Merge branch 'master' into pantheon-behat

inc/class-wp-saml-auth-cli.php

@@ -0,0 +1,129 @@
+<?php
+
+/**
+ * Configure and manage the WP SAML Auth plugin.
+ */
+class WP_SAML_Auth_CLI {
+
+	/**
+	 * Scaffold a configuration filter to customize WP SAML Auth usage.
+	 *
+	 * Produces a filter you can put in your theme or a mu-plugin.
+	 *
+	 * [--simplesamlphp_autoload=<path>]
+	 * : Path to the SimpleSAMLphp autoloader. Defaults to a subdirectory of
+	 * the plugin's directory.
+	 *
+	 * [--auth_source=<source>]
+	 * : Authentication source to pass to SimpleSAMLphp. This must be one of
+	 * your configured identity providers in SimpleSAMLphp.
+	 * ---
+	 * default: default-sp
+	 * ---
+	 *
+	 * [--auto_provision=<auto-provision>]
+	 * : Whether or not to automatically provision new WordPress users.
+	 *
+	 * [--permit_wp_login=<auto-provision>]
+	 * : Whether or not to permit logging in with username and password.
+	 *
+	 * [--get_user_by=<attribute>]
+	 * : Attribute by which to get a WordPress user for a SAML user.
+	 * ---
+	 * default: email
+	 * options:
+	 *   - email
+	 *   - login
+	 * ---
+	 *
+	 * [--user_login_attribute=<attribute>]
+	 * : SAML attribute which includes the user_login value for a user.
+	 * ---
+	 * default: uid
+	 * ---
+	 *
+	 * [--user_email_attribute=<attribute>]
+	 * : SAML attribute which includes the user_email value for a user.
+	 * ---
+	 * default: email
+	 * ---
+	 *
+	 * [--display_name_attribute=<attribute>]
+	 * : SAML attribute which includes the display_name value for a user.
+	 * ---
+	 * default: display_name
+	 * ---
+	 *
+	 * [--first_name_attribute=<attribute>]
+	 * : SAML attribute which includes the first_name value for a user.
+	 * ---
+	 * default: first_name
+	 * ---
+	 *
+	 * [--last_name_attribute=<attribute>]
+	 * : SAML attribute which includes the last_name value for a user.
+	 * ---
+	 * default: last_name
+	 * ---
+	 *
+	 * [--default_role=<role>]
+	 * : Default WordPress role to grant when provisioning new users.
+	 *
+	 * @subcommand scaffold-config
+	 */
+	public function scaffold_config( $args, $assoc_args ) {
+
+		$function = self::scaffold_config_function( $assoc_args );
+		WP_CLI::log( $function );
+	}
+
+	/**
+	 * Generate a string representation of a function to be used for configuring the plugin.
+	 *
+	 * @param array
+	 * @return string
+	 */
+	protected static function scaffold_config_function( $assoc_args ) {
+		$defaults = array(
+			'simplesamlphp_autoload'     => dirname( dirname( __FILE__ ) ) . '/simplesamlphp/lib/_autoload.php',
+			'auth_source'                => 'default-sp',
+			'auto_provision'             => true,
+			'permit_wp_login'            => true,
+			'get_user_by'                => 'email',
+			'user_login_attribute'       => 'uid',
+			'user_email_attribute'       => 'mail',
+			'display_name_attribute'     => 'display_name',
+			'first_name_attribute'       => 'first_name',
+			'last_name_attribute'        => 'last_name',
+			'default_role'               => get_option( 'default_role' ),
+		);
+		$assoc_args = array_merge( $defaults, $assoc_args );
+
+		foreach ( array( 'auto_provision', 'permit_wp_login' ) as $bool ) {
+			// Support --auto_provision=false passed as an argument
+			$assoc_args[ $bool ] = 'false' === $assoc_args[ $bool ] ? false : (bool) $assoc_args[ $bool ];
+		}
+
+		$values = var_export( $assoc_args, true );
+		// Formatting fixes
+		$search_replace = array(
+			'  '        => "\t\t",
+			'array ('   => 'array(',
+		);
+		$values = str_replace( array_keys( $search_replace ), array_values( $search_replace ), $values );
+		$values = rtrim( $values, ')' ) . "\t);";
+		$function = <<<EOT
+/**
+ * Set WP SAML Auth configuration options
+ */
+function wpsax_filter_option( \$value, \$option_name ) {
+	\$defaults = $values
+	\$value = isset( \$defaults[ \$option_name ] ) ? \$defaults[ \$option_name ] : \$value;
+	return \$value;
+}
+add_filter( 'wp_saml_auth_option', 'wpsax_filter_option', 10, 2 );
+EOT;
+		return $function;
+	}
+
+}

