From f4d55de8b3237c52493afff9b69ca0a02f6eef51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Wed, 8 Oct 2014 22:05:17 -0300 Subject: [PATCH 01/22] Don't show widget when registrations are not allowed. #5 --- WP_Auth0.php | 29 +++++++++++++++++++++++++++++ assets/css/settings.css | 23 +++++++++++++++++++++++ lib/WP_Auth0_Admin.php | 38 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 90 insertions(+) diff --git a/WP_Auth0.php b/WP_Auth0.php index 41490fb20..65a1cfb31 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -238,6 +238,9 @@ public static function init_auth0(){ )); if ($response instanceof WP_Error) { + + self::insertAuth0Error($response); + error_log($response->get_error_message()); $msg = __('Sorry. There was a problem logging you in.', WPA0_LANG); $msg .= '

'; @@ -308,6 +311,23 @@ private static function insertAuth0User($userinfo, $user_id) { ); } + private static function insertAuth0Error(WP_Error $wp_error) { + global $wpdb; + $wpdb->insert( + $wpdb->auth0_error_logs, + array( + 'date' => date('c'), + 'code' => $wp_error->get_error_code(), + 'message' => $wp_error->get_error_message() + ), + array( + '%s', + '%s', + '%s' + ) + ); + } + private static function updateAuth0Object($userinfo) { global $wpdb; $wpdb->update( @@ -479,6 +499,14 @@ private static function install_db(){ PRIMARY KEY (auth0_id) );"; + $sql[] = "CREATE TABLE ".$wpdb->auth0_error_logs." ( + id INT(11) AUTO_INCREMENT NOT NULL, + date DATETIME NOT NULL, + code VARCHAR(255), + message TEXT, + PRIMARY KEY (id) + );"; + require_once(ABSPATH . 'wp-admin/includes/upgrade.php'); foreach($sql as $s) { @@ -499,6 +527,7 @@ public static function initialize_wpdb_tables(){ $wpdb->auth0_log = $wpdb->prefix."auth0_log"; $wpdb->auth0_user = $wpdb->prefix."auth0_user"; + $wpdb->auth0_error_logs = $wpdb->prefix."auth0_error_logs"; } private static function autoloader($class){ diff --git a/assets/css/settings.css b/assets/css/settings.css index 96091d2c5..def83c179 100644 --- a/assets/css/settings.css +++ b/assets/css/settings.css @@ -5,4 +5,27 @@ input[type=text] { textarea { width: 70%; height: 100px; +} + +.scrolled-content { + width: 70%; + max-height: 200px; + overflow: auto; +} + +.scrolled-content tr td, +.scrolled-content tr th{ + padding:5px 0; + margin:0; +} + +.scrolled-content table { + border-spacing: 0; +} +.scrolled-content tr th { + border-bottom: 2px solid #999; +} + +.scrolled-content tr td { + border-bottom: 1px solid #999; } \ No newline at end of file diff --git a/lib/WP_Auth0_Admin.php b/lib/WP_Auth0_Admin.php index 07712fea5..8bc86fc60 100755 --- a/lib/WP_Auth0_Admin.php +++ b/lib/WP_Auth0_Admin.php @@ -84,6 +84,7 @@ public static function init_admin(){ array('id' => 'wpa0_ip_ranges', 'name' => 'IP Ranges', 'function' => 'render_ip_ranges'), array('id' => 'wpa0_extra_conf', 'name' => 'Extra settings', 'function' => 'render_extra_conf'), array('id' => 'wpa0_cdn_url', 'name' => 'Widget URL', 'function' => 'render_cdn_url'), + array('id' => 'wpa0_error_log', 'name' => 'Error Log:', 'function' => 'render_error_log'), )); @@ -206,6 +207,43 @@ public static function render_allow_wordpress_login () { echo '
' . __('Mark this if you want to enable the regular WordPress login', WPA0_LANG) . ''; } + public static function render_error_log () { + + global $wpdb; + $sql = 'SELECT * + FROM ' . $wpdb->auth0_error_logs .' + WHERE date > %s + ORDER BY date DESC'; + + $data = $wpdb->get_results($wpdb->prepare($sql, date('c', strtotime('1 month ago')))); + + if (is_null($data) || $data instanceof WP_Error ) { + return null; + } + + echo '
'; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + + foreach ($data as $item) + { + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + } + + echo ''; + echo '
DateError codeMessage
'. date('m/d/Y H:i:s', strtotime($item->date)) .''. $item->code .''. $item->message .'
'; + echo '
'; + } + public static function render_basic_description(){ From 0fbd6e30b8d9c0c46226a95617b4173ed39a1b15 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Wed, 8 Oct 2014 23:03:23 -0300 Subject: [PATCH 02/22] Moved errors log to a page and added link to menu and pugin list. Also, change the way we handle 401 status code on login --- WP_Auth0.php | 30 ++++++++++++++++++++++++--- assets/css/settings.css | 22 ++++++++------------ lib/WP_Auth0_Admin.php | 40 ------------------------------------ lib/WP_Auth0_ErrorLog.php | 42 ++++++++++++++++++++++++++++++++++++++ templates/a0-error-log.php | 31 ++++++++++++++++++++++++++++ 5 files changed, 109 insertions(+), 56 deletions(-) create mode 100644 lib/WP_Auth0_ErrorLog.php create mode 100644 templates/a0-error-log.php diff --git a/WP_Auth0.php b/WP_Auth0.php index 65a1cfb31..89c45e7ba 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -56,12 +56,18 @@ public static function init(){ add_filter("plugin_action_links_$plugin", array(__CLASS__, 'wp_add_plugin_settings_link')); WP_Auth0_Admin::init(); + WP_Auth0_ErrorLog::init(); } // Add settings link on plugin page public static function wp_add_plugin_settings_link($links) { + + $settings_link = 'Error Log'; + array_unshift($links, $settings_link); + $settings_link = 'Settings'; array_unshift($links, $settings_link); + return $links; } @@ -222,7 +228,7 @@ public static function init_auth0(){ $body = array( 'client_id' => $client_id, 'redirect_uri' => home_url(), - 'client_secret' => $client_secret, + 'client_secret' => '0'.$client_secret, 'code' => $code, 'grant_type' => 'authorization_code' ); @@ -239,7 +245,7 @@ public static function init_auth0(){ if ($response instanceof WP_Error) { - self::insertAuth0Error($response); + self::insertAuth0Error('init_auth0_oauth/token',$response); error_log($response->get_error_message()); $msg = __('Sorry. There was a problem logging you in.', WPA0_LANG); @@ -249,10 +255,15 @@ public static function init_auth0(){ } $data = json_decode( $response['body'] ); + //var_dump($response);exit; + if(isset($data->access_token)){ // Get the user information $response = wp_remote_get( $endpoint . 'userinfo/?access_token=' . $data->access_token ); if ($response instanceof WP_Error) { + + self::insertAuth0Error('init_auth0_userinfo',$response); + error_log($response->get_error_message()); $msg = __('Sorry, there was a problem logging you in.', WPA0_LANG); $msg .= '

