Fix Connection update over-writing Connection settings.

auth0 · Nov 7, 2018 · e482fec · e482fec
1 parent 1ea429c
commit e482fec
Show file tree

Hide file tree

Showing 5 changed files with 46 additions and 26 deletions.
diff --git a/lib/WP_Auth0_Api_Client.php b/lib/WP_Auth0_Api_Client.php
@@ -611,6 +611,17 @@ public static function get_connection( $domain, $app_token, $id ) {
 		return json_decode( $response['body'] );
 	}
 
+	/**
+	 * Update a Connection via the Management API.
+	 * Note: $payload must be a complete settings object, not just the property to change.
+	 *
+	 * @param string $domain - Auth0 Domain.
+	 * @param string $app_token - Valid Auth0 Management API token.
+	 * @param string $id - DB Connection ID.
+	 * @param stdClass $payload - DB Connection settings, will override existing.
+	 *
+	 * @return bool|object
+	 */
 	public static function update_connection( $domain, $app_token, $id, $payload ) {
 		$endpoint = "https://$domain/api/v2/connections/$id";
 
@@ -619,6 +630,10 @@ public static function update_connection( $domain, $app_token, $id, $payload ) {
 		$headers['Authorization'] = "Bearer $app_token";
 		$headers['content-type']  = 'application/json';
 
+		unset( $payload->name );
+		unset( $payload->strategy );
+		unset( $payload->id );
+
 		$response = wp_remote_post(
 			$endpoint,
 			array(

diff --git a/lib/WP_Auth0_Api_Operations.php b/lib/WP_Auth0_Api_Operations.php
@@ -30,10 +30,6 @@ public function update_wordpress_connection( $app_token, $connection_id, $passwo
 		$connection->options->customScripts->login    = $login_script;
 		$connection->options->customScripts->get_user = $get_user_script;
 
-		unset( $connection->name );
-		unset( $connection->strategy );
-		unset( $connection->id );
-
 		WP_Auth0_Api_Client::update_connection( $domain, $app_token, $connection_id, $connection );
 
 	}
@@ -107,26 +103,21 @@ public function create_wordpress_connection( $app_token, $migration_enabled, $pa
 		$connections   = WP_Auth0_Api_Client::search_connection( $domain, $app_token, 'auth0' );
 		$db_connection = null;
 
-		$migration_connection_id = $response->id;
+		$created_connection_id = $response->id;
 
 		foreach ( $connections as $connection ) {
-			if ( $migration_connection_id != $connection->id && in_array( $client_id, $connection->enabled_clients ) ) {
-				$db_connection = $connection;
-
-				$enabled_clients = array_diff( $db_connection->enabled_clients, array( $client_id ) );
-
+			if ( $created_connection_id != $connection->id && in_array( $client_id, $connection->enabled_clients ) ) {
+				$connection->enabled_clients = array_diff( $connection->enabled_clients, array( $client_id ) );
 				WP_Auth0_Api_Client::update_connection(
 					$domain,
 					$app_token,
-					$db_connection->id,
-					array(
-						'enabled_clients' => array_values( $enabled_clients ),
-					)
+					$connection->id,
+					$connection
 				);
 			}
 		}
 
-		return $migration_connection_id;
+		return $created_connection_id;
 	}
 
 	// $input['geo_rule'] = ( isset( $input['geo_rule'] ) ? $input['geo_rule'] : 0 );

diff --git a/lib/admin/WP_Auth0_Admin_Advanced.php b/lib/admin/WP_Auth0_Admin_Advanced.php
@@ -741,10 +741,6 @@ public function migration_ws_validation( $old_options, $input ) {
 					$connection->options->enabledDatabaseCustomization = false;
 					$connection->options->import_mode                  = false;
 
