Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Changing home_url() to site_url(), wp_login_url(), and wp_logout_url() #360

Merged
merged 10 commits into from
Jan 15, 2018
Merged

Changing home_url() to site_url(), wp_login_url(), and wp_logout_url() #360

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
2f81402
changing all instances of home_url() to site_url() where WP core is e…
joshcanhelp Jan 12, 2018
8bd2a9f
Adjusting more home_url() to site_url()
joshcanhelp Jan 12, 2018
6dc8551
one more wp_login_url() replacement
joshcanhelp Jan 15, 2018
31582b5
formatting
joshcanhelp Jan 15, 2018
d4d8781
correcting migration-ws-get-user URL
joshcanhelp Jan 15, 2018
d59f09f
formatting
joshcanhelp Jan 15, 2018
55ba3c5
removing commented code
joshcanhelp Jan 15, 2018
4a295f1
Release 3.4.0 (#357)
cocojoe Jan 9, 2018
9e56503
changing all instances of home_url() to site_url() where WP core is e…
joshcanhelp Jan 12, 2018
db037e7
Merge branch 'changed-home-url-to-site-url' of github.com:auth0/wp-au…
joshcanhelp Jan 15, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion lib/WP_Auth0_Amplificator.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ public function get_share_text( $provider, $page_url ) {
$message = $this->a0_options->get_connection( "social_{$provider}_message" );

$message = str_replace( '%page_url%', $page_url, $message );
$message = str_replace( '%site_url%', home_url( '/' ), $message );
$message = str_replace( '%site_url%', home_url(), $message );

return $message;
}
Expand Down
18 changes: 7 additions & 11 deletions lib/WP_Auth0_Api_Client.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -240,29 +240,25 @@ public static function create_client( $domain, $app_token, $name ) {
$headers['Authorization'] = "Bearer $app_token";
$headers['content-type'] = "application/json";

$logout_url = home_url();

$response = wp_remote_post( $endpoint , array(
'method' => 'POST',
'headers' => $headers,
'body' => json_encode( array(
'name' => $name,
'callbacks' => array(
home_url( '/index.php?auth0=1' ),
home_url( '/wp-login.php' )
site_url( 'index.php?auth0=1' ),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So the site_url always includes the trailing slash?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@cocojoe - It will correct either way:

# site_url( 'index.php' ):
http://localhost/index.php

# site_url( '/index.php' ):
http://localhost/index.php

# home_url( '/index.php' ):
http://localhost/index.php

# home_url( 'index.php' ):
http://localhost/index.php

wp_login_url()
),
"allowed_origins"=>array(
home_url( '/wp-login.php' )
wp_login_url()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

formatting

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@cocojoe - Plugin is formatted both ways throughout ... my IDE can be configured whatever way. Any opinion on what we should stick with? I'm impartial.

),
"jwt_configuration" => array(
"alg" => "RS256"
),
"app_type" => "regular_web",
"cross_origin_auth" => true,
"cross_origin_loc" => home_url('/index.php?auth0fallback=1','https'),
"allowed_logout_urls" => array(
$logout_url
),
"cross_origin_loc" => site_url('index.php?auth0fallback=1','https'),
"allowed_logout_urls" => array( wp_logout_url() ),
) )
) );

Expand All @@ -282,11 +278,11 @@ public static function create_client( $domain, $app_token, $name ) {

// Workaround: Can't add `web_origin` on create
$payload = array(
"web_origins" => array(home_url())
"web_origins" => ( home_url() === site_url() ? array( home_url() ) : array( home_url(), site_url() ) )
);
$updateResponse = WP_Auth0_Api_Client::update_client($domain, $app_token, $response->client_id, false, $payload);

if ( $updateClient instanceof WP_Error ) {
if ( $updateResponse instanceof WP_Error ) {
WP_Auth0_ErrorManager::insert_auth0_error( 'WP_Auth0_Api_Client::create_client', $updateResponse );
error_log( $updateResponse->get_error_message() );
return false;
Expand Down
8 changes: 4 additions & 4 deletions lib/WP_Auth0_Api_Operations.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,10 +48,10 @@ public function update_wordpress_connection( $app_token, $connection_id, $passwo
}

$login_script = str_replace( '{THE_WS_TOKEN}', $migration_token, WP_Auth0_CustomDBLib::$login_script );
$login_script = str_replace( '{THE_WS_URL}', get_home_url() . '/index.php?a0_action=migration-ws-login', $login_script );
$login_script = str_replace( '{THE_WS_URL}', site_url( 'index.php?a0_action=migration-ws-login' ), $login_script );