'; @@ -270,6 +281,10 @@ public static function init_auth0(){ wp_safe_redirect( home_url() ); } } + }elseif (is_array($response['response']) && $response['response']['code'] == 401) + { + wp_redirect( home_url() . '?message=unauthorized' ); + }else{ // Login failed! wp_redirect( home_url() . '?message=' . $data->error_description ); @@ -287,6 +302,9 @@ private static function findAuth0User($id) { WHERE a.auth0_id = %s'; $userRow = $wpdb->get_row($wpdb->prepare($sql, $id)); if (is_null($userRow) || $userRow instanceof WP_Error ) { + + self::insertAuth0Error('findAuth0User',$userRow); + return null; } $user = new WP_User(); @@ -311,16 +329,18 @@ private static function insertAuth0User($userinfo, $user_id) { ); } - private static function insertAuth0Error(WP_Error $wp_error) { + private static function insertAuth0Error($section, WP_Error $wp_error) { global $wpdb; $wpdb->insert( $wpdb->auth0_error_logs, array( + 'section' => $section, 'date' => date('c'), 'code' => $wp_error->get_error_code(), 'message' => $wp_error->get_error_message() ), array( + '%s', '%s', '%s', '%s' @@ -502,6 +522,7 @@ private static function install_db(){ $sql[] = "CREATE TABLE ".$wpdb->auth0_error_logs." ( id INT(11) AUTO_INCREMENT NOT NULL, date DATETIME NOT NULL, + section VARCHAR(255), code VARCHAR(255), message TEXT, PRIMARY KEY (id) @@ -565,6 +586,9 @@ function get_currentauth0userinfo() { WHERE wp_id = %d'; $result = $wpdb->get_row($wpdb->prepare($sql, $current_user->ID)); if (is_null($result) || $result instanceof WP_Error ) { + + self::insertAuth0Error('get_currentauth0userinfo',$result); + return null; } $currentauth0_user = unserialize($result->auth0_obj); diff --git a/assets/css/settings.css b/assets/css/settings.css index def83c179..2d45c9073 100644 --- a/assets/css/settings.css +++ b/assets/css/settings.css @@ -7,25 +7,21 @@ textarea { height: 100px; } -.scrolled-content { - width: 70%; - max-height: 200px; - overflow: auto; +.a0-table { + border-spacing: 0; + margin-top: 20px; } -.scrolled-content tr td, -.scrolled-content tr th{ - padding:5px 0; +.a0-table tr td, +.a0-table tr th{ + padding: 8px 10px; margin:0; } -.scrolled-content table { - border-spacing: 0; -} -.scrolled-content tr th { +.a0-table tr th { border-bottom: 2px solid #999; } -.scrolled-content tr td { - border-bottom: 1px solid #999; +.a0-table tr:nth-child(2n+1) { + background: #f9f9f9; } \ No newline at end of file diff --git a/lib/WP_Auth0_Admin.php b/lib/WP_Auth0_Admin.php index 8bc86fc60..ab5cd3a2c 100755 --- a/lib/WP_Auth0_Admin.php +++ b/lib/WP_Auth0_Admin.php @@ -84,7 +84,6 @@ public static function init_admin(){ array('id' => 'wpa0_ip_ranges', 'name' => 'IP Ranges', 'function' => 'render_ip_ranges'), array('id' => 'wpa0_extra_conf', 'name' => 'Extra settings', 'function' => 'render_extra_conf'), array('id' => 'wpa0_cdn_url', 'name' => 'Widget URL', 'function' => 'render_cdn_url'), - array('id' => 'wpa0_error_log', 'name' => 'Error Log:', 'function' => 'render_error_log'), )); @@ -207,44 +206,6 @@ public static function render_allow_wordpress_login () { echo '
' . __('Mark this if you want to enable the regular WordPress login', WPA0_LANG) . ''; } - public static function render_error_log () { - - global $wpdb; - $sql = 'SELECT * - FROM ' . $wpdb->auth0_error_logs .' - WHERE date > %s - ORDER BY date DESC'; - - $data = $wpdb->get_results($wpdb->prepare($sql, date('c', strtotime('1 month ago')))); - - if (is_null($data) || $data instanceof WP_Error ) { - return null; - } - - echo '
'; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - - foreach ($data as $item) - { - echo ''; - echo ''; - echo ''; - echo ''; - echo ''; - } - - echo ''; - echo '
DateError codeMessage
'. date('m/d/Y H:i:s', strtotime($item->date)) .''. $item->code .''. $item->message .'
'; - echo '
'; - } - - public static function render_basic_description(){ } @@ -257,7 +218,6 @@ public static function render_advanced_description(){ } - public static function init_menu(){ add_options_page( __('Auth0 Settings', WPA0_LANG), __('Auth0 Settings', WPA0_LANG), 'manage_options', 'wpa0', array(__CLASS__, 'render_settings_page') ); } diff --git a/lib/WP_Auth0_ErrorLog.php b/lib/WP_Auth0_ErrorLog.php new file mode 100644 index 000000000..6b3a1bf57 --- /dev/null +++ b/lib/WP_Auth0_ErrorLog.php @@ -0,0 +1,42 @@ +auth0_error_logs .' + WHERE date > %s + ORDER BY date DESC'; + + $data = $wpdb->get_results($wpdb->prepare($sql, date('c', strtotime('1 month ago')))); + + if (is_null($data) || $data instanceof WP_Error ) { + return null; + } + + include WPA0_PLUGIN_DIR . 'templates/a0-error-log.php'; + } + + public static function init_menu(){ + add_options_page( __('Auth0 Error Log', WPA0_LANG), __('Auth0 Error Log', WPA0_LANG), 'manage_options', 'wpa0-errors', array(__CLASS__, 'render_settings_page') ); + } + + + +} \ No newline at end of file diff --git a/templates/a0-error-log.php b/templates/a0-error-log.php new file mode 100644 index 000000000..2b04a990c --- /dev/null +++ b/templates/a0-error-log.php @@ -0,0 +1,31 @@ +
+ +

