Benchmarks
Plugin footprint 65% from 16 tests
Installer Passed 1 test
🔺 Critical test (weight: 50) | Checking the installer triggered no errors
The plugin installed gracefully, with no errors
Server metrics [RAM: ▲0.01MB] [CPU: ▼9.21ms] Passed 4 tests
This is a short check of server-side resources used by WP OAuth Server ( Login with WordPress )
This plugin has minimal impact on server resources
| Page | Memory (MB) | CPU Time (ms) |
|---|---|---|
| Home / | 3.49 ▲0.03 | 36.43 ▼4.36 |
| Dashboard /wp-admin | 3.33 ▼0.02 | 44.72 ▼21.09 |
| Posts /wp-admin/edit.php | 3.44 ▲0.08 | 46.42 ▼1.57 |
| Add New Post /wp-admin/post-new.php | 5.92 ▲0.03 | 84.44 ▼9.80 |
| Media Library /wp-admin/upload.php | 3.25 ▲0.02 | 36.39 ▲4.37 |
Server storage [IO: ▲2.29MB] [DB: ▲0.01MB] Passed 3 tests
Input-output and database impact of this plugin
This plugin installed successfully
Filesystem: 224 new files
Database: 8 new tables, 7 new options
| New tables |
|---|
| wp_moos_oauth_clients |
| wp_moos_oauth_refresh_tokens |
| wp_moos_oauth_authorized_apps |
| wp_moos_oauth_access_tokens |
| wp_moos_oauth_authorization_codes |
| wp_moos_oauth_public_keys |
| wp_moos_oauth_users |
| wp_moos_oauth_scopes |
| New WordPress options |
|---|
| widget_recent-posts |
| db_upgraded |
| can_compress_scripts |
| host_name |
| widget_theysaidso_widget |
| widget_recent-comments |
| theysaidso_admin_options |
Browser metrics Passed 4 tests
A check of browser resources used by WP OAuth Server ( Login with WordPress )
Normal browser usage
| Page | Nodes | Memory (MB) | Script (ms) | Layout (ms) |
|---|---|---|---|---|
| Home / | 2,890 ▲103 | 13.78 ▼0.26 | 7.30 ▲5.15 | 40.58 ▼5.10 |
| Dashboard /wp-admin | 2,197 ▲17 | 5.56 ▼0.09 | 90.31 ▲0.90 | 64.04 ▲27.48 |
| Posts /wp-admin/edit.php | 2,120 ▲20 | 1.96 ▼0.06 | 40.67 ▲2.74 | 35.94 ▲2.46 |
| Add New Post /wp-admin/post-new.php | 1,541 ▲4 | 23.06 ▼0.25 | 681.15 ▼13.84 | 55.88 ▲3.42 |
| Media Library /wp-admin/upload.php | 1,417 ▲14 | 4.22 ▼0.05 | 96.57 ▼7.62 | 73.84 ▲27.00 |
Uninstaller [IO: ▲0.00MB] [DB: ▲0.01MB] 50% from 4 tests
🔸 Tests weight: 35 | It is important to correctly uninstall your plugin, without leaving any traces
You still need to fix the following
- The uninstall procedure failed, leaving 8 tables in the database
- wp_moos_oauth_users
- wp_moos_oauth_authorization_codes
- wp_moos_oauth_authorized_apps
- wp_moos_oauth_public_keys
- wp_moos_oauth_clients
- wp_moos_oauth_refresh_tokens
- wp_moos_oauth_scopes
- wp_moos_oauth_access_tokens
- This plugin did not uninstall successfully, leaving 6 options in the database
- widget_theysaidso_widget
- widget_recent-comments
- db_upgraded
- widget_recent-posts
- theysaidso_admin_options
- can_compress_scripts
Smoke tests 50% from 4 tests
Server-side errors Passed 1 test
🔹 Test weight: 20 | A shallow check that no server-side errors were triggered
Even though everything seems fine, this is not an exhaustive test
SRP 0% from 2 tests
🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser
The following issues need your attention
- 5× PHP files perform the action of outputting non-empty strings when accessed directly:
