Name: Code Review: Login by Auth0
Brand: Auth0
SKU: wp.org/plugin/auth0
Availability: InStock
Rating: 3.5 (15 reviews)

Benchmarks

Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | The install procedure must perform silently

This plugin's installer ran successfully

Server metrics [RAM: ▲0.79MB] [CPU: ▼2.39ms] Passed 4 tests

A check of server-side resources used by Login by Auth0

This plugin has minimal impact on server resources

Page	Memory (MB)	CPU Time (ms)
Home /	4.07 ▲0.60	50.04 ▲6.95
Dashboard /wp-admin	4.17 ▲0.82	59.24 ▼13.11
Posts /wp-admin/edit.php	4.29 ▲0.93	60.64 ▲9.45
Add New Post /wp-admin/post-new.php	6.77 ▲0.88	94.82 ▼10.34
Media Library /wp-admin/upload.php	4.09 ▲0.86	47.48 ▲6.95
Error Log /wp-admin/admin.php?page=wpa0-errors	4.06	42.09
Setup Wizard /wp-admin/admin.php?page=wpa0-setup	4.08	39.99
Import-Export settings /wp-admin/admin.php?page=wpa0-import-settings	4.07	42.31
Settings /wp-admin/admin.php?page=wpa0	4.10	48.99

Server storage [IO: ▲0.88MB] [DB: ▲0.00MB] Passed 3 tests

Filesystem and database footprint

This plugin was installed successfully

Filesystem: 201 new files

Database: no new tables, 10 new options

New WordPress options
theysaidso_admin_options
widget_theysaidso_widget
widget_recent-comments
db_upgraded
wp_auth0_settings
widget_wp_auth0_popup_widget
can_compress_scripts
widget_wp_auth0_widget
auth0_db_version
widget_recent-posts

Browser metrics Passed 4 tests

An overview of browser requirements for Login by Auth0

Minimal impact on browser resources

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	2,822 ▲51	14.25 ▼0.02	1.69 ▼0.62	44.50 ▲2.73
Dashboard /wp-admin	2,213 ▲36	5.56 ▲0.02	85.17 ▼10.59	68.15 ▲24.60
Posts /wp-admin/edit.php	2,109 ▲9	2.03 ▼0.12	35.73 ▼5.13	35.91 ▼1.20
Add New Post /wp-admin/post-new.php	1,551 ▲15	23.46 ▲0.07	703.41 ▲12.73	65.92 ▲5.93
Media Library /wp-admin/upload.php	1,430 ▲33	4.16 ▼0.10	98.26 ▼8.76	73.72 ▲29.71
Error Log /wp-admin/admin.php?page=wpa0-errors	862	1.65	26.06	29.40
Setup Wizard /wp-admin/admin.php?page=wpa0-setup	958	1.82	30.14	34.79
Import-Export settings /wp-admin/admin.php?page=wpa0-import-settings	899	1.81	25.64	36.48
Settings /wp-admin/admin.php?page=wpa0	1,754	3.23	45.47	78.71

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | Verifying that this plugin uninstalls completely without leaving any traces

You still need to fix the following

This plugin did not uninstall successfully, leaving 6 options in the database
- widget_theysaidso_widget
- can_compress_scripts
- widget_recent-comments
- theysaidso_admin_options
- widget_recent-posts
- db_upgraded

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | A shallow check that no server-side errors were triggered

