[TASK] Refactor SaltFactory 47/57847/11
authorChristian Kuhn <lolli@schwarzbu.ch>
Thu, 9 Aug 2018 15:47:30 +0000 (17:47 +0200)
committerAndreas Fernandez <a.fernandez@scripting-base.de>
Thu, 9 Aug 2018 18:39:03 +0000 (20:39 +0200)
commit2087c42a19d86c155e009ac907727134adcb9834
tree07bceb8a4cc51dec25f3ac45c6c6853a8260d51d
parentf8d3e814df833f5cd9407ec01f9ca66e564a5862
[TASK] Refactor SaltFactory

The patch deprecates static SaltFactory::getSaltingInstance()
and replaces it with the two new non-static methods.
The ->get() method returns a hash instance to check a given password
against a given hash, and ->getDefaultHashInstance() which returns
an instance of the configured default hash method to calculate
a hash for a new password.

The new methods are now strict, non-static and throw exceptions if
something goes wrong. This simplifies mocking in tests and sanitizes
password hash handling in the core.

Change-Id: I186576593202cb6d052bc7c1ca6f81314eddbaf2
Resolves: #85796
Releases: master
Reviewed-on: https://review.typo3.org/57847
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
20 files changed:
typo3/sysext/core/Classes/Authentication/AuthenticationService.php
typo3/sysext/core/Classes/Authentication/CommandLineUserAuthentication.php
typo3/sysext/core/Classes/DataHandling/DataHandler.php
typo3/sysext/core/Documentation/Changelog/master/Deprecation-85796-SaltedPasswordsCleanups.rst [new file with mode: 0644]
typo3/sysext/felogin/Classes/Controller/FrontendLoginController.php
typo3/sysext/install/Classes/Authentication/AuthenticationService.php
typo3/sysext/install/Classes/Controller/InstallerController.php
typo3/sysext/install/Classes/Controller/MaintenanceController.php
typo3/sysext/install/Classes/Controller/SettingsController.php
typo3/sysext/install/Classes/Http/RequestHandler.php
typo3/sysext/install/Classes/Report/SecurityStatusReport.php
typo3/sysext/install/Configuration/ExtensionScanner/Php/MethodCallStaticMatcher.php
typo3/sysext/reports/Classes/Report/Status/SecurityStatus.php
typo3/sysext/saltedpasswords/Classes/Salt/SaltFactory.php
typo3/sysext/saltedpasswords/Classes/SaltedPasswordService.php
typo3/sysext/saltedpasswords/Classes/Utility/SaltedPasswordsUtility.php
typo3/sysext/saltedpasswords/Documentation/DevelopersGuide/Index.rst
typo3/sysext/saltedpasswords/Tests/Unit/Salt/SaltFactoryTest.php
typo3/sysext/saltedpasswords/Tests/UnitDeprecated/Salt/SaltFactoryTest.php [new file with mode: 0644]
typo3/sysext/setup/Classes/Controller/SetupModuleController.php