From 24daf1bf4fb7df58b0c2a57616d931382ba3518c Mon Sep 17 00:00:00 2001
From: Martin Walsh <martin.walsh@gmail.com>
Date: Fri, 23 Jun 2017 15:02:19 +0100
Subject: [PATCH 1/2] Fixed base64 secret flag migration path for older
 versions of plugin Fixed base64 flag to always use boolean

---
 WP_Auth0.php                       | 6 +++---
 lib/WP_Auth0_DBManager.php         | 8 ++++++++
 lib/WP_Auth0_Options.php           | 2 +-
 lib/admin/WP_Auth0_Admin_Basic.php | 3 +--
 4 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/WP_Auth0.php b/WP_Auth0.php
index a8ec9de2..04e2d724 100644
--- a/WP_Auth0.php
+++ b/WP_Auth0.php
@@ -2,7 +2,7 @@
 /**
  * Plugin Name: PLUGIN_NAME
  * Description: PLUGIN_DESCRIPTION
- * Version: 3.2.21
+ * Version: 3.2.22
  * Author: Auth0
  * Author URI: https://auth0.com
  */
@@ -10,8 +10,8 @@
 define( 'WPA0_PLUGIN_DIR', trailingslashit( plugin_dir_path( __FILE__ ) ) );
 define( 'WPA0_PLUGIN_URL', trailingslashit( plugin_dir_url( __FILE__ ) ) );
 define( 'WPA0_LANG', 'wp-auth0' );
-define( 'AUTH0_DB_VERSION', 13 );
-define( 'WPA0_VERSION', '3.2.21' );
+define( 'AUTH0_DB_VERSION', 14 );
+define( 'WPA0_VERSION', '3.2.22' );
 
 /**
  * Main plugin class
diff --git a/lib/WP_Auth0_DBManager.php b/lib/WP_Auth0_DBManager.php
index fd63bc5f..0de21a1d 100644
--- a/lib/WP_Auth0_DBManager.php
+++ b/lib/WP_Auth0_DBManager.php
@@ -133,6 +133,14 @@ public function install_db() {
       }
     }
 
+	if ( $this->current_db_version < 14 && is_null($options->get('client_secret_b64_encoded' ))) {
+		if ( $options->get('client_id' )) {
+			$options->set('client_secret_b64_encoded', true);
+		} else {
+			$options->set('client_secret_b64_encoded', false);
+		}
+	}
+
 		$this->current_db_version = AUTH0_DB_VERSION;
 		update_option( 'auth0_db_version', AUTH0_DB_VERSION );
 	}
diff --git a/lib/WP_Auth0_Options.php b/lib/WP_Auth0_Options.php
index 8d487500..ba61a86f 100755
--- a/lib/WP_Auth0_Options.php
+++ b/lib/WP_Auth0_Options.php
@@ -58,7 +58,7 @@ protected function defaults() {
 			'auto_login_method' => '',
 			'client_id' => '',
 			'client_secret' => '',
-			'client_secret_b64_encoded' => false,
+			'client_secret_b64_encoded' => null,
 			'domain' => '',
 			'form_title' => '',
 			'icon_url' => '',
diff --git a/lib/admin/WP_Auth0_Admin_Basic.php b/lib/admin/WP_Auth0_Admin_Basic.php
index 68777d48..3746e846 100644
--- a/lib/admin/WP_Auth0_Admin_Basic.php
+++ b/lib/admin/WP_Auth0_Admin_Basic.php
@@ -174,10 +174,9 @@ public function basic_validation( $old_options, $input ) {
 
 		// Only replace the secret or token if a new value was set. If not, we will keep the last one entered.
 		$input['client_secret'] = ( !empty( $input['client_secret'] ) ? $input['client_secret'] : $old_options['client_secret'] );
-		$input['client_secret_b64_encoded'] = ( isset( $input['client_secret_b64_encoded'] ) ? $input['client_secret_b64_encoded'] : 0 );
+		$input['client_secret_b64_encoded'] = ( isset( $input['client_secret_b64_encoded'] ) ? $input['client_secret_b64_encoded'] == 1 : false );
 		$input['auth0_app_token'] = ( !empty( $input['auth0_app_token'] ) ? $input['auth0_app_token'] : $old_options['auth0_app_token'] );
 
-
 		$error = '';
 		$completeBasicData = true;
 		if ( empty( $input['domain'] ) ) {

From 4dd0167694c7418156621b90f9cf49012fa374c2 Mon Sep 17 00:00:00 2001
From: Martin Walsh <martin.walsh@gmail.com>
Date: Fri, 23 Jun 2017 15:06:47 +0100
Subject: [PATCH 2/2] Tweak JWT Error

---
 WP_Auth0.php                       | 4 ++--
 lib/php-jwt/Authentication/JWT.php | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/WP_Auth0.php b/WP_Auth0.php
index 04e2d724..615fe3e9 100644
--- a/WP_Auth0.php
+++ b/WP_Auth0.php
@@ -2,7 +2,7 @@
 /**
  * Plugin Name: PLUGIN_NAME
  * Description: PLUGIN_DESCRIPTION
- * Version: 3.2.22
+ * Version: 3.2.21
  * Author: Auth0
  * Author URI: https://auth0.com
  */
@@ -11,7 +11,7 @@
 define( 'WPA0_PLUGIN_URL', trailingslashit( plugin_dir_url( __FILE__ ) ) );
 define( 'WPA0_LANG', 'wp-auth0' );
 define( 'AUTH0_DB_VERSION', 14 );
-define( 'WPA0_VERSION', '3.2.22' );
+define( 'WPA0_VERSION', '3.2.21' );
 
 /**
  * Main plugin class
diff --git a/lib/php-jwt/Authentication/JWT.php b/lib/php-jwt/Authentication/JWT.php
index c5feb407..39ad04f8 100644
--- a/lib/php-jwt/Authentication/JWT.php
+++ b/lib/php-jwt/Authentication/JWT.php
@@ -75,7 +75,7 @@ public static function decode($jwt, $key = null, $allowed_algs = array())
 
             // Check the signature
             if (!JWT::verify("$headb64.$bodyb64", $sig, $key, $header->alg)) {
-                throw new SignatureInvalidException('Signature verification failed, disabling "Settings \ Basic \ Client Secret Base64 Encoded" may resolve this issue.');
+                throw new SignatureInvalidException('Signature verification failed, check "Client Secret Base64 Encoded" value matches your Auth0 client.');
             }
 
             // Check if the nbf if it is defined. This is the time that the