diff --git a/README.md b/README.md index 2c7f7124..dc85488e 100644 --- a/README.md +++ b/README.md @@ -182,7 +182,6 @@ And can be customized by adding the following parameters: * social_big_buttons: boolean * gravatar: boolean * username_style: string, "email" or "username" -* remember_last_login: boolean * icon_url: string (valid url) * extra_conf: string, valid json * show_as_modal: boolean diff --git a/WP_Auth0.php b/WP_Auth0.php index f3fc4aa9..e2eb870f 100644 --- a/WP_Auth0.php +++ b/WP_Auth0.php @@ -2,7 +2,7 @@ /** * Plugin Name: PLUGIN_NAME * Description: PLUGIN_DESCRIPTION - * Version: 3.3.2 + * Version: 3.4.0 * Author: Auth0 * Author URI: https://auth0.com */ @@ -10,8 +10,8 @@ define( 'WPA0_PLUGIN_DIR', trailingslashit( plugin_dir_path( __FILE__ ) ) ); define( 'WPA0_PLUGIN_URL', trailingslashit( plugin_dir_url( __FILE__ ) ) ); define( 'WPA0_LANG', 'wp-auth0' ); // deprecated; do not use for translations -define( 'AUTH0_DB_VERSION', 14 ); -define( 'WPA0_VERSION', '3.3.2' ); +define( 'AUTH0_DB_VERSION', 15 ); +define( 'WPA0_VERSION', '4.0.0' ); /** * Main plugin class diff --git a/lib/WP_Auth0_Api_Client.php b/lib/WP_Auth0_Api_Client.php index c845e62f..ac15397a 100755 --- a/lib/WP_Auth0_Api_Client.php +++ b/lib/WP_Auth0_Api_Client.php @@ -225,9 +225,14 @@ public static function create_client( $domain, $app_token, $name ) { home_url( '/wp-login.php' ) ), "allowed_origins"=>array( - home_url( '/wp-login.php' ), - admin_url( '/admin.php?page=wpa0-setup&step=2&profile=social' ) + home_url( '/wp-login.php' ) + ), + "jwt_configuration" => array( + "alg" => "RS256" ), + "app_type" => "regular_web", + "cross_origin_auth" => true, + "cross_origin_loc" => home_url('/index.php?auth0fallback=1','https'), "allowed_logout_urls" => array( $logout_url ), @@ -246,7 +251,21 @@ public static function create_client( $domain, $app_token, $name ) { return false; } - return json_decode( $response['body'] ); + $response = json_decode( $response['body'] ); + + // Workaround: Can't add `web_origin` on create + $payload = array( + "web_origins" => array(home_url()) + ); + $updateResponse = WP_Auth0_Api_Client::update_client($domain, $app_token, $response->client_id, false, $payload); + + if ( $updateClient instanceof WP_Error ) { + WP_Auth0_ErrorManager::insert_auth0_error( 'WP_Auth0_Api_Client::create_client', $updateResponse ); + error_log( $updateResponse->get_error_message() ); + return false; + } + + return $response; } public static function search_clients( $domain, $app_token ) { @@ -277,7 +296,7 @@ public static function search_clients( $domain, $app_token ) { return json_decode( $response['body'] ); } - public static function update_client( $domain, $app_token, $client_id, $sso ) { + public static function update_client( $domain, $app_token, $client_id, $sso, $payload = array() ) { $endpoint = "https://$domain/api/v2/clients/$client_id"; @@ -289,9 +308,7 @@ public static function update_client( $domain, $app_token, $client_id, $sso ) { $response = wp_remote_post( $endpoint , array( 'method' => 'PATCH', 'headers' => $headers, - 'body' => json_encode( array( - 'sso' => $sso, - ) ) + 'body' => json_encode( array_merge(array( 'sso' => boolval($sso)), $payload) ) ) ); if ( $response instanceof WP_Error ) { @@ -749,44 +766,44 @@ protected function convertCertToPem($cert) { public static function JWKfetch($domain) { - $a0_options = WP_Auth0_Options::Instance(); + $a0_options = WP_Auth0_Options::Instance(); - $endpoint = "https://$domain/.well-known/jwks.json"; + $endpoint = "https://$domain/.well-known/jwks.json"; $cache_expiration = $a0_options->get('cache_expiration'); - if ( false === ($secret = get_transient('WP_Auth0_JWKS_cache') ) ) { + if ( false === ($secret = get_transient('WP_Auth0_JWKS_cache') ) ) { - $secret = []; + $secret = []; - $response = wp_remote_get( $endpoint, array() ); + $response = wp_remote_get( $endpoint, array() ); - if ( $response instanceof WP_Error ) { - WP_Auth0_ErrorManager::insert_auth0_error( 'WP_Auth0_Api_Client::JWK_fetch', $response ); - error_log( $response->get_error_message() ); - return false; - } - - if ( $response['response']['code'] != 200 ) { - WP_Auth0_ErrorManager::insert_auth0_error( 'WP_Auth0_Api_Client::JWK_fetch', $response['body'] ); - error_log( $response['body'] ); - return false; - } + if ( $response instanceof WP_Error ) { + WP_Auth0_ErrorManager::insert_auth0_error( 'WP_Auth0_Api_Client::JWK_fetch', $response ); + error_log( $response->get_error_message() ); + return false; + } - if ( $response['response']['code'] >= 300 ) return false; + if ( $response['response']['code'] != 200 ) { + WP_Auth0_ErrorManager::insert_auth0_error( 'WP_Auth0_Api_Client::JWK_fetch', $response['body'] ); + error_log( $response['body'] ); + return false; + } - $jwks = json_decode($response['body'], true); + if ( $response['response']['code'] >= 300 ) return false; - foreach ($jwks['keys'] as $key) { - $secret[$key['kid']] = self::convertCertToPem($key['x5c'][0]); - } + $jwks = json_decode($response['body'], true); - if ($cache_expiration !== 0) { - set_transient( 'WP_Auth0_JWKS_cache', $secret, $cache_expiration * MINUTE_IN_SECONDS ); - } + foreach ($jwks['keys'] as $key) { + $secret[$key['kid']] = self::convertCertToPem($key['x5c'][0]); + } + if ($cache_expiration !== 0) { + set_transient( 'WP_Auth0_JWKS_cache', $secret, $cache_expiration * MINUTE_IN_SECONDS ); } - return $secret; } + + return $secret; + } } \ No newline at end of file diff --git a/lib/WP_Auth0_DBManager.php b/lib/WP_Auth0_DBManager.php index 0de21a1d..1e182936 100644 --- a/lib/WP_Auth0_DBManager.php +++ b/lib/WP_Auth0_DBManager.php @@ -35,28 +35,6 @@ public function install_db() { $cdn_url = $options->get( 'cdn_url' ); - if ( strpos( $cdn_url, 'auth0-widget-5' ) !== false || strpos( $cdn_url, 'lock-6' ) !== false ) { - $options->set( 'cdn_url', '//cdn.auth0.com/js/lock-9.1.min.js' ); - } - if ( strpos( $cdn_url, 'auth0-widget-5' ) !== false || strpos( $cdn_url, 'lock-8' ) !== false ) { - $options->set( 'cdn_url', '//cdn.auth0.com/js/lock-9.1.min.js' ); - } - if ( strpos( $cdn_url, 'auth0-widget-5' ) !== false || strpos( $cdn_url, 'lock-9.0' ) !== false ) { - $options->set( 'cdn_url', '//cdn.auth0.com/js/lock-9.1.min.js' ); - } - if ( strpos( $cdn_url, 'auth0-widget-5' ) !== false || strpos( $cdn_url, 'lock-9.1' ) !== false ) { - $options->set( 'cdn_url', '//cdn.auth0.com/js/lock-9.2.min.js' ); - } - if ( strpos( $cdn_url, '10.0' ) !== false ) { - $options->set( 'cdn_url', '//cdn.auth0.com/js/lock/10.3/lock.min.js' ); - } - if ( strpos( $cdn_url, '10.1' ) !== false ) { - $options->set( 'cdn_url', '//cdn.auth0.com/js/lock/10.3/lock.min.js' ); - } - if ( strpos( $cdn_url, '10.2' ) !