[BUGFIX] Include RSA JS in FE with relative URL
[Packages/TYPO3.CMS.git] / typo3 / sysext / rsaauth / Classes / RsaEncryptionEncoder.php
1 <?php
2 namespace TYPO3\CMS\Rsaauth;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Core\Page\PageRenderer;
20 use TYPO3\CMS\Core\SingletonInterface;
21 use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
22 use TYPO3\CMS\Core\Utility\GeneralUtility;
23
24 /**
25 * This class adds necessary Javascript code to encrypt fields in a form
26 */
27 class RsaEncryptionEncoder implements SingletonInterface
28 {
29 /**
30 * @var bool
31 */
32 protected $moduleLoaded = false;
33
34 /**
35 * @var PageRenderer
36 */
37 protected $pageRenderer = null;
38
39 /**
40 * This method is called by the hook constructPostProcess
41 */
42 public function enableEncryptionFromBackendControllerPostConstructor()
43 {
44 $this->enableRsaEncryption(true);
45 }
46
47 /**
48 * Load all necessary Javascript files
49 *
50 * @param bool $useRequireJsModule
51 */
52 public function enableRsaEncryption($useRequireJsModule = false)
53 {
54 if ($this->moduleLoaded || !$this->isAvailable()) {
55 return;
56 }
57 $this->moduleLoaded = true;
58 $pageRenderer = GeneralUtility::makeInstance(PageRenderer::class);
59 // Include necessary javascript files
60 if ($useRequireJsModule) {
61 $pageRenderer->loadRequireJsModule('TYPO3/CMS/Rsaauth/RsaEncryptionModule');
62 } else {
63 // Register ajax handler url
64 $code = 'var TYPO3RsaEncryptionPublicKeyUrl = ' . GeneralUtility::quoteJSvalue(GeneralUtility::getIndpEnv('TYPO3_SITE_PATH') . 'index.php?eID=RsaPublicKeyGenerationController') . ';';
65 $pageRenderer->addJsInlineCode('TYPO3RsaEncryptionPublicKeyUrl', $code);
66 $javascriptPath = ExtensionManagementUtility::siteRelPath('rsaauth') . 'Resources/Public/JavaScript/';
67 if (!$GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['debug']) {
68 $files = ['RsaEncryptionWithLib.min.js'];
69 } else {
70 $files = [
71 'RsaLibrary.js',
72 'RsaEncryption.js',
73 ];
74 }
75 foreach ($files as $file) {
76 $pageRenderer->addJsFile($javascriptPath . $file);
77 }
78 }
79 }
80
81 /**
82 * @return bool
83 */
84 public function isAvailable()
85 {
86 return trim($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['loginSecurityLevel']) === 'rsa';
87 }
88
89 /**
90 * Gets RSA Public Key.
91 *
92 * @return Keypair|NULL
93 */
94 public function getRsaPublicKey()
95 {
96 $keyPair = null;
97 $backend = Backend\BackendFactory::getBackend();
98 if ($backend !== null) {
99 $keyPair = $backend->createNewKeyPair();
100 $storage = Storage\StorageFactory::getStorage();
101 $storage->put($keyPair->getPrivateKey());
102 session_commit();
103 }
104
105 return $keyPair;
106 }
107
108 /**
109 * Ajax handler to return a RSA public key.
110 *
111 * @param ServerRequestInterface $request
112 * @param ResponseInterface $response
113 * @return ResponseInterface
114 */
115 public function getRsaPublicKeyAjaxHandler(ServerRequestInterface $request, ResponseInterface $response)
116 {
117 $keyPair = $this->getRsaPublicKey();
118 if ($keyPair !== null) {
119 $response->getBody()->write(implode('', [
120 'publicKeyModulus' => $keyPair->getPublicKeyModulus(),
121 'spacer' => ':',
122 'exponent' => sprintf('%x', $keyPair->getExponent())
123 ]));
124 $response = $response->withHeader('Content-Type', 'text/html; charset=utf-8');
125 } else {
126 $response->getBody()->write('No OpenSSL backend could be obtained for rsaauth.');
127 $response = $response->withStatus(500);
128 }
129 return $response;
130 }
131 }