Add constant settings support

WP_Auth0.php

@@ -150,7 +150,7 @@ public static function ready() {
 	 */
 	public static function get_tenant_region( $domain ) {
 		preg_match( '/^[\w\d\-_0-9]+\.([\w\d\-_0-9]*)[\.]*auth0\.com$/', $domain, $matches );
-		return !empty($matches[1]) ? $matches[1] : 'us';
+		return ! empty( $matches[1] ) ? $matches[1] : 'us';
 	}
 
 	/**

assets/css/initial-setup/main.styl

@@ -23,7 +23,9 @@
   .a0-wrap {  
     font-family:'avenir roman';
     margin-left:-10px;
-
+    padding-left: 2%;
+    padding-right: 2%;
+
     a, .link {
       color:aText;
     }
@@ -114,6 +116,12 @@
         margin-left: 25px;
       }
     }
+
+    code {
+      background: #f1f1f1;
+      color: #777;
+      line-height: 2em;
+    }
 
     textarea.code {
       font-family: Menlo, Monaco, Consolas, 'Courier New', monospace;
@@ -144,6 +152,12 @@
 
     form {
       margin:0;
+
+      [disabled] {
+        opacity: 0.5;
+        font-size: 0.9em;
+        margin-top: 0.3em;
+      }
     }
 
     .container-fluid {

assets/css/initial-setup/partials/_colors.styl

@@ -7,7 +7,7 @@ tipBG = #E4E6E8;
 aText=rgb(0,148,193);
 
 text = rgba(0,0,0,.86);
-softText = rgba(0,0,0,0.36);
+softText = rgba(0,0,0,0.5);
 formFieldsText = rgba(0,0,0,.86)
 
 buttonPrimaryText = #FFFFFF;

circle.yml

@@ -19,8 +19,9 @@ test:
       phpcs --config-set installed_paths $HOME/.composer/vendor/wp-coding-standards/wpcs,$HOME/.composer/vendor/wimg/php-compatibility
   override:
     - phpcs --standard=$HOME/wp-auth0/phpcs-compat-ruleset.xml $HOME/wp-auth0 -pn -d memory_limit=-1
+    - phpcbf --standard=$HOME/wp-auth0/phpcs-ruleset.xml $HOME/wp-auth0 -p -d memory_limit=-1
     - phpcs --standard=$HOME/wp-auth0/phpcs-test-ruleset.xml $HOME/wp-auth0/tests -pn -d memory_limit=-1
-    - phpcbf --standard=$HOME/wp-auth0/phpcs-compat-ruleset.xml $HOME/wp-auth0 -p -d memory_limit=-1
+    - phpcbf --standard=$HOME/wp-auth0/phpcs-test-ruleset.xml $HOME/wp-auth0/tests -p -d memory_limit=-1
     - |
       rm -rf $WP_TESTS_DIR $WP_CORE_DIR
       bash bin/install-wp-tests.sh wordpress_test ubuntu '' 127.0.0.1 3.8

composer.json

@@ -35,6 +35,7 @@
         "phpcs-tests": "./vendor/bin/phpcs --standard=phpcs-test-ruleset.xml -s ./tests/",
         "phpcs-path": "SHELL_INTERACTIVE=1 ./vendor/bin/phpcs --standard=phpcs-ruleset.xml -s",
         "phpcbf": "./vendor/bin/phpcbf --standard=phpcs-ruleset.xml .",
+        "phpcbf-tests": "./vendor/bin/phpcbf --standard=phpcs-test-ruleset.xml -s ./tests/",
         "phpcbf-path": "SHELL_INTERACTIVE=1 ./vendor/bin/phpcbf --standard=phpcs-ruleset.xml",
         "sniffs": "./vendor/bin/phpcs --standard=phpcs-ruleset.xml -e",
         "test": "./vendor/bin/phpunit --coverage-text",

lib/WP_Auth0_Configure_JWTAUTH.php

@@ -27,7 +27,7 @@ public function notify_jwt() {
 		?>
 		<div class="update-nag">
 			<?php _e( 'JWT Auth installed. ', 'wp-auth0' ); ?>
-			<a href="<?php echo admin_url( 'admin.php?page=wpa0-jwt-auth' ) ?>">
+			<a href="<?php echo admin_url( 'admin.php?page=wpa0-jwt-auth' ); ?>">
 				<?php _e( 'To configure it to work the Auth0 plugin, click here.', 'wp-auth0' ); ?>
 			</a>
 		</div>

lib/WP_Auth0_Options_Generic.php

@@ -1,69 +1,220 @@
 <?php
+/**
+ * Contains WP_Auth0_Options_Generic.
+ *
+ * @package WP-Auth0
+ */
 