== false ) { - $options->set( 'cdn_url', '//cdn.auth0.com/js/lock/10.3/lock.min.js' ); - } - if ( $this->current_db_version <= 7 ) { if ( $options->get( 'db_connection_enabled' ) ) { @@ -141,6 +119,27 @@ public function install_db() { } } + if ( $this->current_db_version < 15 ) { + $options->set('use_lock_10', true); + $options->set('cdn_url', '//cdn.auth0.com/js/lock/11.0.0/lock.min.js'); + $options->set('auth0js-cdn', '//cdn.auth0.com/js/auth0/9.0.0/auth0.min.js'); + $options->set('cache_expiration', 1440); + + // Update Client + $client_id = $options->get( 'client_id' ); + $domain = $options->get( 'domain' ); + if (!empty($client_id) && !empty($domain)) { + $app_token = $options->get( 'auth0_app_token' ); + $sso = $options->get( 'sso' ); + $payload = array( + "cross_origin_auth" => true, + "cross_origin_loc" => home_url('/index.php?auth0fallback=1','https'), + "web_origins" => array(home_url()) + ); + $updateClient = WP_Auth0_Api_Client::update_client($domain, $app_token, $client_id, $sso, $payload); + $options->set('client_signing_algorithm', 'HS256'); + } + } $this->current_db_version = AUTH0_DB_VERSION; update_option( 'auth0_db_version', AUTH0_DB_VERSION ); } diff --git a/lib/WP_Auth0_Lock10_Options.php b/lib/WP_Auth0_Lock10_Options.php index 59a0126f..6f27ea5d 100644 --- a/lib/WP_Auth0_Lock10_Options.php +++ b/lib/WP_Auth0_Lock10_Options.php @@ -156,10 +156,6 @@ protected function build_settings( $settings ) { if ( $this->_is_valid( $settings, 'username_style' ) ) { $options_obj['usernameStyle'] = $settings['username_style']; } - if ( $this->_is_valid( $settings, 'remember_last_login' ) ) { - $options_obj['rememberLastLogin'] = $this->_get_boolean( $settings['remember_last_login'] ); - } - if ( $this->_is_valid( $settings, 'sso' ) ) { $options_obj['auth']['sso'] = $this->_get_boolean( $settings['sso'] ); } diff --git a/lib/WP_Auth0_Lock_Options.php b/lib/WP_Auth0_Lock_Options.php index c264bc17..74d6734a 100644 --- a/lib/WP_Auth0_Lock_Options.php +++ b/lib/WP_Auth0_Lock_Options.php @@ -155,9 +155,6 @@ protected function build_settings( $settings ) { if ( $this->_is_valid( $settings, 'username_style' ) ) { $options_obj['usernameStyle'] = $settings['username_style']; } - if ( $this->_is_valid( $settings, 'remember_last_login' ) ) { - $options_obj['rememberLastLogin'] = $this->_get_boolean( $settings['remember_last_login'] ); - } if ( $this->_is_valid( $settings, 'sso' ) ) { $options_obj['sso'] = $this->_get_boolean( $settings['sso'] ); } diff --git a/lib/WP_Auth0_LoginManager.php b/lib/WP_Auth0_LoginManager.php index 6d33c427..4acf1167 100755 --- a/lib/WP_Auth0_LoginManager.php +++ b/lib/WP_Auth0_LoginManager.php @@ -26,7 +26,7 @@ public function init() { add_action( 'wp_login', array( $this, 'end_session' ) ); add_action( 'login_init', array( $this, 'login_auto' ) ); add_action( 'template_redirect', array( $this, 'init_auth0' ), 1 ); - add_action( 'wp_footer', array( $this, 'auth0_sso_footer' ) ); + //add_action( 'wp_footer', array( $this, 'auth0_sso_footer' ) ); add_action( 'wp_footer', array( $this, 'auth0_singlelogout_footer' ) ); add_filter( 'login_message', array( $this, 'auth0_sso_footer' ) ); } @@ -73,6 +73,7 @@ public function auth0_singlelogout_footer( $previous_html ) { return; } + $lock_options = new WP_Auth0_Lock10_Options(); $cdn = $this->a0_options->get('auth0js-cdn'); $client_id = $this->a0_options->get( 'client_id' ); $domain = $this->a0_options->get( 