+ + + + + + + + + + + + + + + + + + + + + +
DateSectionError codeMessage
date)); ?>section; ?>code; ?>message; ?>
+
\ No newline at end of file From 7c68bef3abbb94804d9b8b2c98a22eb92d68c7fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Thu, 9 Oct 2014 21:24:33 -0300 Subject: [PATCH 03/22] added message when there were any errors in the last month. --- assets/css/settings.css | 8 ++++++++ templates/a0-error-log.php | 9 +++++++++ 2 files changed, 17 insertions(+) diff --git a/assets/css/settings.css b/assets/css/settings.css index 2d45c9073..b58132803 100644 --- a/assets/css/settings.css +++ b/assets/css/settings.css @@ -24,4 +24,12 @@ textarea { .a0-table tr:nth-child(2n+1) { background: #f9f9f9; +} + +.a0-table tr td.message +{ + padding: 25px; + font-weight: bold; + text-align: center; + font-size: 18px; } \ No newline at end of file diff --git a/templates/a0-error-log.php b/templates/a0-error-log.php index 2b04a990c..7dfed6721 100644 --- a/templates/a0-error-log.php +++ b/templates/a0-error-log.php @@ -13,6 +13,15 @@ + + There were any errors in the last month. + + From 68796593179c89706d121c1ab630e504c5bda81d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Thu, 9 Oct 2014 21:29:45 -0300 Subject: [PATCH 04/22] plugin version changed --- WP_Auth0.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/WP_Auth0.php b/WP_Auth0.php index 89c45e7ba..6753de16f 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -2,7 +2,7 @@ /** * Plugin Name: Wordpress Auth0 Integration * Description: Implements the Auth0 Single Sign On solution into Wordpress - * Version: 1.1.2 + * Version: 1.1.3 * Author: Auth0 * Author URI: https://auth0.com */ @@ -228,7 +228,7 @@ public static function init_auth0(){ $body = array( 'client_id' => $client_id, 'redirect_uri' => home_url(), - 'client_secret' => '0'.$client_secret, + 'client_secret' => $client_secret, 'code' => $code, 'grant_type' => 'authorization_code' ); From 63a09fd1658f338516bf9e96e3113e71e7b24195 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Thu, 9 Oct 2014 22:17:02 -0300 Subject: [PATCH 05/22] add nice error message when exchange of token returns 401 #11 --- WP_Auth0.php | 30 +++++++++++++++++++++++++++++- assets/css/main.css | 16 ++++++++++++++++ 2 files changed, 45 insertions(+), 1 deletion(-) diff --git a/WP_Auth0.php b/WP_Auth0.php index 6753de16f..878d6b1a7 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -55,10 +55,33 @@ public static function init(){ $plugin = plugin_basename(__FILE__); add_filter("plugin_action_links_$plugin", array(__CLASS__, 'wp_add_plugin_settings_link')); + if (isset($_GET['message'])) + { + add_action( 'wp_footer', array( __CLASS__, 'a0_render_message' ) ); + } + WP_Auth0_Admin::init(); WP_Auth0_ErrorLog::init(); } + public static function a0_render_message() + { + $message = null; + + switch (strtolower($_GET['message'])) + { + case 'unauthorized': $message = "Please check your Client Secret on the settings plugin is the same as the one on the Auth0 dashboard."; break; + } + + if ($message) + { + echo "
$message (Close)
"; + echo ''; + } + } + // Add settings link on plugin page public static function wp_add_plugin_settings_link($links) { @@ -81,6 +104,11 @@ public static function wp_enqueue(){ if (trim($client_id) == "") return; + if (isset($_GET['message'])) + { + wp_enqueue_script('jquery'); + } + wp_enqueue_style( 'auth0-widget', WPA0_PLUGIN_URL . 'assets/css/main.css' ); } @@ -228,7 +256,7 @@ public static function init_auth0(){ $body = array( 'client_id' => $client_id, 'redirect_uri' => home_url(), - 'client_secret' => $client_secret, + 'client_secret' =>'0'. $client_secret, 'code' => $code, 'grant_type' => 'authorization_code' ); diff --git a/assets/css/main.css b/assets/css/main.css index 0851e9c1c..535097497 100755 --- a/assets/css/main.css +++ b/assets/css/main.css @@ -9,4 +9,20 @@ } .auth0-login .form-signin-heading { margin-bottom: 10px; +} +.a0-message{ + position: fixed; + top: 0; + left: 0; + width: 100%; + background: #FFF; + line-height: 2em; + text-align: center; + font-weight: bold; + z-index: 999; +} + +.a0-message small { + font-weight: normal; + cursor: pointer; } \ No newline at end of file From 13ae30a948c6015037c2ba8eb5da33b43db6b2bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Thu, 9 Oct 2014 22:25:53 -0300 Subject: [PATCH 06/22] Change the way we handle the 401 status code --- WP_Auth0.php | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/WP_Auth0.php b/WP_Auth0.php index 878d6b1a7..c8c343a76 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -70,7 +70,7 @@ public static function a0_render_message() switch (strtolower($_GET['message'])) { - case 'unauthorized': $message = "Please check your Client Secret on the settings plugin is the same as the one on the Auth0 dashboard."; break; + //case '': $message = ""; break; } if ($message) @@ -256,7 +256,7 @@ public static function init_auth0(){ $body = array( 'client_id' => $client_id, 'redirect_uri' => home_url(), - 'client_secret' =>'0'. $client_secret, + 'client_secret' =>$client_secret, 'code' => $code, 'grant_type' => 'authorization_code' ); @@ -309,9 +309,17 @@ public static function init_auth0(){ wp_safe_redirect( home_url() ); } } - }elseif (is_array($response['response']) && $response['response']['code'] == 401) - { - wp_redirect( home_url() . '?message=unauthorized' ); + }elseif (is_array($response['response']) && $response['response']['code'] == 401) { + + $error = new WP_Error('401', 'auth/token response code: 401 Unauthorized'); + + self::insertAuth0Error('init_auth0_oauth/token',$error); + + error_log($response->get_error_message()); + $msg = __('Please check your Client Secret on the settings plugin is the same as the one on the Auth0 dashboard.', WPA0_LANG); + $msg .= '

