fef046584f68d9fa9b13465b8b8c3d1addefe8e5
[Packages/TYPO3.CMS.git] / typo3 / sysext / rsaauth / sv1 / class.tx_rsaauth_sv1.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2009-2011 Dmitry Dulepov <dmitry@typo3.org>
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24
25 require_once(t3lib_extMgm::extPath('sv') . 'class.tx_sv_auth.php');
26
27 // Include backends
28
29 /**
30 * Service "RSA authentication" for the "rsaauth" extension. This service will
31 * authenticate a user using hos password encoded with one time public key. It
32 * uses the standard TYPO3 service to do all dirty work. Firsts, it will decode
33 * the password and then pass it to the parent service ('sv'). This ensures that it
34 * always works, even if other TYPO3 internals change.
35 *
36 * @author Dmitry Dulepov <dmitry@typo3.org>
37 * @package TYPO3
38 * @subpackage tx_rsaauth
39 */
40 class tx_rsaauth_sv1 extends tx_sv_auth {
41
42 /**
43 * An RSA backend.
44 *
45 * @var tx_rsaauth_abstract_backend
46 */
47 protected $backend = NULL;
48
49 /**
50 * Standard extension key for the service
51 *
52 * @var string
53 */
54 public $extKey = 'rsaauth'; // The extension key.
55
56 /**
57 * Standard prefix id for the service
58 *
59 * @var string
60 */
61 public $prefixId = 'tx_rsaauth_sv1'; // Same as class name
62
63 /**
64 * Standard relative path for the service
65 *
66 * @var string
67 */
68 public $scriptRelPath = 'sv1/class.tx_rsaauth_sv1.php'; // Path to this script relative to the extension dir.
69
70
71 /**
72 * Process the submitted credentials.
73 * In this case decrypt the password if it is RSA encrypted.
74 *
75 * @param array $loginData Credentials that are submitted and potentially modified by other services
76 * @param string $passwordTransmissionStrategy Keyword of how the password has been hashed or encrypted before submission
77 * @return bool
78 */
79 public function processLoginData(array &$loginData, $passwordTransmissionStrategy) {
80
81 $isProcessed = FALSE;
82
83 if ($passwordTransmissionStrategy === 'rsa') {
84 $storage = tx_rsaauth_storagefactory::getStorage();
85 /* @var $storage tx_rsaauth_abstract_storage */
86
87 // Decrypt the password
88 $password = $loginData['uident'];
89 $key = $storage->get();
90 if ($key != NULL && substr($password, 0, 4) === 'rsa:') {
91 // Decode password and store it in loginData
92 $decryptedPassword = $this->backend->decrypt($key, substr($password, 4));
93 if ($decryptedPassword != NULL) {
94 $loginData['uident_text'] = $decryptedPassword;
95 $isProcessed = TRUE;
96 } else {
97 if ($this->pObj->writeDevLog) {
98 t3lib_div::devLog('Process login data: Failed to RSA decrypt password', 'tx_rsaauth_sv1');
99 }
100 }
101 // Remove the key
102 $storage->put(NULL);
103 } else {
104 if ($this->pObj->writeDevLog) {
105 t3lib_div::devLog('Process login data: passwordTransmissionStrategy has been set to "rsa" but no rsa encrypted password has been found.', 'tx_rsaauth_sv1');
106 }
107 }
108 }
109
110 return $isProcessed;
111 }
112
113 /**
114 * Initializes the service.
115 *
116 * @return boolean
117 */
118 public function init() {
119 $available = parent::init();
120 if ($available) {
121 // Get the backend
122 $this->backend = tx_rsaauth_backendfactory::getBackend();
123 if (is_null($this->backend)) {
124 $available = FALSE;
125 }
126 }
127
128 return $available;
129 }
130 }
131 ?>