'domain' ); diff --git a/lib/WP_Auth0_Options.php b/lib/WP_Auth0_Options.php index 16a47abb..a8666489 100755 --- a/lib/WP_Auth0_Options.php +++ b/lib/WP_Auth0_Options.php @@ -43,31 +43,27 @@ public function get_default($key) { return $defaults[$key]; } - - - public function get_client_secret_as_key() { + public function get_client_secret_as_key($legacy = false) { $secret = $this->get('client_secret', ''); - $isEncoded = $this->get('client_secret_b64_encoded', false); - - $isRS256 = $this->get_client_signing_algorithm() === 'RS256'; - - if ( $isRS256 ) { - $domain = $this->get( 'domain' ); + $isEncoded = $this->get('client_secret_b64_encoded', false); + $isRS256 = $legacy ? false : $this->get_client_signing_algorithm() === 'RS256'; - $secret = WP_Auth0_Api_Client::JWKfetch($domain); - - } else { - $secret = $isEncoded ? JWT::urlsafeB64Decode($secret) : $secret; - } + if ( $isRS256 ) { + $domain = $this->get( 'domain' ); + $secret = WP_Auth0_Api_Client::JWKfetch($domain); + } else { + $secret = $isEncoded ? JWT::urlsafeB64Decode($secret) : $secret; + } return $secret; } public function get_client_signing_algorithm() { - $client_signing_algorithm = $this->get('client_signing_algorithm', ''); + $client_signing_algorithm = $this->get('client_signing_algorithm', 'RS256'); return $client_signing_algorithm; } + protected function defaults() { return array( 'version' => 1, @@ -77,7 +73,7 @@ protected function defaults() { 'auto_login_method' => '', 'client_id' => '', 'client_secret' => '', - 'client_signing_algorithm' => 'HS256', + 'client_signing_algorithm' => 'RS256', 'cache_expiration' => 1440, 'client_secret_b64_encoded' => null, 'domain' => '', @@ -89,8 +85,8 @@ protected function defaults() { 'passwordless_enabled' => false, 'passwordless_method' => 'magiclink', 'passwordless_cdn_url' => '//cdn.auth0.com/js/lock-passwordless-2.2.min.js', - 'use_lock_10' => null, - 'cdn_url' => '//cdn.auth0.com/js/lock/10.7/lock.min.js', + 'use_lock_10' => true, + 'cdn_url' => '//cdn.auth0.com/js/lock/11.0.0/lock.min.js', 'cdn_url_legacy' => '//cdn.auth0.com/js/lock-9.2.min.js', 'requires_verified_email' => true, 'wordpress_login_enabled' => true, @@ -104,7 +100,6 @@ protected function defaults() { 'social_big_buttons' => false, 'username_style' => '', 'extra_conf' => '', - 'remember_last_login' => true, 'custom_css' => '', 'custom_js' => '', 'auth0_implicit_workflow' => false, @@ -143,9 +138,8 @@ protected function defaults() { 'auto_provisioning' => false, 'default_login_redirection' => home_url(), - 'auth0_server_domain' => 'auth0.auth0.com', - - 'auth0js-cdn' => '//cdn.auth0.com/js/auth0/8.2.0/auth0.min.js', + 'auth0_server_domain' => 'auth0.auth0.com', + 'auth0js-cdn' => '//cdn.auth0.com/js/auth0/9.0.0/auth0.min.js', //DASHBOARD 'chart_idp_type' => 'donut', diff --git a/lib/WP_Auth0_Routes.php b/lib/WP_Auth0_Routes.php index 5b3a70be..0a5ecf07 100755 --- a/lib/WP_Auth0_Routes.php +++ b/lib/WP_Auth0_Routes.php @@ -14,6 +14,7 @@ public function init() { public function setup_rewrites( $force_ws =false ) { add_rewrite_tag( '%auth0%', '([^&]+)' ); + add_rewrite_tag( '%auth0fallback%', '([^&]+)' ); add_rewrite_tag( '%code%', '([^&]+)' ); add_rewrite_tag( '%state%', '([^&]+)' ); add_rewrite_tag( '%auth0_error%', '([^&]+)' ); @@ -31,6 +32,10 @@ public function setup_rewrites( $force_ws =false ) { public function custom_requests( $wp ) { $page = null; + if ( isset( $wp->query_vars['auth0fallback'] ) ) { + $page = 'coo-fallback'; + } + if ( isset( $wp->query_vars['a0_action'] ) ) { $page = $wp->query_vars['a0_action']; } @@ -44,10 +49,35 @@ public function custom_requests( $wp ) { case 'oauth2-config': $this->oauth2_config(); exit; case 'migration-ws-login': $this->migration_ws_login(); exit; case 'migration-ws-get-user': $this->migration_ws_get_user(); exit; + case 'coo-fallback': $this->coo_fallback(); exit; } } } + protected function coo_fallback() { + $cdn = $this->a0_options->get( 'auth0js-cdn' ); + $client_id = $this->a0_options->get( 'client_id' ); + $domain = $this->a0_options->get( 'domain' ); + $redirect_uri = home_url( '/index.php?auth0=1', $this->a0_options->get( 'force_https_callback' ) ); + echo << + + + + + + + +EOT; + } + protected function getAuthorizationHeader() { $authorization = false; @@ -84,7 +114,7 @@ protected function migration_ws_login() { $authorization = $this->getAuthorizationHeader(); $authorization = trim( str_replace( 'Bearer ', '', $authorization ) ); - $secret = $this->a0_options->get_client_secret_as_key(); + $secret = $this->a0_options->get_client_secret_as_key(true); $token_id = $this->a0_options->get( 'migration_token_id' ); $user = null; @@ -94,7 +124,7 @@ protected function migration_ws_login() { throw new Exception( 'Unauthorized: missing authorization header' ); } - $token = JWT::decode( $authorization, $secret, array( $this->a0_options->get_client_signing_algorithm() ) ); + $token = JWT::decode( $authorization, $secret); if ( $token->jti != $token_id ) { throw new Exception( 'Invalid token id' ); @@ -145,7 +175,7 @@ protected function migration_ws_get_user() { $authorization = $this->getAuthorizationHeader(); $authorization = trim(str_replace('Bearer ', '', $authorization)); - $secret = $this->a0_options->get_client_secret_as_key(); + $secret = $this->a0_options->get_client_secret_as_key(true); $token_id = $this->a0_options->get( 'migration_token_id' ); $user = null; @@ -155,7 +185,7 @@ protected function migration_ws_get_user() { throw new Exception('Unauthorized: missing authorization header'); } - $token = JWT::decode($authorization, $secret, array( $this->a0_options->get_client_signing_algorithm() ) ); + $token = JWT::decode($authorization, $secret ); if ($token->jti != $token_id) { throw new Exception('Invalid token id'); diff --git a/lib/admin/WP_Auth0_Admin_Advanced.php b/lib/admin/WP_Auth0_Admin_Advanced.php index f94c69e2..02568c92 100644 --- a/lib/admin/WP_Auth0_Admin_Advanced.php +++ b/lib/admin/WP_Auth0_Admin_Advanced.php @@ -28,7 +28,6 @@ public function init() { array( 'id' => 'wpa0_passwordless_method', 'name' => 'Use passwordless login', 'function' => 'render_passwordless_method' ), array( 'id' => 'wpa0_force_https_callback', 'name' => 'Force HTTPS callback', 'function' => 'render_force_https_callback' ), - array( 'id' => 'wpa0_use_lock_10', 'name' => 'Use Lock 10', 'function' => 'render_use_lock_10' ), array( 'id' => 'wpa0_cdn_url', 'name' => 'Widget URL', 'function' => 'render_cdn_url' ), @@ -215,18 +214,6 @@ public function render_force_https_callback() { options->get( 'use_lock_10' ); - - echo $this->render_a0_switch( "wpa0_use_lock_10", "use_lock_10", 1, 1 == $v ); -?> - -
- -
