From 4d725f8459050162a4a41e05647e893ab316195e Mon Sep 17 00:00:00 2001
From: German Lena <german.lena@gmail.com>
Date: Mon, 1 Jun 2015 15:15:33 -0300
Subject: [PATCH 1/3] SSO WIP

---
 WP_Auth0.php                   |   6 ++
 lib/WP_Auth0_Admin.php         |   9 +++
 lib/WP_Auth0_Options.php       |   1 +
 templates/auth0-login-form.php | 125 ++++++++++++++++++++++++---------
 4 files changed, 108 insertions(+), 33 deletions(-)

diff --git a/WP_Auth0.php b/WP_Auth0.php
index ce73d8fe..3c04ccff 100644
--- a/WP_Auth0.php
+++ b/WP_Auth0.php
@@ -280,6 +280,12 @@ public static function buildSettings($settings)
         if (self::IsValid($settings,'remember_last_login')) {
             $options_obj['rememberLastLogin'] = self::GetBoolean($settings['remember_last_login']);
         }
+        if (self::IsValid($settings,'sso')) {
+            $options_obj['sso'] = self::GetBoolean($settings['sso']);
+        }
+        if (self::IsValid($settings,'auth0_implicit_workflow')) {
+            $options_obj['auth0_implicit_workflow'] = self::GetBoolean($settings['auth0_implicit_workflow']);
+        }
         if (self::IsValid($settings,'icon_url')) {
             $options_obj['icon'] = $settings['icon_url'];
         }
diff --git a/lib/WP_Auth0_Admin.php b/lib/WP_Auth0_Admin.php
index 1f8c4dc4..31f2d7bf 100755
--- a/lib/WP_Auth0_Admin.php
+++ b/lib/WP_Auth0_Admin.php
@@ -74,6 +74,7 @@ public static function init_admin(){
 
         $advancedOptions = array(
 
+            array('id' => 'wpa0_sso', 'name' => 'Single Sign On (SSO)', 'function' => 'render_sso'),
             array('id' => 'wpa0_dict', 'name' => 'Translation', 'function' => 'render_dict'),
             array('id' => 'wpa0_username_style', 'name' => 'Username style', 'function' => 'render_username_style'),
             array('id' => 'wpa0_remember_last_login', 'name' => 'Remember last login', 'function' => 'render_remember_last_login'),
@@ -238,6 +239,13 @@ public static function render_cdn_url () {
         echo '<br/><span class="description">' . __('Point this to the latest widget available in the CDN', WPA0_LANG) . '</span>';
     }
 
+    public static function render_sso () {
+        $v = absint(WP_Auth0_Options::get( 'sso' ));
+        echo '<input type="checkbox" name="' . WP_Auth0_Options::OPTIONS_NAME . '[sso]" id="wpa0_sso" value="1" ' . checked( $v, 1, false ) . '/>';
+        echo '<br/><span class="description">' . __('Mark this if you want to enable SSO. More info ', WPA0_LANG);
+        echo '<a target="_blank" href="https://auth0.com/docs/sso/single-sign-on">' . __('HERE', WPA0_LANG) . '</a></span>';
+    }
+
     public static function render_verified_email () {
         $v = absint(WP_Auth0_Options::get( 'requires_verified_email' ));
         echo '<input type="checkbox" name="' . WP_Auth0_Options::OPTIONS_NAME . '[requires_verified_email]" id="wpa0_verified_email" value="1" ' . checked( $v, 1, false ) . '/>';
@@ -320,6 +328,7 @@ public static function input_validator( $input ){
             'https'
         ));
 
+        $input['sso'] = (isset($input['sso']) ? 1 : 0);
         $input['requires_verified_email'] = (isset($input['requires_verified_email']) ? 1 : 0);
         $input['wordpress_login_enabled'] = (isset($input['wordpress_login_enabled']) ? 1 : 0);
         $input['jwt_auth_integration'] = (isset($input['jwt_auth_integration']) ? 1 : 0);
diff --git a/lib/WP_Auth0_Options.php b/lib/WP_Auth0_Options.php
index fdb4e12a..c7f11dcc 100755
--- a/lib/WP_Auth0_Options.php
+++ b/lib/WP_Auth0_Options.php
@@ -61,6 +61,7 @@ private static function defaults(){
             'custom_css' => '',
             'custom_js' => '',
             'auth0_implicit_workflow' => false,
+            'sso' => false,
             'gravatar' => true,
             'jwt_auth_integration' => false,
             // 'auto_provisioning' => true,
diff --git a/templates/auth0-login-form.php b/templates/auth0-login-form.php
index 59d1a91b..abfbf8cc 100644
--- a/templates/auth0-login-form.php
+++ b/templates/auth0-login-form.php
@@ -4,13 +4,11 @@
 if (trim($client_id) == "") return;
 
