[TASK] Rewrite eID handling as PSR-15 middleware 96/55596/6
authorBenjamin Franzke <bfr@qbus.de>
Wed, 7 Feb 2018 19:57:30 +0000 (20:57 +0100)
committerSusanne Moog <susanne.moog@typo3.org>
Thu, 8 Feb 2018 13:37:50 +0000 (14:37 +0100)
Releases: master
Resolves: #83803
Change-Id: Id704c5235e5e844d8e42482dd55948e0ad4a2162
Reviewed-on: https://review.typo3.org/55596
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Susanne Moog <susanne.moog@typo3.org>
Tested-by: Susanne Moog <susanne.moog@typo3.org>
typo3/sysext/core/Classes/Http/Dispatcher.php
typo3/sysext/core/Documentation/Changelog/master/Deprecation-83803-DeprecateEidRequestHandler.rst [new file with mode: 0644]
typo3/sysext/frontend/Classes/Http/Application.php
typo3/sysext/frontend/Classes/Http/EidRequestHandler.php
typo3/sysext/frontend/Classes/Http/RequestHandler.php
typo3/sysext/frontend/Classes/Middleware/EidHandler.php [new file with mode: 0644]
typo3/sysext/frontend/Configuration/RequestMiddlewares.php

index 8f1e3ee..133bfe1 100644 (file)
@@ -22,7 +22,7 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
  * Dispatcher which resolves a target, which was given to the request to call a controller and method (but also a callable)
  * where the request contains a "target" as attribute.
  *
- * Used in eID Frontend Requests, see EidRequestHandler
+ * Used in eID Frontend Requests, see EidHandler
  */
 class Dispatcher implements DispatcherInterface
 {
diff --git a/typo3/sysext/core/Documentation/Changelog/master/Deprecation-83803-DeprecateEidRequestHandler.rst b/typo3/sysext/core/Documentation/Changelog/master/Deprecation-83803-DeprecateEidRequestHandler.rst
new file mode 100644 (file)
index 0000000..963a236
--- /dev/null
@@ -0,0 +1,35 @@
+.. include:: ../../Includes.txt
+
+=================================================
+Deprecation: #83803 - Deprecate EidRequestHandler
+=================================================
+
+See :issue:`83803`
+
+Description
+===========
+
+The class :php:`\TYPO3\CMS\Frontend\Http\EidRequestHandler` has been marked as deprecated and will be removed in CMS 10.
+This class has been replaced by a PSR-15 middleware :php:`\TYPO3\CMS\Frontend\Middleware\EidHandler`.
+
+The eID functionality itself is not deprecated and can be used as before.
+
+
+Impact
+======
+
+Installations that use :php:`\TYPO3\CMS\Frontend\Http\EidRequestHandler` will trigger a deprecation log entry.
+
+
+Affected Installations
+======================
+
+All installations that use custom extensions that add classes derived from :php:`\TYPO3\CMS\Frontend\Http\EidRequestHandler`.
+
+
+Migration
+=========
+
+Use :php:`\TYPO3\CMS\Frontend\Middleware\EidHandler` instead.
+
+.. index:: Frontend, PHP-API, NotScanned
index 115a396..33b1def 100644 (file)
@@ -40,7 +40,6 @@ class Application implements ApplicationInterface
      */
     protected $availableRequestHandlers = [
         \TYPO3\CMS\Frontend\Http\RequestHandler::class,
-        \TYPO3\CMS\Frontend\Http\EidRequestHandler::class
     ];
 
     /**
index f9e7b07..d4dd83e 100644 (file)
@@ -25,10 +25,13 @@ use TYPO3\CMS\Core\Http\NullResponse;
 use TYPO3\CMS\Core\Http\RequestHandlerInterface;
 use TYPO3\CMS\Core\Http\Response;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
+use TYPO3\CMS\Frontend\Middleware\EidHandler as EidMiddleware;
 
 /**
  * Lightweight alternative to the regular RequestHandler used when $_GET[eID] is set.
  * In the future, logic from the EidUtility will be moved to this class.
+ *
+ * @deprecated since TYPO3 v9.2, will be removed in TYPO3 v10
  */
 class EidRequestHandler implements RequestHandlerInterface, PsrRequestHandlerInterface
 {
@@ -45,6 +48,7 @@ class EidRequestHandler implements RequestHandlerInterface, PsrRequestHandlerInt
      */
     public function __construct(Bootstrap $bootstrap)
     {
+        trigger_error(self::class . ' will be removed in TYPO3 v10. Use ' . EidMiddleware::class . ' instead.', E_USER_DEPRECATED);
         $this->bootstrap = $bootstrap;
     }
 
@@ -56,6 +60,7 @@ class EidRequestHandler implements RequestHandlerInterface, PsrRequestHandlerInt
      */
     public function handleRequest(ServerRequestInterface $request): ResponseInterface
     {
+        trigger_error(self::class . ' will be removed in TYPO3 v10. Use ' . EidMiddleware::class . ' instead.', E_USER_DEPRECATED);
         return $this->handle($request);
     }
 
