Add a filter for nonce and state cookie names

lib/WP_Auth0_Nonce_Handler.php

@@ -61,9 +61,10 @@ private function __construct() {
 	 * Start-up process to make sure we have something stored.
 	 */
 	protected function init() {
-		if ( defined( static::NONCE_COOKIE_NAME ) && isset( $_COOKIE[ static::NONCE_COOKIE_NAME ] ) ) {
+		// If a NONCE_COOKIE_NAME is not defined then we don't need to persist the nonce value.
+		if ( defined( static::NONCE_COOKIE_NAME ) && isset( $_COOKIE[ static::get_storage_cookie_name() ] ) ) {
 			// Have a cookie, don't want to generate a new one.
-			$this->unique = $_COOKIE[ static::NONCE_COOKIE_NAME ];
+			$this->unique = $_COOKIE[ static::get_storage_cookie_name()  ];
 		} else {
 			// No cookie, need to create one.
 			$this->unique = $this->generate_unique();
@@ -111,7 +112,7 @@ public function set_cookie( $value = null ) {
 		if ( is_null( $value ) ) {
 			$value = $this->unique;
 		}
-		return $this->handle_cookie( $this->get_storage_cookie_name(), $value, $this->get_cookie_exp() );
+		return $this->handle_cookie( static::get_storage_cookie_name(), $value, $this->get_cookie_exp() );
 	}
 
 	/**
@@ -122,7 +123,7 @@ public function set_cookie( $value = null ) {
 	 * @return bool
 	 */
 	public function validate( $value ) {
-		$cookie_name = $this->get_storage_cookie_name();
+		$cookie_name = static::get_storage_cookie_name();
 		$valid       = isset( $_COOKIE[ $cookie_name ] ) ? $_COOKIE[ $cookie_name ] === $value : false;
 		$this->reset();
 		return $valid;
@@ -134,7 +135,7 @@ public function validate( $value ) {
 	 * @return bool
 	 */
 	public function reset() {
-		return $this->handle_cookie( $this->get_storage_cookie_name(), '', 0 );
+		return $this->handle_cookie( static::get_storage_cookie_name(), '', 0 );
 	}
 
 	/**
@@ -179,7 +180,7 @@ protected function handle_cookie( $cookie_name, $cookie_value, $cookie_exp ) {
 	 *
 	 * @return string
 	 */
-	protected function get_storage_cookie_name() {
-		return static::NONCE_COOKIE_NAME;
+	public static function get_storage_cookie_name() {
+		return apply_filters( 'auth0_nonce_cookie_name', static::NONCE_COOKIE_NAME );
 	}
 }

lib/WP_Auth0_State_Handler.php

@@ -29,7 +29,7 @@ final class WP_Auth0_State_Handler extends WP_Auth0_Nonce_Handler {
 	 *
 	 * @return string
 	 */
-	protected function get_storage_cookie_name() {
-		return self::STATE_COOKIE_NAME;
+	public static function get_storage_cookie_name() {
+		return apply_filters( 'auth0_state_cookie_name', self::STATE_COOKIE_NAME );
 	}
 }

templates/auth0-sso-handler-lock10.php

@@ -31,8 +31,8 @@
           var $input2=$(document.createElement('input')).attr('name','state').val(authResult.state);
           $form.append($input).append($input2);
           $("body").append($form);
-          Cookies.set( '<?php echo WP_Auth0_State_Handler::STATE_COOKIE_NAME ?>', authResult.state );
-          Cookies.set( '<?php echo WP_Auth0_Nonce_Handler::NONCE_COOKIE_NAME ?>', authResult.idTokenPayload.nonce );
+          Cookies.set( '<?php echo WP_Auth0_State_Handler::get_storage_cookie_name() ?>', authResult.state );
+          Cookies.set( '<?php echo WP_Auth0_Nonce_Handler::get_storage_cookie_name() ?>', authResult.idTokenPayload.nonce );
           $form.submit();
         });
       }

templates/login-form.php

@@ -21,8 +21,8 @@ function renderAuth0Form( $canShowLegacyLogin = true, $specialSettings = array()
         'ready' => WP_Auth0::ready(),
         'domain' => $options->get( 'domain' ),
         'clientId' => $options->get( 'client_id' ),
-        'stateCookieName' => WP_Auth0_State_Handler::STATE_COOKIE_NAME,
-        'nonceCookieName' => WP_Auth0_Nonce_Handler::NONCE_COOKIE_NAME,
+        'stateCookieName' => WP_Auth0_State_Handler::get_storage_cookie_name(),
+        'nonceCookieName' => WP_Auth0_Nonce_Handler::get_storage_cookie_name(),
         'usePasswordless' => $use_passwordless,
         'loginFormId' => WPA0_AUTH0_LOGIN_FORM_ID,
         'showAsModal' => ! empty( $specialSettings['show_as_modal'] ),