Update Advanced settings validation and defaults #773
Conversation
| @@ -258,4 +258,12 @@ protected function get_docs_link( $path, $text = '' ) { | |||
| $text = empty( $text ) ? __( 'here', 'wp-auth0' ) : sanitize_text_field( $text ); | |||
| return sprintf( '<a href="https://auth0.com/docs/%s" target="_blank">%s</a>', $path, $text ); | |||
| } | |||
|
|
|||
| protected function sanitize_switch_val( $val ) { | |||
There was a problem hiding this comment.
This will handle values from the UI (which save a positive as "1") as well as JSON-imported. Need to handle a few (but not all) truth-y values.
| } | ||
|
|
||
| protected function sanitize_text_val( $val ) { | ||
| return sanitize_text_field( trim( strval( $val ) ) ); |
There was a problem hiding this comment.
| @@ -131,7 +131,7 @@ public function consent_callback( $name ) { | |||
| if ( $should_create_connection ) { | |||
| $migration_token = $this->a0_options->get( 'migration_token' ); | |||
| if ( empty( $migration_token ) ) { | |||
| $migration_token = wp_auth0_url_base64_encode( openssl_random_pseudo_bytes( 64 ) ); | |||
| $migration_token = wp_auth0_generate_token(); | |||
There was a problem hiding this comment.
| @@ -73,22 +73,23 @@ public function testRequiredEmailFieldOutput() { | |||
| * Test that the required email field is properly validated. | |||
| */ | |||
| public function testRequiredEmailValidation() { | |||
| $opt_name = 'requires_verified_email'; | |||
| $validated_opts = self::$admin->basic_validation( [], [ 'requires_verified_email' => '1' ] ); | |||
There was a problem hiding this comment.
Testing out multiple truth-y and false-y values, difference is intensional.
joshcanhelp
force-pushed
the
update-settings-validation
branch
from
0629688 to
938cf66
Compare
| @@ -49,7 +49,7 @@ public function testRequiredEmailRejected() { | |||
| $this->createUser( [ 'user_email' => $userinfo->email ] ); | |||
There was a problem hiding this comment.
Set the values to be the same as what the UI would save
joshcanhelp
force-pushed
the
update-settings-validation
branch
from
938cf66 to
2d81654
Compare
| @@ -64,8 +64,8 @@ public function testThatLoginRouteIsForbiddenByDefault() { | |||
| * If the incoming IP address is invalid, the route should fail with an error. | |||
There was a problem hiding this comment.
Set the values to be the same as what the UI would save
| @@ -63,8 +63,8 @@ public function testThatGetUserRouteIsForbiddenByDefault() { | |||
| * If the incoming IP address is invalid, the route should fail with an error. | |||
There was a problem hiding this comment.
Set the values to be the same as what the UI would save
| @@ -126,12 +126,12 @@ public function testThatCorrectFieldDocsShowWhenMigrationIsOn() { | |||
| public function testThatChangingMigrationToOffKeepsTokenData() { | |||
There was a problem hiding this comment.
Setting these test to use the same value that the validator would expect from the UI.
| @@ -290,10 +290,11 @@ public function render_extra_conf( $args = [] ) { | |||
| * @return array | |||
There was a problem hiding this comment.
Everything in this file is moved from somewhere else. No functional changes, validation will be addressed in a separate PR.
|
Green |
joshcanhelp
changed the title
Description
WP_Auth0_Admin_Advanced->render_auto_login()References
WP guidance on sanitization and escaping
Testing