Merge pull request #30 from auth0/dev

Issues #24, #28 & #29

WP_Auth0.php

@@ -2,7 +2,7 @@
 /**
  * Plugin Name: Wordpress Auth0 Integration
  * Description: Implements the Auth0 Single Sign On solution into Wordpress
- * Version: 1.1.4
+ * Version: 1.1.5
  * Author: Auth0
  * Author URI: https://auth0.com
  */
@@ -142,6 +142,9 @@ public static function login_auto() {
  if ($auto_login && $_GET["action"] != "logout") {
 
  $stateObj = array("interim" => false, "uuid" =>uniqid());
+ if (isset($_GET['redirect_to'])) {
+ $stateObj["redirect_to"] = $_GET['redirect_to'];
+ }
  $state = json_encode($stateObj);
  // Create the link to log in
 
@@ -242,7 +245,6 @@ public static function render_form( $html ){
  if (trim($client_id) == "") return;
 
  ob_start();
-
  require_once WPA0_PLUGIN_DIR . 'templates/login-form.php';
  renderAuth0Form();
 
@@ -277,7 +279,7 @@ public static function init_auth0(){
  $code = $wp_query->query_vars['code'];
  $state = $wp_query->query_vars['state'];
  $stateFromGet = json_decode(stripcslashes($state));
- 
+
  $domain = WP_Auth0_Options::get( 'domain' );
  $endpoint = "https://" . $domain . "/";
  $client_id = WP_Auth0_Options::get( 'client_id' );
@@ -339,7 +341,14 @@ public static function init_auth0(){
  exit();
 
  } else {
- wp_safe_redirect( home_url() );
+
+ if (isset($stateFromGet->redirect_to)) {
+ $redirectURL = $stateFromGet->redirect_to;
+ } else {
+ $redirectURL = WP_Auth0_Options::get( 'default_login_redirection' );
+ }
+
+ wp_safe_redirect($redirectURL);
  }
  }
  }elseif (is_array($response['response']) && $response['response']['code'] == 401) {

lib/WP_Auth0_Admin.php

@@ -50,6 +50,7 @@ public static function init_admin(){
 
  self::init_option_section('Basic', array(
 
+ array('id' => 'wpa0_create_account_message', 'name' => '', 'function' => 'create_account_message'),
  array('id' => 'wpa0_domain', 'name' => 'Domain', 'function' => 'render_domain'),
  array('id' => 'wpa0_client_id', 'name' => 'Client ID', 'function' => 'render_client_id'),
  array('id' => 'wpa0_client_secret', 'name' => 'Client Secret', 'function' => 'render_client_secret'),
@@ -76,6 +77,7 @@ public static function init_admin(){
  array('id' => 'wpa0_dict', 'name' => 'Translation', 'function' => 'render_dict'),
  array('id' => 'wpa0_username_style', 'name' => 'Username style', 'function' => 'render_username_style'),
  array('id' => 'wpa0_remember_last_login', 'name' => 'Remember last login', 'function' => 'render_remember_last_login'),
+ array('id' => 'wpa0_default_login_redirection', 'name' => 'Login redirection URL', 'function' => 'render_default_login_redirection'),
  array('id' => 'wpa0_verified_email', 'name' => 'Requires verified email', 'function' => 'render_verified_email'),
  array('id' => 'wpa0_allow_signup', 'name' => 'Allow signup', 'function' => 'render_allow_signup'),
  array('id' => 'wpa0_auto_login', 'name' => 'Auto Login (no widget)', 'function' => 'render_auto_login'),
@@ -104,6 +106,13 @@ public static function render_remember_last_login () {
  echo '<br/><span class="description">' . __('Request for SSO data and enable Last time you signed in with[...] message.', WPA0_LANG) . '<a target="_blank" href="https://github.com/auth0/lock/wiki/Auth0Lock-customization#rememberlastlogin-boolean">' . __('More info', WPA0_LANG) . '</a></span>';
  }
 
