Add custom domain support with tests; add compat test to Circle CI #505
Conversation
joshcanhelp
force-pushed
the
add-custom-domain-support
branch
2 times, most recently
from
27f8209
to
a911acb
Compare
assets/js/admin.js
Outdated
| @@ -41,7 +41,7 @@ jQuery(document).ready(function($) { | |||
| // Show/hide field for specific switches | |||
| $('[data-expand!=""]').each( function() { | |||
| var $thisSwitch = $( this ); | |||
| var $showFieldRow = $( '#' + $thisSwitch.attr( 'data-expand' ) ).closest( 'tr' ); | |||
| var $showFieldRow = $( '#' + $thisSwitch.attr( 'data-expand' ).trim() ).closest( 'tr' ); | |||
There was a problem hiding this comment.
Found an issue with whitespace formatting 😮 corrected the issue but this will prevent it from happening again.
| @@ -94,7 +94,7 @@ jQuery(document).ready(function($) { | |||
| // Set the tab showing on the form and persist the tab | |||
| $( '.js-a0-settings-tabs' ).click( function () { | |||
| window.location.hash = ''; | |||
| var tabHref = $( this ).attr( 'aria-controls' ); | |||
| var tabHref = $( this ).attr( 'aria-controls' ).trim(); | |||
There was a problem hiding this comment.
Found an issue with whitespace formatting 😮 corrected the issue but this will prevent it from happening again.
| var Lock = opts.usePasswordless | ||
| ? new Auth0LockPasswordless( opts.clientId, opts.domain, opts.settings ) | ||
| : new Auth0Lock( opts.clientId, opts.domain, opts.settings ); | ||
| var Lock = opts.usePasswordless ? |
There was a problem hiding this comment.
IDE found an issue here.
| @@ -19,6 +19,7 @@ test: | |||
| phpcs --config-set installed_paths $HOME/.composer/vendor/wp-coding-standards/wpcs,$HOME/.composer/vendor/wimg/php-compatibility | |||
| override: | |||
| - phpcs --standard=$HOME/wp-auth0/phpcs-compat-ruleset.xml $HOME/wp-auth0 -pn -d memory_limit=-1 | |||
| - phpcs --standard=$HOME/wp-auth0/phpcs-test-ruleset.xml $HOME/wp-auth0/tests -pn -d memory_limit=-1 | |||
There was a problem hiding this comment.
Add a specific code standard test config to Circle. Allows for a higher version of PHP.
| @@ -32,10 +32,12 @@ | |||
| "scripts": { | |||
| "compat": "./vendor/bin/phpcs --standard=phpcs-compat-ruleset.xml .", | |||
| "phpcs": "./vendor/bin/phpcs --standard=phpcs-ruleset.xml -s .", | |||
| "phpcs-tests": "./vendor/bin/phpcs --standard=phpcs-test-ruleset.xml -s ./tests/", | |||
There was a problem hiding this comment.
Add a specific code standard test config to Circle. Allows for a higher version of PHP.
| */ | ||
| public function __construct( $extended_settings = array() ) { | ||
| $this->wp_options = WP_Auth0_Options::Instance(); | ||
| public function __construct( $extended_settings = array(), $opts = null ) { |
There was a problem hiding this comment.
Dependency injection to help with testing. I would have just refactored or added a new class but not sure if Lock is sticking around in the plugin.
| @@ -190,6 +191,14 @@ public function get_lock_options() { | |||
| $extraOptions['auth']['redirectUrl'] = $this->get_code_callback_url(); | |||
| } | |||
|
|
|||
| if ( $this->wp_options->get( 'custom_domain' ) ) { | |||
There was a problem hiding this comment.
Add the correct CDN base URL if we're using a custom domain.
| $client_id = $this->a0_options->get( 'client_id' ); | ||
| $client_secret = $this->a0_options->get( 'client_secret' ); | ||
| $userinfo_resp_code = null; | ||
| $userinfo_resp_body = null; | ||
|
|
||
| // Exchange authorization code for an access token. | ||
| $exchange_resp = WP_Auth0_Api_Client::get_token( | ||
| $domain, $client_id, $client_secret, 'authorization_code', array( | ||
| $auth_domain, $client_id, $client_secret, 'authorization_code', array( |
There was a problem hiding this comment.
Switch to using a custom domain for the auth code exchange.
| @@ -547,7 +548,7 @@ public function logout() { | |||
| $telemetry_headers = WP_Auth0_Api_Client::get_info_headers(); | |||
| $redirect_url = sprintf( | |||
| 'https://%s/v2/logout?returnTo=%s&client_id=%s&auth0Client=%s', | |||
| $this->a0_options->get( 'domain' ), | |||
| $this->a0_options->get_auth_domain(), | |||
There was a problem hiding this comment.