The smoke test was a success, however most plugin functionality was not tested

SRP 50% from 2 tests

🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser

Please fix the following

80× PHP files trigger server errors when accessed directly (only 10 are shown):
- > PHP Fatal error
  Uncaught Error: Class 'PHPUnit\\Framework\\TestCase' not found in wp-content/plugins/auth0/vendor/auth0/php-jwt/test/unit/Signer/KeyTest.php:16
- > PHP Fatal error
  Uncaught Error: Class 'PHPUnit\\Framework\\TestCase' not found in wp-content/plugins/auth0/vendor/auth0/php-jwt/test/unit/Signer/RsaTest.php:13
- > PHP Fatal error
  Uncaught Error: Class 'Lcobucci\\JWT\\Signer\\Hmac' not found in wp-content/plugins/auth0/vendor/auth0/php-jwt/src/Signer/Hmac/Sha512.php:18
- > PHP Fatal error
  Uncaught Error: Class 'WP_Auth0_Nonce_Handler' not found in wp-content/plugins/auth0/lib/WP_Auth0_State_Handler.php:11
- > PHP Fatal error
  Uncaught Error: Call to undefined function _e() in wp-content/plugins/auth0/templates/initial-setup/connection_profile.php:5
- > PHP Fatal error
  Uncaught Error: Class 'PHPUnit\\Framework\\TestCase' not found in wp-content/plugins/auth0/vendor/auth0/php-jwt/test/unit/Claim/GreaterOrEqualsToTest.php:16
- > PHP Fatal error
  Uncaught Error: Class 'PHPUnit\\Framework\\TestCase' not found in wp-content/plugins/auth0/vendor/auth0/php-jwt/test/functional/UnsignedTokenTest.php:19
- > PHP Fatal error
  Uncaught Error: Class 'Lcobucci\\JWT\\Signer\\Rsa' not found in wp-content/plugins/auth0/vendor/auth0/php-jwt/src/Signer/Rsa/Sha512.php:18
- > PHP Fatal error
  Uncaught Error: Class 'PHPUnit\\Framework\\TestCase' not found in wp-content/plugins/auth0/vendor/auth0/php-jwt/test/unit/Signer/Ecdsa/MultibyteStringConverterTest.php:13
- > PHP Fatal error
  Uncaught Error: Class 'PHPUnit\\Framework\\TestCase' not found in wp-content/plugins/auth0/vendor/auth0/php-jwt/test/unit/Signer/Hmac/Sha384Test.php:14

User-side errors Passed 1 test

🔹 Test weight: 20 | This is just a short smoke test looking for browser issues

No browser errors were detected

Optimizations

Plugin configuration 86% from 29 tests

readme.txt 94% from 16 tests

The readme.txt file is an important file in your plugin as it is parsed by WordPress.org to prepare the public listing of your plugin

Please fix the following attributes:

Tags: There are too many tags (12 tag instead of maximum 10)

The official readme.txt is a good inspiration

auth0/WP_Auth0.php 77% from 13 tests

The entry point to "Login by Auth0" version 4.5.0 is a PHP file that has certain tags in its header comment area

It is important to fix the following:

Text Domain: Since WordPress version 4.6 the text domain is optional; if specified, it must be the same as the plugin slug
Description: Please don't use more than 140 characters for the plugin description (currently 159 characters long)
Main file name: Name the main plugin file the same as the plugin slug ("auth0.php" instead of "WP_Auth0.php")

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | This is a short overview of programming languages used in this plugin, detecting executable files

Good job! No executable or dangerous file extensions detected12,803 lines of code in 174 files:

Language	Files	Blank lines	Comment lines	Lines of code
PHP	144	2,387	7,016	9,271
PO File	2	666	714	1,970
Stylus	2	140	2	685
JavaScript	9	63	105	333
Markdown	1	59	0	135
CSS	3	7	0	115
JSON	2	0	0	114
SVG	7	0	5	72
YAML	2	3	0	68
XML	1	1	0	26
LESS	1	3	0	14

PHP code Passed 2 tests

Analyzing cyclomatic complexity and code structure

Great job! No cyclomatic complexity issues were detected in this plugin

Cyclomatic complexity
Average complexity per logical line of code	0.27
Average class complexity	6.94
▷ Minimum class complexity	1.00
▷ Maximum class complexity	68.00
Average method complexity	2.05
▷ Minimum method complexity	1.00
▷ Maximum method complexity	38.00

Code structure
Namespaces	10
Interfaces	4
Traits	1
Classes	120
▷ Abstract classes	7	5.83%
▷ Concrete classes	113	94.17%
▷ Final classes	9	7.96%
Methods	722
▷ Static methods	63	8.73%
▷ Public methods	598	82.83%
▷ Protected methods	78	10.80%
▷ Private methods	46	6.37%
Functions	67
▷ Named functions	62	92.54%
▷ Anonymous functions	5	7.46%
Constants	65
▷ Global constants	17	26.15%
▷ Class constants	48	73.85%
▷ Public constants	48	100.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

All PNG images should be compressed to minimize bandwidth usage for end users

10 compressed PNG files occupy 0.02MB

Potential savings

Compression of 5 random PNG files using pngquant
File	Size - original	Size - compressed	Savings
assets/img/initial-setup/enterprise-connections/windows.png	0.84KB	0.86KB	0.00%
assets/img/initial-setup/enterprise-connections/google.png	2.38KB	2.41KB	0.00%
assets/img/initial-setup/enterprise-connections/sharepoint.png	1.53KB	1.54KB	0.00%
assets/img/initial-setup/enterprise-connections/ip-address.png	0.81KB	0.84KB	0.00%
assets/img/initial-setup/enterprise-connections/ws-fed.png	0.61KB	0.63KB	0.00%

Code Review | Login by Auth0

About plugin

Code review

User reviews

Install metrics