$get_user_script = str_replace( '{THE_WS_TOKEN}', $migration_token, WP_Auth0_CustomDBLib::$get_user_script );
$get_user_script = str_replace( '{THE_WS_URL}', get_home_url() . '/index.php?a0_action=migration-ws-get-user', $get_user_script );
$get_user_script = str_replace( '{THE_WS_URL}', site_url(), $get_user_script );
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is this one $get_user_script but the previous one is index.php?a0_action=migration-ws-login even though appears to be a $login_script ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@cocojoe - Eeks, big miss on my part. Fixing.


$connection->options->customScripts->login = $login_script;
$connection->options->customScripts->get_user = $get_user_script;
Expand Down Expand Up @@ -94,10 +94,10 @@ public function create_wordpress_connection( $app_token, $migration_enabled, $pa
}

$login_script = str_replace( '{THE_WS_TOKEN}', $migration_token, WP_Auth0_CustomDBLib::$login_script );
$login_script = str_replace( '{THE_WS_URL}', get_home_url() . '/index.php?a0_action=migration-ws-login', $login_script );
$login_script = str_replace( '{THE_WS_URL}', site_url( 'index.php?a0_action=migration-ws-login' ), $login_script );

$get_user_script = str_replace( '{THE_WS_TOKEN}', $migration_token, WP_Auth0_CustomDBLib::$get_user_script );
$get_user_script = str_replace( '{THE_WS_URL}', get_home_url() . '/index.php?a0_action=migration-ws-get-user', $get_user_script );
$get_user_script = str_replace( '{THE_WS_URL}', site_url( 'index.php?a0_action=migration-ws-get-user' ), $get_user_script );

$body['options'] = array(
'enabledDatabaseCustomization' => true,
Expand Down
4 changes: 2 additions & 2 deletions lib/WP_Auth0_DBManager.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,8 +133,8 @@ public function install_db() {
$sso = $options->get( 'sso' );
$payload = array(
"cross_origin_auth" => true,
"cross_origin_loc" => home_url('/index.php?auth0fallback=1','https'),
"web_origins" => array(home_url())
"cross_origin_loc" => site_url('index.php?auth0fallback=1','https'),
"web_origins" => ( home_url() === site_url() ? array( home_url() ) : array( home_url(), site_url() ) )
);
$updateClient = WP_Auth0_Api_Client::update_client($domain, $app_token, $client_id, $sso, $payload);
$options->set('client_signing_algorithm', 'HS256');
Expand Down
4 changes: 2 additions & 2 deletions lib/WP_Auth0_Lock10_Options.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,11 @@ public function get_lock_show_method() {
public function get_code_callback_url() {
$protocol = $this->_get_boolean( $this->wp_options->get( 'force_https_callback' ) ) ? 'https' : null;

return home_url( '/index.php?auth0=1', $protocol );
return site_url( 'index.php?auth0=1', $protocol );
}

public function get_implicit_callback_url() {
return home_url( '/wp-login.php?auth0=1' );
return add_query_arg( 'auth0', 1, wp_login_url() );
}

public function get_sso() {
Expand Down
4 changes: 2 additions & 2 deletions lib/WP_Auth0_Lock_Options.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,11 @@ public function get_lock_show_method() {
public function get_code_callback_url() {
$protocol = $this->_get_boolean( $this->wp_options->get( 'force_https_callback' ) ) ? 'https' : null;

return home_url( '/index.php?auth0=1', $protocol );
return site_url( 'index.php?auth0=1', $protocol );
}

public function get_implicit_callback_url() {
return home_url( '/wp-login.php' );
return wp_login_url();
}

public function get_sso() {
Expand Down
6 changes: 2 additions & 4 deletions lib/WP_Auth0_LoginManager.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,14 +91,12 @@ public function logout() {
$auto_login = absint( $this->a0_options->get( 'auto_login' ) );

if ( $slo && isset( $_REQUEST['SLO'] ) ) {
$redirect_to = $_REQUEST['redirect_to'];
wp_redirect( $redirect_to );
wp_redirect( $_REQUEST['redirect_to'] );
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does this wp_redirect method validate the redirect_to in some way?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@cocojoe - Uses wp_sanitize_redirect()