Switch to a custom domain for logout
| @@ -266,7 +267,7 @@ public function redirect_login() { | |||
| // Management API call failed, fallback to userinfo. | |||
| if ( 200 !== $userinfo_resp_code || empty( $userinfo_resp_body ) ) { | |||
|
|
|||
| $userinfo_resp = WP_Auth0_Api_Client::get_user_info( $domain, $access_token ); | |||
| $userinfo_resp = WP_Auth0_Api_Client::get_user_info( $auth_domain, $access_token ); | |||
There was a problem hiding this comment.
Switch to using a custom domain for the userinfo call.
| @@ -436,7 +437,7 @@ public function login_user( $userinfo, $id_token = null, $access_token = null, $ | |||
| } | |||
|
|
|||
| wp_update_user( | |||
| array( | |||
| (object) array( | |||
There was a problem hiding this comment.
Casting to an object to avoid an IDE error (bad docblock on WordPress core)
| @@ -9,10 +9,6 @@ public function __construct( WP_Auth0_Options $a0_options ) { | |||
| } | |||
|
|
|||
| public function render( $step ) { | |||
| $client_id = $this->a0_options->get( 'client_id' ); | |||
There was a problem hiding this comment.
Deleted some, moved the rest to the template.
| @@ -20,7 +20,7 @@ | |||
|
|
|||
| var webAuth = new auth0.WebAuth({ | |||
| clientID:'<?php echo sanitize_text_field( $this->a0_options->get( 'client_id' ) ); ?>', | |||
| domain:'<?php echo sanitize_text_field( $this->a0_options->get( 'domain' ) ); ?>' | |||
| domain:'<?php echo sanitize_text_field( $this->a0_options->get_auth_domain() ); ?>' | |||
There was a problem hiding this comment.
Make sure our SLO check matches the login.
| @@ -4,42 +4,44 @@ | |||
| $domain = $lock_options->get_domain(); | |||
| ?> | |||
| <script type="text/javascript"> | |||
| document.addEventListener("DOMContentLoaded", function() { | |||
There was a problem hiding this comment.
Mostly code quality stuff but also corrected another whitespace snafu 😮
|
|
||
| // Make sure the number of options has not changed unintentionally. | ||
| $this->assertEquals( 66, count( $opts->get_options() ) ); | ||
| $this->assertEquals( 67, count( $opts->get_options() ) ); |
There was a problem hiding this comment.
Added a setting 🎉
| @@ -47,6 +49,7 @@ public function testThatFiltersOverrideValues() { | |||
| $opts = new WP_Auth0_Options(); | |||
|
|
|||
| add_filter( | |||
| // phpcs:ignore | |||
There was a problem hiding this comment.
Ignore unused var in the function
| @@ -110,7 +110,7 @@ public function login_auto() { | |||
| $connection = apply_filters( 'auth0_get_auto_login_connection', $this->a0_options->get( 'auto_login_method' ) ); | |||
| $auth_params = self::get_authorize_params( $connection ); | |||
|
|
|||
| $auth_url = 'https://' . $this->a0_options->get( 'domain' ) . '/authorize'; | |||
| $auth_url = 'https://' . $this->a0_options->get_auth_domain() . '/authorize'; | |||
There was a problem hiding this comment.
Switch to using a custom domain for auto-login /authorize link
| * | ||
| * @return string | ||
| */ | ||
| public static function get_tenant_region( $domain ) { |
There was a problem hiding this comment.
Could you just regexp for this so not hardcoded checks?
There was a problem hiding this comment.
That's not a bad idea, actually ... would make this more future-proof if we add additional regions. I'll add, rebase, and re-submit.
There was a problem hiding this comment.
@cocojoe - Much better with regex and can handle new regions 👍 thanks for the suggestion. Tests added.
|
@joshcanhelp also rebase please |
joshcanhelp
force-pushed
the
add-custom-domain-support
branch
from
a911acb
to
e448958
Compare
Main purpose of this PR is to add a field for custom domains and application code to use the custom domain properly.
Follows guidance from the Auth0 docs on custom domains and the additional configuration docs. In summary: all auth-level domains were changed to the custom domain but management API calls remain pointing to the tenant domain (would appreciate a review of how this is being used as well).
Also:
WP_Auth0::get_tenant_region()to get the tenant region from a domainWP_Auth0::get_tenant()to get the full tenant name from a domainWP_Auth0_Options::get_auth_domain()to get a custom domain, if saved, falling back to main domain