'; + $msg .= '' . __('← Login', WPA0_LANG) . ''; + wp_die($msg); }else{ // Login failed! From 378dc471e391050236b12e96968dfa67208a7758 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Thu, 9 Oct 2014 22:27:44 -0300 Subject: [PATCH 07/22] fix --- WP_Auth0.php | 1 - 1 file changed, 1 deletion(-) diff --git a/WP_Auth0.php b/WP_Auth0.php index c8c343a76..17d447284 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -315,7 +315,6 @@ public static function init_auth0(){ self::insertAuth0Error('init_auth0_oauth/token',$error); - error_log($response->get_error_message()); $msg = __('Please check your Client Secret on the settings plugin is the same as the one on the Auth0 dashboard.', WPA0_LANG); $msg .= '

'; $msg .= '' . __('← Login', WPA0_LANG) . ''; From f01a55c6b33ad1cd1d7b4376672a2220359f028c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Thu, 9 Oct 2014 22:31:28 -0300 Subject: [PATCH 08/22] error message updated --- WP_Auth0.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/WP_Auth0.php b/WP_Auth0.php index 17d447284..a725dead7 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -283,7 +283,6 @@ public static function init_auth0(){ } $data = json_decode( $response['body'] ); - //var_dump($response);exit; if(isset($data->access_token)){ // Get the user information @@ -315,7 +314,7 @@ public static function init_auth0(){ self::insertAuth0Error('init_auth0_oauth/token',$error); - $msg = __('Please check your Client Secret on the settings plugin is the same as the one on the Auth0 dashboard.', WPA0_LANG); + $msg = __('Error: the Client Secret configured on the Auth0 plugin is wrong. Make sure to copy the right one from the Auth0 dashboard.', WPA0_LANG); $msg .= '

