Change and improve user profile

[joshcanhelp]

Improve the user profile to send password changes to Auth0 in all cases, stop password changes if they do not meet the security policy, move all in-line profile JS to an external file, TESTS. Uses the Management API framework merged in #537.

Specific Changes:

• Extract all JS out of WP_Auth0_EditProfile and into an external JS file assets/js/edit-user-profile.js using wp_localize_script for PHP-generated data; add WP_Auth0_EditProfile::admin_enqueue_scripts() to load that JS on the user profile and profile edit pages.
• Move WP_Auth0_EditProfile::validate_new_password() to a new method WP_Auth0_Profile_Change_Password::validate_new_password and improve to check for a failed password update and stop WordPress from updating if so; tie this to validate_password_reset so password reset attempts are sent and checked as well.
• Moved WP_Auth0_EditProfile::delete_user_data() and WP_Auth0_EditProfile::delete_mfa() to WP_Auth0_Profile_Delete_Data::delete_user_data and WP_Auth0_Profile_Delete_Mfa::delete_mfa() respectively; add nonce and capability checks to both methods for more robust error handling.
• Add WP_Auth0_Api_Change_Password to send password changes to Auth0.
• Add WP_Auth0_Api_Delete_User_Mfa to delete an MFA provider for a user on Auth0.
• Don't load Lock on the password reset screen of wp-login.php

Note to reviewers:

This is a large change but almost 60% is new tests to reach diff coverage of ~100%.

Closes #300
Closes #310
Closes #375

[cocojoe]

Will review once other merged and rebased.

[joshcanhelp]

Adding dependency injection to assist with testing.

[joshcanhelp]

Make sure we can still reset the password if stuck.

[joshcanhelp]

Moving in all inline JS from user profile.

[joshcanhelp]

Move all JS to an external file, see above.

[joshcanhelp]

Dependency injection for classes using the new API framework.

[joshcanhelp]

Moving to individual classes

[codecov-io]

Codecov Report

Merging #532 into dev will increase coverage by 2.08%.
The diff coverage is 99.18%.

@@             Coverage Diff              @@
##                dev     #532      +/-   ##
============================================
+ Coverage     12.25%   14.33%   +2.08%     
- Complexity     1666     1712      +46     
============================================
  Files            66       71       +5     
  Lines          5762     5865     +103     
============================================
+ Hits            706      841     +135     
+ Misses         5056     5024      -32

Impacted Files	Coverage Δ	Complexity Δ
lib/WP_Auth0_Api_Client.php	1.56% <ø> (ø)	121 <0> (ø)	⬇️
lib/api/WP_Auth0_Api_Client_Credentials.php	100% <ø> (ø)	8 <0> (ø)	⬇️
lib/WP_Auth0_ErrorLog.php	68.42% <ø> (+3.42%)	12 <0> (-1)	⬇️
lib/WP_Auth0_Email_Verification.php	100% <ø> (ø)	4 <0> (ø)	⬇️
lib/api/WP_Auth0_Api_Jobs_Verification.php	100% <100%> (+62.5%)	7 <3> (+1)	⬆️
lib/api/WP_Auth0_Api_Delete_User_Mfa.php	100% <100%> (ø)	8 <8> (?)
lib/profile/WP_Auth0_Profile_Delete_Data.php	100% <100%> (ø)	7 <7> (?)
lib/api/WP_Auth0_Api_Change_Password.php	100% <100%> (ø)	10 <10> (?)
lib/profile/WP_Auth0_Profile_Delete_Mfa.php	100% <100%> (ø)	11 <11> (?)
lib/WP_Auth0_EditProfile.php	4.92% <100%> (+4.92%)	57 <1> (-2)	⬇️
... and 10 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 38dab4f...9e9308e. Read the comment docs.

[cocojoe]

That was a long read, in general LGTM. As always the progression of tests within the SDK is great 👌
One small comment re docheader, but will approve.

[cocojoe]

Should we mention in docheader that the default MFA provider is google-authenticator?

[joshcanhelp]

@cocojoe - Function params default there and it's mostly an internally-used functionality.