die();
}

if ( $sso ) {
$redirect_to = home_url();
wp_redirect( 'https://' . $this->a0_options->get( 'domain' ) . '/v2/logout?federated&returnTo=' . urlencode( $redirect_to ) . '&client_id='.$client_id.'&auth0Client=' . base64_encode( json_encode( WP_Auth0_Api_Client::get_info_headers() ) ) );
wp_redirect( 'https://' . $this->a0_options->get( 'domain' ) . '/v2/logout?federated&returnTo=' . urlencode( home_url() ) . '&client_id='.$client_id.'&auth0Client=' . base64_encode( json_encode( WP_Auth0_Api_Client::get_info_headers() ) ) );
die();
}

Expand Down
2 changes: 1 addition & 1 deletion lib/WP_Auth0_Options.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,7 @@ protected function defaults() {
'auto_provisioning' => false,
'default_login_redirection' => home_url(),

'auth0_server_domain' => 'auth0.auth0.com',
'auth0_server_domain' => 'auth0.auth0.com',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

formatting

'auth0js-cdn' => '//cdn.auth0.com/js/auth0/9.0.0/auth0.min.js',

//DASHBOARD
Expand Down
2 changes: 1 addition & 1 deletion lib/WP_Auth0_Routes.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ protected function coo_fallback() {
$cdn = $this->a0_options->get( 'auth0js-cdn' );
$client_id = $this->a0_options->get( 'client_id' );
$domain = $this->a0_options->get( 'domain' );
$redirect_uri = home_url( '/index.php?auth0=1', $this->a0_options->get( 'force_https_callback' ) );
$redirect_uri = site_url( 'index.php?auth0=1', $this->a0_options->get( 'force_https_callback' ) );
echo <<<EOT
<!DOCTYPE html>
<html>
Expand Down
4 changes: 2 additions & 2 deletions templates/auth0-login-form-lock10.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,14 +80,14 @@
return p;
}, {});

post('<?php echo home_url( '/index.php?auth0=implicit' ); ?>', {
post('<?php echo site_url( 'index.php?auth0=implicit' ); ?>', {
token:data.id_token,
state:data.state
}, 'POST');
}

// lock.on("authenticated", function(authResult) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe time to just remove this commented code?

// post('<?php echo home_url( '/index.php?auth0=implicit' ); ?>', {
// post('<?php echo site_url( 'index.php?auth0=implicit' ); ?>', {
// token:authResult.idToken,
// state:authResult.state
// }, 'POST');
Expand Down
4 changes: 2 additions & 2 deletions templates/auth0-login-form.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@
callback = function(err,profile, token) {

if (!err) {
post('<?php echo home_url( '/index.php?auth0=implicit' ); ?>', {
post('<?php echo site_url( 'index.php?auth0=implicit' ); ?>', {
token:token,
state:<?php echo json_encode( $lock_options->get_state_obj() ); ?>
}, 'POST');
Expand Down Expand Up @@ -162,7 +162,7 @@ function getHashParams() {
if (hashParams && hashParams.id_token) {
ignore_sso = true;

post('<?php echo home_url( '/index.php?auth0=implicit' ); ?>', {
post('<?php echo site_url( 'index.php?auth0=implicit' ); ?>', {
token:hashParams.id_token,
state:hashParams.state
}, 'POST');
Expand Down
6 changes: 4 additions & 2 deletions templates/auth0-sso-handler-lock10.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,10 +20,12 @@
}

if (typeof(authResult.code) !== 'undefined') {
window.location = '<?php echo home_url( '/?auth0=1' ); ?>&code=' + authResult.code + '&state=' + authResult.state;
window.location = '<?php echo add_query_arg( 'auth0', 1, site_url() ); ?>&code=' + authResult.code +
'&state=' + authResult.state;
} else if (typeof(authResult.idToken) !== 'undefined') {
jQuery(document).ready(function($){
var $form=$(document.createElement('form')).css({display:'none'}).attr("method","POST").attr("action","<?php echo home_url( '/?auth0=implicit' ); ?>");
var $form=$(document.createElement('form')).css({display:'none'}).attr("method","POST").attr("action","<?php
echo add_query_arg( 'auth0', 'implicit', site_url() ); ?>");
var $input=$(document.createElement('input')).attr('name','token').val(authResult.idToken);
var $input2=$(document.createElement('input')).attr('name','state').val(authResult.state);
$form.append($input).append($input2);
Expand Down