3ad5fab0a41dfcc7184e49c70e4928b4025a12b9
[Packages/TYPO3.CMS.git] / typo3 / sysext / saltedpasswords / classes / class.tx_saltedpasswords_div.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) Marcus Krause (marcus#exp2009@t3sec.info)
6 * (c) Steffen Ritter (info@rs-websystems.de)
7 * All rights reserved
8 *
9 * This script is part of the TYPO3 project. The TYPO3 project is
10 * free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * The GNU General Public License can be found at
16 * http://www.gnu.org/copyleft/gpl.html.
17 * A copy is found in the textfile GPL.txt and important notices to the license
18 * from the author is found in LICENSE.txt distributed with these scripts.
19 *
20 *
21 * This script is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 * GNU General Public License for more details.
25 *
26 * This copyright notice MUST APPEAR in all copies of the script!
27 ***************************************************************/
28 /**
29 * Contains class "tx_saltedpasswords_div"
30 * that provides various helper functions.
31 */
32
33 /**
34 * General library class.
35 *
36 * @author Marcus Krause <marcus#exp2009@t3sec.info>
37 * @author Steffen Ritter <info@rs-websystems.de>
38 *
39 * @since 2009-06-14
40 * @package TYPO3
41 * @subpackage tx_saltedpasswords
42 */
43 class tx_saltedpasswords_div {
44 /**
45 * Keeps this extension's key.
46 */
47 const EXTKEY = 'saltedpasswords';
48
49
50 /**
51 * Returns extension configuration data from $TYPO3_CONF_VARS (configurable in Extension Manager)
52 *
53 * @author Rainer Kuhn <kuhn@punkt.de>
54 * @author Marcus Krause <marcus#exp2009@t3sec.info>
55 *
56 * @param string TYPO3_MODE, wether Configuration for Frontend or Backend should be delivered
57 * @return array extension configuration data
58 */
59 public static function returnExtConf($mode = TYPO3_MODE) {
60 $currentConfiguration = self::returnExtConfDefaults();
61
62 if (isset($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['saltedpasswords'])) {
63 $extensionConfiguration = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['saltedpasswords']);
64
65 // Merge default configuration with modified configuration:
66 if (isset($extensionConfiguration[$mode . '.'])) {
67 $currentConfiguration = array_merge(
68 $currentConfiguration,
69 $extensionConfiguration[$mode . '.']
70 );
71 }
72 }
73
74 return $currentConfiguration;
75 }
76
77 /**
78 * Hook function for felogin "forgotPassword" functionality
79 * encrypts the new password before storing in database
80 *
81 * @param array $params: Parameter the hook delivers
82 * @param tx_felogin_pi1 $pObj: Parent Object from which the hook is called
83 * @return void
84 *
85 */
86 public function feloginForgotPasswordHook(array &$params, tx_felogin_pi1 $pObj) {
87 if (self::isUsageEnabled('FE')) {
88 $this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance();
89 $params['newPassword'] = $this->objInstanceSaltedPW->getHashedPassword($params['newPassword']);
90 }
91 }
92
93 /**
94 * Returns default configuration of this extension.
95 *
96 * @return array default extension configuration data for localconf.php
97 */
98 public static function returnExtConfDefaults() {
99 return array(
100 'onlyAuthService' => '0',
101 'forceSalted' => '0',
102 'updatePasswd' => '1',
103 'saltedPWHashingMethod' => 'tx_saltedpasswords_salts_phpass',
104 'enabled' => '1',
105 );
106 }
107
108 /**
109 * Function determines the default(=configured) type of
110 * salted hashing method to be used.
111 *
112 * @param string $mode: (optional) The TYPO3 mode (FE or BE) saltedpasswords shall be used for
113 * @return string classname of object to be used
114 */
115 public static function getDefaultSaltingHashingMethod($mode = TYPO3_MODE) {
116
117 $extConf = self::returnExtConf($mode);
118 $classNameToUse = 'tx_saltedpasswords_salts_md5';
119 if (in_array($extConf['saltedPWHashingMethod'], array_keys($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/saltedpasswords']['saltMethods']))) {
120 $classNameToUse = $extConf['saltedPWHashingMethod'];
121 }
122
123 return $classNameToUse;
124 }
125
126 /**
127 * Returns information if salted password hashes are
128 * indeed used in the TYPO3_MODE.
129 *
130 * @param string $mode: (optional) The TYPO3 mode (FE or BE) saltedpasswords shall be used for
131 * @return boolean TRUE, if salted password hashes are used in the TYPO3_MODE, otherwise FALSE
132 */
133 public static function isUsageEnabled($mode = TYPO3_MODE) {
134 // Login Security Level Recognition
135 $extConf = self::returnExtConf($mode);
136 $securityLevel = $GLOBALS['TYPO3_CONF_VARS'][$mode]['loginSecurityLevel'];
137 if ($mode == 'BE' && $extConf['enabled']) {
138 return (($securityLevel =='normal' && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] > 0) || $securityLevel == 'rsa');
139 } elseif ($mode =='FE' && $extConf['enabled']) {
140 return t3lib_div::inList('normal,rsa', $securityLevel);
141 }
142
143 return FALSE;
144 }
145 }
146
147 ?>