'; $msg .= '' . __('← Login', WPA0_LANG) . ''; wp_die($msg); From 042c1260dd1b2d721cfa75b2a27955264bbe7d0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Thu, 9 Oct 2014 22:44:02 -0300 Subject: [PATCH 09/22] Message where are no errors on the log changed. --- templates/a0-error-log.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/a0-error-log.php b/templates/a0-error-log.php index 7dfed6721..8e0996b33 100644 --- a/templates/a0-error-log.php +++ b/templates/a0-error-log.php @@ -17,7 +17,7 @@ { ?> - There were any errors in the last month. + No errors. Date: Thu, 9 Oct 2014 22:56:38 -0300 Subject: [PATCH 10/22] add error handling with typed api errors --- WP_Auth0.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/WP_Auth0.php b/WP_Auth0.php index a725dead7..33f7d6bdb 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -320,6 +320,19 @@ public static function init_auth0(){ wp_die($msg); }else{ + + $error = ''; + $description = ''; + + if (isset($data->error)) $error = $data->error; + if (isset($data->error_description)) $description = $data->error_description; + + if (!empty($error) || !empty($description)) + { + $error = new WP_Error($error, $description); + self::insertAuth0Error('init_auth0_oauth/token',$error); + } + // Login failed! wp_redirect( home_url() . '?message=' . $data->error_description ); //echo "Error logging in! Description received was:
" . $data->error_description; From 1d31722fc2d69e0c75a7c68c33764365e74d9da2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Thu, 9 Oct 2014 23:07:05 -0300 Subject: [PATCH 11/22] Don't show widget when registrations are not allowed. #5 --- lib/WP_Auth0_Options.php | 5 +++++ templates/auth0-login-form.php | 9 ++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/lib/WP_Auth0_Options.php b/lib/WP_Auth0_Options.php index a8aa1ae74..e1db34015 100755 --- a/lib/WP_Auth0_Options.php +++ b/lib/WP_Auth0_Options.php @@ -4,6 +4,11 @@ class WP_Auth0_Options { const OPTIONS_NAME = 'wp_auth0_settings'; private static $_opt = null; + public static function is_wp_registration_enabled() + { + return (get_option('users_can_register', 0) == 1); + } + public static function get_options(){ if(empty(self::$_opt)){ $options = get_option( self::OPTIONS_NAME, array()); diff --git a/templates/auth0-login-form.php b/templates/auth0-login-form.php index 4b2f0c95f..8a234538e 100644 --- a/templates/auth0-login-form.php +++ b/templates/auth0-login-form.php @@ -5,7 +5,14 @@ $domain = WP_Auth0_Options::get('domain'); $cdn = WP_Auth0_Options::get('cdn_url'); -$allow_signup = WP_Auth0_Options::get('allow_signup') == 1; + +$allow_signup = false; + +if (WP_Auth0_Options::is_wp_registration_enabled()) +{ + $allow_signup = WP_Auth0_Options::get('allow_signup') == 1; +} + $extra_css = apply_filters( 'auth0_login_css', ''); $showAsModal = (isset($specialSettings['show_as_modal']) && $specialSettings['show_as_modal'] == 1); $modalTriggerName = 'Login'; From e9ceb24784d83c0e2fdb2e50bf8afdc8ebe49f10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Wed, 15 Oct 2014 21:55:24 -0300 Subject: [PATCH 12/22] Show WP Auth0 Logs somewhere so that we can easily diagnose problems #22 --- WP_Auth0.php | 1 + lib/WP_Auth0_Admin.php | 5 ----- lib/WP_Auth0_ErrorLog.php | 7 ------- lib/WP_Auth0_Settings_Section.php | 18 ++++++++++++++++++ 4 files changed, 19 insertions(+), 12 deletions(-) create mode 100644 lib/WP_Auth0_Settings_Section.php diff --git a/WP_Auth0.php b/WP_Auth0.php index 33f7d6bdb..db61b2d8a 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -60,6 +60,7 @@ public static function init(){ add_action( 'wp_footer', array( __CLASS__, 'a0_render_message' ) ); } + WP_Auth0_Settings_Section::init(); WP_Auth0_Admin::init(); WP_Auth0_ErrorLog::init(); } diff --git a/lib/WP_Auth0_Admin.php b/lib/WP_Auth0_Admin.php index ab5cd3a2c..e811c405f 100755 --- a/lib/WP_Auth0_Admin.php +++ b/lib/WP_Auth0_Admin.php @@ -2,7 +2,6 @@ class WP_Auth0_Admin{ public static function init(){ - add_action( 'admin_menu', array(__CLASS__, 'init_menu') ); add_action( 'admin_init', array(__CLASS__, 'init_admin')); add_action( 'admin_enqueue_scripts', array(__CLASS__, 'admin_enqueue')); } @@ -218,10 +217,6 @@ public static function render_advanced_description(){ } - public static function init_menu(){ - add_options_page( __('Auth0 Settings', WPA0_LANG), __('Auth0 Settings', WPA0_LANG), 'manage_options', 'wpa0', array(__CLASS__, 'render_settings_page') ); - } - public static function render_settings_page(){ include WPA0_PLUGIN_DIR . 