- options->get( 'remember_users_session' ); @@ -444,7 +431,6 @@ public function basic_validation( $old_options, $input ) { $input['jwt_auth_integration'] = ( isset( $input['jwt_auth_integration'] ) ? $input['jwt_auth_integration'] : 0 ); $input['auth0_implicit_workflow'] = ( isset( $input['auth0_implicit_workflow'] ) ? $input['auth0_implicit_workflow'] : 0 ); $input['metrics'] = ( isset( $input['metrics'] ) ? $input['metrics'] : 0 ); - $input['use_lock_10'] = ( isset( $input['use_lock_10'] ) ? $input['use_lock_10'] : 0 ); $input['force_https_callback'] = ( isset( $input['force_https_callback'] ) ? $input['force_https_callback'] : 0 ); $input['default_login_redirection'] = esc_url_raw( $input['default_login_redirection'] ); @@ -485,7 +471,6 @@ public function migration_ws_validation( $old_options, $input ) { if ( 1 == $input['migration_ws'] ) { $secret = $input['client_secret_b64_encoded'] ? JWT::urlsafeB64Decode( $secret) : $input['client_secret']; - $token_id = uniqid(); $input['migration_token'] = JWT::encode( array( 'scope' => 'migration_ws', 'jti' => $token_id ), $secret ); $input['migration_token_id'] = $token_id; diff --git a/lib/admin/WP_Auth0_Admin_Appearance.php b/lib/admin/WP_Auth0_Admin_Appearance.php index 0c05f006..00634411 100644 --- a/lib/admin/WP_Auth0_Admin_Appearance.php +++ b/lib/admin/WP_Auth0_Admin_Appearance.php @@ -19,7 +19,6 @@ public function init() { array( 'id' => 'wpa0_custom_css', 'name' => 'Customize the Login Widget CSS', 'function' => 'render_custom_css' ), array( 'id' => 'wpa0_custom_js', 'name' => 'Customize the Login Widget with custom JS', 'function' => 'render_custom_js' ), array( 'id' => 'wpa0_username_style', 'name' => 'Username style', 'function' => 'render_username_style' ), - array( 'id' => 'wpa0_remember_last_login', 'name' => 'Remember last login', 'function' => 'render_remember_last_login' ), array( 'id' => 'wpa0_primary_color', 'name' => 'Lock primary color', 'function' => 'render_primary_color' ), array( 'id' => 'wpa0_language', 'name' => 'Lock Language', 'function' => 'render_language' ), array( 'id' => 'wpa0_language_dictionary', 'name' => 'Lock Language Dictionary', 'function' => 'render_language_dictionary' ), @@ -27,20 +26,6 @@ public function init() { ) ); } - public function render_remember_last_login() { - $v = absint( $this->options->get( 'remember_last_login' ) ); - - echo $this->render_a0_switch( "wpa0_remember_last_login", "remember_last_login", 1, 1 == $v ); -?> -
- - - - -
- options->get( 'form_title' ); ?> @@ -166,8 +151,6 @@ public function basic_validation( $old_options, $input ) { $input['icon_url'] = esc_url( $input['icon_url'], array( 'http', 'https' ) ); $input['social_big_buttons'] = ( isset( $input['social_big_buttons'] ) ? $input['social_big_buttons'] : 0 ); $input['gravatar'] = ( isset( $input['gravatar'] ) ? $input['gravatar'] : 0 ); - $input['remember_last_login'] = ( isset( $input['remember_last_login'] ) ? $input['remember_last_login'] : 0 ); - $input['language'] = sanitize_text_field( $input['language'] ); $input['primary_color'] = sanitize_text_field( $input['primary_color'] ); diff --git a/lib/admin/WP_Auth0_Admin_Basic.php b/lib/admin/WP_Auth0_Admin_Basic.php index 5d5ea0c8..7d671d6c 100755 --- a/lib/admin/WP_Auth0_Admin_Basic.php +++ b/lib/admin/WP_Auth0_Admin_Basic.php @@ -94,8 +94,8 @@ public function render_client_signing_algorithm(){ ?>
