Add query var for Auth0 login process success

WP_Auth0.php

@@ -616,7 +616,7 @@ function wp_auth0_filter_wp_redirect_lostpassword( $location ) {
  * @return string
  */
 function wp_auth0_filter_login_override_url( $wp_login_url ) {
-	if ( WP_Auth0_Options::Instance()->can_show_wp_login_form() && isset( $_REQUEST['wle'] ) ) {
+	if ( wp_auth0_can_show_wp_login_form() && isset( $_REQUEST['wle'] ) ) {
 		// We are on an override page.
 		$wp_login_url = add_query_arg( 'wle', $_REQUEST['wle'], $wp_login_url );
 	} elseif ( wp_auth0_is_current_login_action( array( 'resetpass' ) ) ) {
@@ -634,7 +634,7 @@ function wp_auth0_filter_login_override_url( $wp_login_url ) {
  * Add the core WP form override to the lost password and login forms.
  */
 function wp_auth0_filter_login_override_form() {
-	if ( WP_Auth0_Options::Instance()->can_show_wp_login_form() && isset( $_REQUEST['wle'] ) ) {
+	if ( wp_auth0_can_show_wp_login_form() && isset( $_REQUEST['wle'] ) ) {
 		printf( '<input type="hidden" name="wle" value="%s" />', $_REQUEST['wle'] );
 	}
 }
@@ -650,7 +650,7 @@ function wp_auth0_filter_login_override_form() {
  * @return array
  */
 function wp_auth0_filter_body_class( array $classes ) {
-	if ( WP_Auth0_Options::Instance()->can_show_wp_login_form() ) {
+	if ( wp_auth0_can_show_wp_login_form() ) {
 		$classes[] = 'a0-show-core-login';
 	}
 	return $classes;

functions.php

@@ -31,7 +31,10 @@ function wp_auth0_get_option( $key, $default = null ) {
 function wp_auth0_is_current_login_action( array $actions ) {
 
 	// Not on wp-login.php.
-	if ( ! isset( $GLOBALS['pagenow'] ) || 'wp-login.php' !== $GLOBALS['pagenow'] ) {
+	if (
+		( isset( $GLOBALS['pagenow'] ) && 'wp-login.php' !== $GLOBALS['pagenow'] ) &&
+		! function_exists( 'login_header' )
+	) {
 		return false;
 	}
 
@@ -71,8 +74,11 @@ function wp_auth0_can_show_wp_login_form() {
 		return true;
 	}
 
-	$current_login_action = isset( $_REQUEST['action'] ) ? $_REQUEST['action'] : null;
-	if ( in_array( $current_login_action, array( 'resetpass', 'rp' ) ) ) {
+	if ( wp_auth0_is_current_login_action( array( 'resetpass', 'rp', 'validate_2fa' ) ) ) {
+		return true;
+	}
+
+	if ( get_query_var( 'auth0_login_successful' ) ) {
 		return true;
 	}
 

lib/WP_Auth0_LoginManager.php

@@ -110,7 +110,7 @@ public function login_auto() {
 		}
 
 		// Do not redirect login page override.
-		if ( $this->a0_options->can_show_wp_login_form() ) {
+		if ( wp_auth0_can_show_wp_login_form() ) {
 			return false;
 		}
 
@@ -152,6 +152,8 @@ public function login_auto() {
 	 */
 	public function init_auth0() {
 
+		set_query_var( 'auth0_login_successful', false );
+
 		// Not an Auth0 login process or settings are not configured to allow logins.
 		if ( ! $this->query_vars( 'auth0' ) || ! WP_Auth0::ready() ) {
 			return false;
@@ -447,6 +449,8 @@ private function do_login( $user, $userinfo, $is_new, $id_token, $access_token,
 			throw new WP_Auth0_BeforeLoginException( $e->getMessage() );
 		}
 
+		set_query_var( 'auth0_login_successful', true );
+
 		$secure_cookie = is_ssl();
 
 		// See wp_signon() for documentation on this filter.

lib/WP_Auth0_WooCommerceOverrides.php

@@ -45,7 +45,7 @@ private function render_login_form( $redirectPage ) {
 	public function override_woocommerce_checkout_login_form( $html ) {
 		$this->render_login_form( 'checkout' );
 
-		if ( $this->options->can_show_wp_login_form() ) {
+		if ( wp_auth0_can_show_wp_login_form() ) {
 			echo '<style>.woocommerce-checkout .woocommerce-info{display:block;}</style>';
 		}
 	}

phpcs-test-ruleset.xml

@@ -41,5 +41,8 @@
     <rule ref="Squiz.Commenting.FunctionComment">
         <exclude name="Squiz.Commenting.FunctionComment.Missing"/>
     </rule>
+    <rule ref="Generic.Commenting">
+        <exclude name="Generic.Commenting.DocComment.MissingShort"/>
+    </rule>
 
 </ruleset>

templates/login-form.php

@@ -5,7 +5,7 @@ function renderAuth0Form( $canShowLegacyLogin = true, $specialSettings = array()
 	}
 
 	$options = WP_Auth0_Options::Instance();
-	if ( ! $canShowLegacyLogin || ! $options->can_show_wp_login_form() ) {
+	if ( ! $canShowLegacyLogin || ! wp_auth0_can_show_wp_login_form() ) {
 		$lock_options = new WP_Auth0_Lock10_Options( $specialSettings );
 		$use_sso      = ! isset( $_GET['skip_sso'] ) && $options->get( 'sso', false );