 $wordpress_login_enabled = WP_Auth0_Options::get('wordpress_login_enabled') == 1;
-
 $auth0_implicit_workflow = WP_Auth0_Options::get('auth0_implicit_workflow') == 1;
 
 $domain = WP_Auth0_Options::get('domain');
 $cdn = WP_Auth0_Options::get('cdn_url');
 
-
 $allow_signup = WP_Auth0_Options::is_wp_registration_enabled();
 
 $extra_css = apply_filters( 'auth0_login_css', '');
@@ -46,15 +44,22 @@
 
 $options_obj = WP_Auth0::buildSettings(WP_Auth0_Options::get_options());
 
+$sso = $options_obj['sso'];
+
 $extraOptions = array(
     "authParams"    => array("state" => $state),
 );
-
+$callbackURL = site_url('/index.php?auth0=1');
 if(!$auth0_implicit_workflow) {
-    $extraOptions["callbackURL"] = site_url('/index.php?auth0=1');
+    $extraOptions["callbackURL"] = $callbackURL;
 }
 else {
     $extraOptions["authParams"]["scope"] = "openid name email nickname email_verified identities";
+
+    if ($sso) {
+        $extraOptions["callbackOnLocationHash"] = true;
+        $extraOptions["callbackURL"] = site_url('/wp-login.php');
+    }
 }
 
 $options_obj = array_merge( $extraOptions, $options_obj  );
@@ -115,6 +120,7 @@
     <script id="auth0" src="<?php echo $cdn ?>"></script>
     <script type="text/javascript">
         var callback = null;
+
         <?php if ($auth0_implicit_workflow) { ?>
             
             callback = function(err,profile, token) {
@@ -126,49 +132,102 @@
                 
             };
 
-        <?php } ?>
+            function post(path, params, method) {
+                method = method || "post"; // Set method to post by default if not specified.
 
-        var lock = new Auth0Lock('<?php echo $client_id; ?>', '<?php echo $domain; ?>');
+                // The rest of this code assumes you are not using a library.
+                // It can be made less wordy if you use one.
+                var form = document.createElement("form");
+                form.setAttribute("method", method);
+                form.setAttribute("action", path);
 
-    <?php if(isset($options_obj['custom_js'])) { ?>
+                for(var key in params) {
+                    if(params.hasOwnProperty(key)) {
+                        var hiddenField = document.createElement("input");
+                        hiddenField.setAttribute("type", "hidden");
+                        hiddenField.setAttribute("name", key);
+                        hiddenField.setAttribute("value", params[key]);
 
-        <?php echo $options_obj['custom_js'];?> 
+                        form.appendChild(hiddenField);
+                     }
+                }
 
-    <?php } ?>
+                document.body.appendChild(form);
+                form.submit();
+            }
+
+            function a0ShowLoginModal() {
+                var options = <?php echo $options; ?>;
+
+                lock.show(options, callback);
+            }
+
+            <?php if ($sso) { ?>
 
-        function a0ShowLoginModal() {
-            var options = <?php echo $options; ?>;
+                function getHashParams() {
 
-            lock.show(options, callback);
-        }
+                    var hashParams = {};
+                    var e,
+                        a = /\+/g,  // Regex for replacing addition symbol with a space
+                        r = /([^&;=]+)=?([^&;]*)/g,
+                        d = function (s) { return decodeURIComponent(s.replace(a, " ")); },
+                        q = window.location.hash.substring(1);
 
-        function post(path, params, method) {
-            method = method || "post"; // Set method to post by default if not specified.
+                    while (e = r.exec(q))
+                       hashParams[d(e[1])] = d(e[2]);
 
