Merge pull request #237 from auth0/dev

3.2.5 - Lock 10 custom fields + added avatars + bugfixes

Author: glena

WP_Auth0.php

@@ -2,7 +2,7 @@
 /**
  * Plugin Name: PLUGIN_NAME
  * Description: PLUGIN_DESCRIPTION
- * Version: 3.2.4
+ * Version: 3.2.5
  * Author: Auth0
  * Author URI: https://auth0.com
  */
@@ -12,7 +12,7 @@
 define( 'WPA0_PLUGIN_URL', trailingslashit( plugin_dir_url( __FILE__ ) ) );
 define( 'WPA0_LANG', 'wp-auth0' );
 define( 'AUTH0_DB_VERSION', 11 );
-define( 'WPA0_VERSION', '3.2.4' );
+define( 'WPA0_VERSION', '3.2.5' );
 
 /**
  * Main plugin class
@@ -48,6 +48,8 @@ public function init() {
 
 		add_action( 'activated_plugin', array( $this, 'on_activate_redirect' ) );
 
+		add_filter( 'get_avatar' , array( $this, 'my_custom_avatar') , 1 , 5 );
+
 		// Add an action to append a stylesheet for the login page.
 		add_action( 'login_enqueue_scripts', array( $this, 'render_auth0_login_css' ) );
 
@@ -155,6 +157,19 @@ function check_signup_status() {
 		}
 	}
 
+	function my_custom_avatar( $avatar, $id_or_email, $size, $default, $alt ) {
+		$auth0Profile = get_auth0userinfo($id_or_email);
+
+		if ($this->a0_options->get('override_wp_avatars')) {
+			if ($auth0Profile && isset($auth0Profile->picture)) {
+				$avatar_url = $auth0Profile->picture;
+				$avatar = "<img alt='{$alt}' src='{$avatar_url}' class='avatar avatar-{$size} photo' height='{$size}' width='{$size}' />";
+			}
+		}
+
+		return $avatar;
+	}
+
 	function on_activate_redirect( $plugin ) {
 
 		if ( $plugin == plugin_basename( __FILE__ ) ) {
@@ -296,6 +311,11 @@ public function render_verify_email_page($html, $userinfo, $id_token) {
 	}
 
 	public function render_form( $html ) {
+
+		if ( isset( $_GET['action'] ) && $_GET['action'] == 'lostpassword' ) {
+			return $html;
+		}
+
 		$client_id = WP_Auth0_Options::Instance()->get( 'client_id' );
 
 		if ( trim( $client_id ) === '' ) {
@@ -390,7 +410,7 @@ function get_currentauth0userinfo() {
 
 		$current_user = wp_get_current_user();
 
-		$currentauth0_user = get_auth0userinfo($current_user);
+		$currentauth0_user = get_auth0userinfo($current_user->ID);
 
 		return $currentauth0_user;
 	}
@@ -428,3 +448,4 @@ function get_auth0_curatedBlogName() {
 
 $a0_plugin = new WP_Auth0();
 $a0_plugin->init();
+

lib/WP_Auth0_DBManager.php

@@ -162,6 +162,7 @@ public function get_auth0_users( $user_ids = null ) {
         'compare' => 'IN',
 			) );
 		}
+		$query['blog_id'] = 0;
 
 		$results = get_users( $query );
 

lib/WP_Auth0_EditProfile.php

@@ -332,7 +332,7 @@ public function override_email_update() {
 				}
 				wp_update_user( array(
 						'ID' => $current_user->ID,
-						'user_email' => $user_email,
+						'user_email' => $user_email
 					) );
 
 				if ($requires_verified_email) {

lib/WP_Auth0_Lock10_Options.php

@@ -128,7 +128,7 @@ protected function build_settings( $settings ) {
       $options_obj['language'] = $settings['language'];
     }
     if (isset($settings['language_dictionary']) && !empty($settings['language_dictionary'])) {
-      $options_obj['languageDictionary'] = $settings['language_dictionary'];
+      $options_obj['languageDictionary'] = json_decode($settings['language_dictionary']);
     }
 
     if ( isset( $settings['form_title'] ) && trim( $settings['form_title'] ) !== '' ) {
@@ -180,6 +180,19 @@ protected function build_settings( $settings ) {
     return $options_obj;
   }
 
