[TASK] Cleanup openid extension 35/21035/3
authorHelmut Hummel <helmut.hummel@typo3.org>
Fri, 24 May 2013 21:42:49 +0000 (23:42 +0200)
committerChristian Kuhn <lolli@schwarzbu.ch>
Fri, 21 Jun 2013 20:18:53 +0000 (22:18 +0200)
Cleanup remaining CGL issues after namespace change.
Implement some best practices like strict string comparison
or dependency injection pattern where appropriate.

Last but not least make use of use statements for frequently
used class names.

Resolves: #48522
Releases: 6.2
Change-Id: I1f03d2fdf53ea7be42455663b36af56bc479fa21
Reviewed-on: https://review.typo3.org/21035
Reviewed-by: Wouter Wolters
Reviewed-by: Susanne Moog
Tested-by: Susanne Moog
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
typo3/sysext/openid/Classes/OpenidModuleSetup.php
typo3/sysext/openid/Classes/OpenidReturn.php
typo3/sysext/openid/Classes/OpenidService.php
typo3/sysext/openid/Classes/OpenidStore.php
typo3/sysext/openid/class.tx_openid_eid.php
typo3/sysext/openid/class.tx_openid_return.php
typo3/sysext/openid/ext_localconf.php

index 46e9eea..c1db37b 100644 (file)
@@ -26,15 +26,15 @@ namespace TYPO3\CMS\Openid;
 /**
  * This class is the OpenID return script for the TYPO3 Backend (used in the user-settings module).
  *
- * @author     Steffen Gebert <steffen@steffen-gebert.de>
+ * @author Steffen Gebert <steffen@steffen-gebert.de>
  */
 class OpenidModuleSetup {
 
        /**
         * Checks weather BE user has access to change its OpenID identifier
         *
-        * @param       array           $config: Configuration of the field
-        * @return      boolean         Whether it is allowed to modify the given field
+        * @param array $config: Configuration of the field
+        * @return boolean Whether it is allowed to modify the given field
         */
        public function accessLevelCheck(array $config) {
                $setupConfig = $GLOBALS['BE_USER']->getTSConfigProp('setup.fields');
@@ -47,9 +47,9 @@ class OpenidModuleSetup {
        /**
         * Render OpenID identifier field for user setup
         *
-        * @param       array                                   $config: Configuration of the field
-        * @param       SC_mod_user_setup_index $parent: The calling parent object
-        * @return      string                                  HTML input field to change the OpenId
+        * @param array $parameters Configuration of the field
+        * @param \TYPO3\CMS\Setup\Controller\SetupModuleController $parent: The calling parent object
+        * @return string HTML input field to change the OpenId
         */
        public function renderOpenID(array $parameters, \TYPO3\CMS\Setup\Controller\SetupModuleController $parent) {
                $openid = $GLOBALS['BE_USER']->user['tx_openid_openid'];
index 2630928..9197284 100644 (file)
@@ -27,14 +27,14 @@ namespace TYPO3\CMS\Openid;
 /**
  * This class is the OpenID return script for the TYPO3 Backend.
  *
- * @author     Dmitry Dulepov <dmitry@typo3.org>
+ * @author Dmitry Dulepov <dmitry@typo3.org>
  */
 class OpenidReturn {
 
        /**
         * Processed Backend session creation and redirect to backend.php
         *
-        * @return      void
+        * @return void
         */
        public function main() {
                if ($GLOBALS['BE_USER']->user['uid']) {
index 0d2a91f..8cf0431 100644 (file)
@@ -24,27 +24,19 @@ namespace TYPO3\CMS\Openid;
  *  This copyright notice MUST APPEAR in all copies of the script!
  ***************************************************************/
 
+use TYPO3\CMS\Core\Utility\GeneralUtility;
+use TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
+
 require_once \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath('openid') . 'lib/php-openid/Auth/OpenID/Interface.php';
 
 /**
  * Service "OpenID Authentication" for the "openid" extension.
  *
- * @author     Dmitry Dulepov <dmitry@typo3.org>
+ * @author Dmitry Dulepov <dmitry@typo3.org>
  */
 class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
 
        /**
-        * Class name
-        */
-       public $prefixId = 'tx_openid_sv1';
-
-       // Same as class name
-       /**
-        * Path to this script relative to the extension directory
-        */
-       public $scriptRelPath = 'sv1/class.tx_openid_sv1.php';
-
-       /**
         * The extension key
         */
        public $extKey = 'openid';
@@ -55,7 +47,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
        protected $loginData = array();
 