@@ -67,6 +72,7 @@ class EidRequestHandler implements RequestHandlerInterface, PsrRequestHandlerInt
      */
     public function canHandleRequest(ServerRequestInterface $request): bool
     {
+        trigger_error(self::class . ' will be removed in TYPO3 v10. Use ' . EidMiddleware::class . ' instead.', E_USER_DEPRECATED);
         return !empty($request->getQueryParams()['eID']) || !empty($request->getParsedBody()['eID']);
     }
 
@@ -78,6 +84,7 @@ class EidRequestHandler implements RequestHandlerInterface, PsrRequestHandlerInt
      */
     public function getPriority(): int
     {
+        trigger_error(self::class . ' will be removed in TYPO3 v10. Use ' . EidMiddleware::class . ' instead.', E_USER_DEPRECATED);
         return 80;
     }
 
@@ -90,6 +97,7 @@ class EidRequestHandler implements RequestHandlerInterface, PsrRequestHandlerInt
      */
     public function handle(ServerRequestInterface $request): ResponseInterface
     {
+        trigger_error(self::class . ' will be removed in TYPO3 v10. Use ' . EidMiddleware::class . ' instead.', E_USER_DEPRECATED);
         // Remove any output produced until now
         $this->bootstrap->endOutputBufferingAndCleanPreviousOutput();
 
index 0c7ad33..3e9d914 100644 (file)
@@ -39,7 +39,7 @@ use TYPO3\CMS\Frontend\View\AdminPanelView;
  * frontend (the website). The script instantiates a $TSFE object, includes libraries and does a little logic here
  * and there in order to instantiate the right classes to create the webpage.
  * Previously, this was called index_ts.php and also included the logic for the lightweight "eID" concept,
- * which is now handled in a separate request handler (EidRequestHandler).
+ * which is now handled in a separate middleware (EidHandler).
  */
 class RequestHandler implements RequestHandlerInterface, PsrRequestHandlerInterface
 {
@@ -296,7 +296,7 @@ class RequestHandler implements RequestHandlerInterface, PsrRequestHandlerInterf
      */
     public function canHandleRequest(ServerRequestInterface $request): bool
     {
-        return $request->getQueryParams()['eID'] || $request->getParsedBody()['eID'] ? false : true;
+        return true;
     }
 
     /**
diff --git a/typo3/sysext/frontend/Classes/Middleware/EidHandler.php b/typo3/sysext/frontend/Classes/Middleware/EidHandler.php
new file mode 100644 (file)
index 0000000..736d979
--- /dev/null
@@ -0,0 +1,76 @@
+<?php
+declare(strict_types = 1);
+namespace TYPO3\CMS\Frontend\Middleware;
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 2
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\MiddlewareInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use TYPO3\CMS\Core\Exception;
+use TYPO3\CMS\Core\Http\Dispatcher;
+use TYPO3\CMS\Core\Http\NullResponse;
+use TYPO3\CMS\Core\Http\Response;
+use TYPO3\CMS\Core\Utility\GeneralUtility;
+
+/**
+ * Lightweight alternative to regular frontend requests; used when $_GET[eID] is set.
+ * In the future, logic from the EidUtility will be moved to this class.
+ */
+class EidHandler implements MiddlewareInterface
+{
+    /**
+     * Dispatches the request to the corresponding eID class or eID script
+     *
+     * @param ServerRequestInterface $request
+     * @return ResponseInterface
+     * @throws Exception
+     */
+    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    {
+        $eID = $request->getParsedBody()['eID'] ?? $request->getQueryParams()['eID'] ?? null;
+
+        if ($eID === null) {
+            return $handler->handle($request);
+        }
+
+        // Remove any output produced until now
+        ob_clean();
+
+        /** @var Response $response */
+        $response = GeneralUtility::makeInstance(Response::class);
+
+        if (empty($eID) || !isset($GLOBALS['TYPO3_CONF_VARS']['FE']['eID_include'][$eID])) {
+            return $response->withStatus(404, 'eID not registered');
+        }
+
+        $configuration = $GLOBALS['TYPO3_CONF_VARS']['FE']['eID_include'][$eID];
+
+        // Simple check to make sure that it's not an absolute file (to use the fallback)
+        if (strpos($configuration, '::') !== false || is_callable($configuration)) {
+            /** @var Dispatcher $dispatcher */
+            $dispatcher = GeneralUtility::makeInstance(Dispatcher::class);
+            $request = $request->withAttribute('target', $configuration);
+            return $dispatcher->dispatch($request, $response);
+        }
+
+        $scriptPath = GeneralUtility::getFileAbsFileName($configuration);
+        if ($scriptPath === '') {
+            throw new Exception('Registered eID has invalid script path.', 1518042216);
+        }
+        include $scriptPath;
+        return new NullResponse();
+    }
+}
index cc5c318..a336f66 100644 (file)
@@ -20,5 +20,11 @@ return [
                 'typo3/cms-frontend/timetracker'
             ]
         ],
+        'typo3/cms-frontend/eid' => [
+            'target' => \TYPO3\CMS\Frontend\Middleware\EidHandler::class,
+            'after' => [
+                'typo3/cms-frontend/preprocessing'
+            ]
+        ],
     ]
 ];