- > /wp-content/plugins/miniorange-oauth-20-server/public/partials/miniorange-oauth-20-server-public-display.php
- > /wp-content/plugins/miniorange-oauth-20-server/admin/views/miniorange-oauth-20-server-settings-welcome-page.php
- > /wp-content/plugins/miniorange-oauth-20-server/admin/views/miniorange-oauth-20-server-settings-licensing.php
- > /wp-content/plugins/miniorange-oauth-20-server/admin/views/miniorange-oauth-20-server-settings-server-response.php
- > /wp-content/plugins/miniorange-oauth-20-server/admin/views/miniorange-oauth-20-server-settings-premium-features.php
- 73× PHP files trigger server-side errors or warnings when accessed directly (only 10 are shown):
- > PHP Fatal error
Uncaught Error: Interface 'OAuth2\\Storage\\AccessTokenInterface' not found in wp-content/plugins/miniorange-oauth-20-server/vendor/bshaffer/oauth2-server-php/src/OAuth2/Storage/JwtAccessTokenInterface.php:11
- > PHP Fatal error
Uncaught Error: Interface 'OAuth2\\Storage\\ScopeInterface' not found in wp-content/plugins/miniorange-oauth-20-server/vendor/bshaffer/oauth2-server-php/src/OAuth2/ScopeInterface.php:12
- > PHP Fatal error
Uncaught Error: Interface 'OAuth2\\ResponseType\\ResponseTypeInterface' not found in wp-content/plugins/miniorange-oauth-20-server/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdTokenInterface.php:7
- > PHP Fatal error
Uncaught Error: Interface 'OAuth2\\GrantType\\GrantTypeInterface' not found in wp-content/plugins/miniorange-oauth-20-server/vendor/bshaffer/oauth2-server-php/src/OAuth2/GrantType/UserCredentials.php:14
- > PHP Warning
Use of undefined constant MINIORANGE_OAUTH_20_SERVER_PLUGIN_DIR_PATH - assumed 'MINIORANGE_OAUTH_20_SERVER_PLUGIN_DIR_PATH' (this will throw an Error in a future version of PHP) in wp-content/plugins/miniorange-oauth-20-server/public/class-miniorange-oauth-20-server-public.php on line 16
- > PHP Fatal error
Uncaught Error: Interface 'OAuth2\\ClientAssertionType\\ClientAssertionTypeInterface' not found in wp-content/plugins/miniorange-oauth-20-server/vendor/bshaffer/oauth2-server-php/src/OAuth2/ClientAssertionType/HttpBasic.php:14
- > PHP Fatal error
Uncaught Error: Interface 'OAuth2\\ResponseType\\ResponseTypeInterface' not found in wp-content/plugins/miniorange-oauth-20-server/vendor/bshaffer/oauth2-server-php/src/OAuth2/OpenID/ResponseType/IdTokenTokenInterface.php:7
- > PHP Fatal error
Uncaught Error: Call to undefined function esc_attr() in wp-content/plugins/miniorange-oauth-20-server/admin/views/miniorange-oauth-20-server-nav-header.php:18
- > PHP Warning
Use of undefined constant MINIORANGE_OAUTH_20_SERVER_PLUGIN_DIR_PATH - assumed 'MINIORANGE_OAUTH_20_SERVER_PLUGIN_DIR_PATH' (this will throw an Error in a future version of PHP) in wp-content/plugins/miniorange-oauth-20-server/admin/views/miniorange-oauth-20-server-settings.php on line 18
- > PHP Fatal error
require(): Failed opening required 'MINIORANGE_OAUTH_20_SERVER_PLUGIN_DIR_PATHadmin/views/miniorange-oauth-20-server-nav-header.php' (include_path='.:/usr/share/php') in wp-content/plugins/miniorange-oauth-20-server/admin/views/miniorange-oauth-20-server-settings-main-page.php on line 16
- > PHP Fatal error
User-side errors Passed 1 test
