[TASK] Use generators for service objects in Authentication

The introduction of the Session Framework API in v8
introduced generators for fetching authentication service
objects within `AbstractUserAuthentication`.

Some places were however forgotten, which can
safely replaced with the `$this->getAuthServices()`
method.

Resolves: #88594
Releases: master
Change-Id: I987150be574232b549340f4766bb963baa17fd60
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61095
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Benni Mack <benni@typo3.org>

diff --git a/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php b/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
index 7ccabd1..3e9462c 100644 (file)
--- a/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
+++ b/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
@@ -610,6 +610,7 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
             // Use 'auth' service to find the user
             // First found user will be used
             $subType = 'getUser' . $this->loginType;
+            /** @var AuthenticationService $serviceObj */
             foreach ($this->getAuthServices($subType, $loginData, $authInfo) as $serviceObj) {
                 if ($row = $serviceObj->getUser()) {
                     $tempuserArr[] = $row;
@@ -659,6 +660,7 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
                 $this->logger->debug('Auth user', $tempuser);
                 $subType = 'authUser' . $this->loginType;
 
+                /** @var AuthenticationService $serviceObj */
                 foreach ($this->getAuthServices($subType, $loginData, $authInfo) as $serviceObj) {
                     if (($ret = $serviceObj->authUser($tempuser)) > 0) {
                         // If the service returns >=200 then no more checking is needed - useful for IP checking without password
@@ -1283,24 +1285,20 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
         $loginSecurityLevel = trim($GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['loginSecurityLevel']) ?: 'normal';
         $passwordTransmissionStrategy = $passwordTransmissionStrategy ?: $loginSecurityLevel;
         $this->logger->debug('Login data before processing', $loginData);
-        $serviceChain = '';
         $subType = 'processLoginData' . $this->loginType;
         $authInfo = $this->getAuthInfoArray();
         $isLoginDataProcessed = false;
         $processedLoginData = $loginData;
-        while (is_object($serviceObject = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
-            $serviceChain .= ',' . $serviceObject->getServiceKey();
-            $serviceObject->initAuth($subType, $loginData, $authInfo, $this);
+        /** @var AuthenticationService $serviceObject */
+        foreach ($this->getAuthServices($subType, $loginData, $authInfo) as $serviceObject) {
             $serviceResult = $serviceObject->processLoginData($processedLoginData, $passwordTransmissionStrategy);
             if (!empty($serviceResult)) {
                 $isLoginDataProcessed = true;
                 // If the service returns >=200 then no more processing is needed
                 if ((int)$serviceResult >= 200) {
-                    unset($serviceObject);
                     break;
                 }
             }
-            unset($serviceObject);
         }
         if ($isLoginDataProcessed) {
             $loginData = $processedLoginData;

diff --git a/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php b/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php
index 25a4cd9..968dbc0 100644 (file)
--- a/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php
+++ b/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php
@@ -15,6 +15,7 @@ namespace TYPO3\CMS\Frontend\Authentication;
  */
 
 use TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
+use TYPO3\CMS\Core\Authentication\AuthenticationService;
 use TYPO3\CMS\Core\Configuration\Features;
 use TYPO3\CMS\Core\Database\ConnectionPool;
 use TYPO3\CMS\Core\Session\Backend\Exception\SessionNotFoundException;
@@ -329,20 +330,14 @@ class FrontendUserAuthentication extends AbstractUserAuthentication
         }
         $groupDataArr = [];
         // Use 'auth' service to find the groups for the user
-        $serviceChain = '';
         $subType = 'getGroups' . $this->loginType;
-        while (is_object($serviceObj = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
-            $serviceChain .= ',' . $serviceObj->getServiceKey();
-            $serviceObj->initAuth($subType, [], $authInfo, $this);
+        /** @var AuthenticationService $serviceObj */
+        foreach ($this->getAuthServices($subType, [], $authInfo) as $serviceObj) {
             $groupData = $serviceObj->getGroups($this->user, $groupDataArr);
             if (is_array($groupData) && !empty($groupData)) {
                 // Keys in $groupData should be unique ids of the groups (like "uid") so this function will override groups.
                 $groupDataArr = $groupData + $groupDataArr;
             }
-            unset($serviceObj);
-        }
-        if ($serviceChain) {
-            $this->logger->debug($subType . ' auth services called: ' . $serviceChain);
         }
         if (empty($groupDataArr)) {
             $this->logger->debug('No usergroups found by services');
@@ -354,22 +349,18 @@ class FrontendUserAuthentication extends AbstractUserAuthentication
         foreach ($groupDataArr as $groupData) {
             // By default a group is valid
             $validGroup = true;
-            $serviceChain = '';
             $subType = 'authGroups' . $this->loginType;
-            while (is_object($serviceObj = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
-                $serviceChain .= ',' . $serviceObj->getServiceKey();
-                $serviceObj->initAuth($subType, [], $authInfo, $this);
+            foreach ($this->getAuthServices($subType, [], $authInfo) as $serviceObj) {
+                // we assume that the service defines the authGroup function
                 if (!$serviceObj->authGroup($this->user, $groupData)) {
                     $validGroup = false;
                     $this->logger->debug($subType . ' auth service did not auth group', [
                         'uid ' => $groupData['uid'],
-                        'title' => $groupData['title']
+                        'title' => $groupData['title'],
                     ]);
                     break;
                 }
-                unset($serviceObj);
             }
-            unset($serviceObj);
             if ($validGroup && (string)$groupData['uid'] !== '') {
                 $this->groupData['title'][$groupData['uid']] = $groupData['title'];
                 $this->groupData['uid'][$groupData['uid']] = $groupData['uid'];