OAuth > JsonWebToken Signature Algorithm', WPA0_LANG ); ?> diff --git a/lib/initial-setup/WP_Auth0_InitialSetup_Consent.php b/lib/initial-setup/WP_Auth0_InitialSetup_Consent.php index d0807943..ff8e5d80 100644 --- a/lib/initial-setup/WP_Auth0_InitialSetup_Consent.php +++ b/lib/initial-setup/WP_Auth0_InitialSetup_Consent.php @@ -142,7 +142,7 @@ public function consent_callback( $name ) { if ( $connection_exists === false ) { - $secret = $this->a0_options->get_client_secret_as_key(); + $secret = $this->a0_options->get_client_secret_as_key(true); $token_id = uniqid(); $migration_token = JWT::encode( array( 'scope' => 'migration_ws', 'jti' => $token_id ), $secret ); $migration_token_id = $token_id; diff --git a/lib/initial-setup/WP_Auth0_InitialSetup_Migration.php b/lib/initial-setup/WP_Auth0_InitialSetup_Migration.php index 23d30c0e..029dbb36 100644 --- a/lib/initial-setup/WP_Auth0_InitialSetup_Migration.php +++ b/lib/initial-setup/WP_Auth0_InitialSetup_Migration.php @@ -11,7 +11,7 @@ public function __construct( WP_Auth0_Options $a0_options ) { public function render( $step ) { $migration_ws = $this->a0_options->get( 'migration_ws' ); - $secret = $this->a0_options->get_client_secret_as_key(); + $secret = $this->a0_options->get_client_secret_as_key(true); $token_id = uniqid(); $token = JWT::encode( array( 'scope' => 'migration_ws', 'jti' => $token_id ), $secret ); diff --git a/readme.txt b/readme.txt index 10f39c76..d3f74e4a 100644 --- a/readme.txt +++ b/readme.txt @@ -94,7 +94,6 @@ And can be customized by adding the following parameters: * social_big_buttons: boolean * gravatar: boolean * username_style: string, "email" or "username" -* remember_last_login: boolean * icon_url: string (valid url) * extra_conf: string, valid json * show_as_modal: boolean diff --git a/templates/a0-widget-setup-form.php b/templates/a0-widget-setup-form.php index f3f29b66..febd2924 100644 --- a/templates/a0-widget-setup-form.php +++ b/templates/a0-widget-setup-form.php @@ -9,7 +9,6 @@ $icon_url = isset( $instance[ 'icon_url' ] ) ? $instance[ 'icon_url' ] : ''; $dict = isset( $instance[ 'dict' ] ) ? $instance[ 'dict' ] : ''; $extra_conf = isset( $instance[ 'extra_conf' ] ) ? $instance[ 'extra_conf' ] : ''; -$remember_last_login = isset( $instance[ 'remember_last_login' ] ) ? $instance[ 'remember_last_login' ] : ''; $custom_css = isset( $instance[ 'custom_css' ] ) ? $instance[ 'custom_css' ] : ''; $custom_js = isset( $instance[ 'custom_js' ] ) ? $instance[ 'custom_js' ] : ''; $redirect_to = isset( $instance[ 'redirect_to' ] ) ? $instance[ 'redirect_to' ] : ''; @@ -77,27 +76,6 @@

-

- - -
-

- /> - -   - /> - -   - /> - -
-

; options.additionalSignUpFields = get_custom_signup_fields(); ?>; - - get_auth0_implicit_workflow() ) { ?> if (window.location.hash !== '' && window.location.hash.indexOf('id_token') !== -1) { @@ -149,12 +147,6 @@ function a0ShowLoginModal() { jQuery('#a0LoginButton').click(a0ShowLoginModal); - - if (lock.on) { - lock.on('error shown', function(){ - jQuery(".a0-footer").parent().css('margin-bottom', '50px'); - }); - } } }); diff --git a/templates/auth0-singlelogout-handler.php b/templates/auth0-singlelogout-handler.php index 690ad672..00277544 100644 --- a/templates/auth0-singlelogout-handler.php +++ b/templates/auth0-singlelogout-handler.php @@ -13,12 +13,15 @@ domain:'' }); - webAuth.client.getSSOData(function(err, data) { - if (!err && ( !data.sso || uuids != data.lastUsedUserID)) { - window.location = ''; + var options = get_sso_options() ); ?