Added SSO features

WP_Auth0.php

@@ -2,7 +2,7 @@
 /**
  * Plugin Name: Wordpress Auth0 Integration
  * Description: Implements the Auth0 Single Sign On solution into Wordpress
- * Version: 1.2.8
+ * Version: 1.3.0
  * Author: Auth0
  * Author URI: https://auth0.com
  */
@@ -12,7 +12,7 @@
 define('WPA0_PLUGIN_URL', trailingslashit(plugin_dir_url(__FILE__) ));
 define('WPA0_LANG', 'wp-auth0');
 define('AUTH0_DB_VERSION', 2);
-define('WPA0_VERSION', '1.2.8');
+define('WPA0_VERSION', '1.3.0');
 
 class WP_Auth0 {
  public static function init(){ 
@@ -220,11 +220,16 @@ public static function login_auto() {
  public static function logout() {
  self::end_session();
 
+ $sso = WP_Auth0_Options::get( 'sso' );
  $auto_login = absint(WP_Auth0_Options::get( 'auto_login' ));
  if ($auto_login) {
  wp_redirect(home_url());
  die();
  }
+ if ($sso) {
+ wp_redirect("https://". WP_Auth0_Options::get('domain') . "/v2/logout?returnTo=" . urlencode(home_url()));
+ die();
+ }
 
  }
 
@@ -280,6 +285,12 @@ public static function buildSettings($settings)
  if (self::IsValid($settings,'remember_last_login')) {
  $options_obj['rememberLastLogin'] = self::GetBoolean($settings['remember_last_login']);
  }
+ if (self::IsValid($settings,'sso')) {
+ $options_obj['sso'] = self::GetBoolean($settings['sso']);
+ }
+ if (self::IsValid($settings,'auth0_implicit_workflow')) {
+ $options_obj['auth0_implicit_workflow'] = self::GetBoolean($settings['auth0_implicit_workflow']);
+ }
  if (self::IsValid($settings,'icon_url')) {
  $options_obj['icon'] = $settings['icon_url'];
  }

lib/WP_Auth0_Admin.php

@@ -74,6 +74,7 @@ public static function init_admin(){
 
  $advancedOptions = array(
 
+ array('id' => 'wpa0_sso', 'name' => 'Single Sign On (SSO)', 'function' => 'render_sso'),
  array('id' => 'wpa0_dict', 'name' => 'Translation', 'function' => 'render_dict'),
  array('id' => 'wpa0_username_style', 'name' => 'Username style', 'function' => 'render_username_style'),
  array('id' => 'wpa0_remember_last_login', 'name' => 'Remember last login', 'function' => 'render_remember_last_login'),
@@ -238,6 +239,13 @@ public static function render_cdn_url () {
  echo '<br/><span class="description">' . __('Point this to the latest widget available in the CDN', WPA0_LANG) . '</span>';
  }
 
+ public static function render_sso () {
+ $v = absint(WP_Auth0_Options::get( 'sso' ));
+ echo '<input type="checkbox" name="' . WP_Auth0_Options::OPTIONS_NAME . '[sso]" id="wpa0_sso" value="1" ' . checked( $v, 1, false ) . '/>';
+ echo '<br/><span class="description">' . __('Mark this if you want to enable SSO. More info ', WPA0_LANG);
+ echo '<a target="_blank" href="https://auth0.com/docs/sso/single-sign-on">' . __('HERE', WPA0_LANG) . '</a></span>';
+ }
+
  public static function render_verified_email () {
  $v = absint(WP_Auth0_Options::get( 'requires_verified_email' ));
  echo '<input type="checkbox" name="' . WP_Auth0_Options::OPTIONS_NAME . '[requires_verified_email]" id="wpa0_verified_email" value="1" ' . checked( $v, 1, false ) . '/>';
@@ -320,6 +328,7 @@ public static function input_validator( $input ){
  'https'
  ));
 
+ $input['sso'] = (isset($input['sso']) ? 1 : 0);
  $input['requires_verified_email'] = (isset($input['requires_verified_email']) ? 1 : 0);
  $input['wordpress_login_enabled'] = (isset($input['wordpress_login_enabled']) ? 1 : 0);
  $input['jwt_auth_integration'] = (isset($input['jwt_auth_integration']) ? 1 : 0);

lib/WP_Auth0_Options.php

@@ -61,6 +61,7 @@ private static function defaults(){
  'custom_css' => '',
  'custom_js' => '',
  'auth0_implicit_workflow' => false,
+ 'sso' => false,
  'gravatar' => true,
  'jwt_auth_integration' => false,
  // 'auto_provisioning' => true,

templates/auth0-login-form.php

@@ -4,13 +4,11 @@
 if (trim($client_id) == "") return;
 
 $wordpress_login_enabled = WP_Auth0_Options::get('wordpress_login_enabled') == 1;
-
 $auth0_implicit_workflow = WP_Auth0_Options::get('auth0_implicit_workflow') == 1;
 
 $domain = WP_Auth0_Options::get('domain');
 $cdn = WP_Auth0_Options::get('cdn_url');
 
