The introduction of the Session Framework API in v8
introduced generators for fetching authentication service
objects within `AbstractUserAuthentication`.
Some places were however forgotten, which can
safely replaced with the `$this->getAuthServices()`
method.
Resolves: #88594
Releases: master
Change-Id: I987150be574232b549340f4766bb963baa17fd60
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61095
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Tested-by: Daniel Gorges <daniel.gorges@b13.de>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Alexander Schnitzler <review.typo3.org@alexanderschnitzler.de>
Reviewed-by: Daniel Gorges <daniel.gorges@b13.de>
Reviewed-by: Benni Mack <benni@typo3.org>
// Use 'auth' service to find the user
// First found user will be used
$subType = 'getUser' . $this->loginType;
// Use 'auth' service to find the user
// First found user will be used
$subType = 'getUser' . $this->loginType;
+ /** @var AuthenticationService $serviceObj */
foreach ($this->getAuthServices($subType, $loginData, $authInfo) as $serviceObj) {
if ($row = $serviceObj->getUser()) {
$tempuserArr[] = $row;
foreach ($this->getAuthServices($subType, $loginData, $authInfo) as $serviceObj) {
if ($row = $serviceObj->getUser()) {
$tempuserArr[] = $row;
$this->logger->debug('Auth user', $tempuser);
$subType = 'authUser' . $this->loginType;
$this->logger->debug('Auth user', $tempuser);
$subType = 'authUser' . $this->loginType;
+ /** @var AuthenticationService $serviceObj */
foreach ($this->getAuthServices($subType, $loginData, $authInfo) as $serviceObj) {
if (($ret = $serviceObj->authUser($tempuser)) > 0) {
// If the service returns >=200 then no more checking is needed - useful for IP checking without password
foreach ($this->getAuthServices($subType, $loginData, $authInfo) as $serviceObj) {
if (($ret = $serviceObj->authUser($tempuser)) > 0) {
// If the service returns >=200 then no more checking is needed - useful for IP checking without password
$loginSecurityLevel = trim($GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['loginSecurityLevel']) ?: 'normal';
$passwordTransmissionStrategy = $passwordTransmissionStrategy ?: $loginSecurityLevel;
$this->logger->debug('Login data before processing', $loginData);
$loginSecurityLevel = trim($GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['loginSecurityLevel']) ?: 'normal';
$passwordTransmissionStrategy = $passwordTransmissionStrategy ?: $loginSecurityLevel;
$this->logger->debug('Login data before processing', $loginData);
$subType = 'processLoginData' . $this->loginType;
$authInfo = $this->getAuthInfoArray();
$isLoginDataProcessed = false;
$processedLoginData = $loginData;
$subType = 'processLoginData' . $this->loginType;
$authInfo = $this->getAuthInfoArray();
$isLoginDataProcessed = false;
$processedLoginData = $loginData;
- while (is_object($serviceObject = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
- $serviceChain .= ',' . $serviceObject->getServiceKey();
- $serviceObject->initAuth($subType, $loginData, $authInfo, $this);
+ /** @var AuthenticationService $serviceObject */
+ foreach ($this->getAuthServices($subType, $loginData, $authInfo) as $serviceObject) {
$serviceResult = $serviceObject->processLoginData($processedLoginData, $passwordTransmissionStrategy);
if (!empty($serviceResult)) {
$isLoginDataProcessed = true;
// If the service returns >=200 then no more processing is needed
if ((int)$serviceResult >= 200) {
$serviceResult = $serviceObject->processLoginData($processedLoginData, $passwordTransmissionStrategy);
if (!empty($serviceResult)) {
$isLoginDataProcessed = true;
// If the service returns >=200 then no more processing is needed
if ((int)$serviceResult >= 200) {
}
if ($isLoginDataProcessed) {
$loginData = $processedLoginData;
}
if ($isLoginDataProcessed) {
$loginData = $processedLoginData;
*/
use TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
*/
use TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
+use TYPO3\CMS\Core\Authentication\AuthenticationService;
use TYPO3\CMS\Core\Configuration\Features;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Session\Backend\Exception\SessionNotFoundException;
use TYPO3\CMS\Core\Configuration\Features;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Session\Backend\Exception\SessionNotFoundException;
}
$groupDataArr = [];
// Use 'auth' service to find the groups for the user
}
$groupDataArr = [];
// Use 'auth' service to find the groups for the user
$subType = 'getGroups' . $this->loginType;
$subType = 'getGroups' . $this->loginType;
- while (is_object($serviceObj = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
- $serviceChain .= ',' . $serviceObj->getServiceKey();
- $serviceObj->initAuth($subType, [], $authInfo, $this);
+ /** @var AuthenticationService $serviceObj */
+ foreach ($this->getAuthServices($subType, [], $authInfo) as $serviceObj) {
$groupData = $serviceObj->getGroups($this->user, $groupDataArr);
if (is_array($groupData) && !empty($groupData)) {
// Keys in $groupData should be unique ids of the groups (like "uid") so this function will override groups.
$groupDataArr = $groupData + $groupDataArr;
}
$groupData = $serviceObj->getGroups($this->user, $groupDataArr);
if (is_array($groupData) && !empty($groupData)) {
// Keys in $groupData should be unique ids of the groups (like "uid") so this function will override groups.
$groupDataArr = $groupData + $groupDataArr;
}
- unset($serviceObj);
- }
- if ($serviceChain) {
- $this->logger->debug($subType . ' auth services called: ' . $serviceChain);
}
if (empty($groupDataArr)) {
$this->logger->debug('No usergroups found by services');
}
if (empty($groupDataArr)) {
$this->logger->debug('No usergroups found by services');
foreach ($groupDataArr as $groupData) {
// By default a group is valid
$validGroup = true;
foreach ($groupDataArr as $groupData) {
// By default a group is valid
$validGroup = true;
$subType = 'authGroups' . $this->loginType;
$subType = 'authGroups' . $this->loginType;
- while (is_object($serviceObj = GeneralUtility::makeInstanceService('auth', $subType, $serviceChain))) {
- $serviceChain .= ',' . $serviceObj->getServiceKey();
- $serviceObj->initAuth($subType, [], $authInfo, $this);
+ foreach ($this->getAuthServices($subType, [], $authInfo) as $serviceObj) {
+ // we assume that the service defines the authGroup function
if (!$serviceObj->authGroup($this->user, $groupData)) {
$validGroup = false;
$this->logger->debug($subType . ' auth service did not auth group', [
'uid ' => $groupData['uid'],
if (!$serviceObj->authGroup($this->user, $groupData)) {
$validGroup = false;
$this->logger->debug($subType . ' auth service did not auth group', [
'uid ' => $groupData['uid'],
- 'title' => $groupData['title']
+ 'title' => $groupData['title'],
if ($validGroup && (string)$groupData['uid'] !== '') {
$this->groupData['title'][$groupData['uid']] = $groupData['title'];
$this->groupData['uid'][$groupData['uid']] = $groupData['uid'];
if ($validGroup && (string)$groupData['uid'] !== '') {
$this->groupData['title'][$groupData['uid']] = $groupData['title'];
$this->groupData['uid'][$groupData['uid']] = $groupData['uid'];