+  public function get_custom_signup_fields() {
+    $fields = $this->wp_options->get('custom_signup_fields');
+
+    if (trim($fields) === '') {
+      return "[]";
+    }
+
+    return $fields;
+  }
+  public function has_custom_signup_fields() {
+    return $this->wp_options->get('custom_signup_fields');
+  }
+
   public function get_sso_options() {
     $options = $this->get_lock_options();
 
@@ -188,7 +201,7 @@ public function get_sso_options() {
     if ( $this->get_auth0_implicit_workflow() ) {
       $options["callbackOnLocationHash"] = true;
       $options["callbackURL"] = $this->get_implicit_callback_url();
-      $options["scope"] .= "name email nickname email_verified identities";
+      $options["scope"] .= "name email picture nickname email_verified identities";
     } else {
       $options["callbackOnLocationHash"] = false;
       $options["callbackURL"] = $this->get_code_callback_url();
@@ -230,7 +243,9 @@ public function get_lock_options() {
     $extraOptions["auth"]["params"]["scope"] = "openid ";
 
     if ( $this->get_auth0_implicit_workflow() ) {
-      $extraOptions["auth"]["params"]["scope"] .= "name email nickname email_verified";
+      $extraOptions["auth"]["params"]["scope"] .= "name email picture nickname email_verified";
+      $extraOptions["auth"]["responseType"] = 'token';
+      $extraOptions["auth"]["redirectUrl"] = $this->get_implicit_callback_url();
     } else {
       $extraOptions["auth"]["responseType"] = 'code';
       $extraOptions["auth"]["redirectUrl"] = $this->get_code_callback_url();

lib/WP_Auth0_LoginManager.php

@@ -403,7 +403,29 @@ public function login_user( $userinfo, $id_token, $access_token ) {
 		if ( ! is_null( $user ) ) {
 			// User exists! Log in
 			if ( isset( $userinfo->email ) && $user->data->user_email !== $userinfo->email ) {
-				$user_id = wp_update_user( array( 'ID' => $user->data->ID, 'user_email' => $userinfo->email ) );
+
+				$description = $user->data->description;
+				
+				if (empty($description)){
+					if (isset($userinfo->headline)) {
+						$description = $userinfo->headline;
+					}
+					if (isset($userinfo->description)) {
+						$description = $userinfo->description;
+					}
+					if (isset($userinfo->bio)) {
+						$description = $userinfo->bio;
+					}
+					if (isset($userinfo->about)) {
+						$description = $userinfo->about;
+					}
+				}
+
+				$user_id = wp_update_user( array( 
+					'ID' => $user->data->ID, 
+					'user_email' => $userinfo->email, 
+					'description' => $description, 
+				) );
 			}
 
 			$this->users_repo->update_auth0_object( $user->data->ID, $userinfo );

lib/WP_Auth0_Options.php

@@ -71,6 +71,8 @@ protected function defaults() {
 			'language' => '',
 			'language_dictionary' => '',
 
+			'custom_signup_fields' => '',
+
 			'social_big_buttons' => false,
 			'username_style' => 'username',
 			'extra_conf' => '',
@@ -92,6 +94,8 @@ protected function defaults() {
 			'link_auth0_users' => null,
 			'remember_users_session' => false,
 
+			'override_wp_avatars' => true,
+
 			'migration_ws' => false,
 			'migration_token' => null,
 			'migration_token_id' => null,

lib/WP_Auth0_Serializer.php

@@ -1,11 +1,20 @@
 <?php
 class WP_Auth0_Serializer {
 
-	public static function serialize( $o ) {
+	public static function serialize( $o ) 
+  {
 		return json_encode( $o );
 	}
-	public static function unserialize( $s ) {
-		if ( $s[0] === '{' ) {
+  
+	public static function unserialize( $s ) 
+  {
+    if (!is_string($s) || trim($s) === '') 
+    {
+      return null;
+    }
+
+		if ( $s[0] === '{' ) 
+    {
 			return json_decode( $s );
 		}
 

