[BUGFIX] Harden type annotations around user authentication handling

When authenticating and fetching user records, appropriate methods normally pass around either the full database record or `false` in case the user does not exist or could not be authenticated. The expected types are now added to all relevant methods in authentication services. Resolves: #99544 Releases: main, 11.5 Change-Id: Ib45440a39e64b5ac5a1f1c4799e2f59cb13526bf Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77335 Reviewed-by: Benni Mack <benni@typo3.org> Tested-by: core-ci <typo3@b13.com> Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de> Tested-by: Benni Mack <benni@typo3.org> Tested-by: Oliver Klee <typo3-coding@oliverklee.de>
TYPO3 · Jan 16, 2023 · 35dec16 · 35dec16
1 parent 8c1bba3
commit 35dec16
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php b/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php
@@ -122,7 +122,7 @@ public function writelog($type, $action, $error, $details_nr, $details, $data, $
      * @param string $username User name
      * @param string $extraWhere Additional WHERE clause: " AND ...
      * @param array|string $dbUserSetup User db table definition, or empty string for $this->db_user
-     * @return mixed User array or FALSE
+     * @return array<string, mixed>|false User array or FALSE
      */
     public function fetchUserRecord($username, $extraWhere = '', $dbUserSetup = '')
     {

diff --git a/typo3/sysext/core/Classes/Authentication/AuthenticationService.php b/typo3/sysext/core/Classes/Authentication/AuthenticationService.php
@@ -52,7 +52,7 @@ public function processLoginData(array &$loginData, $passwordTransmissionStrateg
     /**
      * Find a user (eg. look up the user record in database when a login is sent)
      *
-     * @return mixed User array or FALSE
+     * @return array<string, mixed>|false User array or FALSE
      */
     public function getUser()
     {
@@ -97,7 +97,7 @@ public function getUser()
      *  > 0:    User authenticated successfully. Other auth services will still be asked.
      *  <= 0:   Authentication failed, no more checking needed by other auth services.
      *
-     * @param array $user User data
+     * @param array<string, mixed> $user User data
      * @return int Authentication status code, one of 0, 100, 200
      */
     public function authUser(array $user): int