+ public static function create_account_message(){
+ echo '<div id="message" class="updated"><p><strong>'
+ . __('In order to use this plugin, you need to first', WPA0_LANG)
+ . ' <a target="_blank" href="https://app.auth0.com/#/applications">'.__('create an application', WPA0_LANG) . '</a>'
+ . __(' on Auth0 and copy the information here.', WPA0_LANG)
+ . '</strong></p></div>';
+ }
  public static function render_client_id(){
  $v = WP_Auth0_Options::get( 'client_id' );
  echo '<input type="text" name="' . WP_Auth0_Options::OPTIONS_NAME . '[client_id]" id="wpa0_client_id" value="' . esc_attr( $v ) . '"/>';
@@ -126,6 +135,12 @@ public static function render_form_title(){
  echo '<br/><span class="description">' . __('This is the title for the login widget', WPA0_LANG) . '</span>';
  }
 
+ public static function render_default_login_redirection(){
+ $v = WP_Auth0_Options::get( 'default_login_redirection' );
+ echo '<input type="text" name="' . WP_Auth0_Options::OPTIONS_NAME . '[default_login_redirection]" id="wpa0_default_login_redirection" value="' . esc_attr( $v ) . '"/>';
+ echo '<br/><span class="description">' . __('This is the URL that all users will be redirected by default after login', WPA0_LANG) . '</span>';
+ }
+
  public static function render_dict(){
  $v = WP_Auth0_Options::get( 'dict' );
  echo '<textarea name="' . WP_Auth0_Options::OPTIONS_NAME . '[dict]" id="wpa0_dict">' . esc_attr( $v ) . '</textarea>';
@@ -242,6 +257,16 @@ public static function render_settings_page(){
  include WPA0_PLUGIN_DIR . 'templates/settings.php';
  }
 
+ protected static function add_validation_error($error)
+ {
+ add_settings_error(
+ WP_Auth0_Options::OPTIONS_NAME,
+ WP_Auth0_Options::OPTIONS_NAME,
+ $error,
+ 'error'
+ );
+ }
+
  public static function input_validator( $input ){
  $input['client_id'] = sanitize_text_field( $input['client_id'] );
  $input['form_title'] = sanitize_text_field( $input['form_title'] );
@@ -259,22 +284,76 @@ public static function input_validator( $input ){
 
  $input['remember_last_login'] = (isset($input['remember_last_login']) ? 1 : 0);
 
+ $input['default_login_redirection'] = esc_url_raw($input['default_login_redirection']);
+ $home_url = home_url();
+
+ if (empty($input['default_login_redirection']))
+ {
+ $input['default_login_redirection'] = $home_url;
+ }
+ else
+ {
+ if (strpos($input['default_login_redirection'], $home_url) !== 0)
+ {
+ if (strpos($input['default_login_redirection'], 'http') === 0)
+ {
+ $input['default_login_redirection'] = $home_url;
+
+ $error = __("The 'Login redirect URL' cannot point to a foreign page.", WPA0_LANG);
+ self::add_validation_error($error);
+ }
+ }
+
+ if (strpos($input['default_login_redirection'], 'action=logout') !== false)
+ {
+ $input['default_login_redirection'] = $home_url;
+
+ $error = __("The 'Login redirect URL' cannot point to the logout page.", WPA0_LANG);
+ self::add_validation_error($error);
+ }
+ }
+
  $error = "";
+ $completeBasicData = true;
  if (empty($input["domain"]) ) {
  $error = __("You need to specify domain", WPA0_LANG);
+ self::add_validation_error($error);
+ $completeBasicData = false;
  }
+
  if (empty($input["client_id"])) {
  $error = __("You need to specify a client id", WPA0_LANG);
+ self::add_validation_error($error);
+ $completeBasicData = false;
  }
  if (empty($input["client_secret"])) {
  $error = __("You need to specify a client secret", WPA0_LANG);
+ self::add_validation_error($error);
+ $completeBasicData = false;
+ }
+
+ if ($completeBasicData)
+ {
+ $response = WP_Auth0_Api_Client::get_token($input["domain"], $input["client_id"], $input["client_secret"]);
+
+ if ($response instanceof WP_Error) {
+ $error = $response->get_error_message();
+ self::add_validation_error($error);
+ }
+ elseif ($response['response']['code'] != 200)
+ {
+ $error = __("The client id or secret is not valid. ", WPA0_LANG);
+ self::add_validation_error($error);
+ }
  }
 