tests/phpunit/bootstrap.php

@@ -18,6 +18,9 @@
  */
 function _manually_load_plugin() {
 	require dirname( dirname( dirname( __FILE__ ) ) ) . '/wp-saml-auth.php';
+	require dirname( dirname( dirname( __FILE__ ) ) ) . '/wp-saml-auth.php';
+	require dirname( dirname( dirname( __FILE__ ) ) ) . '/inc/class-wp-saml-auth-cli.php';
+	require dirname( __FILE__ ) . '/class-wp-saml-auth-test-cli.php';
 
 	add_filter( 'wp_saml_auth_option', '_wp_saml_auth_filter_option', 10, 2 );
 }

tests/phpunit/class-wp-saml-auth-test-cli.php

@@ -0,0 +1,9 @@
+<?php
+
+class WP_SAML_Auth_Test_CLI extends WP_SAML_Auth_CLI {
+
+	public static function scaffold_config_function( $assoc_args ) {
+		return parent::scaffold_config_function( $assoc_args );
+	}
+
+}

tests/phpunit/test-scaffold-config.php

@@ -0,0 +1,45 @@
+<?php
+
+/**
+ * Test all variations of scaffolding the config.
+ */
+class Test_Scaffold_Config extends WP_UnitTestCase {
+
+	public function test_default_behavior() {
+
+		$function = self::scaffold_config_function();
+		$this->assertEquals( 'default-sp', $function( null, 'auth_source' ) );
+		$this->assertEquals( true, $function( null, 'auto_provision' ) );
+		$this->assertEquals( true, $function( null, 'permit_wp_login' ) );
+		$this->assertEquals( 'email', $function( null, 'get_user_by' ) );
+		$this->assertEquals( 'uid', $function( null, 'user_login_attribute' ) );
+		$this->assertEquals( 'mail', $function( null, 'user_email_attribute' ) );
+		$this->assertEquals( 'display_name', $function( null, 'display_name_attribute' ) );
+		$this->assertEquals( 'first_name', $function( null, 'first_name_attribute' ) );
+		$this->assertEquals( 'last_name', $function( null, 'last_name_attribute' ) );
+
+	}
+
+	public function test_false_auto_provision_permit_wp_login() {
+
+		$function = self::scaffold_config_function( array(
+			'permit_wp_login'   => 'false',
+			'auto_provision'    => 'false',
+		) );
+		$this->assertEquals( false, $function( null, 'auto_provision' ) );
+		$this->assertEquals( false, $function( null, 'permit_wp_login' ) );
+	}
+
+	/**
+	 * Scaffolds a config function and evals it into scope
+	 */
+	private static function scaffold_config_function( $assoc_args = array() ) {
+		$function_name = 'wpsax_' . md5( rand() );
+		$function = WP_SAML_Auth_Test_CLI::scaffold_config_function( $assoc_args );
+		$function = str_replace( 'function wpsax_filter_option', 'function ' . $function_name, $function );
+		// @codingStandardsIgnoreStart
+		eval( $function );
+		return $function_name;
+	}
+
+}

wp-saml-auth.php

@@ -115,3 +115,8 @@ function wpsa_filter_option( $value, $option_name ) {
  */
 require_once dirname( __FILE__ ) . '/inc/class-wp-saml-auth.php';
 WP_SAML_Auth::get_instance();
+
+if ( defined( 'WP_CLI' ) && WP_CLI ) {
+	require_once dirname( __FILE__ ) . '/inc/class-wp-saml-auth-cli.php';
+	WP_CLI::add_command( 'saml-auth', 'WP_SAML_Auth_CLI' );
+}