Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change logged-in user redirect to login_init hook #584

Merged
merged 3 commits into from
Nov 13, 2018

Conversation

joshcanhelp
Copy link
Contributor

@joshcanhelp joshcanhelp commented Nov 9, 2018

Changes

PR #583 did not address all warnings that came from this change. Moving this to an existing method hooked to login_init and adding tests for this and all other functionality in the login_auto method.

References

#583

Testing

  • This change adds unit test coverage
  • This change has been tested on the latest version of the platform/language or why not

/**
* Run after each test.
*/
public function tearDown() {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved up ☝️

*
* @param boolean $on - True to turn Auth0 on, false to turn off.
*/
public static function auth0Ready( $on = true ) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved to tests/traits/optionsHelpers.php 👇

/**
* Test that a specific region and domain return the correct number of IP addresses.
*/
public function testThatLoggedInUserIsRedirected() {
Copy link
Contributor Author

@joshcanhelp joshcanhelp Nov 9, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved to proper test suite, tests/testLoginManager.php ☝️

/**
* Test that logged-in users are redirected from the wp-login.php page.
*/
public function testThatLoggedInUserIsRedirectedFromWpLogin() {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved from tests/testRenderForm.php 👇

/**
* Test that the ULP redirect happens.
*/
public function testUlpRedirect() {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Set everything up to make sure the ULP redirect happens under normal conditions.

|| null !== $this->query_vars( 'auth0' )
// Do not redirect if already authenticated.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dealing with this condition in the block added above in this method ☝️

@@ -372,18 +372,6 @@ public function render_auth0_login_css() {
return;
}

// If the user has a WP session, determine where they should end up and redirect.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Meat of the PR here. This still was not early enough to precede any HTML output, leading to a PHP warning.

) {
return;
return false;
Copy link
Contributor Author

@joshcanhelp joshcanhelp Nov 9, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is used in a hook call so return value is never used ... except in tests now!

@joshcanhelp joshcanhelp added this to the 3.8.1 milestone Nov 9, 2018
@joshcanhelp joshcanhelp force-pushed the change-logged-in-redirect branch from 255403e to 896c03b Compare November 9, 2018 18:25
*/
public static function setUpBeforeClass() {
parent::setUpBeforeClass();
self::$opts = WP_Auth0_Options::Instance();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is done once, but its contents are changed multiple times in different tests. I think it should be moved into a method that runs "before each test" so you can ensure the tests are fully independent of each other.

e.g. some tests set the client_id property, some others don't. Independently of if those tests are running methods that use or not that client_id value from the props, if not part of the context then make sure that the props object is always with the values you need for test and nothing else. By doing what I mentioned in the paragraph above you can ensure that those props get reseted on each test run. And each test should prepare their own test context/environment prior to call the "method in test".

Copy link
Contributor Author

@joshcanhelp joshcanhelp Nov 9, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Totally agree but keep in mind that we always have a "state," which is the database and that's where these are stored. A new options object pulls from the test DB so it needs to be explicitly reset each time.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also ... WP_Auth0_Options::Instance() returns an existing object with options stored in memory.

self::auth0Ready( false );
$this->stopRedirectHalting();
self::$error_log->clear();
self::$opts->set( 'custom_domain', '' );
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems easier to throw this instance and create a new one than be changing manually each prop, as you could be forgetting some of them when adding new tests. Note this are tests and performance hit is not relevant here. Instantiate whatever you need the times you need 👍

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree. There are a number of setUp/tearDown things that can/should happen always. Plan is to have a super class that extends the test suite to handle everything that should be done in between. I'm logging your suggestion here and the others I have so it gets handled.

* Test that logged-in users are redirected from the wp-login.php page.
*/
public function testThatLoggedInUserIsRedirectedFromWpLogin() {
$this->startRedirectHalting();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is what I didn't fully understand from yesterday's response. Couldn't you call this line at the very end of the "run before each test" method? It's cleaner than having to copy-paste it on every test.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cleaner but not needed for every test. Some of these cannot be combined because they throw exceptions at different places.

$this->assertFalse( $login_manager->login_auto() );
$_SERVER['REQUEST_METHOD'] = $req_method_backup;

// Test that WP login override will skip the redirect.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All these 3 checks below should be moved into 3 different tests as the condition for the test changes.

*/
public static function auth0Ready( $on = true ) {
$value = $on ? uniqid() : null;
self::$opts->set( 'domain', $value );
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sounds odd, even for a test, that a domain's test value is not a url shaped string but a random string.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The value is not used or checked anywhere so it's irrelevant. In this way, I can set this to something to make the plugin "active" and if I ever try to check for a specific value, it will fail (correctly).

@auth0 auth0 deleted a comment from codecov-io Nov 9, 2018
@codecov-io
Copy link

Codecov Report

Merging #584 into master will increase coverage by 0.74%.
The diff coverage is 94.11%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master     #584      +/-   ##
============================================
+ Coverage     27.76%   28.51%   +0.74%     
+ Complexity     1307     1306       -1     
============================================
  Files            51       51              
  Lines          4200     4202       +2     
============================================
+ Hits           1166     1198      +32     
+ Misses         3034     3004      -30
Impacted Files Coverage Δ Complexity Δ
WP_Auth0.php 22.36% <ø> (-2.64%) 62 <0> (-2)
lib/WP_Auth0_LoginManager.php 20% <94.11%> (+9.88%) 121 <0> (+1) ⬆️
lib/WP_Auth0_Lock10_Options.php 69.64% <0%> (-4.47%) 61% <0%> (ø)
lib/WP_Auth0_Nonce_Handler.php 71.05% <0%> (+23.68%) 18% <0%> (ø) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7324a03...d534ae8. Read the comment docs.

@joshcanhelp joshcanhelp merged commit 6126a34 into master Nov 13, 2018
@joshcanhelp joshcanhelp deleted the change-logged-in-redirect branch November 13, 2018 14:24
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 19, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants