diff --git a/assets/js/lock-init.js b/assets/js/lock-init.js index d023abec..caaf35eb 100644 --- a/assets/js/lock-init.js +++ b/assets/js/lock-init.js @@ -5,16 +5,6 @@ jQuery(document).ready(function ($) { var opts = wpAuth0LockGlobal; var loginForm = $( '#' + opts.loginFormId ); - // Check SSO if Auth0.js is loaded and we have options. - if ( opts.ssoOpts && typeof(auth0) !== 'undefined' ) { - loginForm.hide(); - var webAuth = new auth0.WebAuth({ - clientID: opts.clientId, - domain: opts.domain - }); - webAuth.checkSession(opts.ssoOpts, processSso); - } - // Missing critical Auth0 settings. if ( ! opts.ready ) { resetWpLoginForm(); @@ -74,35 +64,6 @@ jQuery(document).ready(function ($) { Cookies.set( opts.nonceCookieName, val ); } - /** - * Callback function for webAuth.checkSession() SSO processing. - * - * @param err null|object Error returned from Auth0 or null if none. - * @param result object Result from Auth0. - */ - function processSso(err, result) { - - // No session with Auth0 or error, show login form. - if (err || typeof(result) === 'undefined' || ! result || ! result.idToken) { - loginForm.show(); - return; - } - - // Set state and nonce cookies for validation. - setStateCookie(result.state); - setNonceCookie(result.idTokenPayload.nonce); - - // Create a form to submit the necessary auth parameters to the callback URL. - $(document.createElement('form')) - .css({display: 'none'}) - .attr('method', 'POST') - .attr('action', opts.ssoOpts.redirectUri) - .append($(document.createElement('input')).attr('name','id_token').val(result.idToken)) - .append($(document.createElement('input')).attr('name','state').val(result.state)) - .appendTo($('body')) - .submit(); - } - /** * Show the WordPress login form. */ diff --git a/languages/wp-auth0-es_ES.mo b/languages/wp-auth0-es_ES.mo index 42df1210..ee99be4f 100644 Binary files a/languages/wp-auth0-es_ES.mo and b/languages/wp-auth0-es_ES.mo differ diff --git a/languages/wp-auth0-es_ES.po b/languages/wp-auth0-es_ES.po index 4f074619..3bd7da90 100644 --- a/languages/wp-auth0-es_ES.po +++ b/languages/wp-auth0-es_ES.po @@ -1,8 +1,8 @@ msgid "" msgstr "" "Project-Id-Version: Login by Auth0\n" -"POT-Creation-Date: 2019-09-05 15:50-0700\n" -"PO-Revision-Date: 2019-09-05 15:50-0700\n" +"POT-Creation-Date: 2019-09-24 07:39-0700\n" +"PO-Revision-Date: 2019-09-24 07:39-0700\n" "Last-Translator: Josh Cunningham \n" "Language-Team: Carlos Longarela https://tabernawp.com/\n" "Language: es_ES\n" @@ -50,28 +50,17 @@ msgstr "Asistente de configuración" #: lib/WP_Auth0_EditProfile.php:354 lib/WP_Auth0_EditProfile.php:407 #: lib/WP_Auth0_EditProfile.php:462 lib/WP_Auth0_EditProfile.php:519 #: lib/WP_Auth0_Email_Verification.php:115 lib/WP_Auth0_ErrorLog.php:135 -#: lib/WP_Auth0_Export_Users.php:29 lib/WP_Auth0_Lock10_Options.php:39 -#: lib/WP_Auth0_Lock10_Options.php:50 lib/WP_Auth0_Lock10_Options.php:245 -#: lib/WP_Auth0_Lock10_Options.php:262 lib/WP_Auth0_Lock10_Options.php:275 -#: lib/WP_Auth0_Lock10_Options.php:288 lib/WP_Auth0_Lock10_Options.php:301 -#: lib/WP_Auth0_Lock10_Options.php:314 lib/WP_Auth0_Lock10_Options.php:327 -#: lib/WP_Auth0_Lock10_Options.php:340 lib/WP_Auth0_Lock10_Options.php:357 -#: lib/WP_Auth0_Lock10_Options.php:376 lib/WP_Auth0_LoginManager.php:518 -#: lib/WP_Auth0_LoginManager.php:543 lib/WP_Auth0_LoginManager.php:745 -#: lib/WP_Auth0_LoginManager.php:772 lib/WP_Auth0_LoginManager.php:818 -#: lib/WP_Auth0_Metrics.php:17 lib/WP_Auth0_Options.php:277 -#: lib/WP_Auth0_Options.php:292 lib/WP_Auth0_Options.php:311 -#: lib/WP_Auth0_Referer_Check.php:22 lib/admin/WP_Auth0_Admin.php:87 -#: lib/admin/WP_Auth0_Admin_Features.php:121 -#: lib/admin/WP_Auth0_Admin_Features.php:318 -#: lib/admin/WP_Auth0_Admin_Features.php:405 -#: lib/admin/WP_Auth0_Admin_Features.php:453 -#: lib/admin/WP_Auth0_Admin_Features.php:498 -#: lib/admin/WP_Auth0_Admin_Features.php:512 -#: lib/admin/WP_Auth0_Admin_Features.php:537 -#: lib/admin/WP_Auth0_Admin_Features.php:550 -#: lib/admin/WP_Auth0_Admin_Features.php:563 -#: lib/admin/WP_Auth0_Admin_Generic.php:120 +#: lib/WP_Auth0_Export_Users.php:29 lib/WP_Auth0_Lock10_Options.php:36 +#: lib/WP_Auth0_Lock10_Options.php:215 lib/WP_Auth0_Lock10_Options.php:232 +#: lib/WP_Auth0_Lock10_Options.php:245 lib/WP_Auth0_Lock10_Options.php:258 +#: lib/WP_Auth0_Lock10_Options.php:271 lib/WP_Auth0_Lock10_Options.php:284 +#: lib/WP_Auth0_Lock10_Options.php:297 lib/WP_Auth0_Lock10_Options.php:310 +#: lib/WP_Auth0_Lock10_Options.php:327 lib/WP_Auth0_Lock10_Options.php:346 +#: lib/WP_Auth0_LoginManager.php:698 lib/WP_Auth0_LoginManager.php:725 +#: lib/WP_Auth0_LoginManager.php:771 lib/WP_Auth0_Metrics.php:17 +#: lib/WP_Auth0_Options.php:276 lib/WP_Auth0_Options.php:291 +#: lib/WP_Auth0_Options.php:310 lib/WP_Auth0_Referer_Check.php:22 +#: lib/admin/WP_Auth0_Admin.php:87 lib/admin/WP_Auth0_Admin_Generic.php:120 #: lib/admin/WP_Auth0_Admin_Generic.php:317 #, php-format msgid "Method %s is deprecated." @@ -296,7 +285,7 @@ msgstr "Este sitio requiere una dirección de correo electrónico verificada." msgid "Resend verification email." msgstr "Reenviar verificación de correo electrónico." -#: lib/WP_Auth0_Email_Verification.php:65 lib/WP_Auth0_LoginManager.php:681 +#: lib/WP_Auth0_Email_Verification.php:65 lib/WP_Auth0_LoginManager.php:634 msgid "← Login" msgstr "← Entrar" @@ -325,7 +314,7 @@ msgid "Shows Auth0 login form in your sidebar" msgstr "Muestra el formulario de inicio de sesión de Auth0 en tu barra lateral" #: lib/WP_Auth0_Embed_Widget.php:43 lib/WP_Auth0_WooCommerceOverrides.php:52 -#: templates/login-form.php:41 +#: templates/login-form.php:32 msgid "Login" msgstr "Acceder" @@ -425,19 +414,19 @@ msgstr "" "No se pudo crear el usuario. El proceso de registro no está disponible. " "Pónte en contacto con el administrador de tu sitio web." -#: lib/WP_Auth0_LoginManager.php:674 +#: lib/WP_Auth0_LoginManager.php:627 msgid "There was a problem with your log in" msgstr "Hubo un problema con el inicio de sesión" -#: lib/WP_Auth0_LoginManager.php:677 +#: lib/WP_Auth0_LoginManager.php:630 msgid "Please see the site administrator" msgstr "Por favor, consulta al administrador del sitio" -#: lib/WP_Auth0_LoginManager.php:678 +#: lib/WP_Auth0_LoginManager.php:631 msgid "error code" msgstr "código de error" -#: lib/WP_Auth0_LoginManager.php:679 +#: lib/WP_Auth0_LoginManager.php:632 msgid "unknown" msgstr "desconocido" @@ -895,19 +884,16 @@ msgstr "" "necesita cambiar" #: lib/admin/WP_Auth0_Admin_Appearance.php:155 -#: lib/admin/WP_Auth0_Admin_Features.php:206 msgid "Turn on Passwordless login (email or SMS) in the Auth0 form. " msgstr "" "Activa el inicio de sesión Passwordless (utilizando correo electrónico o " "SMS) en el formulario Auth0. " #: lib/admin/WP_Auth0_Admin_Appearance.php:156 -#: lib/admin/WP_Auth0_Admin_Features.php:207 msgid "Passwordless connections are managed in the " msgstr "Las conexiones Passwordless se gestionan en el " #: lib/admin/WP_Auth0_Admin_Appearance.php:158 -#: lib/admin/WP_Auth0_Admin_Features.php:209 msgid "" " and at least one must be active and enabled on this Application for this to " "work. " @@ -916,7 +902,6 @@ msgstr "" "esto funcione. " #: lib/admin/WP_Auth0_Admin_Appearance.php:159 -#: lib/admin/WP_Auth0_Admin_Features.php:210 msgid "Username/password login is not enabled when Passwordless is on" msgstr "" "El inicio de sesión con nombre de usuario/contraseña no está habilitado " @@ -1220,99 +1205,21 @@ msgid "Single Logout" msgstr "Cierre de sesión único" #: lib/admin/WP_Auth0_Admin_Features.php:53 -msgid "Single Sign On (SSO)" -msgstr "Inicio de sesión único (SSO)" - -#: lib/admin/WP_Auth0_Admin_Features.php:59 -msgid "Multifactor Authentication (MFA)" -msgstr "Autenticación multifactor (MFA)" - -#: lib/admin/WP_Auth0_Admin_Features.php:69 -msgid "FullContact Integration" -msgstr "Integración FullContact" - -#: lib/admin/WP_Auth0_Admin_Features.php:79 -msgid "Store Geolocation" -msgstr "Geolocalización de la tienda" - -#: lib/admin/WP_Auth0_Admin_Features.php:89 -msgid "Store Zipcode Income" -msgstr "Almacena los Zipcode de entrada" - -#: lib/admin/WP_Auth0_Admin_Features.php:97 msgid "Override WordPress Avatars" msgstr "Sobrescribir avatares de WordPress" -#: lib/admin/WP_Auth0_Admin_Features.php:138 -msgid "" -"Password security policy for the database connection used by this " -"application. " -msgstr "" -"Política de seguridad de contraseñas para la conexión de base de datos " -"utilizada por esta aplicación. " - -#: lib/admin/WP_Auth0_Admin_Features.php:139 -msgid "" -"Changing the policy here will change it for all other applications using " -"this database. " -msgstr "" -"Cambiar la política aquí la cambiará para todas las demás aplicaciones que " -"utilicen esta base de datos. " - -#: lib/admin/WP_Auth0_Admin_Features.php:140 -msgid "For information on policy levels, see our " -msgstr "" -"Para obtener información sobre los niveles de políticas, consulta nuestra " - -#: lib/admin/WP_Auth0_Admin_Features.php:143 -msgid "help page on password strength" -msgstr "página de ayuda sobre la seguridad de la contraseña" - -#: lib/admin/WP_Auth0_Admin_Features.php:163 -msgid "" -"This setting is deprecated and will be removed in the next major release. " -msgstr "" -"Esta configuración está deprecada y va a ser removida en el próximo release " -"mayor. " - -#: lib/admin/WP_Auth0_Admin_Features.php:164 -msgid "To enable SSO, please use the Universal Login Page setting above" -msgstr "" -"Para habilitar SSO, por favor utilizar la opción de Universal Login Page que " -"está debajo" - -#: lib/admin/WP_Auth0_Admin_Features.php:167 -msgid "Turning this on will attempt SSO on wp-login.php. " -msgstr "" -"Al activar esta opción, se intentará iniciar sesión automáticamente cuando " -"un usuario visite wp-login.php. " - -#: lib/admin/WP_Auth0_Admin_Features.php:168 -msgid "This setting will not affect how shortcodes and widgets work. " -msgstr "" -"Esta configuración no afectará al funcionamiento de los shortcodes y los " -"widgets. " - -#: lib/admin/WP_Auth0_Admin_Features.php:169 -msgid "For more information, see our " -msgstr "Para obtener más información, consulta nuestra " - -#: lib/admin/WP_Auth0_Admin_Features.php:170 -msgid "help page on SSO" -msgstr "página de ayuda sobre SSO" - -#: lib/admin/WP_Auth0_Admin_Features.php:186 +#: lib/admin/WP_Auth0_Admin_Features.php:75 msgid "" "Turning this on will log users out of Auth0 when they log out of WordPress." msgstr "" "Habilitar esto hará que los usuarios cierren su sesión de Auth0 cuando " "cierren su sesión de WordPress." -#: lib/admin/WP_Auth0_Admin_Features.php:226 +#: lib/admin/WP_Auth0_Admin_Features.php:91 msgid "Use the Universal Login Page (ULP) for authentication and SSO. " msgstr "Utilizar la Universal Login Page (ULP) para la autenticación y SSO. " -#: lib/admin/WP_Auth0_Admin_Features.php:227 +#: lib/admin/WP_Auth0_Admin_Features.php:92 msgid "" "When turned on, wp-login.php will redirect to the hosted login " "page. " @@ -1320,18 +1227,18 @@ msgstr "" "Cuando se activa, wp-login.php redireccionará a Hosted Login " "Page " -#: lib/admin/WP_Auth0_Admin_Features.php:228 +#: lib/admin/WP_Auth0_Admin_Features.php:93 msgid "" "When turned off, wp-login.php will show an embedded login form. " msgstr "" "Cuando se desactiva, wp-login.php mostrará un formulario de " "inicio de sesión embebido. " -#: lib/admin/WP_Auth0_Admin_Features.php:229 +#: lib/admin/WP_Auth0_Admin_Features.php:94 msgid "More on ULP vs embedded here" msgstr "Más sobre ULP vs embebido aquí" -#: lib/admin/WP_Auth0_Admin_Features.php:245 +#: lib/admin/WP_Auth0_Admin_Features.php:110 msgid "" "Enter a name here to automatically use a single, specific connection to " "login . " @@ -1340,7 +1247,7 @@ msgstr "" "particular para iniciar sesión. " #. translators: Placeholder is an HTML link to the Auth0 dashboard. -#: lib/admin/WP_Auth0_Admin_Features.php:248 +#: lib/admin/WP_Auth0_Admin_Features.php:113 #, php-format msgid "" "Find the method name to use under Connections > [Connection Type] in your " @@ -1349,7 +1256,7 @@ msgstr "" "Encuentra el nombre del método a usar bajo Connections > [Tipo de conexión] " "en tus %s. " -#: lib/admin/WP_Auth0_Admin_Features.php:251 +#: lib/admin/WP_Auth0_Admin_Features.php:116 msgid "" "Click the expand icon and use the value in the \"Name\" field (like \"google-" "oauth2\")" @@ -1357,98 +1264,10 @@ msgstr "" "Haz clic en el icono de expandir y utiliza el valor del campo \"Name\" (como " "\"google-oauth2\")." -#: lib/admin/WP_Auth0_Admin_Features.php:266 -msgid "" -"MFA is a method to verify identity by checking a second factor in addition " -"to the password. " -msgstr "" -"MFA es un método para verificar la identidad comprobando un segundo factor " -"además de la contraseña. " - -#: lib/admin/WP_Auth0_Admin_Features.php:267 -msgid "" -"This provides an additional layer of security, decreasing the likelihood of " -"unauthorized access. " -msgstr "" -"Esto provee una capa adicional de seguridad, disminuyendo la posibilidad de " -"acceso no autorizado. " - -#: lib/admin/WP_Auth0_Admin_Features.php:268 -msgid "To configure MFA for this site, please see this " -msgstr "Para configurar MFA para este sitio, por favor leer esto " - -#: lib/admin/WP_Auth0_Admin_Features.php:269 -msgid "help page on MFA" -msgstr "página de ayuda sobre MFA" - -#: lib/admin/WP_Auth0_Admin_Features.php:275 -#: lib/admin/WP_Auth0_Admin_Features.php:297 -#: lib/admin/WP_Auth0_Admin_Features.php:337 -#: lib/admin/WP_Auth0_Admin_Features.php:358 -msgid "This feature may currently be active. " -msgstr "This feature may currently be active. " - -#: lib/admin/WP_Auth0_Admin_Features.php:276 -msgid "Manage it with the \"Multifactor-Guardian-Do-Not-Rename\" Rule in the " -msgstr "Configurala con la regla “Multifactor-Guardian-Do-Not-Rename” en el " - -#: lib/admin/WP_Auth0_Admin_Features.php:298 -msgid "" -"Manage it with the \"Enrich-profile-with-FullContact-Do-Not-Rename\" Rule in " -"the " -msgstr "" -"Configurala con la regla “Enrich-profile-with-FullContact-Do-Not-Rename” en " -"el " - -#: lib/admin/WP_Auth0_Admin_Features.php:338 -msgid "Manage it with the \"Store-Geo-Location-Do-Not-Rename\" Rule in the " -msgstr "Configurala con la regla “Store-Geo-Location-Do-Not-Rename” en el " - -#: lib/admin/WP_Auth0_Admin_Features.php:359 -msgid "" -"Manage it with the \"Enrich-profile-with-Zipcode-Income-Do-Not-Rename\" Rule " -"in the " -msgstr "" -"Configurala con la regla “Enrich-profile-with-Zipcode-Income-Do-Not-Rename” " -"en el " - -#: lib/admin/WP_Auth0_Admin_Features.php:376 +#: lib/admin/WP_Auth0_Admin_Features.php:132 msgid "Overrides the WordPress avatar with the Auth0 profile avatar" msgstr "Sobreescribe el avatar de WordPress con el avatar de perfil Auth0" -#: lib/admin/WP_Auth0_Admin_Features.php:432 -msgid "" -"The SSO setting for your Application could not be updated automatically. " -msgstr "" -"La configuración de SSO para tu Aplicación no se ha podido actualizar " -"automáticamente. " - -#: lib/admin/WP_Auth0_Admin_Features.php:433 -msgid "" -"Check that \"Use Auth0 instead of the IdP to do Single Sign On\" is turned " -"on in the " -msgstr "" -"Comprueba que \"Use Auth0 instead of the IdP to do Single Sign On\" está " -"activado en el " - -#: lib/admin/WP_Auth0_Admin_Features.php:463 -msgid "No database connections found for this application. " -msgstr "" -"No se han encontrado conexiones de base de datos para esta aplicación. " - -#: lib/admin/WP_Auth0_Admin_Features.php:464 -#: lib/admin/WP_Auth0_Admin_Features.php:481 -msgid "See all database connections" -msgstr "Ver todas las conexiones de la base de datos" - -#: lib/admin/WP_Auth0_Admin_Features.php:479 -msgid "There was a problem updating the password policy. " -msgstr "Se ha producido un problema al actualizar la política de contraseñas. " - -#: lib/admin/WP_Auth0_Admin_Features.php:480 -msgid "Please manually review and update the policy. " -msgstr "Por favor, revisa y actualiza la política manualmente. " - #: lib/admin/WP_Auth0_Admin_Generic.php:276 msgid "Value is set in the constant " msgstr "El valor se establece en la constante " @@ -2147,11 +1966,11 @@ msgstr "Configuración del inicio de sesión único (SSO) social" msgid "Migrate your administrator account" msgstr "Migrar tu cuenta de administrador" -#: templates/login-form.php:37 +#: templates/login-form.php:28 msgid "Auth0 is not configured" msgstr "Auth0 no está configurado" -#: templates/login-form.php:38 +#: templates/login-form.php:29 msgid "Auth0 cannot find node with id " msgstr "Auth0 no puede encontrar un nodo con id " @@ -2301,3 +2120,138 @@ msgstr "" #. Author URI of the plugin/theme msgid "https://auth0.com" msgstr "" + +#~ msgid "Single Sign On (SSO)" +#~ msgstr "Inicio de sesión único (SSO)" + +#~ msgid "Multifactor Authentication (MFA)" +#~ msgstr "Autenticación multifactor (MFA)" + +#~ msgid "FullContact Integration" +#~ msgstr "Integración FullContact" + +#~ msgid "Store Geolocation" +#~ msgstr "Geolocalización de la tienda" + +#~ msgid "Store Zipcode Income" +#~ msgstr "Almacena los Zipcode de entrada" + +#~ msgid "" +#~ "Password security policy for the database connection used by this " +#~ "application. " +#~ msgstr "" +#~ "Política de seguridad de contraseñas para la conexión de base de datos " +#~ "utilizada por esta aplicación. " + +#~ msgid "" +#~ "Changing the policy here will change it for all other applications using " +#~ "this database. " +#~ msgstr "" +#~ "Cambiar la política aquí la cambiará para todas las demás aplicaciones " +#~ "que utilicen esta base de datos. " + +#~ msgid "For information on policy levels, see our " +#~ msgstr "" +#~ "Para obtener información sobre los niveles de políticas, consulta nuestra " + +#~ msgid "help page on password strength" +#~ msgstr "página de ayuda sobre la seguridad de la contraseña" + +#~ msgid "" +#~ "This setting is deprecated and will be removed in the next major release. " +#~ msgstr "" +#~ "Esta configuración está deprecada y va a ser removida en el próximo " +#~ "release mayor. " + +#~ msgid "To enable SSO, please use the Universal Login Page setting above" +#~ msgstr "" +#~ "Para habilitar SSO, por favor utilizar la opción de Universal Login Page " +#~ "que está debajo" + +#~ msgid "Turning this on will attempt SSO on wp-login.php. " +#~ msgstr "" +#~ "Al activar esta opción, se intentará iniciar sesión automáticamente " +#~ "cuando un usuario visite wp-login.php. " + +#~ msgid "This setting will not affect how shortcodes and widgets work. " +#~ msgstr "" +#~ "Esta configuración no afectará al funcionamiento de los shortcodes y los " +#~ "widgets. " + +#~ msgid "For more information, see our " +#~ msgstr "Para obtener más información, consulta nuestra " + +#~ msgid "help page on SSO" +#~ msgstr "página de ayuda sobre SSO" + +#~ msgid "" +#~ "MFA is a method to verify identity by checking a second factor in " +#~ "addition to the password. " +#~ msgstr "" +#~ "MFA es un método para verificar la identidad comprobando un segundo " +#~ "factor además de la contraseña. " + +#~ msgid "" +#~ "This provides an additional layer of security, decreasing the likelihood " +#~ "of unauthorized access. " +#~ msgstr "" +#~ "Esto provee una capa adicional de seguridad, disminuyendo la posibilidad " +#~ "de acceso no autorizado. " + +#~ msgid "To configure MFA for this site, please see this " +#~ msgstr "Para configurar MFA para este sitio, por favor leer esto " + +#~ msgid "help page on MFA" +#~ msgstr "página de ayuda sobre MFA" + +#~ msgid "This feature may currently be active. " +#~ msgstr "This feature may currently be active. " + +#~ msgid "" +#~ "Manage it with the \"Multifactor-Guardian-Do-Not-Rename\" Rule in the " +#~ msgstr "" +#~ "Configurala con la regla “Multifactor-Guardian-Do-Not-Rename” en el " + +#~ msgid "" +#~ "Manage it with the \"Enrich-profile-with-FullContact-Do-Not-Rename\" Rule " +#~ "in the " +#~ msgstr "" +#~ "Configurala con la regla “Enrich-profile-with-FullContact-Do-Not-Rename” " +#~ "en el " + +#~ msgid "Manage it with the \"Store-Geo-Location-Do-Not-Rename\" Rule in the " +#~ msgstr "Configurala con la regla “Store-Geo-Location-Do-Not-Rename” en el " + +#~ msgid "" +#~ "Manage it with the \"Enrich-profile-with-Zipcode-Income-Do-Not-Rename\" " +#~ "Rule in the " +#~ msgstr "" +#~ "Configurala con la regla “Enrich-profile-with-Zipcode-Income-Do-Not-" +#~ "Rename” en el " + +#~ msgid "" +#~ "The SSO setting for your Application could not be updated automatically. " +#~ msgstr "" +#~ "La configuración de SSO para tu Aplicación no se ha podido actualizar " +#~ "automáticamente. " + +#~ msgid "" +#~ "Check that \"Use Auth0 instead of the IdP to do Single Sign On\" is " +#~ "turned on in the " +#~ msgstr "" +#~ "Comprueba que \"Use Auth0 instead of the IdP to do Single Sign On\" está " +#~ "activado en el " + +#~ msgid "No database connections found for this application. " +#~ msgstr "" +#~ "No se han encontrado conexiones de base de datos para esta aplicación. " + +#~ msgid "See all database connections" +#~ msgstr "Ver todas las conexiones de la base de datos" + +#~ msgid "There was a problem updating the password policy. " +#~ msgstr "" +#~ "Se ha producido un problema al actualizar la política de contraseñas. " + +#~ msgid "Please manually review and update the policy. " +#~ msgstr "Por favor, revisa y actualiza la política manualmente. " diff --git a/languages/wp-auth0.pot b/languages/wp-auth0.pot index 8dc6de06..ca0fc028 100644 --- a/languages/wp-auth0.pot +++ b/languages/wp-auth0.pot @@ -3,7 +3,7 @@ msgid "" msgstr "" "Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n" "Project-Id-Version: Login by Auth0\n" -"POT-Creation-Date: 2019-09-05 15:49-0700\n" +"POT-Creation-Date: 2019-09-24 07:38-0700\n" "PO-Revision-Date: 2018-07-25 08:37-0700\n" "Last-Translator: \n" "Language-Team: \n" @@ -50,22 +50,16 @@ msgstr "" #: lib/WP_Auth0_EditProfile.php:407 lib/WP_Auth0_EditProfile.php:462 #: lib/WP_Auth0_EditProfile.php:519 lib/WP_Auth0_Email_Verification.php:115 #: lib/WP_Auth0_ErrorLog.php:135 lib/WP_Auth0_Export_Users.php:29 -#: lib/WP_Auth0_Lock10_Options.php:39 lib/WP_Auth0_Lock10_Options.php:50 -#: lib/WP_Auth0_Lock10_Options.php:245 lib/WP_Auth0_Lock10_Options.php:262 -#: lib/WP_Auth0_Lock10_Options.php:275 lib/WP_Auth0_Lock10_Options.php:288 -#: lib/WP_Auth0_Lock10_Options.php:301 lib/WP_Auth0_Lock10_Options.php:314 -#: lib/WP_Auth0_Lock10_Options.php:327 lib/WP_Auth0_Lock10_Options.php:340 -#: lib/WP_Auth0_Lock10_Options.php:357 lib/WP_Auth0_Lock10_Options.php:376 -#: lib/WP_Auth0_LoginManager.php:518 lib/WP_Auth0_LoginManager.php:543 -#: lib/WP_Auth0_LoginManager.php:745 lib/WP_Auth0_LoginManager.php:772 -#: lib/WP_Auth0_LoginManager.php:818 lib/WP_Auth0_Metrics.php:17 -#: lib/WP_Auth0_Options.php:277 lib/WP_Auth0_Options.php:292 -#: lib/WP_Auth0_Options.php:311 lib/WP_Auth0_Referer_Check.php:22 -#: lib/admin/WP_Auth0_Admin.php:87 lib/admin/WP_Auth0_Admin_Features.php:121 -#: lib/admin/WP_Auth0_Admin_Features.php:318 lib/admin/WP_Auth0_Admin_Features.php:405 -#: lib/admin/WP_Auth0_Admin_Features.php:453 lib/admin/WP_Auth0_Admin_Features.php:498 -#: lib/admin/WP_Auth0_Admin_Features.php:512 lib/admin/WP_Auth0_Admin_Features.php:537 -#: lib/admin/WP_Auth0_Admin_Features.php:550 lib/admin/WP_Auth0_Admin_Features.php:563 +#: lib/WP_Auth0_Lock10_Options.php:36 lib/WP_Auth0_Lock10_Options.php:215 +#: lib/WP_Auth0_Lock10_Options.php:232 lib/WP_Auth0_Lock10_Options.php:245 +#: lib/WP_Auth0_Lock10_Options.php:258 lib/WP_Auth0_Lock10_Options.php:271 +#: lib/WP_Auth0_Lock10_Options.php:284 lib/WP_Auth0_Lock10_Options.php:297 +#: lib/WP_Auth0_Lock10_Options.php:310 lib/WP_Auth0_Lock10_Options.php:327 +#: lib/WP_Auth0_Lock10_Options.php:346 lib/WP_Auth0_LoginManager.php:698 +#: lib/WP_Auth0_LoginManager.php:725 lib/WP_Auth0_LoginManager.php:771 +#: lib/WP_Auth0_Metrics.php:17 lib/WP_Auth0_Options.php:276 +#: lib/WP_Auth0_Options.php:291 lib/WP_Auth0_Options.php:310 +#: lib/WP_Auth0_Referer_Check.php:22 lib/admin/WP_Auth0_Admin.php:87 #: lib/admin/WP_Auth0_Admin_Generic.php:120 lib/admin/WP_Auth0_Admin_Generic.php:317 #, php-format msgid "Method %s is deprecated." @@ -256,7 +250,7 @@ msgstr "" msgid "Resend verification email." msgstr "" -#: lib/WP_Auth0_Email_Verification.php:65 lib/WP_Auth0_LoginManager.php:681 +#: lib/WP_Auth0_Email_Verification.php:65 lib/WP_Auth0_LoginManager.php:634 msgid "← Login" msgstr "" @@ -285,7 +279,7 @@ msgid "Shows Auth0 login form in your sidebar" msgstr "" #: lib/WP_Auth0_Embed_Widget.php:43 lib/WP_Auth0_WooCommerceOverrides.php:52 -#: templates/login-form.php:41 +#: templates/login-form.php:32 msgid "Login" msgstr "" @@ -378,19 +372,19 @@ msgid "" "your site’s administrator." msgstr "" -#: lib/WP_Auth0_LoginManager.php:674 +#: lib/WP_Auth0_LoginManager.php:627 msgid "There was a problem with your log in" msgstr "" -#: lib/WP_Auth0_LoginManager.php:677 +#: lib/WP_Auth0_LoginManager.php:630 msgid "Please see the site administrator" msgstr "" -#: lib/WP_Auth0_LoginManager.php:678 +#: lib/WP_Auth0_LoginManager.php:631 msgid "error code" msgstr "" -#: lib/WP_Auth0_LoginManager.php:679 +#: lib/WP_Auth0_LoginManager.php:632 msgid "unknown" msgstr "" @@ -780,23 +774,19 @@ msgid "" msgstr "" #: lib/admin/WP_Auth0_Admin_Appearance.php:155 -#: lib/admin/WP_Auth0_Admin_Features.php:206 msgid "Turn on Passwordless login (email or SMS) in the Auth0 form. " msgstr "" #: lib/admin/WP_Auth0_Admin_Appearance.php:156 -#: lib/admin/WP_Auth0_Admin_Features.php:207 msgid "Passwordless connections are managed in the " msgstr "" #: lib/admin/WP_Auth0_Admin_Appearance.php:158 -#: lib/admin/WP_Auth0_Admin_Features.php:209 msgid "" " and at least one must be active and enabled on this Application for this to work. " msgstr "" #: lib/admin/WP_Auth0_Admin_Appearance.php:159 -#: lib/admin/WP_Auth0_Admin_Features.php:210 msgid "Username/password login is not enabled when Passwordless is on" msgstr "" @@ -1057,181 +1047,51 @@ msgid "Single Logout" msgstr "" #: lib/admin/WP_Auth0_Admin_Features.php:53 -msgid "Single Sign On (SSO)" -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:59 -msgid "Multifactor Authentication (MFA)" -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:69 -msgid "FullContact Integration" -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:79 -msgid "Store Geolocation" -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:89 -msgid "Store Zipcode Income" -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:97 msgid "Override WordPress Avatars" msgstr "" -#: lib/admin/WP_Auth0_Admin_Features.php:138 -msgid "Password security policy for the database connection used by this application. " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:139 -msgid "" -"Changing the policy here will change it for all other applications using this " -"database. " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:140 -msgid "For information on policy levels, see our " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:143 -msgid "help page on password strength" -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:163 -msgid "This setting is deprecated and will be removed in the next major release. " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:164 -msgid "To enable SSO, please use the Universal Login Page setting above" -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:167 -msgid "Turning this on will attempt SSO on wp-login.php. " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:168 -msgid "This setting will not affect how shortcodes and widgets work. " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:169 -msgid "For more information, see our " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:170 -msgid "help page on SSO" -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:186 +#: lib/admin/WP_Auth0_Admin_Features.php:75 msgid "Turning this on will log users out of Auth0 when they log out of WordPress." msgstr "" -#: lib/admin/WP_Auth0_Admin_Features.php:226 +#: lib/admin/WP_Auth0_Admin_Features.php:91 msgid "Use the Universal Login Page (ULP) for authentication and SSO. " msgstr "" -#: lib/admin/WP_Auth0_Admin_Features.php:227 +#: lib/admin/WP_Auth0_Admin_Features.php:92 msgid "" "When turned on, wp-login.php will redirect to the hosted login page. " msgstr "" -#: lib/admin/WP_Auth0_Admin_Features.php:228 +#: lib/admin/WP_Auth0_Admin_Features.php:93 msgid "When turned off, wp-login.php will show an embedded login form. " msgstr "" -#: lib/admin/WP_Auth0_Admin_Features.php:229 +#: lib/admin/WP_Auth0_Admin_Features.php:94 msgid "More on ULP vs embedded here" msgstr "" -#: lib/admin/WP_Auth0_Admin_Features.php:245 +#: lib/admin/WP_Auth0_Admin_Features.php:110 msgid "" "Enter a name here to automatically use a single, specific connection to login . " msgstr "" #. translators: Placeholder is an HTML link to the Auth0 dashboard. -#: lib/admin/WP_Auth0_Admin_Features.php:248 +#: lib/admin/WP_Auth0_Admin_Features.php:113 #, php-format msgid "Find the method name to use under Connections > [Connection Type] in your %s. " msgstr "" -#: lib/admin/WP_Auth0_Admin_Features.php:251 +#: lib/admin/WP_Auth0_Admin_Features.php:116 msgid "" "Click the expand icon and use the value in the \"Name\" field (like \"google-" "oauth2\")" msgstr "" -#: lib/admin/WP_Auth0_Admin_Features.php:266 -msgid "" -"MFA is a method to verify identity by checking a second factor in addition to the " -"password. " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:267 -msgid "" -"This provides an additional layer of security, decreasing the likelihood of " -"unauthorized access. " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:268 -msgid "To configure MFA for this site, please see this " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:269 -msgid "help page on MFA" -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:275 lib/admin/WP_Auth0_Admin_Features.php:297 -#: lib/admin/WP_Auth0_Admin_Features.php:337 lib/admin/WP_Auth0_Admin_Features.php:358 -msgid "This feature may currently be active. " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:276 -msgid "Manage it with the \"Multifactor-Guardian-Do-Not-Rename\" Rule in the " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:298 -msgid "" -"Manage it with the \"Enrich-profile-with-FullContact-Do-Not-Rename\" Rule in the " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:338 -msgid "Manage it with the \"Store-Geo-Location-Do-Not-Rename\" Rule in the " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:359 -msgid "" -"Manage it with the \"Enrich-profile-with-Zipcode-Income-Do-Not-Rename\" Rule in the " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:376 +#: lib/admin/WP_Auth0_Admin_Features.php:132 msgid "Overrides the WordPress avatar with the Auth0 profile avatar" msgstr "" -#: lib/admin/WP_Auth0_Admin_Features.php:432 -msgid "The SSO setting for your Application could not be updated automatically. " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:433 -msgid "" -"Check that \"Use Auth0 instead of the IdP to do Single Sign On\" is turned on in the " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:463 -msgid "No database connections found for this application. " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:464 lib/admin/WP_Auth0_Admin_Features.php:481 -msgid "See all database connections" -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:479 -msgid "There was a problem updating the password policy. " -msgstr "" - -#: lib/admin/WP_Auth0_Admin_Features.php:480 -msgid "Please manually review and update the policy. " -msgstr "" - #: lib/admin/WP_Auth0_Admin_Generic.php:276 msgid "Value is set in the constant " msgstr "" @@ -1842,11 +1702,11 @@ msgstr "" msgid "Migrate your administrator account" msgstr "" -#: templates/login-form.php:37 +#: templates/login-form.php:28 msgid "Auth0 is not configured" msgstr "" -#: templates/login-form.php:38 +#: templates/login-form.php:29 msgid "Auth0 cannot find node with id " msgstr "" diff --git a/lib/WP_Auth0_Lock10_Options.php b/lib/WP_Auth0_Lock10_Options.php index 2e12c4bc..0d201c75 100644 --- a/lib/WP_Auth0_Lock10_Options.php +++ b/lib/WP_Auth0_Lock10_Options.php @@ -26,20 +26,6 @@ public function get_code_callback_url() { public function get_implicit_callback_url() { return $this->wp_options->get_wp_auth0_url( $this->get_callback_protocol(), true ); } - - /** - * @deprecated - 3.10.0, not used. - * - * @return bool - * - * @codeCoverageIgnore - Deprecated. - */ - public function get_sso() { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - return $this->_get_boolean( $this->wp_options->get( 'sso' ) ); - } - /** * @deprecated - 3.10.0, not used. * @@ -121,9 +107,6 @@ protected function build_settings( $settings ) { if ( $this->_is_valid( $settings, 'username_style' ) ) { $options_obj['usernameStyle'] = $settings['username_style']; } - if ( $this->_is_valid( $settings, 'sso' ) ) { - $options_obj['auth']['sso'] = $this->_get_boolean( $settings['sso'] ); - } if ( $this->_is_valid( $settings, 'icon_url' ) || $this->_is_valid( $settings, 'primary_color' ) ) { $options_obj['theme'] = []; @@ -145,19 +128,6 @@ protected function build_settings( $settings ) { return $options_obj; } - public function get_sso_options() { - $options['scope'] = WP_Auth0_LoginManager::get_userinfo_scope( 'sso' ); - $options['responseType'] = 'id_token'; - $options['redirectUri'] = $this->get_implicit_callback_url(); - $options['nonce'] = WP_Auth0_Nonce_Handler::get_instance()->get_unique(); - unset( $options['authParams'] ); - - $redirect_to = ! empty( $_SERVER['REQUEST_URI'] ) ? home_url( $_SERVER['REQUEST_URI'] ) : null; - $options['state'] = $this->get_state_obj( $redirect_to ); - - return $options; - } - public function get_lock_options() { $extended_settings = $this->extended_settings; if ( isset( $extended_settings['show_as_modal'] ) ) { diff --git a/lib/WP_Auth0_LoginManager.php b/lib/WP_Auth0_LoginManager.php index c8bc2874..63c494b4 100755 --- a/lib/WP_Auth0_LoginManager.php +++ b/lib/WP_Auth0_LoginManager.php @@ -484,8 +484,8 @@ public function logout() { return; } - // If SSO/SLO is in use, redirect to Auth0 to logout there as well. - if ( $this->a0_options->get( 'sso' ) || $this->a0_options->get( 'singlelogout' ) ) { + // If SLO is in use, redirect to Auth0 to logout there as well. + if ( $this->a0_options->get( 'singlelogout' ) ) { $return_to = apply_filters( 'auth0_slo_return_to', home_url() ); $redirect_url = $this->auth0_logout_url( $return_to ); $redirect_url = apply_filters( 'auth0_logout_url', $redirect_url ); @@ -500,53 +500,6 @@ public function logout() { } } - /** - * Outputs JS on wp-login.php to log a user in if an Auth0 session is found. - * Hooked to `login_message` filter. - * IMPORTANT: Internal callback use only, do not call this function directly! - * - * @deprecated - 3.10.0, moved to assets/js/lock-init.js - * - * @param string $previous_html - HTML passed into the login_message filter. - * - * @return mixed - * - * @codeCoverageIgnore - Deprecated. - */ - public function auth0_sso_footer( $previous_html ) { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - - // No need to checkSession if already logged in. - // URL parameter `skip_sso` is set to skip checkSession. - if ( is_user_logged_in() || isset( $_GET['skip_sso'] ) || ! $this->a0_options->get( 'sso' ) ) { - return $previous_html; - } - - wp_enqueue_script( 'wpa0_auth0js', apply_filters( 'auth0_sso_auth0js_url', WPA0_AUTH0_JS_CDN_URL ) ); - ob_start(); - include WPA0_PLUGIN_DIR . 'templates/auth0-sso-handler-lock10.php'; - return $previous_html . ob_get_clean(); - } - - /** - * Outputs JS on all pages to log a user out if no Auth0 session is found. - * Hooked to `wp_footer` action. - * IMPORTANT: Internal callback use only, do not call this function directly! - * - * @deprecated - 3.10.0, removed. - * - * @codeCoverageIgnore - Deprecated. - */ - public function auth0_singlelogout_footer() { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - $tpl_path = WPA0_PLUGIN_DIR . 'templates/auth0-singlelogout-handler.php'; - if ( is_user_logged_in() && $this->a0_options->get( 'singlelogout' ) && file_exists( $tpl_path ) ) { - include $tpl_path; - } - } - /** * Get and filter the scope used for access and ID tokens. * @@ -677,7 +630,7 @@ protected function die_on_login( $msg = '', $code = 0 ) { : __( 'Please see the site administrator', 'wp-auth0' ), __( 'error code', 'wp-auth0' ), $code ? sanitize_text_field( $code ) : __( 'unknown', 'wp-auth0' ), - $this->auth0_logout_url( add_query_arg( 'skip_sso', '', wp_login_url() ) ), + $this->auth0_logout_url( wp_login_url() ), __( '← Login', 'wp-auth0' ) ); diff --git a/lib/WP_Auth0_Options.php b/lib/WP_Auth0_Options.php index c587e720..cbf374ec 100755 --- a/lib/WP_Auth0_Options.php +++ b/lib/WP_Auth0_Options.php @@ -225,7 +225,8 @@ protected function defaults() { 'wle_code' => '', // Features - 'sso' => 0, + 'auto_login' => 1, + 'auto_login_method' => '', 'singlelogout' => 1, 'override_wp_avatars' => 1, @@ -253,8 +254,6 @@ protected function defaults() { 'migration_token' => null, 'migration_ips_filter' => false, 'migration_ips' => null, - 'auto_login' => 1, - 'auto_login_method' => '', 'auth0_implicit_workflow' => false, 'valid_proxy_ip' => null, 'auth0_server_domain' => 'auth0.auth0.com', diff --git a/lib/admin/WP_Auth0_Admin_Features.php b/lib/admin/WP_Auth0_Admin_Features.php index 48f2c28b..b15c9031 100644 --- a/lib/admin/WP_Auth0_Admin_Features.php +++ b/lib/admin/WP_Auth0_Admin_Features.php @@ -16,7 +16,7 @@ class WP_Auth0_Admin_Features extends WP_Auth0_Admin_Generic { /** * WP_Auth0_Admin_Features constructor. * - * @param WP_Auth0_Options $options + * @param WP_Auth0_Options $options - Instance of the WP_Auth0_Options class. */ public function __construct( WP_Auth0_Options $options ) { parent::__construct( $options ); @@ -50,127 +50,16 @@ public function init() { 'function' => 'render_singlelogout', ], [ - 'name' => __( 'Single Sign On (SSO)', 'wp-auth0' ), - 'opt' => 'sso', - 'id' => 'wpa0_sso', - 'function' => 'render_sso', + 'name' => __( 'Override WordPress Avatars', 'wp-auth0' ), + 'opt' => 'override_wp_avatars', + 'id' => 'wpa0_override_wp_avatars', + 'function' => 'render_override_wp_avatars', ], - [ - 'name' => __( 'Multifactor Authentication (MFA)', 'wp-auth0' ), - 'opt' => 'mfa', - 'id' => 'wpa0_mfa', - 'function' => 'render_mfa', - ], - ]; - - // TODO: Remove this once feature has been removed - if ( $this->options->get( 'fullcontact' ) ) { - $options[] = [ - 'name' => __( 'FullContact Integration', 'wp-auth0' ), - 'opt' => 'fullcontact', - 'id' => 'wpa0_fullcontact', - 'function' => 'render_fullcontact', - ]; - } - - // TODO: Remove this once feature has been removed - if ( $this->options->get( 'geo_rule' ) ) { - $options[] = [ - 'name' => __( 'Store Geolocation', 'wp-auth0' ), - 'opt' => 'geo_rule', - 'id' => 'wpa0_geo', - 'function' => 'render_geo', - ]; - } - - // TODO: Remove this once feature has been removed - if ( $this->options->get( 'income_rule' ) ) { - $options[] = [ - 'name' => __( 'Store Zipcode Income', 'wp-auth0' ), - 'opt' => 'income_rule', - 'id' => 'wpa0_income', - 'function' => 'render_income', - ]; - } - - $options[] = [ - 'name' => __( 'Override WordPress Avatars', 'wp-auth0' ), - 'opt' => 'override_wp_avatars', - 'id' => 'wpa0_override_wp_avatars', - 'function' => 'render_override_wp_avatars', ]; $this->init_option_section( '', 'features', $options ); } - /** - * Render form field and description for the `password_policy` option. - * IMPORTANT: Internal callback use only, do not call this function directly! - * - * @deprecated - 3.10.0, no longer used. - * - * @param array $args - callback args passed in from add_settings_field(). - * - * @see WP_Auth0_Admin_Generic::init_option_section() - * @see add_settings_field() - * - * @codeCoverageIgnore - Deprecated. - */ - public function render_password_policy( $args = [] ) { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - $this->render_radio_buttons( - [ - [ - 'label' => 'None', - 'value' => '', - ], - 'low', - 'fair', - 'good', - 'excellent', - ], - $args['label_for'], - $args['opt_name'], - $this->options->get( $args['opt_name'], 'fair' ) - ); - $this->render_field_description( - __( 'Password security policy for the database connection used by this application. ', 'wp-auth0' ) . - __( 'Changing the policy here will change it for all other applications using this database. ', 'wp-auth0' ) . - __( 'For information on policy levels, see our ', 'wp-auth0' ) . - $this->get_docs_link( - 'connections/database/password-strength', - __( 'help page on password strength', 'wp-auth0' ) - ) - ); - } - - /** - * Render form field and description for the `sso` option. - * If SSO is off, the SLO setting will be hidden and turned off as well. - * IMPORTANT: Internal callback use only, do not call this function directly! - * - * @deprecated - 3.10.0, use ULP for SSO, setting removed in next major. - * - * @param array $args - callback args passed in from add_settings_field(). - * - * @see WP_Auth0_Admin_Generic::init_option_section() - * @see add_settings_field() - */ - public function render_sso( $args = [] ) { - $this->render_switch( $args['label_for'], $args['opt_name'] ); - $this->render_field_description( - __( 'This setting is deprecated and will be removed in the next major release. ', 'wp-auth0' ) . - __( 'To enable SSO, please use the Universal Login Page setting above', 'wp-auth0' ) - ); - $this->render_field_description( - __( 'Turning this on will attempt SSO on wp-login.php. ', 'wp-auth0' ) . - __( 'This setting will not affect how shortcodes and widgets work. ', 'wp-auth0' ) . - __( 'For more information, see our ', 'wp-auth0' ) . - $this->get_docs_link( 'sso/current/introduction', __( 'help page on SSO', 'wp-auth0' ) ) - ); - } - /** * Render form field and description for the `singlelogout` option. * IMPORTANT: Internal callback use only, do not call this function directly! @@ -187,30 +76,6 @@ public function render_singlelogout( $args = [] ) { ); } - /** - * Render form field and description for the `passwordless_enabled` option. - * IMPORTANT: Internal callback use only, do not call this function directly! - * - * @deprecated - 3.10.0, moved to Appearance section. - * - * @param array $args - callback args passed in from add_settings_field(). - * - * @see WP_Auth0_Admin_Generic::init_option_section() - * @see add_settings_field() - * - * @codeCoverageIgnore - Deprecated. - */ - public function render_passwordless_enabled( $args = [] ) { - $this->render_switch( $args['label_for'], $args['opt_name'] ); - $this->render_field_description( - __( 'Turn on Passwordless login (email or SMS) in the Auth0 form. ', 'wp-auth0' ) . - __( 'Passwordless connections are managed in the ', 'wp-auth0' ) . - $this->get_dashboard_link( 'connections/passwordless' ) . - __( ' and at least one must be active and enabled on this Application for this to work. ', 'wp-auth0' ) . - __( 'Username/password login is not enabled when Passwordless is on', 'wp-auth0' ) - ); - } - /** * Render form field and description for the `auto_login` option. * IMPORTANT: Internal callback use only, do not call this function directly! @@ -252,115 +117,6 @@ public function render_auto_login_method( $args = [] ) { ); } - /** - * Render form field and description for the `mfa` option. - * IMPORTANT: Internal callback use only, do not call this function directly! - * - * @param array $args - callback args passed in from add_settings_field(). - * - * @see WP_Auth0_Admin_Generic::init_option_section() - * @see add_settings_field() - */ - public function render_mfa( $args = [] ) { - $this->render_field_description( - __( 'MFA is a method to verify identity by checking a second factor in addition to the password. ', 'wp-auth0' ) . - __( 'This provides an additional layer of security, decreasing the likelihood of unauthorized access. ', 'wp-auth0' ) . - __( 'To configure MFA for this site, please see this ', 'wp-auth0' ) . - $this->get_docs_link( 'multifactor-authentication', __( 'help page on MFA', 'wp-auth0' ) ) - ); - - // TODO: Remove this check once feature has been removed - if ( $this->options->get( 'mfa' ) ) { - $this->render_field_description( - __( 'This feature may currently be active. ', 'wp-auth0' ) . - __( 'Manage it with the "Multifactor-Guardian-Do-Not-Rename" Rule in the ', 'wp-auth0' ) . - $this->get_dashboard_link( 'rules' ) - ); - } - } - - /** - * Render form field and description for the `fullcontact` option. - * IMPORTANT: Internal callback use only, do not call this function directly! - * - * @deprecated - 3.10.0, Rules must be managed in the Auth0 dashboard. - * - * @param array $args - callback args passed in from add_settings_field(). - * - * @see WP_Auth0_Admin_Generic::init_option_section() - * @see add_settings_field() - * - * @codeCoverageIgnore - Deprecated. - */ - public function render_fullcontact( $args = [] ) { - $this->render_field_description( - __( 'This feature may currently be active. ', 'wp-auth0' ) . - __( 'Manage it with the "Enrich-profile-with-FullContact-Do-Not-Rename" Rule in the ', 'wp-auth0' ) . - $this->get_dashboard_link( 'rules' ) - ); - } - - /** - * Render form field and description for the `fullcontact_apikey` option. - * IMPORTANT: Internal callback use only, do not call this function directly! - * - * @deprecated - 3.10.0, Rules must be managed in the Auth0 dashboard. - * - * @param array $args - callback args passed in from add_settings_field(). - * - * @see WP_Auth0_Admin_Generic::init_option_section() - * @see add_settings_field() - * - * @codeCoverageIgnore - Deprecated. - */ - public function render_fullcontact_apikey( $args = [] ) { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - $this->render_text_field( $args['label_for'], $args['opt_name'] ); - } - - /** - * Render form field and description for the `geo_rule` option. - * IMPORTANT: Internal callback use only, do not call this function directly! - * - * @deprecated - 3.10.0, Rules must be managed in the Auth0 dashboard. - * - * @param array $args - callback args passed in from add_settings_field(). - * - * @see WP_Auth0_Admin_Generic::init_option_section() - * @see add_settings_field() - * - * @codeCoverageIgnore - Deprecated. - */ - public function render_geo( $args = [] ) { - $this->render_field_description( - __( 'This feature may currently be active. ', 'wp-auth0' ) . - __( 'Manage it with the "Store-Geo-Location-Do-Not-Rename" Rule in the ', 'wp-auth0' ) . - $this->get_dashboard_link( 'rules' ) - ); - } - - /** - * Render form field and description for the `income_rule` option. - * IMPORTANT: Internal callback use only, do not call this function directly! - * - * @deprecated - 3.10.0, Rules must be managed in the Auth0 dashboard. - * - * @param array $args - callback args passed in from add_settings_field(). - * - * @see WP_Auth0_Admin_Generic::init_option_section() - * @see add_settings_field() - * - * @codeCoverageIgnore - Deprecated. - */ - public function render_income( $args = [] ) { - $this->render_field_description( - __( 'This feature may currently be active. ', 'wp-auth0' ) . - __( 'Manage it with the "Enrich-profile-with-Zipcode-Income-Do-Not-Rename" Rule in the ', 'wp-auth0' ) . - $this->get_dashboard_link( 'rules' ) - ); - } - /** * Render form field and description for the `override_wp_avatars` option. * IMPORTANT: Internal callback use only, do not call this function directly! @@ -377,190 +133,21 @@ public function render_override_wp_avatars( $args = [] ) { ); } - public function basic_validation( $old_options, $input ) { - $input['sso'] = empty( $input['sso'] ) ? 0 : 1; - $input['singlelogout'] = empty( $input['singlelogout'] ) ? 0 : 1; - - $input['auto_login'] = empty( $input['auto_login'] ) ? 0 : 1; - $input['override_wp_avatars'] = empty( $input['override_wp_avatars'] ) ? 0 : 1; - - return $input; - } - /** - * Update the Auth0 Application if SSO is turned on and disable SLO if it is turned off. - * - * @deprecated - 3.10.0, no longer used. + * Validation for Basic settings tab. * - * @param array $old_options - option values before saving. - * @param array $input - new option values being saved. + * @param array $old_options - Options before saving the settings form. + * @param array $input - New options being saved. * * @return array - * - * @codeCoverageIgnore - Deprecated. */ + public function basic_validation( $old_options, $input ) { + $input['auto_login'] = empty( $input['auto_login'] ) ? 0 : 1; + $input['auto_login_method'] = isset( $input['auto_login_method'] ) + ? sanitize_text_field( $input['auto_login_method'] ) : ''; + $input['singlelogout'] = empty( $input['singlelogout'] ) ? 0 : 1; + $input['override_wp_avatars'] = empty( $input['override_wp_avatars'] ) ? 0 : 1; - public function sso_validation( $old_options, $input ) { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - $input['sso'] = ( isset( $input['sso'] ) ? $input['sso'] : 0 ); - $is_sso = ! empty( $input['sso'] ); - - // SLO does not function without SSO so turn off SLO if SSO is off. - if ( ! $is_sso ) { - unset( $input['singlelogout'] ); - } - - // If SSO is off or nothing was changed, exit early. - if ( ! $is_sso || $old_options['sso'] === $input['sso'] ) { - return $input; - } - - $app_update_success = false; - $app_token = WP_Auth0_Api_Client::get_client_token(); - if ( $app_token ) { - $update_result = WP_Auth0_Api_Client::update_client( - $input['domain'], - $app_token, - $input['client_id'], - true - ); - $app_update_success = (bool) $update_result; - } - if ( ! $app_update_success ) { - $this->add_validation_error( - __( 'The SSO setting for your Application could not be updated automatically. ', 'wp-auth0' ) . - __( 'Check that "Use Auth0 instead of the IdP to do Single Sign On" is turned on in the ', 'wp-auth0' ) . - $this->get_dashboard_link( 'applications/' . $input['client_id'] . '/settings' ) - ); - } - - return $input; - } - - /** - * Update the password policy for the database connection used with this application - * - * @deprecated - 3.10.0, setting removed. - * - * @param array $old_options - previous option values - * @param array $input - new option values - * - * @return array - */ - public function security_validation( $old_options, $input ) { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - $input['password_policy'] = ! empty( $input['password_policy'] ) ? $input['password_policy'] : null; - - if ( $old_options['password_policy'] !== $input['password_policy'] ) { - $domain = $input['domain']; - $app_token = $input['auth0_app_token']; - $connections = WP_Auth0_Api_Client::search_connection( $domain, $app_token, 'auth0' ); - - if ( empty( $connections ) ) { - $this->add_validation_error( - __( 'No database connections found for this application. ', 'wp-auth0' ) . - $this->get_dashboard_link( 'connections/database', __( 'See all database connections', 'wp-auth0' ) ) - ); - $input['password_policy'] = $old_options['password_policy']; - return $input; - } - - foreach ( $connections as $connection ) { - if ( in_array( $input['client_id'], $connection->enabled_clients ) ) { - $u_connection = clone $connection; - $u_connection->options->passwordPolicy = $input['password_policy']; - - $update_resp = WP_Auth0_Api_Client::update_connection( $domain, $app_token, $u_connection->id, $u_connection ); - - if ( false === $update_resp ) { - $this->add_validation_error( - __( 'There was a problem updating the password policy. ', 'wp-auth0' ) . - __( 'Please manually review and update the policy. ', 'wp-auth0' ) . - $this->get_dashboard_link( 'connections/database', __( 'See all database connections', 'wp-auth0' ) ) - ); - $input['password_policy'] = $old_options['password_policy']; - } - } - } - } return $input; } - - /** - * @deprecated - 3.10.0, setting removed. - * - * @@codeCoverageIgnore - Deprecated. - */ - public function fullcontact_validation( $old_options, $input ) { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - $fullcontact_script = WP_Auth0_RulesLib::$fullcontact['script']; - $fullcontact_script = str_replace( 'REPLACE_WITH_YOUR_CLIENT_ID', $input['client_id'], $fullcontact_script ); - $fullcontact_script = str_replace( 'REPLACE_WITH_YOUR_FULLCONTACT_API_KEY', $input['fullcontact_apikey'], $fullcontact_script ); - return $this->rule_validation( $old_options, $input, 'fullcontact', WP_Auth0_RulesLib::$fullcontact['name'] . '-' . get_auth0_curatedBlogName(), $fullcontact_script ); - } - - /** - * @deprecated - 3.10.0, setting removed. - * - * @codeCoverageIgnore - Deprecated. - */ - public function mfa_validation( $old_options, $input ) { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - - if ( ! isset( $input['mfa'] ) ) { - $input['mfa'] = null; - } - if ( ! isset( $old_options['mfa'] ) ) { - $old_options['mfa'] = null; - } - - if ( $old_options['mfa'] != $input['mfa'] && $input['mfa'] !== null ) { - WP_Auth0_Api_Client::update_guardian( $input['domain'], $input['auth0_app_token'], 'push-notification', true ); - } - - $mfa_script = WP_Auth0_RulesLib::$guardian_MFA['script']; - $mfa_script = str_replace( 'REPLACE_WITH_YOUR_CLIENT_ID', $input['client_id'], $mfa_script ); - return $this->rule_validation( $old_options, $input, 'mfa', WP_Auth0_RulesLib::$guardian_MFA['name'] . '-' . get_auth0_curatedBlogName(), $mfa_script ); - } - - /** - * @deprecated - 3.10.0, setting removed. - * - * @codeCoverageIgnore - Deprecated. - */ - public function georule_validation( $old_options, $input ) { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - $geo_script = WP_Auth0_RulesLib::$geo['script']; - $geo_script = str_replace( 'REPLACE_WITH_YOUR_CLIENT_ID', $input['client_id'], $geo_script ); - return $this->rule_validation( $old_options, $input, 'geo_rule', WP_Auth0_RulesLib::$geo['name'] . '-' . get_auth0_curatedBlogName(), $geo_script ); - } - - /** - * @deprecated - 3.10.0, setting removed. - * - * @codeCoverageIgnore - Deprecated. - */ - public function incomerule_validation( $old_options, $input ) { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - $income_script = WP_Auth0_RulesLib::$income['script']; - $income_script = str_replace( 'REPLACE_WITH_YOUR_CLIENT_ID', $input['client_id'], $income_script ); - return $this->rule_validation( $old_options, $input, 'income_rule', WP_Auth0_RulesLib::$income['name'] . '-' . get_auth0_curatedBlogName(), $income_script ); - } - - /** - * @deprecated - 3.6.0, handled by WP_Auth0_Admin_Generic::render_description() - * - * @codeCoverageIgnore - Deprecated. - */ - public function render_features_description() { - // phpcs:ignore - @trigger_error( sprintf( __( 'Method %s is deprecated.', 'wp-auth0' ), __METHOD__ ), E_USER_DEPRECATED ); - printf( '

%s

', $this->_description ); - } } diff --git a/templates/login-form.php b/templates/login-form.php index 6d753d42..9c71fbd7 100755 --- a/templates/login-form.php +++ b/templates/login-form.php @@ -7,14 +7,6 @@ function renderAuth0Form( $canShowLegacyLogin = true, $specialSettings = [] ) { $options = WP_Auth0_Options::Instance(); if ( ! $canShowLegacyLogin || ! wp_auth0_can_show_wp_login_form() ) { $lock_options = new WP_Auth0_Lock10_Options( $specialSettings ); - $use_sso = ! isset( $_GET['skip_sso'] ) && $options->get( 'sso', false ); - - // If we're on wp-login.php and SSO is enabled, load Auth0.js. - $check_sso = $GLOBALS['pagenow'] === 'wp-login.php' && $use_sso; - if ( $check_sso ) { - $auth0_js_url = apply_filters( 'auth0_sso_auth0js_url', WPA0_AUTH0_JS_CDN_URL ); - wp_enqueue_script( 'wpa0_auth0js', $auth0_js_url, false, null, true ); - } wp_enqueue_script( 'wpa0_lock', $options->get_lock_url(), [ 'jquery' ], false, true ); wp_enqueue_script( 'js-cookie', WPA0_PLUGIN_LIB_URL . 'js.cookie.min.js', false, '2.2.0', true ); @@ -32,7 +24,6 @@ function renderAuth0Form( $canShowLegacyLogin = true, $specialSettings = [] ) { 'usePasswordless' => $options->get( 'passwordless_enabled', false ), 'loginFormId' => WPA0_AUTH0_LOGIN_FORM_ID, 'showAsModal' => ! empty( $specialSettings['show_as_modal'] ), - 'ssoOpts' => $check_sso ? $lock_options->get_sso_options() : null, 'i18n' => [ 'notReadyText' => __( 'Auth0 is not configured', 'wp-auth0' ), 'cannotFindNodeText' => __( 'Auth0 cannot find node with id ', 'wp-auth0' ), diff --git a/tests/testLockOptions.php b/tests/testLockOptions.php index 8d0d292e..ee684e5a 100644 --- a/tests/testLockOptions.php +++ b/tests/testLockOptions.php @@ -53,21 +53,6 @@ public function testThatAuthCallbacksAreCorrect() { $this->assertEquals( 'https://example.org/index.php?auth0=1', $lock_options->get_code_callback_url() ); } - /** - * Test that the SSO options are built properly. - */ - public function testThatDefaultSsoOptionsAreCorrect() { - $lock_options = new WP_Auth0_Lock10_Options( [], self::$opts ); - - $sso_opts = $lock_options->get_sso_options(); - $this->assertEquals( 'openid email profile', $sso_opts['scope'] ); - $this->assertEquals( 'id_token', $sso_opts['responseType'] ); - $this->assertEquals( 'http://example.org/index.php?auth0=implicit', $sso_opts['redirectUri'] ); - $this->assertEquals( WP_Auth0_Nonce_Handler::get_instance()->get_unique(), $sso_opts['nonce'] ); - $this->assertEquals( $lock_options->get_state_obj(), $sso_opts['state'] ); - $this->assertArrayNotHasKey( 'authParams', $sso_opts ); - } - /** * Test that the social_big_buttons option is not used. */ diff --git a/tests/testLoginManagerLogout.php b/tests/testLoginManagerLogout.php index 5de94610..72b5053a 100644 --- a/tests/testLoginManagerLogout.php +++ b/tests/testLoginManagerLogout.php @@ -41,12 +41,11 @@ public function testThatNothingHappensIfNotReady() { } /** - * Test that logout does not redirect to Auth0 if SSO or SLO is not on. + * Test that logout does not redirect to Auth0 if SLO is not on. */ - public function testThatNothingHappensIfNotSsoSlo() { + public function testThatNothingHappensIfNotSlo() { $this->startRedirectHalting(); self::auth0Ready( true ); - self::$opts->set( 'sso', 0 ); self::$opts->set( 'singlelogout', 0 ); self::$opts->set( 'auto_login', 0 ); @@ -54,14 +53,13 @@ public function testThatNothingHappensIfNotSsoSlo() { } /** - * Test that a redirect to the Auth0 logout URL happens if SSO or SLO is turned on. + * Test that a redirect to the Auth0 logout URL happens if SLO is turned on. */ - public function testThatRedirectHappensIfSsoSlo() { + public function testThatRedirectHappensIfSlo() { $this->startRedirectHalting(); self::$opts->set( 'domain', 'test.auth0.com' ); self::$opts->set( 'client_id', '__test_client_id__' ); self::$opts->set( 'client_secret', '__test_client_secret__' ); - self::$opts->set( 'sso', 0 ); self::$opts->set( 'singlelogout', 1 ); $redirect_data_slo = []; @@ -81,20 +79,6 @@ public function testThatRedirectHappensIfSsoSlo() { $this->assertEquals( '/v2/logout', $logout_url_slo['path'] ); $this->assertContains( 'client_id=__test_client_id__', $logout_url_slo['query'] ); $this->assertContains( 'returnTo=' . rawurlencode( home_url() ), $logout_url_slo['query'] ); - - // Test that SSO has the same behavior. - self::$opts->set( 'sso', 1 ); - self::$opts->set( 'singlelogout', 0 ); - - $redirect_data_sso = []; - try { - $this->login->logout(); - } catch ( Exception $e ) { - $redirect_data_sso = unserialize( $e->getMessage() ); - } - - $this->assertEquals( 302, $redirect_data_sso['status'] ); - $this->assertEquals( $redirect_data_slo['location'], $redirect_data_sso['location'] ); } /** @@ -105,7 +89,6 @@ public function testThatRedirectHappensIfUlp() { self::$opts->set( 'domain', 'test.auth0.com' ); self::$opts->set( 'client_id', '__test_client_id__' ); self::$opts->set( 'client_secret', '__test_client_secret__' ); - self::$opts->set( 'sso', 0 ); self::$opts->set( 'singlelogout', 0 ); self::$opts->set( 'auto_login', 1 ); diff --git a/tests/testOptionLockCdn.php b/tests/testOptionLockCdn.php index fc587235..76f07b9e 100644 --- a/tests/testOptionLockCdn.php +++ b/tests/testOptionLockCdn.php @@ -36,8 +36,6 @@ public static function setUpBeforeClass() { public function testThatCdnConstantsAreValidValues() { $this->assertEquals( WPA0_LOCK_CDN_URL, filter_var( WPA0_LOCK_CDN_URL, FILTER_VALIDATE_URL ) ); $this->assertEquals( 'https://', substr( WPA0_LOCK_CDN_URL, 0, 8 ) ); - $this->assertEquals( WPA0_AUTH0_JS_CDN_URL, filter_var( WPA0_AUTH0_JS_CDN_URL, FILTER_VALIDATE_URL ) ); - $this->assertEquals( 'https://', substr( WPA0_AUTH0_JS_CDN_URL, 0, 8 ) ); } /** diff --git a/tests/testOptionPasswordPolicy.php b/tests/testOptionPasswordPolicy.php deleted file mode 100644 index d369c3ac..00000000 --- a/tests/testOptionPasswordPolicy.php +++ /dev/null @@ -1,176 +0,0 @@ - 'fair' ]; - $new_input = [ 'password_policy' => 'fair' ]; - $result = $admin_features->security_validation( $old_input, $new_input ); - - $this->assertEquals( $old_input, $result ); - - global $wp_settings_errors; - $this->assertEmpty( $wp_settings_errors ); - } - - /** - * Test the connection search request structure. - */ - public function testThatConnectionsAreSearchedDuringValidation() { - $this->startHttpHalting(); - - $test_domain = 'test-wp.auth0.com'; - $test_token = implode( '.', [ uniqid(), uniqid(), uniqid() ] ); - $admin_features = new WP_Auth0_Admin_Features( self::$opts ); - - $old_input = [ 'password_policy' => 'fair' ]; - $new_input = [ - 'password_policy' => 'good', - 'domain' => $test_domain, - 'auth0_app_token' => $test_token, // TO BE DEPRECATED. - ]; - - $caught_request = []; - try { - $admin_features->security_validation( $old_input, $new_input ); - } catch ( Exception $e ) { - $caught_request = unserialize( $e->getMessage() ); - } - - $this->assertEquals( 'https://test-wp.auth0.com/api/v2/connections?strategy=auth0', $caught_request['url'] ); - $this->assertEquals( 'Bearer ' . $test_token, $caught_request['headers']['Authorization'] ); - $this->assertEmpty( $caught_request['body'] ); - } - - /** - * Test that we get a UI error if there are no connections to set. - */ - public function testThatAnErrorIsSetIfThereAreNoConnections() { - $this->startHttpMocking(); - - $admin_features = new WP_Auth0_Admin_Features( self::$opts ); - - $old_input = [ 'password_policy' => 'fair' ]; - $new_input = [ - 'password_policy' => 'good', - 'domain' => 'test-wp.auth0.com', - 'auth0_app_token' => implode( '.', [ uniqid(), uniqid(), uniqid() ] ), // TO BE DEPRECATED. - ]; - - $this->http_request_type = 'success_empty_body'; - - $result = $admin_features->security_validation( $old_input, $new_input ); - - global $wp_settings_errors; - - $this->assertContains( 'No database connections found', $wp_settings_errors[0]['message'] ); - $this->assertContains( 'https://manage.auth0.com/#/connections/database', $wp_settings_errors[0]['message'] ); - $this->assertEquals( 'wp_auth0_settings', $wp_settings_errors[0]['code'] ); - $this->assertEquals( 'wp_auth0_settings', $wp_settings_errors[0]['setting'] ); - $this->assertEquals( $old_input['password_policy'], $result['password_policy'] ); - } - - /** - * Test that the update connection request is set properly. - */ - public function testThatAnUpdateRequestIsSent() { - $this->startHttpMocking(); - - $admin_features = new WP_Auth0_Admin_Features( self::$opts ); - - $old_input = [ 'password_policy' => 'fair' ]; - $new_input = [ - 'password_policy' => 'good', - 'domain' => 'test-wp.auth0.com', - 'auth0_app_token' => implode( '.', [ uniqid(), uniqid(), uniqid() ] ), // TO BE DEPRECATED. - 'client_id' => 'TEST_CLIENT_ID', - ]; - - $this->http_request_type = [ 'success_get_connections', 'halt' ]; - - $caught_request = [ 'Nothing caught' ]; - try { - $admin_features->security_validation( $old_input, $new_input ); - } catch ( Exception $e ) { - $caught_request = unserialize( $e->getMessage() ); - } - - $this->assertEquals( 'https://test-wp.auth0.com/api/v2/connections/TEST_CONN_ID', $caught_request['url'] ); - $this->assertEquals( 'Bearer ' . $new_input['auth0_app_token'], $caught_request['headers']['Authorization'] ); // TO BE DEPRECATED. - $this->assertContains( $new_input['client_id'], $caught_request['body']['enabled_clients'] ); - $this->assertEquals( $new_input['password_policy'], $caught_request['body']['options']['passwordPolicy'] ); - } - - /** - * Test that we get a UI error if the connection cannot be updated properly. - */ - public function testThatAnErrorIsSetIfConnectionUpdateFails() { - $this->startHttpMocking(); - - $admin_features = new WP_Auth0_Admin_Features( self::$opts ); - - $old_input = [ 'password_policy' => 'fair' ]; - $new_input = [ - 'password_policy' => 'good', - 'domain' => 'test-wp.auth0.com', - 'auth0_app_token' => implode( '.', [ uniqid(), uniqid(), uniqid() ] ), // TO BE DEPRECATED. - 'client_id' => 'TEST_CLIENT_ID', - ]; - - $this->http_request_type = [ 'success_get_connections', 'wp_error' ]; - - $result = $admin_features->security_validation( $old_input, $new_input ); - - global $wp_settings_errors; - - $this->assertContains( 'There was a problem updating the password policy.', $wp_settings_errors[0]['message'] ); - $this->assertContains( 'https://manage.auth0.com/#/connections/database', $wp_settings_errors[0]['message'] ); - $this->assertEquals( 'wp_auth0_settings', $wp_settings_errors[0]['code'] ); - $this->assertEquals( 'wp_auth0_settings', $wp_settings_errors[0]['setting'] ); - $this->assertEquals( $old_input['password_policy'], $result['password_policy'] ); - } - - /** - * Test that an end-to-end update is successful. - */ - public function testThatPasswordPolicyUpdatesWithoutErrors() { - $this->startHttpMocking(); - - $admin_features = new WP_Auth0_Admin_Features( self::$opts ); - - $old_input = [ 'password_policy' => 'fair' ]; - $new_input = [ - 'password_policy' => 'good', - 'domain' => 'test-wp.auth0.com', - 'auth0_app_token' => implode( '.', [ uniqid(), uniqid(), uniqid() ] ), // TO BE DEPRECATED. - 'client_id' => 'TEST_CLIENT_ID', - ]; - - $this->http_request_type = [ 'success_get_connections', 'success_update_connection' ]; - - $result = $admin_features->security_validation( $old_input, $new_input ); - $this->assertEquals( $new_input['password_policy'], $result['password_policy'] ); - - global $wp_settings_errors; - $this->assertEmpty( $wp_settings_errors ); - } -} diff --git a/tests/testOptionSlo.php b/tests/testOptionSlo.php new file mode 100644 index 00000000..c58845b0 --- /dev/null +++ b/tests/testOptionSlo.php @@ -0,0 +1,89 @@ + SLO functions properly. + */ +class TestOptionSlo extends WP_Auth0_Test_Case { + + use DomDocumentHelpers; + + /** + * WP_Auth0_Admin_Features instance. + * + * @var WP_Auth0_Admin_Features + */ + public static $admin; + + /** + * Run before the test suite starts. + */ + public static function setUpBeforeClass() { + parent::setUpBeforeClass(); + self::$admin = new WP_Auth0_Admin_Features( self::$opts ); + } + + /** + * Test the input HTML for the custom domain setting. + */ + public function testSloFieldOutput() { + $field_args = [ + 'label_for' => 'wpa0_singlelogout', + 'opt_name' => 'singlelogout', + ]; + + // Get the field HTML. + ob_start(); + self::$admin->render_singlelogout( $field_args ); + $field_html = ob_get_clean(); + + // Check field HTML for required attributes. + $input = $this->getDomListFromTagName( $field_html, 'input' ); + + // Should only have one input field. + $this->assertEquals( 1, $input->length ); + + // Input should have the correct id attribute. + $this->assertEquals( $field_args['label_for'], $input->item( 0 )->getAttribute( 'id' ) ); + + // Input should have the correct name attribute. + $this->assertEquals( + self::OPTIONS_NAME . '[' . $field_args['opt_name'] . ']', + $input->item( 0 )->getAttribute( 'name' ) + ); + + // Input should be a checkbox. + $this->assertEquals( 'checkbox', $input->item( 0 )->getAttribute( 'type' ) ); + + // Check that saving a custom domain appears in the field value. + self::$opts->set( $field_args['opt_name'], 1 ); + $this->assertEquals( 1, self::$opts->get( $field_args['opt_name'] ) ); + + } + + /** + * Test that SSO is validated properly on save. + * SSO must be on for SLO to validate to anything except false. + * See testThatSloIsTurnedOffIfSsoIsOff for tests regarding that behavior. + */ + public function testThatSloIsValidatedOnSave() { + $validated = self::$admin->basic_validation( [], [ 'singlelogout' => false ] ); + $this->assertEquals( 0, $validated['singlelogout'] ); + + $validated = self::$admin->basic_validation( [], [ 'singlelogout' => 0 ] ); + $this->assertEquals( 0, $validated['singlelogout'] ); + + $validated = self::$admin->basic_validation( [], [ 'singlelogout' => 1 ] ); + $this->assertEquals( 1, $validated['singlelogout'] ); + + $validated = self::$admin->basic_validation( [], [ 'singlelogout' => uniqid() ] ); + $this->assertEquals( 1, $validated['singlelogout'] ); + } +} diff --git a/tests/testOptionSsoSlo.php b/tests/testOptionSsoSlo.php deleted file mode 100644 index 910948bb..00000000 --- a/tests/testOptionSsoSlo.php +++ /dev/null @@ -1,161 +0,0 @@ - SSO and SLO function properly. - */ -class TestOptionSsoSlo extends WP_Auth0_Test_Case { - - use DomDocumentHelpers; - - /** - * WP_Auth0_Admin_Features instance. - * - * @var WP_Auth0_Admin_Features - */ - public static $admin; - - /** - * Run before the test suite starts. - */ - public static function setUpBeforeClass() { - parent::setUpBeforeClass(); - self::$admin = new WP_Auth0_Admin_Features( self::$opts ); - } - - /** - * Test the input HTML for the custom domain setting. - */ - public function testSsoFieldOutput() { - $field_args = [ - 'label_for' => 'wpa0_sso', - 'opt_name' => 'sso', - ]; - - // Get the field HTML. - ob_start(); - self::$admin->render_sso( $field_args ); - $field_html = ob_get_clean(); - - // Check field HTML for required attributes. - $input = $this->getDomListFromTagName( $field_html, 'input' ); - - // Should only have one input field. - $this->assertEquals( 1, $input->length ); - - // Input should have the correct id attribute. - $this->assertEquals( $field_args['label_for'], $input->item( 0 )->getAttribute( 'id' ) ); - - // Input should have the correct name attribute. - $this->assertEquals( - self::OPTIONS_NAME . '[' . $field_args['opt_name'] . ']', - $input->item( 0 )->getAttribute( 'name' ) - ); - - // Input should be a checkbox. - $this->assertEquals( 'checkbox', $input->item( 0 )->getAttribute( 'type' ) ); - - // Check that saving a custom domain appears in the field value. - self::$opts->set( $field_args['opt_name'], 1 ); - $this->assertEquals( 1, self::$opts->get( $field_args['opt_name'] ) ); - - // Get the field HTML. - ob_start(); - self::$admin->render_sso( $field_args ); - $field_html = ob_get_clean(); - - $input = $this->getDomListFromTagName( $field_html, 'input' ); - $this->assertEquals( 1, $input->item( 0 )->getAttribute( 'value' ) ); - } - - /** - * Test the input HTML for the custom domain setting. - */ - public function testSloFieldOutput() { - $field_args = [ - 'label_for' => 'wpa0_singlelogout', - 'opt_name' => 'singlelogout', - ]; - - // Get the field HTML. - ob_start(); - self::$admin->render_singlelogout( $field_args ); - $field_html = ob_get_clean(); - - // Check field HTML for required attributes. - $input = $this->getDomListFromTagName( $field_html, 'input' ); - - // Should only have one input field. - $this->assertEquals( 1, $input->length ); - - // Input should have the correct id attribute. - $this->assertEquals( $field_args['label_for'], $input->item( 0 )->getAttribute( 'id' ) ); - - // Input should have the correct name attribute. - $this->assertEquals( - self::OPTIONS_NAME . '[' . $field_args['opt_name'] . ']', - $input->item( 0 )->getAttribute( 'name' ) - ); - - // Input should be a checkbox. - $this->assertEquals( 'checkbox', $input->item( 0 )->getAttribute( 'type' ) ); - - // Check that saving a custom domain appears in the field value. - self::$opts->set( $field_args['opt_name'], 1 ); - $this->assertEquals( 1, self::$opts->get( $field_args['opt_name'] ) ); - - // Get the field HTML. - ob_start(); - self::$admin->render_sso( $field_args ); - $field_html = ob_get_clean(); - - $input = $this->getDomListFromTagName( $field_html, 'input' ); - $this->assertEquals( 1, $input->item( 0 )->getAttribute( 'value' ) ); - } - - /** - * Test that SSO is validated properly on save - */ - public function testThatSsoIsValidatedOnSave() { - $validated = self::$admin->basic_validation( [], [] ); - $this->assertEquals( 0, $validated['sso'] ); - - $validated = self::$admin->basic_validation( [], [ 'sso' => false ] ); - $this->assertEquals( 0, $validated['sso'] ); - - $validated = self::$admin->basic_validation( [], [ 'sso' => 0 ] ); - $this->assertEquals( 0, $validated['sso'] ); - - $validated = self::$admin->basic_validation( [], [ 'sso' => 1 ] ); - $this->assertEquals( 1, $validated['sso'] ); - - $validated = self::$admin->basic_validation( [], [ 'sso' => uniqid() ] ); - $this->assertEquals( 1, $validated['sso'] ); - } - - /** - * Test that SSO is validated properly on save. - * SSO must be on for SLO to validate to anything except false. - * See testThatSloIsTurnedOffIfSsoIsOff for tests regarding that behavior. - */ - public function testThatSloIsValidatedOnSave() { - $validated = self::$admin->basic_validation( [], [ 'singlelogout' => false ] ); - $this->assertEquals( 0, $validated['singlelogout'] ); - - $validated = self::$admin->basic_validation( [], [ 'singlelogout' => 0 ] ); - $this->assertEquals( 0, $validated['singlelogout'] ); - - $validated = self::$admin->basic_validation( [], [ 'singlelogout' => 1 ] ); - $this->assertEquals( 1, $validated['singlelogout'] ); - - $validated = self::$admin->basic_validation( [], [ 'singlelogout' => uniqid() ] ); - $this->assertEquals( 1, $validated['singlelogout'] ); - } -} diff --git a/tests/testWPAuth0Options.php b/tests/testWPAuth0Options.php index 3f8a8f01..6d71ad8d 100644 --- a/tests/testWPAuth0Options.php +++ b/tests/testWPAuth0Options.php @@ -20,7 +20,7 @@ class TestWPAuth0Options extends WP_Auth0_Test_Case { /** * Total number of options. */ - const DEFAULT_OPTIONS_COUNT = 41; + const DEFAULT_OPTIONS_COUNT = 40; /** * Test the basic options functionality.