+/**
+ * Class WP_Auth0_Options_Generic.
+ */
 class WP_Auth0_Options_Generic {
+
+	/**
+	 * Name used in options table option_name column.
+	 *
+	 * @var string
+	 */
 	protected $_options_name = '';
-	private $_opt            = null;
 
+	/**
+	 * Current array of options stored in memory.
+	 *
+	 * @var null|array
+	 */
+	private $_opts = null;
+
+	/**
+	 * Array of options overridden by constants.
+	 *
+	 * @var array
+	 */
+	protected $constant_opts = array();
+
+	/**
+	 * WP_Auth0_Options_Generic constructor.
+	 * Finds and stores all constant-defined settings values.
+	 */
+	public function __construct() {
+		$option_keys = $this->get_defaults( true );
+		foreach ( $option_keys as $key ) {
+			if ( $this->has_constant_val( $key ) ) {
+				$this->constant_opts[ $key ] = $this->get_constant_val( $key );
+			}
+		}
+	}
+
+	/**
+	 * Takes an option key and creates the constant name to look for.
+	 *
+	 * @param string $key - Option key to transform.
+	 *
+	 * @return string
+	 */
+	public function get_constant_name( $key ) {
+		$constant_prefix = apply_filters( 'wp_auth0_settings_constant_prefix', 'AUTH0_ENV_' );
+		return $constant_prefix . strtoupper( $key );
+	}
+
+	/**
+	 * Does a certain option pull from a constant?
+	 *
+	 * @param string $key - Option key to check.
+	 *
+	 * @return boolean
+	 */
+	public function has_constant_val( $key ) {
+		$setting_const = $this->get_constant_name( $key );
+		return defined( $setting_const );
+	}
+
+	/**
+	 * Get the value of an overriding constant if one is set, return null if not.
+	 *
+	 * @param string $key - Option key to look for.
+	 *
+	 * @return string|null
+	 */
+	public function get_constant_val( $key ) {
+		return $this->has_constant_val( $key ) ? constant( $this->get_constant_name( $key ) ) : null;
+	}
+
+	/**
+	 * Get all the keys for constant-overridden settings.
+	 *
+	 * @return array
+	 */
+	public function get_all_constant_keys() {
+		return array_keys( $this->constant_opts );
+	}
+
+	/**
+	 * Get the option_name for the settings array.
+	 *
+	 * @return string
+	 */
 	public function get_options_name() {
 		return $this->_options_name;
 	}
 
+	/**
+	 * Return options from memory, database, defaults, or constants.
+	 *
+	 * @return array
+	 */
 	public function get_options() {
-		if ( empty( $this->_opt ) ) {
+		if ( empty( $this->_opts ) ) {
 			$options = get_option( $this->_options_name, array() );
+			if ( empty( $options ) || ! is_array( $options ) ) {
 
-			if ( ! is_array( $options ) ) {
+				// Brand new install, no saved options so get all defaults.
 				$options = $this->defaults();
-			}
+			} else {
 
-			$options = array_merge( $this->defaults(), $options );
+				// Make sure we have settings for everything we need.
+				$options = array_merge( $this->defaults(), $options );
+			}
 
-			$this->_opt = $options;
+			// Check for constant overrides and replace.
+			if ( ! empty( $this->constant_opts ) ) {
+				$options = array_replace_recursive( $options, $this->constant_opts );
+			}
+			$this->_opts = $options;
 		}
-		return $this->_opt;
+		return $this->_opts;
 	}
 
 	/**
-	 * Return a settings value
+	 * Return a filtered settings value or default.
 	 *
-	 * @param string $key - settings key
-	 * @param null   $default - what to return if a value is not set
+	 * @param string $key - Settings key to get.
+	 * @param mixed  $default - Default value to return if not found.
 	 *
 	 * @return mixed
+	 *
+	 * @link https://auth0.com/docs/cms/wordpress/extending#wp_auth0_get_option
 	 */
 	public function get( $key, $default = null ) {
 		$options = $this->get_options();
-		$value   = $default;
-
-		if ( isset( $options[ $key ] ) ) {
-			$value = $options[ $key ];
-		}
-
+		$value   = isset( $options[ $key ] ) ? $options[ $key ] : $default;
 		return apply_filters( 'wp_auth0_get_option', $value, $key );
 	}
 
+	/**
+	 * Update a setting if not already stored in a constant.
+	 * This method will fail silently if the option is already set in a constant.
+	 *
+	 * @param string $key - Option key name to update.
+	 * @param mixed  $value - Value to update with.
+	 * @param bool   $should_update - Flag to update DB options array with value stored in memory.
+	 *
+	 * @return bool
+	 */
 	public function set( $key, $value, $should_update = true ) {
-		$options         = $this->get_options();
+		$options = $this->get_options();
+
+		// Cannot set a setting that is being overridden by a constant.
+		if ( $this->has_constant_val( $key ) ) {
+			return false;
+		}
+
 		$options[ $key ] = $value;
-		$this->_opt      = $options;
+		$this->_opts     = $options;
 
