If this website is not accesible from the internet, it will require manual intervention to configure the api token.', WPA0_LANG); ?>

</p>

</div>
<div class="modal-footer">
<!-- <input type="submit" class="a0-button primary" value="Continue"/> -->
<a class="a0-button primary submit" href="#">Continue</a>
<a class="a0-button primary" href="#" id="manuallySetToken">Manual Setup (no Internet access)</a>
<a class="a0-button primary submit" href="#">Automatic setup</a>
</div>
</div>
</div>
Expand Down

0 comments on commit 0d878d7

Please sign in to comment.