Change and improve user profile

WP_Auth0.php

@@ -126,6 +126,19 @@ public function init() {
 		$edit_profile = new WP_Auth0_EditProfile( $this->db_manager, $users_repo, $this->a0_options );
 		$edit_profile->init();
 
+		$api_client_creds = new WP_Auth0_Api_Client_Credentials( $this->a0_options );
+
+		$api_change_password = new WP_Auth0_Api_Change_Password( $this->a0_options, $api_client_creds );
+		$profile_change_pwd  = new WP_Auth0_Profile_Change_Password( $api_change_password );
+		$profile_change_pwd->init();
+
+		$profile_delete_data = new WP_Auth0_Profile_Delete_Data( $users_repo );
+		$profile_delete_data->init();
+
+		$api_delete_mfa     = new WP_Auth0_Api_Delete_User_Mfa( $this->a0_options, $api_client_creds );
+		$profile_delete_mfa = new WP_Auth0_Profile_Delete_Mfa( $this->a0_options, $api_delete_mfa );
+		$profile_delete_mfa->init();
+
 		WP_Auth0_Email_Verification::init();
 	}
 
@@ -420,7 +433,7 @@ public function render_form( $html ) {
 		// Do not show Auth0 form when ...
 		if (
 			// .. processing lost password
-			( isset( $_GET['action'] ) && $_GET['action'] == 'lostpassword' )
+			( isset( $_GET['action'] ) && in_array( $_GET['action'], array( 'lostpassword', 'rp' ) ) )
 			// ... handling an Auth0 callback
 			|| ! empty( $_GET['auth0'] )
 			// ... plugin is not configured
@@ -510,6 +523,7 @@ private function autoloader( $class ) {
 			$source_dir . 'admin/',
 			$source_dir . 'api/',
 			$source_dir . 'exceptions/',
+			$source_dir . 'profile/',
 			$source_dir . 'wizard/',
 			$source_dir . 'initial-setup/',
 		);

assets/js/edit-user-profile.js

@@ -0,0 +1,81 @@
+/* global jQuery, wpa0UserProfile, alert */
+
+jQuery(function($) {
+    'use strict';
+
+    var passwordFieldRow = $('#password');
+    var emailField = $('input[name=email]');
+    var deleteUserDataButton = $('#auth0_delete_data');
+    var deleteMfaDataButton = $('#auth0_delete_mfa');
+
+    /**
+     * Hide the password field if not an Auth0 strategy.
+     */
+    if ( passwordFieldRow.length && wpa0UserProfile.userStrategy && 'auth0' !== wpa0UserProfile.userStrategy ) {
+        passwordFieldRow.hide();
+    }
+
+    /**
+     * Disable email changes if not an Auth0 connection.
+     */
+    if ( emailField.length && wpa0UserProfile.userStrategy && 'auth0' !== wpa0UserProfile.userStrategy ) {
+        emailField.prop( 'disabled', true );
+        $('<p>' + wpa0UserProfile.i18n.cannotChangeEmail + '</p>')
+            .addClass('description')
+            .insertAfter(emailField);
+    }
+
+    /**
+     * Delete Auth0 data button click.
+     */
+    deleteUserDataButton.click(function (e) {
+        if ( ! window.confirm(wpa0UserProfile.i18n.confirmDeleteId) ) {
+            return;
+        }
+        e.preventDefault();
+        userProfileAjaxAction($(this), 'auth0_delete_data', wpa0UserProfile.deleteIdNonce );
+    });
+
+    /**
+     * Delete MFA data button click.
+     */
+    deleteMfaDataButton.click(function (e) {
+        if ( ! window.confirm(wpa0UserProfile.i18n.confirmDeleteMfa) ) {
+            return;
+        }
+        e.preventDefault();
+        userProfileAjaxAction($(this), 'auth0_delete_mfa', wpa0UserProfile.deleteMfaNonce);
+    });
+
+    /**
+     * Perform a generic user profile AJAX call.
+     *
+     * @param uiControl
+     * @param action
+     * @param nonce
+     */
+    function userProfileAjaxAction( uiControl, action, nonce ) {
+        var postData = {
+            'action' : action,
+            '_ajax_nonce' : nonce,
+            'user_id' : wpa0UserProfile.userId
+        };
+        var errorMsg = wpa0UserProfile.i18n.actionFailed;
+        uiControl.prop( 'disabled', true );
+        $.post(
+            wpa0UserProfile.ajaxUrl,
+            postData,
+            function(response) {
+                if ( response.success ) {
+                    uiControl.val(wpa0UserProfile.i18n.actionComplete);
+                } else {
+                    if (response.data && response.data.error) {
+                        errorMsg = response.data.error;
+                    }
+                    alert(errorMsg);
+                    uiControl.prop( 'disabled', false );
+                }
+            }
+        );
+    }
+});