-					unset( $connection->name );
-					unset( $connection->strategy );
-					unset( $connection->id );
-
 					$response = WP_Auth0_Api_Client::update_connection( $input['domain'], $input['auth0_app_token'], $old_options['db_connection_id'], $connection );
 				} else {
 					$response = false;

diff --git a/lib/admin/WP_Auth0_Admin_Features.php b/lib/admin/WP_Auth0_Admin_Features.php
@@ -427,8 +427,8 @@ public function security_validation( $old_options, $input ) {
 
 			foreach ( $connections as $connection ) {
 				if ( in_array( $input['client_id'], $connection->enabled_clients ) ) {
-					$patch       = array( 'options' => array( 'passwordPolicy' => $input['password_policy'] ) );
-					$update_resp = WP_Auth0_Api_Client::update_connection( $domain, $app_token, $connection->id, $patch );
+					$connection['options']['passwordPolicy'] = $input['password_policy'];
+					$update_resp = WP_Auth0_Api_Client::update_connection( $domain, $app_token, $connection->id, $connection );
 
 					if ( false === $update_resp ) {
 						$this->add_validation_error(

diff --git a/lib/initial-setup/WP_Auth0_InitialSetup_Consent.php b/lib/initial-setup/WP_Auth0_InitialSetup_Consent.php
@@ -16,6 +16,16 @@ public function __construct( WP_Auth0_Options $a0_options ) {
 	public function render( $step ) {
 	}
 
+	/**
+	 * Used by both Setup Wizard installation flows.
+	 * Called in WP_Auth0_InitialSetup_ConnectionProfile::callback() when an API token is used during install.
+	 * Called in self::callback() when returning from consent URL install.
+	 *
+	 * @param string $domain - Auth0 domain for the Application.
+	 * @param string $access_token - Management API access token.
+	 * @param string $type - Installation type, "social" (AKA standard) or "enterprise".
+	 * @param bool $hasInternetConnection - True if the installing site be reached by Auth0, false if not.
+	 */
 	public function callback_with_token( $domain, $access_token, $type, $hasInternetConnection = true ) {
 
 		$this->a0_options->set( 'auth0_app_token', $access_token );
@@ -92,6 +102,12 @@ public function exchange_code() {
 		return $obj->access_token;
 	}
 
+	/**
+	 * Used by both Setup Wizard installation flows.
+	 * Called by self::callback_with_token() to create a Client, Connection, and Client Grant.
+	 *
+	 * @param $name
+	 */
 	public function consent_callback( $name ) {
 
 		$domain    = $this->a0_options->get( 'domain' );
@@ -128,19 +144,21 @@ public function consent_callback( $name ) {
 		$connection_exists     = false;
 		$connection_pwd_policy = null;
 
-		$connections = WP_Auth0_Api_Client::search_connection( $domain, $app_token );
+		$connections = WP_Auth0_Api_Client::search_connection( $domain, $app_token, 'auth0' );
 
 		foreach ( $connections as $connection ) {
 
 			if ( in_array( $client_id, $connection->enabled_clients ) ) {
-				if ( $connection->strategy === 'auth0' && $should_create_and_update_connection ) {
+				if ( $should_create_and_update_connection ) {
 
 					if ( $db_connection_name === $connection->name ) {
 						$connection_exists     = $connection->id;
-						$connection_pwd_policy = ( isset( $connection->options ) && isset( $connection->options->passwordPolicy ) ) ? $connection->options->passwordPolicy : null;
+						if ( isset( $connection->options ) && isset( $connection->options->passwordPolicy ) ) {
+							$connection_pwd_policy = $connection->options->passwordPolicy;
+						}
 					} else {
-						$enabled_clients = array_diff( $connection->enabled_clients, array( $client_id ) );
-						WP_Auth0_Api_Client::update_connection( $domain, $app_token, $connection->id, array( 'enabled_clients' => array_values( $enabled_clients ) ) );
+						$connection->enabled_clients = array_diff( $connection->enabled_clients, array( $client_id ) );
+						WP_Auth0_Api_Client::update_connection( $domain, $app_token, $connection->id, $connection );
 					}
 				}
 			}