7d4758896ec1a1938d66378b9b40fdebd02a79ec
[Packages/TYPO3.CMS.git] / typo3 / sysext / rsaauth / resources / BackendLoginFormRsaEncryption.js
1 /**
2 * Object that handles RSA encryption and submission of the form
3 */
4 TYPO3RsaBackendLogin = {
5
6 /**
7 * Field in which users enter their password
8 */
9 userPasswordField: document.loginform.p_field,
10
11 /**
12 * Field that is used by TYPO3 to evaluate the password during login process
13 */
14 typo3PasswordField: document.loginform.userident,
15
16 /**
17 * Replace event handler of submit button
18 */
19 initialize: function() {
20 var submitButton = $('t3-login-submit');
21 Event.stopObserving(
22 submitButton,
23 'click',
24 TYPO3BackendLogin.showLoginProcess
25 );
26 Event.observe(
27 submitButton,
28 'click',
29 TYPO3RsaBackendLogin.handleFormSubmitRequest
30 );
31 },
32
33 /**
34 * Fetches a new public key by Ajax and encrypts the password for transmission
35 *
36 * @param event
37 */
38 handleFormSubmitRequest: function(event) {
39 event.preventDefault();
40 // Call the original event handler
41 TYPO3BackendLogin.showLoginProcess();
42
43 Ext.Ajax.request({
44 url: TYPO3.settings.ajaxUrls['BackendLogin::getRsaPublicKey'],
45 params: {
46 'skipSessionUpdate': 1
47 },
48 method: 'GET',
49 success: TYPO3RsaBackendLogin.handlePublicKeyResponse
50 });
51 },
52
53 /**
54 * Parses the Json response and triggers submission of the form
55 *
56 * @param response Ajax response object
57 */
58 handlePublicKeyResponse: function(response) {
59 var publicKey = Ext.util.JSON.decode(response.responseText);
60 if (publicKey.publicKeyModulus && publicKey.exponent) {
61 TYPO3RsaBackendLogin.encryptPasswordAndSubmitForm(publicKey);
62 } else {
63 alert('No public key could be generated. Please inform your TYPO3 administrator to check the OpenSSL settings.');
64 }
65 },
66
67 /**
68 * Uses the public key with the RSA library to encrypt the password.
69 *
70 * @param publicKey
71 */
72 encryptPasswordAndSubmitForm: function(publicKey) {
73 var form, rsa, inputField;
74
75 rsa = new RSAKey();
76 rsa.setPublic(publicKey.publicKeyModulus, publicKey.exponent);
77 var encryptedPassword = rsa.encrypt(TYPO3RsaBackendLogin.userPasswordField.value);
78
79 // Reset user password field to prevent it from being submitted
80 TYPO3RsaBackendLogin.userPasswordField.value = '';
81 TYPO3RsaBackendLogin.typo3PasswordField.value = 'rsa:' + hex2b64(encryptedPassword);
82
83 // Create a hidden input field to fake pressing the submit button
84 inputField = TYPO3RsaBackendLogin.getHiddenField('commandLI', 'Submit');
85 form = $('typo3-login-form');
86 form.appendChild(inputField);
87
88 // Submit the form
89 form.submit();
90 },
91
92 /**
93 * Creates a new hidden field DOM element
94 *
95 * @param name Name attribute of the field
96 * @param value Value attribute of the field
97 * @returns {HTMLElement}
98 */
99 getHiddenField: function(name, value) {
100 var input = document.createElement("input");
101 input.setAttribute("type", "hidden");
102 input.setAttribute("name", name);
103 input.setAttribute("value", value);
104 return input;
105 }
106 };
107
108 Ext.onReady(TYPO3RsaBackendLogin.initialize, TYPO3RsaBackendLogin);