        /**
-        * Additional authentication information provided by \TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.
+        * Additional authentication information provided by AbstractUserAuthentication.
         * We use it to decide what database table contains user records.
         */
        protected $authenticationInformation = array();
@@ -76,11 +68,16 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
        /**
         * A reference to the calling object
         *
-        * @var \TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
+        * @var AbstractUserAuthentication
         */
        protected $parentObject;
 
        /**
+        * @var \TYPO3\CMS\Core\Database\DatabaseConnection
+        */
+       protected $databaseConnection;
+
+       /**
         * If set to TRUE, than libraries are already included.
         */
        static protected $openIDLibrariesIncluded = FALSE;
@@ -96,6 +93,15 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                                define('Auth_Yadis_CURL_OVERRIDE', TRUE);
                        }
                }
+
+               $this->injectDatabaseConnection();
+       }
+
+       /**
+        * @param \TYPO3\CMS\Core\Database\DatabaseConnection $databaseConnection
+        */
+       protected function injectDatabaseConnection(\TYPO3\CMS\Core\Database\DatabaseConnection $databaseConnection = NULL) {
+               $this->databaseConnection = $databaseConnection ?: $GLOBALS['TYPO3_DB'];
        }
 
        /**
@@ -129,10 +135,10 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
         * @param string $subType: Subtype for authentication (either "getUserFE" or "getUserBE")
         * @param array $loginData: Login data submitted by user and preprocessed by AbstractUserAuthentication
         * @param array $authenticationInformation: Additional TYPO3 information for authentication services (unused here)
-        * @param \TYPO3\CMS\Core\Authentication\AbstractUserAuthentication $parentObject Calling object
+        * @param AbstractUserAuthentication $parentObject Calling object
         * @return void
         */
-       public function initAuth($subType, array $loginData, array $authenticationInformation, \TYPO3\CMS\Core\Authentication\AbstractUserAuthentication &$parentObject) {
+       public function initAuth($subType, array $loginData, array $authenticationInformation, AbstractUserAuthentication &$parentObject) {
                // Store login and authetication data
                $this->loginData = $loginData;
                $this->authenticationInformation = $authenticationInformation;
@@ -148,7 +154,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
        }
 