+
  if (trim($input["dict"]) != '')
  {
  if (strpos($input["dict"], '{') !== false && json_decode($input["dict"]) === null)
  {
  $error = __("The Translation parameter should be a valid json object", WPA0_LANG);
+ self::add_validation_error($error);
  }
  }
 
@@ -283,23 +362,10 @@ public static function input_validator( $input ){
  if (json_decode($input["extra_conf"]) === null)
  {
  $error = __("The Extra settings parameter should be a valid json object", WPA0_LANG);
+ self::add_validation_error($error);
  }
  }
 
- if ($error != "") {
- add_settings_error(
- WP_Auth0_Options::OPTIONS_NAME,
- WP_Auth0_Options::OPTIONS_NAME,
- $error,
- 'error'
- );
-
- }
-
- // $input['endpoint'] = esc_url( $input['endpoint'], array('https', 'http') );
- // if(!empty($input['endpoint']))
- // $input['endpoint'] = trailingslashit($input['endpoint']);
-
  return $input;
  }
 }

lib/WP_Auth0_Api_Client.php

@@ -0,0 +1,33 @@
+<?php
+
+class WP_Auth0_Api_Client {
+
+ public static function get_token($domain, $client_id, $client_secret, $grantType = 'client_credentials')
+ {
+ $endpoint = "https://" . $domain . "/";
+ $body = array(
+ 'client_id' => $client_id,
+ 'client_secret' =>$client_secret,
+ 'grant_type' => $grantType
+ );
+
+ $headers = array(
+ 'content-type' => 'application/x-www-form-urlencoded'
+ );
+
+
+ $response = wp_remote_post( $endpoint . 'oauth/token', array(
+ 'headers' => $headers,
+ 'body' => $body
+ ));
+
+ if ($response instanceof WP_Error) {
+ WP_Auth0::insertAuth0Error('WP_Auth0_Api_Client::get_token',$response);
+ error_log($response->get_error_message());
+ }
+
+ return $response;
+
+ }
+
+} 

lib/WP_Auth0_Options.php

@@ -60,6 +60,7 @@ private static function defaults(){
  'remember_last_login' => true,
  'custom_css' => '',
  'gravatar' => true,
+ 'default_login_redirection' => home_url(),
  );
  }
 }

templates/auth0-login-form.php

@@ -32,6 +32,10 @@
 }
 
 $stateObj = array("interim" => $interim_login, "uuid" =>uniqid());
+if (isset($_GET['redirect_to'])) {
+ $stateObj["redirect_to"] = $_GET['redirect_to'];
+}
+
 $state = json_encode($stateObj);
 
 
@@ -53,6 +57,7 @@
 if (!$allow_signup) {
  $options_obj['disableSignupAction'] = true;
 }
+
 $options = json_encode($options_obj);
 
 if(empty($client_id) || empty($domain)){ ?>

templates/settings.php

@@ -1,11 +1,12 @@
 <div class="wrap">
  <?php screen_icon(); ?>
  <h2><?php _e('Auth0 Settings', WPA0_LANG); ?></h2>
- <?php if( isset($_GET['settings-updated']) ) { ?>
+ <?php if( count(get_settings_errors()) == 0 && isset($_GET['settings-updated']) ) { ?>
  <div id="message" class="updated">
  <p><strong><?php _e('Settings saved.') ?></strong></p>
  </div>
  <?php } ?>
+ <?php settings_errors(); ?>
  <form action="options.php" method="post">
  <?php settings_fields( WP_Auth0_Options::OPTIONS_NAME ); ?> 
  <?php do_settings_sections( WP_Auth0_Options::OPTIONS_NAME ); ?>