composer.json

@@ -38,8 +38,7 @@
         "phpcbf-tests": "./vendor/bin/phpcbf --standard=phpcs-test-ruleset.xml -s ./tests/",
         "phpcbf-path": "SHELL_INTERACTIVE=1 ./vendor/bin/phpcbf --standard=phpcs-ruleset.xml",
         "sniffs": "./vendor/bin/phpcs --standard=phpcs-ruleset.xml -e",
-        "test": "./vendor/bin/phpunit --coverage-text",
-        "test-ci": "./vendor/bin/phpunit --debug --verbose --coverage-clover=coverage.xml",
-        "test-path": "SHELL_INTERACTIVE=1 ./vendor/bin/phpunit"
+        "test": "SHELL_INTERACTIVE=1 ./vendor/bin/phpunit --coverage-text --verbose",
+        "test-ci": "./vendor/bin/phpunit --debug --verbose --coverage-clover=coverage.xml"
     }
 }

lib/WP_Auth0_Api_Client.php

@@ -901,6 +901,9 @@ public static function delete_connection( $domain, $app_token, $id ) {
 		return json_decode( $response['body'] );
 	}
 
+	/**
+	 * TODO: Deprecate
+	 */
 	public static function delete_user_mfa( $domain, $app_token, $user_id, $provider ) {
 
 		$endpoint = "https://$domain/api/v2/users/$user_id/multifactor/$provider";

lib/WP_Auth0_EditProfile.php

@@ -1,38 +1,102 @@
 <?php
 
+/**
+ * Class WP_Auth0_EditProfile.
+ * Provides functionality on the edit profile and edit user page.
+ */
 class WP_Auth0_EditProfile {
 
-	protected $a0_options;
+	/**
+	 * WP_Auth0_DBManager instance.
+	 *
+	 * @var WP_Auth0_DBManager
+	 */
 	protected $db_manager;
+
+	/**
+	 * WP_Auth0_UsersRepo instance.
+	 *
+	 * @var WP_Auth0_UsersRepo
+	 */
 	protected $users_repo;
 
-	public function __construct( WP_Auth0_DBManager $db_manager, WP_Auth0_UsersRepo $users_repo, WP_Auth0_Options $a0_options ) {
-		$this->a0_options = $a0_options;
-		$this->users_repo = $users_repo;
+	/**
+	 * WP_Auth0_Options instance.
+	 *
+	 * @var WP_Auth0_Options
+	 */
+	protected $a0_options;
+
+	/**
+	 * WP_Auth0_EditProfile constructor.
+	 *
+	 * @param WP_Auth0_DBManager $db_manager - WP_Auth0_DBManager instance.
+	 * @param WP_Auth0_UsersRepo $users_repo - WP_Auth0_UsersRepo instance.
+	 * @param WP_Auth0_Options   $a0_options - WP_Auth0_Options instance.
+	 */
+	public function __construct(
+		WP_Auth0_DBManager $db_manager,
+		WP_Auth0_UsersRepo $users_repo,
+		WP_Auth0_Options $a0_options
+	) {
 		$this->db_manager = $db_manager;
+		$this->users_repo = $users_repo;
+		$this->a0_options = $a0_options;
 	}
 
