Skip to content

Commit

Permalink
[TASK] Use generators for service objects in Authentication
Browse files Browse the repository at this point in the history 
The introduction of the Session Framework API in v8
introduced generators for fetching authentication service
objects within `AbstractUserAuthentication`.

Some places were however forgotten, which can
safely replaced with the `$this->getAuthServices()`
method.

Resolves: #88594
Releases: master
Change-Id: I987150be574232b549340f4766bb963baa17fd60
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61095
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Benni Mack <benni@typo3.org>
  • Loading branch information
@bmack
bmack committed Jun 26, 2019
1 parent 647aa7a commit c66ca85
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 21 deletions.
10 changes: 4 additions & 6 deletions typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
View file
Expand Up @@ -610,6 +610,7 @@ public function checkAuthentication()
// Use 'auth' service to find the user
// First found user will be used
$subType = 'getUser' . $this->loginType;
/** @var AuthenticationService $serviceObj */
foreach ($this->getAuthServices($subType, $loginData, $authInfo) as $serviceObj) {
if ($row = $serviceObj->getUser()) {
$tempuserArr[] = $row;
Expand Down Expand Up @@ -659,6 +660,7 @@ public function checkAuthentication()
$this->logger->debug('Auth user', $tempuser);
$subType = 'authUser' . $this->loginType;

/** @var AuthenticationService $serviceObj */
foreach ($this->getAuthServices($subType, $loginData, $authInfo) as $serviceObj) {
if (($ret = $serviceObj->authUser($tempuser)) > 0) {
// If the service returns >=200 then no more checking is needed - useful for IP checking without password
Expand Down Expand Up @@ -1283,24 +1285,20 @@ public function processLoginData($loginData, $passwordTransmissionStrategy = '')
$loginSecurityLevel = trim($GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['loginSecurityLevel']) ?: 'normal';
$passwordTransmissionStrategy = $passwordTransmissionStrategy ?: $loginSecurityLevel;
$this->logger->debug('Login data before processing', $loginData);
$serviceChain = '';
$subType = 'processLoginData' . $this->loginType;
$authInfo = $this->getAuthInfoArray();
$isLoginDataProcessed = false;
$processedLoginData = $loginData;
while (is_object($serviceObject = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
$serviceChain .= ',' . $serviceObject->getServiceKey();
$serviceObject->initAuth($subType, $loginData, $authInfo, $this);
/** @var AuthenticationService $serviceObject */
foreach ($this->getAuthServices($subType, $loginData, $authInfo) as $serviceObject) {
$serviceResult = $serviceObject->processLoginData($processedLoginData, $passwordTransmissionStrategy);
if (!empty($serviceResult)) {
$isLoginDataProcessed = true;
// If the service returns >=200 then no more processing is needed
if ((int)$serviceResult >= 200) {
unset($serviceObject);
break;
}
}
unset($serviceObject);
}
if ($isLoginDataProcessed) {
$loginData = $processedLoginData;
Expand Down
21 changes: 6 additions & 15 deletions typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php
View file
Expand Up @@ -15,6 +15,7 @@
*/

use TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
use TYPO3\CMS\Core\Authentication\AuthenticationService;
use TYPO3\CMS\Core\Configuration\Features;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Session\Backend\Exception\SessionNotFoundException;
Expand Down Expand Up @@ -329,20 +330,14 @@ public function fetchGroupData()
}
$groupDataArr = [];
// Use 'auth' service to find the groups for the user
$serviceChain = '';
$subType = 'getGroups' . $this->loginType;
while (is_object($serviceObj = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
$serviceChain .= ',' . $serviceObj->getServiceKey();
$serviceObj->initAuth($subType, [], $authInfo, $this);
/** @var AuthenticationService $serviceObj */
foreach ($this->getAuthServices($subType, [], $authInfo) as $serviceObj) {
$groupData = $serviceObj->getGroups($this->user, $groupDataArr);
if (is_array($groupData) && !empty($groupData)) {
// Keys in $groupData should be unique ids of the groups (like "uid") so this function will override groups.
$groupDataArr = $groupData + $groupDataArr;
}
unset($serviceObj);
}
if ($serviceChain) {
$this->logger->debug($subType . ' auth services called: ' . $serviceChain);
}
if (empty($groupDataArr)) {
$this->logger->debug('No usergroups found by services');
Expand All @@ -354,22 +349,18 @@ public function fetchGroupData()
foreach ($groupDataArr as $groupData) {
// By default a group is valid
$validGroup = true;
$serviceChain = '';
$subType = 'authGroups' . $this->loginType;
while (is_object($serviceObj = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
$serviceChain .= ',' . $serviceObj->getServiceKey();
$serviceObj->initAuth($subType, [], $authInfo, $this);
foreach ($this->getAuthServices($subType, [], $authInfo) as $serviceObj) {
// we assume that the service defines the authGroup function
if (!$serviceObj->authGroup($this->user, $groupData)) {
$validGroup = false;
$this->logger->debug($subType . ' auth service did not auth group', [
'uid ' => $groupData['uid'],
'title' => $groupData['title']
'title' => $groupData['title'],
]);
break;
}
unset($serviceObj);
}
unset($serviceObj);
if ($validGroup && (string)$groupData['uid'] !== '') {
$this->groupData['title'][$groupData['uid']] = $groupData['title'];
$this->groupData['uid'][$groupData['uid']] = $groupData['uid'];
Expand Down

0 comments on commit c66ca85

Please sign in to comment.