[TASK] General code cleanup in ext:sv
[Packages/TYPO3.CMS.git] / typo3 / sysext / sv / Classes / AbstractAuthenticationService.php
1 <?php
2 namespace TYPO3\CMS\Sv;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
18 use TYPO3\CMS\Core\Service\AbstractService;
19
20 /**
21 * Authentication services class
22 *
23 * @author René Fritz <r.fritz@colorcube.de>
24 */
25 class AbstractAuthenticationService extends AbstractService {
26
27 /**
28 * User object
29 *
30 * @var AbstractUserAuthentication
31 */
32 public $pObj;
33
34 /**
35 * Subtype of the service which is used to call the service.
36 *
37 * @var string
38 */
39 public $mode;
40
41 /**
42 * Submitted login form data
43 *
44 * @var array
45 */
46 public $login = array();
47
48 /**
49 * Various data
50 *
51 * @var array
52 */
53 public $authInfo = array();
54
55 /**
56 * User db table definition
57 *
58 * @var array
59 */
60 public $db_user = array();
61
62 /**
63 * Usergroups db table definition
64 *
65 * @var array
66 */
67 public $db_groups = array();
68
69 /**
70 * If the writelog() functions is called if a login-attempt has be tried without success
71 *
72 * @var bool
73 */
74 public $writeAttemptLog = FALSE;
75
76 /**
77 * If the \TYPO3\CMS\Core\Utility\GeneralUtility::devLog() function should be used
78 *
79 * @var bool
80 */
81 public $writeDevLog = FALSE;
82
83 /**
84 * Initialize authentication service
85 *
86 * @param string $mode Subtype of the service which is used to call the service.
87 * @param array $loginData Submitted login form data
88 * @param array $authInfo Information array. Holds submitted form data etc.
89 * @param AbstractUserAuthentication $pObj Parent object
90 * @return void
91 */
92 public function initAuth($mode, $loginData, $authInfo, $pObj) {
93 $this->pObj = $pObj;
94 // Sub type
95 $this->mode = $mode;
96 $this->login = $loginData;
97 $this->authInfo = $authInfo;
98 $this->db_user = $this->getServiceOption('db_user', $authInfo['db_user'], FALSE);
99 $this->db_groups = $this->getServiceOption('db_groups', $authInfo['db_groups'], FALSE);
100 $this->writeAttemptLog = $this->pObj->writeAttemptLog;
101 $this->writeDevLog = $this->pObj->writeDevLog;
102 }
103
104 /**
105 * Check the login data with the user record data for builtin login methods
106 *
107 * @param array $user User data array
108 * @param array $loginData Login data array
109 * @param string $passwordCompareStrategy Password compare strategy
110 * @return bool TRUE if login data matched
111 */
112 public function compareUident(array $user, array $loginData, $passwordCompareStrategy = '') {
113 if ($this->authInfo['loginType'] === 'BE') {
114 // Challenge is only stored in session during BE login with the superchallenged login type.
115 // In the frontend context the challenge is never stored in the session.
116 if ($passwordCompareStrategy !== 'superchallenged') {
117 $this->pObj->challengeStoredInCookie = FALSE;
118 }
119 // The TYPO3 standard login service relies on $passwordCompareStrategy being set
120 // to 'superchallenged' because of the password in the database is stored as md5 hash
121 $passwordCompareStrategy = 'superchallenged';
122 }
123 return $this->pObj->compareUident($user, $loginData, $passwordCompareStrategy);
124 }
125
126 /**
127 * Writes to log database table in pObj
128 *
129 * @param int $type denotes which module that has submitted the entry. This is the current list: 1=tce_db; 2=tce_file; 3=system (eg. sys_history save); 4=modules; 254=Personal settings changed; 255=login / out action: 1=login, 2=logout, 3=failed login (+ errorcode 3), 4=failure_warning_email sent
130 * @param int $action denotes which specific operation that wrote the entry (eg. 'delete', 'upload', 'update' and so on...). Specific for each $type. Also used to trigger update of the interface. (see the log-module for the meaning of each number !!)
131 * @param int $error flag. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin)
132 * @param int $details_nr The message number. Specific for each $type and $action. in the future this will make it possible to translate error messages to other languages
133 * @param string $details Default text that follows the message
134 * @param array $data Data that follows the log. Might be used to carry special information. If an array the first 5 entries (0-4) will be sprintf'ed the details-text...
135 * @param string $tablename Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
136 * @param int|string $recuid Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
137 * @param int|string $recpid Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
138 * @return void
139 */
140 public function writelog($type, $action, $error, $details_nr, $details, $data, $tablename = '', $recuid = '', $recpid = '') {
141 if ($this->writeAttemptLog) {
142 $this->pObj->writelog($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid);
143 }
144 }
145
146 /**
147 * Get a user from DB by username
148 *
149 * @param string $username User name
150 * @param string $extraWhere Additional WHERE clause: " AND ...
151 * @param array|string $dbUserSetup User db table definition, or empty string for $this->db_user
152 * @return mixed User array or FALSE
153 */
154 public function fetchUserRecord($username, $extraWhere = '', $dbUserSetup = '') {
155 $dbUser = is_array($dbUserSetup) ? $dbUserSetup : $this->db_user;
156 $user = $this->pObj->fetchUserRecord($dbUser, $username, $extraWhere);
157 return $user;
158 }
159
160 }