[SECURITY] Fix DoS in openid
[Packages/TYPO3.CMS.git] / typo3 / sysext / openid / ext_localconf.php
1 <?php
2 defined('TYPO3_MODE') or die();
3
4 // Register OpenID processing service with TYPO3
5 \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addService(
6 $_EXTKEY,
7 'auth',
8 'tx_openid_service_process',
9 array(
10 'title' => 'OpenID Authentication',
11 'description' => 'OpenID processing login information service for Frontend and Backend',
12 'subtype' => 'processLoginDataBE,processLoginDataFE',
13 'available' => TRUE,
14 'priority' => 35,
15 // Must be lower than for \TYPO3\CMS\Sv\AuthenticationService (50) to let other processing take place before
16 'quality' => 50,
17 'os' => '',
18 'exec' => '',
19 'className' => 'TYPO3\\CMS\\Openid\\OpenidService'
20 )
21 );
22
23 // Register OpenID authentication service with TYPO3
24 \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addService(
25 $_EXTKEY,
26 'auth',
27 'tx_openid_service',
28 array(
29 'title' => 'OpenID Authentication',
30 'description' => 'OpenID authentication service for Frontend and Backend',
31 'subtype' => 'getUserFE,authUserFE,getUserBE,authUserBE',
32 'available' => TRUE,
33 'priority' => 75,
34 // Must be higher than for \TYPO3\CMS\Sv\AuthenticationService (50) or \TYPO3\CMS\Sv\AuthenticationService will log failed login attempts
35 'quality' => 50,
36 'os' => '',
37 'exec' => '',
38 'className' => 'TYPO3\\CMS\\Openid\\OpenidService'
39 )
40 );
41
42 // Register eID script that performs final FE user authentication. It will be called by the OpenID provider
43 $GLOBALS['TYPO3_CONF_VARS']['FE']['eID_include']['tx_openid'] = 'EXT:openid/class.tx_openid_eid.php';
44 $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['setup']['accessLevelCheck']['TYPO3\\CMS\\Openid\\OpenidModuleSetup'] = '';
45 // Use popup window to refresh login instead of the AJAX relogin:
46 $GLOBALS['TYPO3_CONF_VARS']['BE']['showRefreshLoginPopup'] = 1;