🔹 Test weight: 20 | Just a short smoke test targeting errors on the browser (console and network errors and warnings)
No browser errors were detected
Optimizations
Plugin configuration 93% from 29 tests
readme.txt Passed 16 tests
Often overlooked, readme.txt is one of the most important files in your plugin
5 plugin tags: oauth server, wordpress login, oauth provider, openid, oauth2
miniorange-oauth-20-server/mo_oauth_settings.php 85% from 13 tests
The primary PHP file in "WP OAuth Server ( Login with WordPress )" version 6.0.3 is used by WordPress to initiate all plugin functionality
You should first fix the following items:
- Main file name: Even though not officially enforced, the main plugin file should be the same as the plugin slug ("miniorange-oauth-20-server.php" instead of "mo_oauth_settings.php")
- Description: The description should be shorter than 140 characters (currently 157 characters long)
Code Analysis Passed 3 tests
File types Passed 1 test
🔸 Test weight: 35 | A short check of programming languages and file extensions; no executable files are allowed
Success! There were no dangerous files found in this plugin18,491 lines of code in 149 files:
| Language | Files | Blank lines | Comment lines | Lines of code |
|---|---|---|---|---|
| PHP | 128 | 2,242 | 4,000 | 10,136 |
| CSS | 9 | 2,611 | 22 | 6,041 |
| JSON | 4 | 0 | 0 | 1,979 |
| Markdown | 1 | 30 | 0 | 135 |
| JavaScript | 3 | 14 | 45 | 125 |
| XML | 2 | 2 | 0 | 39 |
| YAML | 2 | 0 | 0 | 36 |
PHP code Passed 2 tests
Cyclomatic complexity and code structure are the fingerprint of this plugin
No cyclomatic complexity issues were detected for this plugin
| Cyclomatic complexity | |
|---|---|
| Average complexity per logical line of code | 0.36 |
| Average class complexity | 12.27 |
| ▷ Minimum class complexity | 1.00 |
| ▷ Maximum class complexity | 107.00 |
| Average method complexity | 2.85 |
| ▷ Minimum method complexity | 1.00 |
| ▷ Maximum method complexity | 95.00 |
| Code structure | ||
|---|---|---|
| Namespaces | 14 | |
| Interfaces | 31 | |
| Traits | 0 | |
| Classes | 63 | |
| ▷ Abstract classes | 0 | 0.00% |
| ▷ Concrete classes | 63 | 100.00% |
| ▷ Final classes | 0 | 0.00% |
| Methods | 642 | |
| ▷ Static methods | 9 | 1.40% |
| ▷ Public methods | 568 | 88.47% |
| ▷ Protected methods | 53 | 8.26% |
| ▷ Private methods | 21 | 3.27% |
| Functions | 17 | |
| ▷ Named functions | 11 | 64.71% |
| ▷ Anonymous functions | 6 | 35.29% |
| Constants | 15 | |
| ▷ Global constants | 4 | 26.67% |
| ▷ Class constants | 11 | 73.33% |
| ▷ Public constants | 11 | 100.00% |
Plugin size 50% from 2 tests
Image compression 50% from 2 tests
All PNG images should be compressed to minimize bandwidth usage for end users
55 PNG files occupy 0.57MB with 0.22MB in potential savings
Potential savings
| Compression of 5 random PNG files using pngquant | |||
|---|---|---|---|
| File | Size - original | Size - compressed | Savings |
| assets/ChurchOnline.png | 29.12KB | 13.49KB | ▼ 53.69% |
| assets/Mobilize.png | 80.01KB | 30.50KB | ▼ 61.88% |
| assets/Salesforce.png | 3.64KB | 2.30KB | ▼ 36.82% |
| assets/Edunext.png | 7.85KB | 6.67KB | ▼ 15.03% |
| assets/Moodle.png | 2.62KB | 1.99KB | ▼ 24.14% |