[TASK] Update version number for master to 7
[Packages/TYPO3.CMS.git] / typo3 / sysext / sv / Classes / AbstractAuthenticationService.php
1 <?php
2 namespace TYPO3\CMS\Sv;
3
4 /**
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 /**
18 * Authentication services class
19 *
20 * @author René Fritz <r.fritz@colorcube.de>
21 */
22 class AbstractAuthenticationService extends \TYPO3\CMS\Core\Service\AbstractService {
23
24 /**
25 * User object
26 *
27 * @var \TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
28 */
29 public $pObj;
30
31 // Subtype of the service which is used to call the service.
32 /**
33 * @var string
34 */
35 public $mode;
36
37 // Submitted login form data
38 /**
39 * @var array
40 */
41 public $login = array();
42
43 // Various data
44 /**
45 * @var array
46 */
47 public $authInfo = array();
48
49 // User db table definition
50 /**
51 * @var array
52 */
53 public $db_user = array();
54
55 // Usergroups db table definition
56 /**
57 * @var array
58 */
59 public $db_groups = array();
60
61 // If the writelog() functions is called if a login-attempt has be tried without success
62 /**
63 * @var bool
64 */
65 public $writeAttemptLog = FALSE;
66
67 // If the \TYPO3\CMS\Core\Utility\GeneralUtility::devLog() function should be used
68 /**
69 * @var bool
70 */
71 public $writeDevLog = FALSE;
72
73 /**
74 * Initialize authentication service
75 *
76 * @param string $mode Subtype of the service which is used to call the service.
77 * @param array $loginData Submitted login form data
78 * @param array $authInfo Information array. Holds submitted form data etc.
79 * @param object $pObj Parent object
80 * @return void
81 */
82 public function initAuth($mode, $loginData, $authInfo, $pObj) {
83 $this->pObj = $pObj;
84 // Sub type
85 $this->mode = $mode;
86 $this->login = $loginData;
87 $this->authInfo = $authInfo;
88 $this->db_user = $this->getServiceOption('db_user', $authInfo['db_user'], FALSE);
89 $this->db_groups = $this->getServiceOption('db_groups', $authInfo['db_groups'], FALSE);
90 $this->writeAttemptLog = $this->pObj->writeAttemptLog;
91 $this->writeDevLog = $this->pObj->writeDevLog;
92 }
93
94 /**
95 * Check the login data with the user record data for builtin login methods
96 *
97 * @param array $user User data array
98 * @param array $loginData Login data array
99 * @param string $passwordCompareStrategy Password compare strategy
100 * @return boolean TRUE if login data matched
101 */
102 public function compareUident(array $user, array $loginData, $passwordCompareStrategy = '') {
103 if ($this->authInfo['loginType'] === 'BE') {
104 // Challenge is only stored in session during BE login with the superchallenged login type.
105 // In the frontend context the challenge is never stored in the session.
106 if ($passwordCompareStrategy !== 'superchallenged') {
107 $this->pObj->challengeStoredInCookie = FALSE;
108 }
109 // The TYPO3 standard login service relies on $passwordCompareStrategy being set
110 // to 'superchallenged' because of the password in the database is stored as md5 hash
111 $passwordCompareStrategy = 'superchallenged';
112 }
113 return $this->pObj->compareUident($user, $loginData, $passwordCompareStrategy);
114 }
115
116 /**
117 * Writes to log database table in pObj
118 *
119 * @param integer $type denotes which module that has submitted the entry. This is the current list: 1=tce_db; 2=tce_file; 3=system (eg. sys_history save); 4=modules; 254=Personal settings changed; 255=login / out action: 1=login, 2=logout, 3=failed login (+ errorcode 3), 4=failure_warning_email sent
120 * @param integer $action denotes which specific operation that wrote the entry (eg. 'delete', 'upload', 'update' and so on...). Specific for each $type. Also used to trigger update of the interface. (see the log-module for the meaning of each number !!)
121 * @param integer $error flag. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin)
122 * @param integer $details_nr The message number. Specific for each $type and $action. in the future this will make it possible to translate errormessages to other languages
123 * @param string $details Default text that follows the message
124 * @param array $data Data that follows the log. Might be used to carry special information. If an array the first 5 entries (0-4) will be sprintf'ed the details-text...
125 * @param string $tablename Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
126 * @param integer $recuid Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
127 * @param integer $recpid Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
128 * @return void
129 */
130 public function writelog($type, $action, $error, $details_nr, $details, $data, $tablename = '', $recuid = '', $recpid = '') {
131 if ($this->writeAttemptLog) {
132 $this->pObj->writelog($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid);
133 }
134 }
135
136 /*************************
137 *
138 * create/update user - EXPERIMENTAL
139 *
140 *************************/
141 /**
142 * Get a user from DB by username
143 *
144 * @param string $username User name
145 * @param string $extraWhere Additional WHERE clause: " AND ...
146 * @param array $dbUserSetup User db table definition: $this->db_user
147 * @return mixed User array or FALSE
148 */
149 public function fetchUserRecord($username, $extraWhere = '', $dbUserSetup = '') {
150 $dbUser = is_array($dbUserSetup) ? $dbUserSetup : $this->db_user;
151 $user = $this->pObj->fetchUserRecord($dbUser, $username, $extraWhere);
152 return $user;
153 }
154
155 }