>; + webAuth.checkSession(options, function (err, authResult) { + if (err !== null) { + if(err.error ==='login_required') { + window.location = ''; + } } }); - }); + }); })(); diff --git a/templates/auth0-sso-handler-lock10.php b/templates/auth0-sso-handler-lock10.php index 17de5718..be10f926 100644 --- a/templates/auth0-sso-handler-lock10.php +++ b/templates/auth0-sso-handler-lock10.php @@ -12,10 +12,26 @@ domain:'' }); - webAuth.client.getSSOData(function(err, data) { - if (!err && data.sso) { - webAuth.authorize(get_sso_options() ); ?>); - } - }); + var options = get_sso_options() ); ?>; + webAuth.checkSession(options + , function (err, authResult) { + if (typeof(authResult) === 'undefined') { + return; + } + + if (typeof(authResult.code) !== 'undefined') { + window.location = '&code=' + authResult.code + '&state=' + authResult.state; + } else if (typeof(authResult.idToken) !== 'undefined') { + jQuery(document).ready(function($){ + var $form=$(document.createElement('form')).css({display:'none'}).attr("method","POST").attr("action",""); + var $input=$(document.createElement('input')).attr('name','token').val(authResult.idToken); + var $input2=$(document.createElement('input')).attr('name','state').val(authResult.state); + $form.append($input).append($input2); + $("body").append($form); + $form.submit(); + }); + } + }); + }); diff --git a/templates/initial-setup/connections.php b/templates/initial-setup/connections.php index 028dc0b1..f4ea43cb 100644 --- a/templates/initial-setup/connections.php +++ b/templates/initial-setup/connections.php @@ -13,152 +13,39 @@

-

+

-
-

-
- /> - -
-

-
- -
- -

- - -
-
-
- -
- - -
- /> - -
-
- -
-
-
- " class="a0-button primary">Next -
+ + " class="a0-button primary">Next +
- + \ No newline at end of file diff --git a/templates/initial-setup/enterprise_connections.php b/templates/initial-setup/enterprise_connections.php index 7e111a74..011d39f9 100644 --- a/templates/initial-setup/enterprise_connections.php +++ b/templates/initial-setup/enterprise_connections.php @@ -30,7 +30,7 @@
- +
diff --git a/templates/initial-setup/signup.php b/templates/initial-setup/signup.php index fb872948..956b9288 100644 --- a/templates/initial-setup/signup.php +++ b/templates/initial-setup/signup.php @@ -22,7 +22,6 @@ var lock = new Auth0Lock('zEYfpoFzUMEzilhkHilcWoNkrFfJ3hAI', 'auth0.auth0.com'); lock.showSignup({ - rememberLastLogin: true, integratedWindowsLogin: false, dict: { signup: { diff --git a/templates/login-form.php b/templates/login-form.php index 7059ae4f..a2596ed6 100755 --- a/templates/login-form.php +++ b/templates/login-form.php @@ -6,7 +6,7 @@ function renderAuth0Form( $canShowLegacyLogin = true, $specialSettings = array() if ( !$canShowLegacyLogin || !isset( $_GET['wle'] ) ) { $options = WP_Auth0_Options::Instance(); - if ($options->get('use_lock_10') && ! $options->get('passwordless_enabled')) { + if (!$options->get('passwordless_enabled')) { require_once 'auth0-login-form-lock10.php'; } else { require_once 'auth0-login-form.php'; diff --git a/templates/settings.php b/templates/settings.php index 7e3e9ad4..e6eec105 100644 --- a/templates/settings.php +++ b/templates/settings.php @@ -8,7 +8,7 @@

- For your Auth0 dashboard with more settings click here. + For your Auth0 dashboard with more settings and connection options click here.
@@ -21,8 +21,7 @@