'templates/settings.php'; } diff --git a/lib/WP_Auth0_ErrorLog.php b/lib/WP_Auth0_ErrorLog.php index 6b3a1bf57..61561f6e9 100644 --- a/lib/WP_Auth0_ErrorLog.php +++ b/lib/WP_Auth0_ErrorLog.php @@ -2,7 +2,6 @@ class WP_Auth0_ErrorLog { public static function init(){ - add_action( 'admin_menu', array(__CLASS__, 'init_menu') ); add_action( 'admin_enqueue_scripts', array(__CLASS__, 'admin_enqueue')); } @@ -33,10 +32,4 @@ public static function render_settings_page(){ include WPA0_PLUGIN_DIR . 'templates/a0-error-log.php'; } - public static function init_menu(){ - add_options_page( __('Auth0 Error Log', WPA0_LANG), __('Auth0 Error Log', WPA0_LANG), 'manage_options', 'wpa0-errors', array(__CLASS__, 'render_settings_page') ); - } - - - } \ No newline at end of file diff --git a/lib/WP_Auth0_Settings_Section.php b/lib/WP_Auth0_Settings_Section.php new file mode 100644 index 000000000..a908fb378 --- /dev/null +++ b/lib/WP_Auth0_Settings_Section.php @@ -0,0 +1,18 @@ + Date: Wed, 15 Oct 2014 21:57:20 -0300 Subject: [PATCH 13/22] Show WP Auth0 Logs somewhere so that we can easily diagnose problems #22 (fixed links from plugin list) --- WP_Auth0.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/WP_Auth0.php b/WP_Auth0.php index db61b2d8a..4be03b6ca 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -86,10 +86,10 @@ public static function a0_render_message() // Add settings link on plugin page public static function wp_add_plugin_settings_link($links) { - $settings_link = 'Error Log'; + $settings_link = 'Error Log'; array_unshift($links, $settings_link); - $settings_link = 'Settings'; + $settings_link = 'Settings'; array_unshift($links, $settings_link); return $links; From 27f86e79ccff05ee7ecb6c2c84ba3e082046a481 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Wed, 15 Oct 2014 23:16:34 -0300 Subject: [PATCH 14/22] Don't show widget when registrations are not allowed. #5 (remove the setting allow registration and merge it with standard WP setting, fixes for social login/registration, disable social registration if registration is disabled --- WP_Auth0.php | 27 +++++++++++++++++++++------ lib/WP_Auth0_Admin.php | 20 +++++++++++++++++--- lib/WP_Auth0_Options.php | 1 - lib/WP_Auth0_Users.php | 8 ++++++-- templates/auth0-login-form.php | 14 ++++---------- 5 files changed, 48 insertions(+), 22 deletions(-) diff --git a/WP_Auth0.php b/WP_Auth0.php index 4be03b6ca..964d96fe7 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -349,10 +349,11 @@ private static function findAuth0User($id) { JOIN ' . $wpdb->users . ' u ON a.wp_id = u.id WHERE a.auth0_id = %s'; $userRow = $wpdb->get_row($wpdb->prepare($sql, $id)); - if (is_null($userRow) || $userRow instanceof WP_Error ) { + if (is_null($userRow)) { + return null; + }elseif($userRow instanceof WP_Error ) { self::insertAuth0Error('findAuth0User',$userRow); - return null; } $user = new WP_User(); @@ -377,7 +378,7 @@ private static function insertAuth0User($userinfo, $user_id) { ); } - private static function insertAuth0Error($section, WP_Error $wp_error) { + public static function insertAuth0Error($section, WP_Error $wp_error) { global $wpdb; $wpdb->insert( $wpdb->auth0_error_logs, @@ -465,10 +466,12 @@ private static function login_user( $userinfo, $data ){ // If the user has a verified email or is a database user try to see if there is // a user to join with. The isDatabase is because we don't want to allow database // user creation if there is an existing one with no verified email - if ($userinfo->email_verified || $isDatabaseUser) { + if ((isset($userinfo->email_verified) && $userinfo->email_verified) || $isDatabaseUser) { $joinUser = get_user_by( 'email', $userinfo->email ); } + $allow_signup = WP_Auth0_Options::is_wp_registration_enabled(); + if (!is_null($joinUser) && $joinUser instanceof WP_User) { // If we are here, we have a potential join user // Don't allow creation or assignation of user if the email is not verified, that would @@ -477,13 +480,20 @@ private static function login_user( $userinfo, $data ){ self::dieWithVerifyEmail($userinfo, $data); } $user_id = $joinUser->ID; - } else { + } elseif ($allow_signup) { // If we are here, we need to create the user $user_id = (int)WP_Auth0_Users::create_user($userinfo); // Check if user was created - if($user_id == -2){ + if( is_wp_error($user_id) ) { + $msg = __('Error: Could not create user.', WPA0_LANG); + $msg = ' ' . $user_id->get_error_message(); + $msg .= '