lib/WP_Auth0_Users.php

@@ -46,6 +46,23 @@ public static function create_user( $userinfo, $role = null ) {
 		while ( username_exists( $username ) ) {
 			$username = $username . rand( 0, 9 );
 		}
+
+		$description = '';
+				
+		if (empty($description)){
+			if (isset($userinfo->headline)) {
+				$description = $userinfo->headline;
+			}
+			if (isset($userinfo->description)) {
+				$description = $userinfo->description;
+			}
+			if (isset($userinfo->bio)) {
+				$description = $userinfo->bio;
+			}
+			if (isset($userinfo->about)) {
+				$description = $userinfo->about;
+			}
+		}
 		// Create the user data array for updating first- and lastname
 		$user_data = array(
 			'user_email' => $email,
@@ -54,6 +71,7 @@ public static function create_user( $userinfo, $role = null ) {
 			'first_name' => $firstname,
 			'last_name' => $lastname,
 			'display_name' => $username,
+			'description' => $description,
 		);
 
 		if ( $role ) {

lib/WP_Auth0_UsersRepo.php

@@ -94,7 +94,7 @@ public function create( $userinfo, $token, $access_token = null, $role = null, $
 		$joinUser = get_user_by( 'email', $userinfo->email ); 
 
 		$auto_provisioning = WP_Auth0_Options::Instance()->get('auto_provisioning');
-		$allow_signup = WP_Auth0_Options::Instance()->is_wp_registration_enabled() && $auto_provisioning;
+		$allow_signup = WP_Auth0_Options::Instance()->is_wp_registration_enabled() || $auto_provisioning;
 
 		$user_id = null;
 
@@ -148,7 +148,11 @@ public function create( $userinfo, $token, $access_token = null, $role = null, $
 	public function find_auth0_user( $id ) {
 		global $wpdb;
 
-		$users = get_users( array( 'meta_key' => $wpdb->prefix.'auth0_id', 'meta_value' => $id) ); 
+		$users = get_users( array( 
+  		'meta_key' => $wpdb->prefix.'auth0_id',
+  		'meta_value' => $id,
+  		'blog_id' => 0)
+  	); 
 
 		if ( $users instanceof WP_Error ) {
 			WP_Auth0_ErrorManager::insert_auth0_error( '_find_auth0_user', $userRow );

lib/admin/WP_Auth0_Admin_Advanced.php

@@ -52,6 +52,7 @@ public function init() {
       array( 'id' => 'wpa0_ip_range_check', 'name' => 'Enable on IP Ranges', 'function' => 'render_ip_range_check' ),
       array( 'id' => 'wpa0_ip_ranges', 'name' => 'IP Ranges', 'function' => 'render_ip_ranges' ),
       array( 'id' => 'wpa0_valid_proxy_ip', 'name' => 'Valid Proxy IP', 'function' => 'render_valid_proxy_ip' ),
+      array( 'id' => 'wpa0_custom_signup_fields', 'name' => 'Custom signup fields', 'function' => 'render_custom_signup_fields' ),
       array( 'id' => 'wpa0_extra_conf', 'name' => 'Extra settings', 'function' => 'render_extra_conf' ),
       array( 'id' => 'wpa0_auth0_server_domain', 'name' => 'Auth0 server domain', 'function' => 'render_auth0_server_domain' ),
       array( 'id' => 'wpa0_metrics', 'name' => 'Anonymous data', 'function' => 'render_metrics' ),
@@ -134,6 +135,36 @@ public function render_extra_conf() {
       </span>
     </div>
     <?php
+  }  
+
+  public function render_custom_signup_fields() {
+    $v = $this->options->get( 'custom_signup_fields' );
+?>
+
+    <textarea name="<?php echo $this->options->get_options_name(); ?>[custom_signup_fields]" id="wpa0_custom_signup_fields"><?php echo esc_attr( $v ); ?></textarea>
+    <div class="subelement">
+      <span class="description">
+        <?php echo __( 'This field is the Json that describes the custom signup fields for lock. It should be a valida json and allows the use of functions (for validation). More info', WPA0_LANG ); ?>
+        <a target="_blank" href="https://auth0.com/docs/libraries/lock/v10/new-features#custom-sign-up-fields"><?php echo __( 'here', WPA0_LANG ); ?></a>
+
+        <code><pre>[
+  {
+    name: "address",                              // required
+    placeholder: "enter your address",            // required
+    icon: "https://example.com/address_icon.png", // optional
+    prefill: "street 123",                        // optional
+    validator: function(value) {                  // optional
+      // only accept addresses with more than 10 chars
+      return value.length > 10;
+    }
+  }, 
+  {
+    ... // more fields could be specified
+  }
+]</pre></code>
+      </span>
+    </div>
+    <?php
   }
 
