auth0 · joshcanhelp · Apr 5, 2018 · Mar 28, 2018
diff --git a/lib/WP_Auth0_Import_Settings.php b/lib/WP_Auth0_Import_Settings.php
@@ -18,15 +18,10 @@ public function init() {
 	}
 
 	public function show_error() {
-?>
-		<div id="message" class="error">
-			<p>
-				<strong>
-					<?php echo $_REQUEST['error']; ?>
-				</strong>
-			</p>
-		</div>
-		<?php
+		printf(
+			'<div class="notice notice-error"><p><strong>%s</strong></p></div>',
+			sanitize_text_field( $_REQUEST['error'] )
+		);
 	}
 
 	public function render_import_settings_page() {

diff --git a/lib/admin/WP_Auth0_Admin.php b/lib/admin/WP_Auth0_Admin.php
@@ -70,16 +70,10 @@ public function admin_enqueue() {
 			return;
 		}
 
-		$client_id = $this->a0_options->get( 'client_id' );
-		$secret = $this->a0_options->get( 'client_secret' );
-		$domain = $this->a0_options->get( 'domain' );
-
-		if ( empty( $client_id ) || empty( $secret ) || empty( $domain ) ) {
+		if ( ! WP_Auth0::ready() ) {
 			add_action( 'admin_notices', array( $this, 'create_account_message' ) );
 		}
 
-		$this->validate_required_api_scopes();
-
 		wp_enqueue_media();
 		wp_enqueue_script( 'wpa0_admin', WPA0_PLUGIN_URL . 'assets/js/admin.js' );
 		wp_enqueue_script( 'wpa0_async', WPA0_PLUGIN_URL . 'assets/lib/async.min.js' );
@@ -94,25 +88,9 @@ public function admin_enqueue() {
 			) );
 	}
 
-	protected function validate_required_api_scopes() {
-		$app_token = $this->a0_options->get( 'auth0_app_token' );
-		if ( ! $app_token ) {
-			add_action( 'admin_notices', array( $this, 'cant_connect_to_auth0' ) );
-		}
-	}
-
+	// TODO: Deprecate, not used
 	public function cant_connect_to_auth0() {
-?>
-		<div id="message" class="error">
-			<p>
-				<strong>
-					<?php echo __( 'The current user is not authorized to manage the Auth0 account. You must be both a WordPress site administrator and a user known to Auth0 to control Auth0 from this settings page. Please see the', 'wp-auth0' ); ?>
-					<a href="https://auth0.com/docs/cms/wordpress/troubleshoot#the-settings-page-shows-me-this-warning-the-current-user-is-not-authorized-to-manage-the-auth0-account-"><?php echo __( 'documentation', 'wp-auth0' ); ?></a>
-					<?php echo __( 'for more information.', 'wp-auth0' ); ?>
-				</strong>
-			</p>
-		</div>
-		<?php
+		// Not used
 	}
 
 	public function init_admin() {
@@ -159,18 +137,20 @@ public function input_validator( $input ) {
 		return $input;
 	}
 
+	/**
+	 * Show a message on all Auth0 admin pages when the plugin is not ready to process logins
+	 */
 	public function create_account_message() {
-?>
-		<div id="message" class="updated">
-			<p>
-				<strong>
-					<?php echo __( 'In order to use this plugin, you need to first', 'wp-auth0' ); ?>
-					<a target="_blank" href="https://manage.auth0.com/#/applications"><?php echo __( 'create an application', 'wp-auth0' ); ?></a>
-					<?php echo __( ' on Auth0 and copy the information here.', 'wp-auth0' ); ?>
-				</strong>
-			</p>
-		</div>
-		<?php
+		printf(
+			'<div class="update-nag">%s<strong><a href="%s">%s</a></strong>%s
+			<strong><a href="https://auth0.com/docs/cms/wordpress/installation#manual-setup" target="_blank">
+			%s</a></strong>.</div>',
+			__( 'Login by Auth0 is not yet configured. Please use the ', 'wp-auth0' ),
+			admin_url( 'admin.php?page=wpa0-setup' ),
+			__( 'Setup Wizard', 'wp-auth0' ),
+			__( ' or follow the ', 'wp-auth0' ),
+			__( 'Manual setup instructions', 'wp-auth0' )
+		);
 	}
 
 	protected function get_social_connection( $provider, $name, $icon ) {

diff --git a/lib/initial-setup/WP_Auth0_InitialSetup.php b/lib/initial-setup/WP_Auth0_InitialSetup.php
@@ -37,15 +37,6 @@ public function init() {
 				add_action( 'admin_notices', array( $this, 'notify_error' ) );
 			}
 		}
-		if ( ! isset( $_REQUEST['page'] ) || 'wpa0-setup' !== $_REQUEST['page'] ) {
-			$client_id = $this->a0_options->get( 'client_id' );
-			$client_secret = $this->a0_options->get( 'client_secret' );
-			$domain = $this->a0_options->get( 'domain' );
-
-			if ( ( ! $client_id ) || ( ! $client_secret ) || ( ! $domain ) ) {
-				add_action( 'admin_notices', array( $this, 'notify_setup' ) );
-			}
-		}
 
 		if ( isset( $_REQUEST['error'] ) && 'cant_create_client' == $_REQUEST['error'] ) {
 			add_action( 'admin_notices', array( $this, 'cant_create_client_message' ) );
@@ -87,20 +78,13 @@ public function admin_enqueue() {
 		wp_enqueue_style( 'media' );
 	}
 
+	// TODO: Deprecate
 	public function notify_setup() {
-?>
-  		<div class="update-nag">
-        Auth0 for WordPress is not yet configured. Click <a href="<?php echo admin_url( 'admin.php?page=wpa0-setup' ); ?>">HERE</a> to configure the Auth0 for WordPress plugin using the Quick Setup Wizard.
-  		</div>
-  		<?php
+		// Not used
 	}
 
 	public function notify_error() {
-?>
-  		<div class="error">
-        <?php echo $_REQUEST['error']; ?>
-  		</div>
-  		<?php
+		printf( '<div class="notice notice-error">%s</div>', strip_tags( $_REQUEST['error'] ) );
 	}
 
 	public function render_setup_page() {
@@ -199,7 +183,6 @@ public function cant_exchange_token_message() {
 	}
 
 	public function rejected_message() {
-		$domain = $this->a0_options->get( 'domain' );
 ?>
       <div id="message" class="error">
         <p>
@@ -210,10 +193,10 @@ public function rejected_message() {
       </div>
       <?php
 	}
+
 	public function access_denied() {
-		$domain = $this->a0_options->get( 'domain' );
 ?>
-  		<div id="message" class="error">
+  		<div class="notice notice-error">
   			<p>
   				<strong>
   					<?php echo __( 'Please create your Auth0 account first at ', 'wp-auth0' ); ?>