'; + $msg .= '' . __('← Go back', WPA0_LANG) . ''; + wp_die($msg); + + }elseif($user_id == -2){ $msg = __('Error: Could not create user. The registration process were rejected. Please verify that your account is whitelisted for this system.', WPA0_LANG); $msg .= '

'; $msg .= '' . __('← Go back', WPA0_LANG) . ''; @@ -495,6 +505,11 @@ private static function login_user( $userinfo, $data ){ $msg .= '' . __('← Go back', WPA0_LANG) . ''; wp_die($msg); } + } else { + $msg = __('Error: Could not create user. The registration process is not available.', WPA0_LANG); + $msg .= '

'; + $msg .= '' . __('← Go back', WPA0_LANG) . ''; + wp_die($msg); } // If we are here we should have a valid $user_id with a new user or an existing one // log him in, and update the auth0_user table diff --git a/lib/WP_Auth0_Admin.php b/lib/WP_Auth0_Admin.php index e811c405f..796eaaf98 100755 --- a/lib/WP_Auth0_Admin.php +++ b/lib/WP_Auth0_Admin.php @@ -194,9 +194,23 @@ public static function render_verified_email () { } public static function render_allow_signup () { - $v = absint(WP_Auth0_Options::get( 'allow_signup' )); - echo ''; - echo '
' . __('If you have database connection you can allow users to signup in the widget', WPA0_LANG) . ''; + $allow_signup = WP_Auth0_Options::is_wp_registration_enabled(); + + echo '' . __('Signup will be ', WPA0_LANG); + + if ($allow_signup){ + echo '' . __('disabled', WPA0_LANG) . ''; + echo __(' because you have turned on the setting " Anyone can register" off WordPress', WPA0_LANG) . '
'; + } + else{ + echo '' . __('enabled', WPA0_LANG) . ''; + echo __(' because you have turned on the setting " Anyone can register" on WordPress', WPA0_LANG) . '
'; + } + + + + echo __('You can manage this setting on Settings > General > Membership, Anyone can register', WPA0_LANG) . ''; + } public static function render_allow_wordpress_login () { diff --git a/lib/WP_Auth0_Options.php b/lib/WP_Auth0_Options.php index e1db34015..da5d445be 100755 --- a/lib/WP_Auth0_Options.php +++ b/lib/WP_Auth0_Options.php @@ -52,7 +52,6 @@ private static function defaults(){ 'ip_ranges' => '', 'cdn_url' => '//cdn.auth0.com/js/lock-6.min.js', 'requires_verified_email' => true, - 'allow_signup' => true, 'wordpress_login_enabled' => true, 'dict' => '', 'social_big_buttons' => false, diff --git a/lib/WP_Auth0_Users.php b/lib/WP_Auth0_Users.php index 3dceef099..552f786e5 100644 --- a/lib/WP_Auth0_Users.php +++ b/lib/WP_Auth0_Users.php @@ -1,7 +1,11 @@ email; + $email = null; + if (isset($userinfo->email)) + { + $email = $userinfo->email; + } if (empty($email)) { $email = "change_this_email@" . uniqid() .".com"; } @@ -46,7 +50,7 @@ public static function create_user( $userinfo ){ $user_id = wp_insert_user( $user_data ); if(!is_numeric($user_id)) - return -1; + return $user_id; do_action( 'wpa0_user_created', $user_id, $email, $password, $firstname, $lastname ); diff --git a/templates/auth0-login-form.php b/templates/auth0-login-form.php index 8a234538e..78420819b 100644 --- a/templates/auth0-login-form.php +++ b/templates/auth0-login-form.php @@ -6,12 +6,7 @@ $domain = WP_Auth0_Options::get('domain'); $cdn = WP_Auth0_Options::get('cdn_url'); -$allow_signup = false; - -if (WP_Auth0_Options::is_wp_registration_enabled()) -{ - $allow_signup = WP_Auth0_Options::get('allow_signup') == 1; -} +$allow_signup = WP_Auth0_Options::is_wp_registration_enabled(); $extra_css = apply_filters( 'auth0_login_css', ''); $showAsModal = (isset($specialSettings['show_as_modal']) && $specialSettings['show_as_modal'] == 1); @@ -95,17 +90,16 @@ $options_obj['container'] = 'auth0-login-form'; } + if (!$allow_signup) { + $options_obj['disableSignupAction'] = true; + } $options = json_encode($options_obj); ?> function a0ShowLoginModal() { var options = ; - lock.show(options, callback); - - lock.showSignin(options, callback); - } From 1c5039cc2db8d2cf8c95d2d05039c22745c48a38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Wed, 15 Oct 2014 23:28:13 -0300 Subject: [PATCH 15/22] add nice error message when exchange of token returns 401 #11 (now it manages the errores when there is no code and an error instead) --- WP_Auth0.php | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/WP_Auth0.php b/WP_Auth0.php index 964d96fe7..99d2ba459 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -52,6 +52,9 @@ public static function init(){ add_action( 'widgets_init', array(__CLASS__, 'wp_register_widget')); + add_filter('query_vars', array(__CLASS__, 'a0_register_query_vars')); + + $plugin = plugin_basename(__FILE__); add_filter("plugin_action_links_$plugin", array(__CLASS__, 'wp_add_plugin_settings_link')); @@ -65,6 +68,11 @@ public static function init(){ WP_Auth0_ErrorLog::init(); } + public static function a0_register_query_vars( $qvars ) { + $qvars[] = 'error_description'; + return $qvars; + } + public static function a0_render_message() { $message = null; @@ -241,6 +249,25 @@ public static function init_auth0(){ return; } + if (isset($wp_query->query_vars['error_description'])) + { + $msg = __('Sorry, there was a problem logging you in.', WPA0_LANG); + $msg .= '
'; + $msg .= ' '.$wp_query->query_vars['error_description']; + $msg .= '