   public function render_link_auth0_users() {
@@ -154,8 +185,8 @@ public function render_auto_provisioning() {
 ?>
 
       <div class="subelement">
-        <span class="description"><?php echo __( 'The plugin will automatically add new users if they do not exist in the WordPress database.(Even with signups disabled, the plugin will create users if they already exists in your Auth0 account, enabling this setting will disable this behaviour).', WPA0_LANG ); ?></span>
-      </div>
+        <span class="description"><?php echo __( 'The plugin will automatically add new users if they do not exist in the WordPress database if the signups are enabled (enabling this setting will enable this behaviour when signups are disabled).', WPA0_LANG ); ?></span>
+        </div>
     <?php
   }
 
@@ -280,7 +311,8 @@ public function render_ip_ranges() {
 ?>
     <textarea cols="25" name="<?php echo $this->options->get_options_name(); ?>[ip_ranges]" id="wpa0_ip_ranges"><?php echo esc_textarea( $v ); ?></textarea>
     <div class="subelement">
-      <span class="description"><?php echo __( 'Only one range per line! Range format should be as follows: <code>xx.xx.xx.xx - yy.yy.yy.yy</code> (spaces will be trimmed)', WPA0_LANG ); ?></span>
+      <span class="description"><?php echo __( 'Only one range per line! Range format should be as follows (spaces will be trimmed):', WPA0_LANG ); ?></span>
+      <code>xx.xx.xx.xx - yy.yy.yy.yy</code> 
     </div>
     <?php
   }
@@ -399,8 +431,9 @@ public function basic_validation( $old_options, $input ) {
     $input['jwt_auth_integration'] = ( isset( $input['jwt_auth_integration'] ) ? $input['jwt_auth_integration'] : 0 );
     $input['auth0_implicit_workflow'] = ( isset( $input['auth0_implicit_workflow'] ) ? $input['auth0_implicit_workflow'] : 0 );
     $input['metrics'] = ( isset( $input['metrics'] ) ? $input['metrics'] : 0 );
+    $input['use_lock_10'] = ( isset( $input['use_lock_10'] ) ? $input['use_lock_10'] : 0 );
     $input['default_login_redirection'] = esc_url_raw( $input['default_login_redirection'] );
-
+    
     if ( isset( $input['connections'] ) ) {
       if ( isset( $input['connections']['social_twitter_key'] ) ) $input['connections']['social_twitter_key'] = sanitize_text_field( $input['connections']['social_twitter_key'] );
       if ( isset( $input['connections']['social_twitter_secret'] ) ) $input['connections']['social_twitter_secret'] = sanitize_text_field( $input['connections']['social_twitter_secret'] );
@@ -414,6 +447,7 @@ public function basic_validation( $old_options, $input ) {
     $input['valid_proxy_ip'] = ( isset( $input['valid_proxy_ip'] ) ? $input['valid_proxy_ip'] : null );
 
     $input['lock_connections'] = trim( $input['lock_connections'] );
+    $input['custom_signup_fields'] = trim( $input['custom_signup_fields'] );
 
     if ( $input['passwordless_enabled'] && empty( $input['lock_connections'] ) && strpos( strtolower( $input['passwordless_method'] ), 'social' ) !== false ) {
       $error = __( "Please complete the list of connections to be used by Lock in social mode.", WPA0_LANG );