-		if ( $should_update ) {
-			update_option( $this->_options_name, $options );
+		// No database update so process completed successfully.
+		if ( ! $should_update ) {
+			return true;
 		}
+
+		return $this->update_all();
 	}
 
+	/**
+	 * Save the options array as it exists in memory.
+	 *
+	 * @return bool
+	 */
 	public function update_all() {
-		update_option( $this->_options_name, $this->_opt );
+		foreach ( $this->get_all_constant_keys() as $key ) {
+			unset( $this->_opts[ $key ] );
+		}
+		return update_option( $this->_options_name, $this->_opts );
 	}
 
+	/**
+	 * Save the options array for the first time.
+	 */
 	public function save() {
-		$options = $this->get_options();
-		update_option( $this->_options_name, $options );
+		$this->get_options();
+		$this->update_all();
 	}
+
+	/**
+	 * Delete the options array.
+	 *
+	 * @return bool
+	 */
 	public function delete() {
-		delete_option( $this->_options_name );
+		return delete_option( $this->_options_name );
+	}
+
+	/**
+	 * Return default options as key => value or just keys.
+	 *
+	 * @param bool $keys_only - Only return the array keys for the default options.
+	 *
+	 * @return array
+	 */
+	public function get_defaults( $keys_only = false ) {
+		$default_opts = $this->defaults();
+		return $keys_only ? array_keys( $default_opts ) : $default_opts;
 	}
 
+	/**
+	 * Default settings when plugin is installed or reset
+	 *
+	 * @return array
+	 */
 	protected function defaults() {
 		return array();
 	}

lib/admin/WP_Auth0_Admin.php

@@ -97,12 +97,29 @@ public function init_admin() {
 		);
 	}
 
-	public function input_validator( $input ) {
+	/**
+	 * Main validator for settings page inputs.
+	 * Delegates validation to settings sections in self::init_admin().
+	 *
+	 * @param array $input - Incoming array of settings fields to validate.
+	 *
+	 * @return mixed
+	 */
+	public function input_validator( array $input ) {
+		$constant_keys = $this->a0_options->get_all_constant_keys();
 
-		$old_options = $this->a0_options->get_options();
+		// Look for and set constant overrides so validation is still possible.
+		foreach ( $constant_keys as $key ) {
+			$input[ $key ] = $this->a0_options->get_constant_val( $key );
+		}
 
 		foreach ( $this->sections as $name => $section ) {
-			$input = $section->input_validator( $input, $old_options );
+			$input = $section->input_validator( $input );
+		}
+
+		// Remove constant overrides so they are not saved to the database.
+		foreach ( $constant_keys as $key ) {
+			unset( $input[ $key ] );
 		}
 
 		return $input;

lib/admin/WP_Auth0_Admin_Advanced.php

@@ -360,6 +360,7 @@ public function render_migration_ws( $args = array() ) {
 				$this->get_dashboard_link()
 			);
 			$this->render_field_description( 'Security token:' );
+			$this->render_const_notice( 'migration_token' );
 			printf(
 				'<textarea class="code" rows="%d" disabled>%s</textarea>',
 				$this->_textarea_rows,

lib/admin/WP_Auth0_Admin_Appearance.php

@@ -196,12 +196,19 @@ public function render_custom_js( $args = array() ) {
 	 * @see add_settings_field()
 	 */
 	public function render_username_style( $args = array() ) {
-		$opt_name = $args['opt_name'];
-		$id_attr  = $args['label_for'];
-		$value    = $this->options->get( $opt_name );
-		$this->render_radio_button( $id_attr . '_au', $opt_name, '', 'Auto', empty( $value ) );
-		$this->render_radio_button( $id_attr . '_em', $opt_name, 'email', '', 'email' === $value );
-		$this->render_radio_button( $id_attr . '_un', $opt_name, 'username', '', 'username' === $value );
+		$this->render_radio_buttons(
+			array(
+				array(
+					'label' => 'Auto',
+					'value' => '',
+				),
+				'email',
+				'username',
+			),
+			$args['label_for'],
+			$args['opt_name'],
+			$this->options->get( $args['opt_name'], '' )
+		);
 		$this->render_field_description(
 			__( 'To allow the user to use either email or username to login, leave this as "Auto." ', 'wp-auth0' ) .
 			__( 'Only database connections that require a username will allow username logins', 'wp-auth0' )