'; + $msg .= '' . __('← Login', WPA0_LANG) . ''; + wp_die($msg); + } + if (isset($wp_query->query_vars['error'])) + { + $msg = __('Sorry, there was a problem logging you in.', WPA0_LANG); + $msg .= '
'; + $msg .= ' '.$wp_query->query_vars['error']; + $msg .= '

'; + $msg .= '' . __('← Login', WPA0_LANG) . ''; + wp_die($msg); + } + $code = $wp_query->query_vars['code']; $state = $wp_query->query_vars['state']; $stateFromGet = json_decode(stripcslashes($state)); From 7a1e7e5a69521058f29558ec5962fc63dcc408bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Wed, 15 Oct 2014 23:34:45 -0300 Subject: [PATCH 16/22] fix error handling & registration with social network (without email info) --- WP_Auth0.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/WP_Auth0.php b/WP_Auth0.php index 99d2ba459..3dfa8888d 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -249,7 +249,7 @@ public static function init_auth0(){ return; } - if (isset($wp_query->query_vars['error_description'])) + if (isset($wp_query->query_vars['error_description']) && trim($wp_query->query_vars['error_description']) != '') { $msg = __('Sorry, there was a problem logging you in.', WPA0_LANG); $msg .= '
'; @@ -258,7 +258,7 @@ public static function init_auth0(){ $msg .= '' . __('← Login', WPA0_LANG) . ''; wp_die($msg); } - if (isset($wp_query->query_vars['error'])) + if (isset($wp_query->query_vars['error']) && trim($wp_query->query_vars['error']) != '') { $msg = __('Sorry, there was a problem logging you in.', WPA0_LANG); $msg .= '
'; @@ -493,7 +493,8 @@ private static function login_user( $userinfo, $data ){ // If the user has a verified email or is a database user try to see if there is // a user to join with. The isDatabase is because we don't want to allow database // user creation if there is an existing one with no verified email - if ((isset($userinfo->email_verified) && $userinfo->email_verified) || $isDatabaseUser) { + + if (isset($userinfo->email) && ((isset($userinfo->email_verified) && $userinfo->email_verified) || $isDatabaseUser)) { $joinUser = get_user_by( 'email', $userinfo->email ); } From 32d12587ab035ac9a9b653a984edacfca1c64f0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Wed, 15 Oct 2014 23:38:37 -0300 Subject: [PATCH 17/22] added A0 icon --- assets/img/a0icon.png | Bin 0 -> 447 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 assets/img/a0icon.png diff --git a/assets/img/a0icon.png b/assets/img/a0icon.png new file mode 100644 index 0000000000000000000000000000000000000000..7748a404254e6ee4def6b7c335310175b3758b60 GIT binary patch literal 447 zcmV;w0YLtVP)`v_y$@jK`>e#1RG5d z3(F8L;j_q`jO$+1AC|eB|DTIJv!vjNAn865 zUrE}Lg!3V3SHL;YNfiuyvkATfTnOk}eFOaiz=Os01q@xI#=!P3!CR&)F!U$!*pExF zd1@!L{fea9M8fRr{)tc ptzNW2ui*YV(uHjRPe5Z?_D}t^elR`zJqG{)002ovPDHLkV1iQ=x@G_X literal 0 HcmV?d00001 From 5785aeb00708f9eee0e829bfd2ab610fe8f36b15 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Germ=C3=A1n=20Lena?= Date: Thu, 16 Oct 2014 21:39:23 -0300 Subject: [PATCH 18/22] Add option to enter custom CSS #21 --- README.md | 8 ++--- WP_Auth0.php | 3 ++ lib/WP_Auth0_Admin.php | 7 ++++ lib/WP_Auth0_Options.php | 1 + readme.txt | 8 ++--- templates/a0-widget-setup-form.php | 13 +++++++ templates/auth0-login-form.php | 55 +++++++++++++++++------------- 7 files changed, 61 insertions(+), 34 deletions(-) diff --git a/README.md b/README.md index 2e99b96e8..31fd765db 100644 --- a/README.md +++ b/README.md @@ -80,13 +80,11 @@ Under some situations, you may end up with a user with two accounts. **WordPres ### Can I customize the Login Widget? -You can style the login form by adding a filter like this +You can style the login form by adding your css on the "Customize the Login Widget CSS" Auth0 setting and the widget settings - add_filter( 'auth0_login_css', function() { - return "form a.a0-btn-small { background-color: red }"; - } ); + form a.a0-btn-small { background-color: red !important; } -The Login Widget is Open Source. For more information about it: https://github.com/auth0/widget +The Login Widget is Open Source. For more information about it: https://github.com/auth0/lock ### Can I access the user profile information? diff --git a/WP_Auth0.php b/WP_Auth0.php index 3dfa8888d..5a7002b3b 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -197,6 +197,9 @@ public static function buildSettings($settings) $options_obj['dict'] = $settings['dict']; } } + if (self::IsValid($settings,'custom_css')) { + $options_obj['customCSS'] = $settings['custom_css']; + } if (self::IsValid($settings,'social_big_buttons')) { $options_obj['socialBigButtons'] = self::GetBoolean($settings['social_big_buttons']); } diff --git a/lib/WP_Auth0_Admin.php b/lib/WP_Auth0_Admin.php index 796eaaf98..751133df0 100755 --- a/lib/WP_Auth0_Admin.php +++ b/lib/WP_Auth0_Admin.php @@ -65,6 +65,7 @@ public static function init_admin(){ array('id' => 'wpa0_social_big_buttons', 'name' => 'Show big social buttons', 'function' => 'render_social_big_buttons'), array('id' => 'wpa0_icon_url', 'name' => 'Icon URL', 'function' => 'render_icon_url'), array('id' => 'wpa0_gravatar', 'name' => 'Enable Gravatar integration', 'function' => 'render_gravatar'), + array('id' => 'wpa0_custom_css', 'name' => 'Customize the Login Widget CSS', 'function' => 'render_custom_css'), )); @@ -131,6 +132,12 @@ public static function render_dict(){ echo '
' . __('This is the widget\'s dict param.', WPA0_LANG) . '' . __('More info', WPA0_LANG) . ''; } + public static function render_custom_css(){ + $v = WP_Auth0_Options::get( 'custom_css' ); + echo ''; + echo '
' . __('This should be a valid CSS to customize the Auth0 login widget. ', WPA0_LANG) . '' . __('More info', WPA0_LANG) . ''; + } + public static function render_username_style(){ $v = WP_Auth0_Options::get( 'username_style' ); echo ''; diff --git a/lib/WP_Auth0_Options.php b/lib/WP_Auth0_Options.php index da5d445be..e812642a3 100755 --- a/lib/WP_Auth0_Options.php +++ b/lib/WP_Auth0_Options.php @@ -58,6 +58,7 @@ private static function defaults(){ 'username_style' => 'email', 'extra_conf' => '', 'remember_last_login' => true, + 'custom_css' => '', 'gravatar' => true, ); } diff --git a/readme.txt b/readme.txt index 998a88ff4..f4dff7067 100644 --- a/readme.txt +++ b/readme.txt @@ -105,13 +105,11 @@ Under some situations, you may end up with a user with two accounts. Wordpress a = Can I customize the Login Widget? = -You can style the login form by adding a filter like this +You can style the login form by adding your css on the "Customize the Login Widget CSS" Auth0 setting and the widget settings - add_filter( 'auth0_login_css', function() { - return "form a.a0-btn-small { background-color: red }"; - } ); + form a.a0-btn-small { background-color: red !important; } -The Login Widget is Open Source. For more information about it: https://github.com/auth0/widget +The Login Widget is Open Source. For more information about it: https://github.com/auth0/lock = Can I access the user profile information? = diff --git a/templates/a0-widget-setup-form.php b/templates/a0-widget-setup-form.php index 8f5df3c1f..81bd50547 100644 --- a/templates/a0-widget-setup-form.php +++ b/templates/a0-widget-setup-form.php @@ -10,6 +10,7 @@ $dict = isset($instance[ 'dict' ]) ? $instance[ 'dict' ] : ''; $extra_conf = isset($instance[ 'extra_conf' ]) ? $instance[ 'extra_conf' ] : ''; $remember_last_login = isset($instance[ 'remember_last_login' ]) ? $instance[ 'remember_last_login' ] : ''; +$custom_css = isset($instance[ 'custom_css' ]) ? $instance[ 'custom_css' ] : ''; ?> @@ -130,6 +131,18 @@ class="button-secondary">

+

+ + +
+ + + + +

diff --git a/templates/auth0-login-form.php b/templates/auth0-login-form.php index 78420819b..876fc093a 100644 --- a/templates/auth0-login-form.php +++ b/templates/auth0-login-form.php @@ -34,11 +34,42 @@ $stateObj = array("interim" => $interim_login, "uuid" =>uniqid()); $state = json_encode($stateObj); + +$options_obj = WP_Auth0::buildSettings(WP_Auth0_Options::get_options()); + +$options_obj = array_merge( array( + "callbackURL" => site_url('/index.php?auth0=1'), + "authParams" => array("state" => $state), +), $options_obj ); + +if (isset($specialSettings)){ + $options_obj = array_merge( $options_obj , $specialSettings ); +} + +if (!$showAsModal){ + $options_obj['container'] = 'auth0-login-form'; +} + +if (!$allow_signup) { + $options_obj['disableSignupAction'] = true; +} +$options = json_encode($options_obj); + if(empty($client_id) || empty($domain)){ ?>

+ + + + + + + +