        /**
-        * This function returns the user record back to the \TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.
+        * This function returns the user record back to the AbstractUserAuthentication.
         * It does not mean that user is authenticated, it means only that user is found. This
         * function makes sure that user cannot be authenticated by any other service
         * if user tries to use OpenID to authenticate.
@@ -157,7 +163,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
         */
        public function getUser() {
                $userRecord = NULL;
-               if ($this->loginData['status'] == 'login') {
+               if ($this->loginData['status'] === 'login') {
                        if ($this->openIDResponse instanceof \Auth_OpenID_ConsumerResponse) {
                                $GLOBALS['BACK_PATH'] = $this->getBackPath();
                                // We are running inside the OpenID return script
@@ -165,7 +171,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                                // because it may return a different identifier. For example,
                                // LiveJournal server converts all underscore characters in the
                                // original identfier to dashes.
-                               if ($this->openIDResponse->status == Auth_OpenID_SUCCESS) {
+                               if ($this->openIDResponse->status === Auth_OpenID_SUCCESS) {
                                        $openIDIdentifier = $this->getFinalOpenIDIdentifier();
                                        if ($openIDIdentifier) {
                                                $userRecord = $this->getUserRecord($openIDIdentifier);
@@ -185,7 +191,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                        // we must change the password in the record to a long random string so
                        // that this user cannot be authenticated with other service.
                        if (is_array($userRecord)) {
-                               $userRecord[$this->authenticationInformation['db_user']['userident_column']] = uniqid($this->prefixId . LF, TRUE);
+                               $userRecord[$this->authenticationInformation['db_user']['userident_column']] = GeneralUtility::getRandomHexString(42);
                        }
                }
                return $userRecord;
@@ -194,7 +200,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
        /**
         * Authenticates user using OpenID.
         *
-        * @param array $userRecord     User record
+        * @param array $userRecord User record
         * @return integer Code that shows if user is really authenticated.
         */
        public function authUser(array $userRecord) {
@@ -206,7 +212,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                                // If we have a response, it means OpenID server tried to authenticate
                                // the user. Now we just look what is the status and provide
                                // corresponding response to the caller
-                               if ($this->openIDResponse->status == Auth_OpenID_SUCCESS) {
+                               if ($this->openIDResponse->status === Auth_OpenID_SUCCESS) {
                                        // Success (code 200)
                                        $result = 200;
                                } else {
@@ -215,7 +221,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                        } else {
                                // We may need to send a request to the OpenID server.
                                // First, check if the supplied login name equals with the configured OpenID.
-                               if ($this->openIDIdentifier == $userRecord['tx_openid_openid']) {
+                               if ($this->openIDIdentifier === $userRecord['tx_openid_openid']) {
                                        // Next, check if the user identifier looks like an OpenID identifier.
                                        // Prevent PHP warning in case if identifiers is not an OpenID identifier
                                        // (not an URL).
@@ -247,7 +253,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                        // Make sure that random generator is properly set up. Constant could be
                        // defined by the previous inclusion of the file
                        if (!defined('Auth_OpenID_RAND_SOURCE')) {
-                               if (TYPO3_OS == 'WIN') {
+                               if (TYPO3_OS === 'WIN') {
                                        // No random generator on Windows!
                                        define('Auth_OpenID_RAND_SOURCE', NULL);
                                } elseif (!is_readable('/dev/urandom')) {
@@ -274,7 +280,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
        /**
         * Gets user record for the user with the OpenID provided by the user
         *
-        * @param string $openIDIdentifier      OpenID identifier to search for
+        * @param string $openIDIdentifier OpenID identifier to search for
         * @return array Database fields from the table that corresponds to the current login mode (FE/BE)
         */
        protected function getUserRecord($openIDIdentifier) {
@@ -282,7 +288,16 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                if ($openIDIdentifier) {
                        // $openIDIdentifier always as a trailing slash because it got normalized
                        // but tx_openid_openid possibly not so check for both alternatives in database
-                       $record = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow('*', $this->authenticationInformation['db_user']['table'], 'tx_openid_openid IN (' . $GLOBALS['TYPO3_DB']->fullQuoteStr($openIDIdentifier, $this->authenticationInformation['db_user']['table']) . ',' . $GLOBALS['TYPO3_DB']->fullQuoteStr(rtrim($openIDIdentifier, '/'), $this->authenticationInformation['db_user']['table']) . ')' . $this->authenticationInformation['db_user']['check_pid_clause'] . $this->authenticationInformation['db_user']['enable_clause']);
+                       $record = $this->databaseConnection->exec_SELECTgetSingleRow(
+                               '*',
+                               $this->authenticationInformation['db_user']['table'],
+                               'tx_openid_openid IN ('
+                               . $this->databaseConnection->fullQuoteStr($openIDIdentifier, $this->authenticationInformation['db_user']['table'])
+                               . ',' . $this->databaseConnection->fullQuoteStr(rtrim($openIDIdentifier, '/'),
+                               $this->authenticationInformation['db_user']['table']) . ')'
+                               . $this->authenticationInformation['db_user']['check_pid_clause']
+                               . $this->authenticationInformation['db_user']['enable_clause']
+                       );
                        if ($record) {
                                // Make sure to work only with normalized OpenID during the whole process
                                $record['tx_openid_openid'] = $this->normalizeOpenID($record['tx_openid_openid']);
@@ -299,12 +314,11 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
         * Creates OpenID Consumer object with a TYPO3-specific store. This function
         * is almost identical to the example from the PHP OpenID library.
         *
-        * @todo use DB (or the caching framework) instead of the filesystem to store OpenID data
-        * @return Auth_OpenID_Consumer Consumer instance
+        * @return \Auth_OpenID_Consumer Consumer instance
         */
        protected function getOpenIDConsumer() {
+               /* @var $openIDStore OpenidStore */
                $openIDStore = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Openid\\OpenidStore');
-               /* @var $openIDStore tx_openid_store */
                $openIDStore->cleanup();
                return new \Auth_OpenID_Consumer($openIDStore);
        }
@@ -342,7 +356,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                // For OpenID version 1, we *should* send a redirect. For OpenID version 2,
                // we should use a Javascript form to send a POST request to the server.
                $returnURL = $this->getReturnURL();
-               $trustedRoot = \TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_SITE_URL');
+               $trustedRoot = GeneralUtility::getIndpEnv('TYPO3_SITE_URL');
                if ($authenticationRequest->shouldSendRedirect()) {
                        $redirectURL = $authenticationRequest->redirectURL($trustedRoot, $returnURL);
                        // If the redirect URL can't be built, return. We can only return.
@@ -380,7 +394,7 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
         * @return string Return URL
         */
        protected function getReturnURL() {
-               if ($this->authenticationInformation['loginType'] == 'FE') {
+               if ($this->authenticationInformation['loginType'] === 'FE') {
                        // We will use eID to send user back, create session data and
                        // return to the calling page.
                        // Notice: 'pid' and 'logintype' parameter names cannot be changed!
@@ -391,18 +405,18 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                        // It is much easier for the Backend to manage users.
                        // Notice: 'login_status' parameter name cannot be changed!
                        // It is essential for BE user authentication.
-                       $absoluteSiteURL = substr(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_SITE_URL'), strlen(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_REQUEST_HOST')));
+                       $absoluteSiteURL = substr(GeneralUtility::getIndpEnv('TYPO3_SITE_URL'), strlen(GeneralUtility::getIndpEnv('TYPO3_REQUEST_HOST')));
                        $returnURL = $absoluteSiteURL . TYPO3_mainDir . 'sysext/' . $this->extKey . '/class.tx_openid_return.php?login_status=login&';
                }
-               if (\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('tx_openid_mode') == 'finish') {
-                       $requestURL = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('tx_openid_location');
-                       $claimedIdentifier = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('tx_openid_claimed');
+               if (GeneralUtility::_GP('tx_openid_mode') === 'finish') {
+                       $requestURL = GeneralUtility::_GP('tx_openid_location');
+                       $claimedIdentifier = GeneralUtility::_GP('tx_openid_claimed');
                } else {
-                       $requestURL = \TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL');
+                       $requestURL = GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL');
                        $claimedIdentifier = $this->openIDIdentifier;
                }
                $returnURL .= 'tx_openid_location=' . rawurlencode($requestURL) . '&' . 'tx_openid_mode=finish&' . 'tx_openid_claimed=' . rawurlencode($claimedIdentifier) . '&' . 'tx_openid_signature=' . $this->getSignature($claimedIdentifier);
-               return \TYPO3\CMS\Core\Utility\GeneralUtility::locationHeaderUrl($returnURL);
+               return GeneralUtility::locationHeaderUrl($returnURL);
        }
 
