[TASK] CGL violations "AssignmentArithmeticAndComparisonSpace"
[Packages/TYPO3.CMS.git] / typo3 / sysext / rsaauth / Classes / Hook / UserSetupHook.php
1 <?php
2 namespace TYPO3\CMS\Rsaauth\Hook;
3
4 /***************************************************************
5 * Copyright notice
6 *
7 * (c) 2011 Helmut Hummel <helmut.hummel@typo3.org>
8 * All rights reserved
9 *
10 * This script is part of the TYPO3 project. The TYPO3 project is
11 * free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * The GNU General Public License can be found at
17 * http://www.gnu.org/copyleft/gpl.html.
18 *
19 * This script is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
23 *
24 * This copyright notice MUST APPEAR in all copies of the script!
25 ***************************************************************/
26 /**
27 * This class provides a hook to the login form to add extra javascript code
28 * and supply a proper form tag.
29 *
30 * @author Helmut Hummel <helmut.hummel@typo3.org>
31 * @package TYPO3
32 * @subpackage tx_rsaauth
33 */
34 class UserSetupHook {
35
36 /**
37 * Decrypt the password fields if they are filled.
38 *
39 * @param array $parameters Parameters to the script
40 * @return void
41 */
42 public function decryptPassword(array $parameters) {
43 if ($this->isRsaAvailable()) {
44 $be_user_data = &$parameters['be_user_data'];
45 if (substr($be_user_data['password'], 0, 4) === 'rsa:' && substr($be_user_data['password2'], 0, 4) === 'rsa:') {
46 $backend = \TYPO3\CMS\Rsaauth\Backend\BackendFactory::getBackend();
47 /** @var $storage \TYPO3\CMS\Rsaauth\Storage\AbstractStorage */
48 $storage = \TYPO3\CMS\Rsaauth\Storage\StorageFactory::getStorage();
49 $key = $storage->get();
50 $password = $backend->decrypt($key, substr($be_user_data['password'], 4));
51 $password2 = $backend->decrypt($key, substr($be_user_data['password2'], 4));
52 $be_user_data['password'] = $password ? $password : $be_user_data['password'];
53 $be_user_data['password2'] = $password2 ? $password2 : $be_user_data['password2'];
54 }
55 }
56 }
57
58 /**
59 * Provides form code and javascript for the user setup.
60 *
61 * @param array $parameters Parameters to the script
62 * @param \TYPO3\CMS\Backend\Controller\LoginController $userSetupObject Calling object: user setup module
63 * @return string The code for the user setup
64 */
65 public function getLoginScripts(array $parameters, \TYPO3\CMS\Setup\Controller\SetupModuleController $userSetupObject) {
66 $content = '';
67 if ($this->isRsaAvailable()) {
68 // If we can get the backend, we can proceed
69 $backend = \TYPO3\CMS\Rsaauth\Backend\BackendFactory::getBackend();
70 $javascriptPath = \TYPO3\CMS\Core\Extension\ExtensionManager::siteRelPath('rsaauth') . 'resources/';
71 $files = array(
72 'jsbn/jsbn.js',
73 'jsbn/prng4.js',
74 'jsbn/rng.js',
75 'jsbn/rsa.js',
76 'jsbn/base64.js',
77 'rsaauth_min.js'
78 );
79 $content = '';
80 foreach ($files as $file) {
81 $content .= '<script type="text/javascript" src="' . \TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_SITE_URL') . $javascriptPath . $file . '"></script>';
82 }
83 // Generate a new key pair
84 $keyPair = $backend->createNewKeyPair();
85 // Save private key
86 $storage = \TYPO3\CMS\Rsaauth\Storage\StorageFactory::getStorage();
87 /** @var $storage \TYPO3\CMS\Rsaauth\Storage\AbstractStorage */
88 $storage->put($keyPair->getPrivateKey());
89 // Add form tag
90 $form = '<form action="' . \TYPO3\CMS\Backend\Utility\BackendUtility::getModuleUrl('user_setup') . '" method="post" name="usersetup" enctype="application/x-www-form-urlencoded" onsubmit="tx_rsaauth_encryptUserSetup();">';
91 // Add RSA hidden fields
92 $form .= '<input type="hidden" id="rsa_n" name="n" value="' . htmlspecialchars($keyPair->getPublicKeyModulus()) . '" />';
93 $form .= '<input type="hidden" id="rsa_e" name="e" value="' . sprintf('%x', $keyPair->getExponent()) . '" />';
94 $userSetupObject->doc->form = $form;
95 }
96 return $content;
97 }
98
99 /**
100 * Rsa is available if loginSecurityLevel is set and rsa backend is working.
101 *
102 * @return boolean
103 */
104 protected function isRsaAvailable() {
105 return trim($GLOBALS['TYPO3_CONF_VARS']['BE']['loginSecurityLevel']) === 'rsa' && \TYPO3\CMS\Rsaauth\Backend\BackendFactory::getBackend() !== NULL;
106 }
107
108 }
109
110
111 ?>