-            // The rest of this code assumes you are not using a library.
-            // It can be made less wordy if you use one.
-            var form = document.createElement("form");
-            form.setAttribute("method", method);
-            form.setAttribute("action", path);
+                    return hashParams;
+                }
 
-            for(var key in params) {
-                if(params.hasOwnProperty(key)) {
-                    var hiddenField = document.createElement("input");
-                    hiddenField.setAttribute("type", "hidden");
-                    hiddenField.setAttribute("name", key);
-                    hiddenField.setAttribute("value", params[key]);
+                var hashParams = getHashParams();
+                if (hashParams && hashParams.id_token) {
+
+                    callback(null,null, hashParams.id_token);
+
+                }
+
+            <?php } ?>
 
-                    form.appendChild(hiddenField);
-                 }
+        <?php } else { ?>
+
+            function a0ShowLoginModal() {
+                var options = <?php echo $options; ?>;
+
+                lock.show(options, '<?php echo $callbackURL; ?>');
             }
 
-            document.body.appendChild(form);
-            form.submit();
-        }
+        <?php } ?>
 
-    <?php if (!$showAsModal) { ?>
-        a0ShowLoginModal();
+
+        var lock = new Auth0Lock('<?php echo $client_id; ?>', '<?php echo $domain; ?>');
+
+        <?php if(isset($options_obj['custom_js'])) { ?>
+
+            <?php echo $options_obj['custom_js'];?> 
+
+        <?php } ?>
+
+    <?php if ($sso) { ?>
+        
+
+        lock.$auth0.getSSOData(function(err, data) {
+            if (!err && data.sso) {
+                lock.$auth0.signin(<?php echo $options; ?>); 
+            } else {
+
+            <?php if (!$showAsModal) { ?>
+                a0ShowLoginModal();
+            <?php } ?>
+
+            }
+        });
+
+    <?php } else { ?>
+        <?php if (!$showAsModal) { ?>
+            a0ShowLoginModal();
+        <?php } ?>
     <?php } ?>
+    
 
     </script>
 <?php

From a461da3e42d79a2748d87a6eb5c0ef1e99686df3 Mon Sep 17 00:00:00 2001
From: German Lena <german.lena@gmail.com>
Date: Mon, 1 Jun 2015 15:20:11 -0300
Subject: [PATCH 2/3] Single logout

---
 WP_Auth0.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/WP_Auth0.php b/WP_Auth0.php
index 3c04ccff..aaa5bcf2 100644
--- a/WP_Auth0.php
+++ b/WP_Auth0.php
@@ -220,11 +220,16 @@ public static function login_auto() {
     public static function logout() {
         self::end_session();
 
+        $sso = WP_Auth0_Options::get( 'sso' );
         $auto_login = absint(WP_Auth0_Options::get( 'auto_login' ));
         if ($auto_login) {
             wp_redirect(home_url());
             die();
         }
+        if ($sso) {
+            wp_redirect("https://". WP_Auth0_Options::get('domain') . "/v2/logout?returnTo=" . urlencode(home_url()));
+            die();
+        }
 
     }
 

From 4c7c54ac9751e712191a38d336a688ecfdb41037 Mon Sep 17 00:00:00 2001
From: German Lena <german.lena@gmail.com>
Date: Mon, 1 Jun 2015 15:32:30 -0300
Subject: [PATCH 3/3] updated plugin version

---
 WP_Auth0.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/WP_Auth0.php b/WP_Auth0.php
index aaa5bcf2..b14e88bd 100644
--- a/WP_Auth0.php
+++ b/WP_Auth0.php
@@ -2,7 +2,7 @@
 /**
  * Plugin Name: Wordpress Auth0 Integration
  * Description: Implements the Auth0 Single Sign On solution into Wordpress
- * Version: 1.2.8
+ * Version: 1.3.0
  * Author: Auth0
  * Author URI: https://auth0.com
  */
@@ -12,7 +12,7 @@
 define('WPA0_PLUGIN_URL', trailingslashit(plugin_dir_url(__FILE__) ));
 define('WPA0_LANG', 'wp-auth0');
 define('AUTH0_DB_VERSION', 2);
-define('WPA0_VERSION', '1.2.8');
+define('WPA0_VERSION', '1.3.0');
 
 class WP_Auth0 {
     public static function init(){