[TASK] Make openid return script dispatched 82/38382/5
authorWouter Wolters <typo3@wouterwolters.nl>
Tue, 31 Mar 2015 17:24:49 +0000 (19:24 +0200)
committerJigal van Hemert <jigal.van.hemert@typo3.org>
Tue, 31 Mar 2015 19:27:36 +0000 (21:27 +0200)
Resolves: #66192
Releases: master
Change-Id: Ie2bb18cdceaf893b181c428bf762e3ac9b232a0b
Reviewed-on: http://review.typo3.org/38382
Reviewed-by: Markus Klein <klein.t3@reelworx.at>
Tested-by: Markus Klein <klein.t3@reelworx.at>
Reviewed-by: Jigal van Hemert <jigal.van.hemert@typo3.org>
Tested-by: Jigal van Hemert <jigal.van.hemert@typo3.org>
typo3/sysext/openid/Classes/OpenidService.php
typo3/sysext/openid/Modules/OpenidReturn/conf.php [new file with mode: 0644]
typo3/sysext/openid/Modules/OpenidReturn/index.php [new file with mode: 0644]
typo3/sysext/openid/class.tx_openid_return.php
typo3/sysext/openid/ext_tables.php

index 58d8dd9..878dae1 100644 (file)
@@ -14,6 +14,7 @@ namespace TYPO3\CMS\Openid;
  * The TYPO3 project - inspiring people to share!
  */
 
+use TYPO3\CMS\Backend\Utility\BackendUtility;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 use TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
 
@@ -406,21 +407,20 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                        // return to the calling page.
                        // Notice: 'pid' and 'logintype' parameter names cannot be changed!
                        // They are essential for FE user authentication.
-                       $returnURL = 'index.php?eID=tx_openid&' . 'pid=' . $this->authenticationInformation['db_user']['checkPidList'] . '&' . 'logintype=login&';
+                       $returnURL = 'index.php?eID=tx_openid&' . 'pid=' . $this->authenticationInformation['db_user']['checkPidList'] . '&logintype=login';
                } else {
                        // In the Backend we will use dedicated script to create session.
                        // It is much easier for the Backend to manage users.
                        // Notice: 'login_status' parameter name cannot be changed!
                        // It is essential for BE user authentication.
-                       $absoluteSiteURL = substr(GeneralUtility::getIndpEnv('TYPO3_SITE_URL'), strlen(GeneralUtility::getIndpEnv('TYPO3_REQUEST_HOST')));
-                       $returnURL = $absoluteSiteURL . TYPO3_mainDir . 'sysext/' . $this->extKey . '/class.tx_openid_return.php?login_status=login&';
+                       $returnURL = BackendUtility::getModuleUrl('openid_return', array('login_status' => 'login'));
                }
                if (GeneralUtility::_GP('tx_openid_mode') === 'finish') {
                        $requestURL = GeneralUtility::_GP('tx_openid_location');
                } else {
                        $requestURL = GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL');
                }
-               $returnURL .= 'tx_openid_location=' . rawurlencode($requestURL) . '&tx_openid_location_signature=' . $this->getSignature($requestURL) . '&tx_openid_mode=finish&tx_openid_claimed=' . rawurlencode($claimedIdentifier) . '&tx_openid_signature=' . $this->getSignature($claimedIdentifier);
+               $returnURL .= '&tx_openid_location=' . rawurlencode($requestURL) . '&tx_openid_location_signature=' . $this->getSignature($requestURL) . '&tx_openid_mode=finish&tx_openid_claimed=' . rawurlencode($claimedIdentifier) . '&tx_openid_signature=' . $this->getSignature($claimedIdentifier);
                return GeneralUtility::locationHeaderUrl($returnURL);
        }
 
diff --git a/typo3/sysext/openid/Modules/OpenidReturn/conf.php b/typo3/sysext/openid/Modules/OpenidReturn/conf.php
new file mode 100644 (file)
index 0000000..1b5602c
--- /dev/null
@@ -0,0 +1,4 @@
+<?php
+// Required for mod.php
+$MCONF['name'] = 'openid_return';
+$MCONF['script'] = '_DISPATCH';
\ No newline at end of file
diff --git a/typo3/sysext/openid/Modules/OpenidReturn/index.php b/typo3/sysext/openid/Modules/OpenidReturn/index.php
new file mode 100644 (file)
index 0000000..84296c9
--- /dev/null
@@ -0,0 +1,22 @@
+<?php
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 2
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+// Fix _GET/_POST values for authentication
+if (isset($_GET['login_status'])) {
+       $_POST['login_status'] = $_GET['login_status'];
+}
+
+$module = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Openid\OpenidReturn::class);
+/** @var \TYPO3\CMS\Openid\OpenidReturn $module */
+$module->main();
\ No newline at end of file
index 93f39d0..bde3253 100644 (file)
@@ -17,7 +17,9 @@ if (isset($_GET['login_status'])) {
 }
 define('TYPO3_MOD_PATH', 'sysext/openid/');
 require_once '../../init.php';
-
+\TYPO3\CMS\Core\Utility\GeneralUtility::deprecationLog(
+       'The entry point to the openid return window was moved to an own module. Please use BackendUtility::getModuleUrl(\'openid_return\') to link to class.tx_openid_return.php. This script will be removed in TYPO3 CMS 8.'
+);
 $module = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Openid\OpenidReturn::class);
 /* @var \TYPO3\CMS\Openid\OpenidReturn $module */
 $module->main();
index 3ea1f45..77b6bf8 100644 (file)
@@ -8,6 +8,12 @@ if (TYPO3_MODE === 'BE') {
                \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath($_EXTKEY) . 'wizard/'
        );
 
+       // Register openid return module
+       \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addModulePath(
+               'openid_return',
+               \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath($_EXTKEY) . 'Modules/OpenidReturn/'
+       );
+
        // Add field to setup module
        $GLOBALS['TYPO3_USER_SETTINGS']['columns']['tx_openid_openid'] = array(
                'type' => 'user',