-
 $allow_signup = WP_Auth0_Options::is_wp_registration_enabled();
 
 $extra_css = apply_filters( 'auth0_login_css', '');
@@ -46,15 +44,22 @@
 
 $options_obj = WP_Auth0::buildSettings(WP_Auth0_Options::get_options());
 
+$sso = $options_obj['sso'];
+
 $extraOptions = array(
  "authParams" => array("state" => $state),
 );
-
+$callbackURL = site_url('/index.php?auth0=1');
 if(!$auth0_implicit_workflow) {
- $extraOptions["callbackURL"] = site_url('/index.php?auth0=1');
+ $extraOptions["callbackURL"] = $callbackURL;
 }
 else {
  $extraOptions["authParams"]["scope"] = "openid name email nickname email_verified identities";
+
+ if ($sso) {
+ $extraOptions["callbackOnLocationHash"] = true;
+ $extraOptions["callbackURL"] = site_url('/wp-login.php');
+ }
 }
 
 $options_obj = array_merge( $extraOptions, $options_obj );
@@ -115,6 +120,7 @@
  <script id="auth0" src="<?php echo $cdn ?>"></script>
  <script type="text/javascript">
  var callback = null;
+
  <?php if ($auth0_implicit_workflow) { ?>
 
  callback = function(err,profile, token) {
@@ -126,49 +132,102 @@
 
  };
 
- <?php } ?>
+ function post(path, params, method) {
+ method = method || "post"; // Set method to post by default if not specified.
 
- var lock = new Auth0Lock('<?php echo $client_id; ?>', '<?php echo $domain; ?>');
+ // The rest of this code assumes you are not using a library.
+ // It can be made less wordy if you use one.
+ var form = document.createElement("form");
+ form.setAttribute("method", method);
+ form.setAttribute("action", path);
 
- <?php if(isset($options_obj['custom_js'])) { ?>
+ for(var key in params) {
+ if(params.hasOwnProperty(key)) {
+ var hiddenField = document.createElement("input");
+ hiddenField.setAttribute("type", "hidden");
+ hiddenField.setAttribute("name", key);
+ hiddenField.setAttribute("value", params[key]);
 
- <?php echo $options_obj['custom_js'];?> 
+ form.appendChild(hiddenField);
+ }
+ }
 
- <?php } ?>
+ document.body.appendChild(form);
+ form.submit();
+ }
+
+ function a0ShowLoginModal() {
+ var options = <?php echo $options; ?>;
+
+ lock.show(options, callback);
+ }
+
+ <?php if ($sso) { ?>
 
- function a0ShowLoginModal() {
- var options = <?php echo $options; ?>;
+ function getHashParams() {
 
- lock.show(options, callback);
- }
+ var hashParams = {};
+ var e,
+ a = /\+/g, // Regex for replacing addition symbol with a space
+ r = /([^&;=]+)=?([^&;]*)/g,
+ d = function (s) { return decodeURIComponent(s.replace(a, " ")); },
+ q = window.location.hash.substring(1);
 
- function post(path, params, method) {
- method = method || "post"; // Set method to post by default if not specified.
+  while (e = r.exec(q))
+  hashParams[d(e[1])] = d(e[2]);
 
- // The rest of this code assumes you are not using a library.
- // It can be made less wordy if you use one.
- var form = document.createElement("form");
- form.setAttribute("method", method);
- form.setAttribute("action", path);
+ return hashParams;
+ }
 
- for(var key in params) {
- if(params.hasOwnProperty(key)) {
- var hiddenField = document.createElement("input");
- hiddenField.setAttribute("type", "hidden");
- hiddenField.setAttribute("name", key);
- hiddenField.setAttribute("value", params[key]);
+ var hashParams = getHashParams();
+ if (hashParams && hashParams.id_token) {
+
+ callback(null,null, hashParams.id_token);
+
+ }
+
+ <?php } ?>
 
- form.appendChild(hiddenField);
- }
+ <?php } else { ?>
+
+ function a0ShowLoginModal() {
+ var options = <?php echo $options; ?>;
+
+ lock.show(options, '<?php echo $callbackURL; ?>');
  }
 
- document.body.appendChild(form);
- form.submit();
- }
+ <?php } ?>
 
- <?php if (!$showAsModal) { ?>
- a0ShowLoginModal();
+
+ var lock = new Auth0Lock('<?php echo $client_id; ?>', '<?php echo $domain; ?>');
+
+ <?php if(isset($options_obj['custom_js'])) { ?>
+
+ <?php echo $options_obj['custom_js'];?> 
+
+ <?php } ?>
+
+ <?php if ($sso) { ?>
+
+
+ lock.$auth0.getSSOData(function(err, data) {
+ if (!err && data.sso) {
+ lock.$auth0.signin(<?php echo $options; ?>); 
+ } else {
+
+ <?php if (!$showAsModal) { ?>
+ a0ShowLoginModal();
+ <?php } ?>
+
+ }
+ });
+
+ <?php } else { ?>
+ <?php if (!$showAsModal) { ?>
+ a0ShowLoginModal();
+ <?php } ?>
  <?php } ?>
+
 
  </script>
 <?php