+	/**
+	 * Add actions and filters for the profile page.
+	 */
 	public function init() {
-		global $pagenow;
-
+		add_action( 'admin_enqueue_scripts', array( $this, 'admin_enqueue_scripts' ) );
 		add_action( 'personal_options_update', array( $this, 'override_email_update' ), 1 );
+	}
 
-		add_action( 'edit_user_profile', array( $this, 'show_delete_identity' ) );
-		add_action( 'edit_user_profile', array( $this, 'show_delete_mfa' ) );
-		add_action( 'show_user_profile', array( $this, 'show_delete_mfa' ) );
-
-		add_action( 'wp_ajax_auth0_delete_mfa', array( $this, 'delete_mfa' ) );
-		add_action( 'wp_ajax_auth0_delete_data', array( $this, 'delete_user_data' ) );
-
-		add_action( 'show_user_profile', array( $this, 'show_change_password' ) );
-		add_action( 'personal_options_update', array( $this, 'update_change_password' ) );
-		add_filter( 'user_profile_update_errors', array( $this, 'validate_new_password' ), 10, 3 );
+	/**
+	 * Enqueue styles and scripts for the user profile edit screen.
+	 * Hooked to: admin_enqueue_scripts
+	 *
+	 * @codeCoverageIgnore
+	 */
+	public function admin_enqueue_scripts() {
+		global $user_id;
+		global $pagenow;
 
-		if ( $pagenow == 'profile.php' || $pagenow == 'user-edit.php' ) {
-			add_action( 'admin_footer', array( $this, 'disable_email_field' ) );
+		if ( ! in_array( $pagenow, array( 'profile.php', 'user-edit.php' ) ) ) {
+			return;
 		}
+
+		wp_enqueue_script(
+			'wpa0_user_profile',
+			WPA0_PLUGIN_JS_URL . 'edit-user-profile.js',
+			array( 'jquery' ),
+			WPA0_VERSION
+		);
+
+		$profile  = get_auth0userinfo( $user_id );
+		$strategy = isset( $profile->sub ) ? WP_Auth0_Users::get_strategy( $profile->sub ) : '';
+
+		wp_localize_script(
+			'wpa0_user_profile',
+			'wpa0UserProfile',
+			array(
+				'userId'         => intval( $user_id ),
+				'userStrategy'   => sanitize_text_field( $strategy ),
+				'deleteIdNonce'  => wp_create_nonce( 'delete_auth0_identity' ),
+				'deleteMfaNonce' => wp_create_nonce( 'delete_auth0_mfa' ),
+				'ajaxUrl'        => admin_url( 'admin-ajax.php' ),
+				'i18n'           => array(
+					'confirmDeleteId'   => __( 'Are you sure you want to delete the Auth0 user data for this user?', 'wp-auth0' ),
+					'confirmDeleteMfa'  => __( 'Are you sure you want to delete the Auth0 MFA data for this user?', 'wp-auth0' ),
+					'actionComplete'    => __( 'Deleted', 'wp-auth0' ),
+					'actionFailed'      => __( 'Action failed, please see the Auth0 error log for details.', 'wp-auth0' ),
+					'cannotChangeEmail' => __( 'Email cannot be changed for non-database connections.', 'wp-auth0' ),
+				),
+			)
+		);
 	}
 
+	// TODO: Deprecate
 	public function validate_new_password( $errors, $update, $user ) {
 		$auth0_password        = isset( $_POST['auth0_password'] ) ? $_POST['auth0_password'] : null;
 		$auth0_repeat_password = isset( $_POST['auth0_repeat_password'] ) ? $_POST['auth0_repeat_password'] : null;
@@ -42,7 +106,7 @@ public function validate_new_password( $errors, $update, $user ) {
 		}
 	}
 
-
+	// TODO: Deprecate
 	public function update_change_password() {
 		$current_user = get_currentauth0user();
 		$user_profile = $current_user->auth0_obj;
@@ -92,6 +156,7 @@ public function update_change_password() {
 		}
 	}
 
+	// TODO: Deprecate
 	public function delete_user_data() {
 		if ( ! is_admin() ) {
 			return;
@@ -102,6 +167,7 @@ public function delete_user_data() {
 		$this->users_repo->delete_auth0_object( $user_id );
 	}
 
+	// TODO: Deprecate
 	public function delete_mfa() {
 		if ( ! is_admin() ) {
 			return;
@@ -123,6 +189,7 @@ public function delete_mfa() {
 		WP_Auth0_Api_Client::delete_user_mfa( $domain, $app_token, $user_id, $provider );
 	}
 
+	// TODO: Deprecate
 	public function show_delete_identity() {
 		if ( ! is_admin() ) {
 			return;
@@ -165,6 +232,8 @@ function DeleteAuth0Data(event) {
 	</script>
 		<?php
 	}
+
+	// TODO: Deprecate
 	public function show_delete_mfa() {
 		if ( ! is_admin() ) {
 			return;
@@ -210,6 +279,7 @@ function DeleteMFA(event) {
 		<?php
 	}
 
+	// TODO: Deprecate
 	public function show_change_password() {
 		$current_user = get_currentauth0user();
 		$user_profile = $current_user->auth0_obj;
@@ -257,6 +327,7 @@ public function show_change_password() {
 		<?php
 	}
 
+	// TODO: Deprecate
 	public function disable_email_field() {
 		$current_user = get_currentauth0user();
 		$user_profile = $current_user->auth0_obj;
@@ -294,6 +365,10 @@ public function disable_email_field() {
 		}
 	}
 
+	/**
+	 * Process email changes and pass the update to Auth0 if it passes validation.
+	 * Hooked to: personal_options_update
+	 */
 	public function override_email_update() {
 		global $wpdb;
 		global $errors;

lib/WP_Auth0_Email_Verification.php

@@ -103,7 +103,7 @@ public function resend_verification_email() {
 			wp_send_json_error( array( 'error' => __( 'No Auth0 user ID provided.', 'wp-auth0' ) ) );
 		}
 
-		if ( ! $this->api_jobs_resend->call() ) {
+		if ( ! $this->api_jobs_resend->call( $_POST['sub'] ) ) {
 			wp_send_json_error( array( 'error' => __( 'API call failed.', 'wp-auth0' ) ) );
 		}
 
@@ -120,8 +120,7 @@ public function resend_verification_email() {
 function wp_auth0_ajax_resend_verification_email() {
 	$options               = WP_Auth0_Options::Instance();
 	$api_client_creds      = new WP_Auth0_Api_Client_Credentials( $options );
-	$auth0_user_id         = isset( $_POST['sub'] ) ? $_POST['sub'] : null;
-	$api_jobs_verification = new WP_Auth0_Api_Jobs_Verification( $options, $api_client_creds, $auth0_user_id );
+	$api_jobs_verification = new WP_Auth0_Api_Jobs_Verification( $options, $api_client_creds );
 	$email_verification    = new WP_Auth0_Email_Verification( $api_jobs_verification );
 
 	$email_verification->resend_verification_email();

lib/WP_Auth0_ErrorLog.php

@@ -125,6 +125,8 @@ private function update( array $log ) {
 	 * Enqueue scripts and styles.
 	 *
 	 * @deprecated 3.6.0 - Not needed, handled in WP_Auth0_Admin::admin_enqueue()
+	 *
+	 * @codeCoverageIgnore
 	 */
 	public function admin_enqueue() {
 		// phpcs:ignore

lib/WP_Auth0_Users.php

@@ -91,4 +91,19 @@ public static function create_user( $userinfo, $role = null ) {
 		// Return the user ID
 		return $user_id;
 	}
+
+	/**
+	 * Get the strategy from an Auth0 user ID.
+	 *
+	 * @param string $auth0_id - Auth0 user ID.
+	 *
+	 * @return string
+	 */
+	public static function get_strategy( $auth0_id ) {
+		if ( false === strpos( $auth0_id, '|' ) ) {
+			return '';
+		}
+		$auth0_id_parts = explode( '|', $auth0_id );
+		return $auth0_id_parts[0];
+	}
 }