        /**
@@ -412,12 +426,10 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
         * @return string
         */
        protected function getSignature($claimedIdentifier) {
-               // You can also increase security by using sha1 (beware of too long URLs!)
-               return md5(implode('/', array(
-                       $claimedIdentifier,
-                       strval(strlen($claimedIdentifier)),
-                       $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey']
-               )));
+               return GeneralUtility::hmac(
+                       implode('/', array($claimedIdentifier, strval(strlen($claimedIdentifier)))),
+                       $this->extKey
+               );
        }
 
        /**
@@ -434,9 +446,18 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                }
                // A URI with a missing scheme is normalized to a http URI
                if (!preg_match('#^https?://#', $openIDIdentifier)) {
-                       $escapedIdentifier = $GLOBALS['TYPO3_DB']->quoteStr($openIDIdentifier, $this->authenticationInformation['db_user']['table']);
-                       $condition = 'tx_openid_openid IN (' . '\'http://' . $escapedIdentifier . '\',' . '\'http://' . $escapedIdentifier . '/\',' . '\'https://' . $escapedIdentifier . '\',' . '\'https://' . $escapedIdentifier . '/\'' . ')';
-                       $row = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow('tx_openid_openid', $this->authenticationInformation['db_user']['table'], $condition);
+                       $escapedIdentifier = $this->databaseConnection->quoteStr($openIDIdentifier, $this->authenticationInformation['db_user']['table']);
+                       $condition = 'tx_openid_openid IN ('
+                                       . '\'http://' . $escapedIdentifier . '\','
+                                       . '\'http://' . $escapedIdentifier . '/\','
+                                       . '\'https://' . $escapedIdentifier . '\','
+                                       . '\'https://' . $escapedIdentifier . '/\''
+                                       . ')';
+                       $row = $this->databaseConnection->exec_SELECTgetSingleRow(
+                               'tx_openid_openid',
+                               $this->authenticationInformation['db_user']['table'],
+                               $condition
+                       );
                        if (is_array($row)) {
                                $openIDIdentifier = $row['tx_openid_openid'];
                        }
@@ -484,9 +505,9 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
         * @return string The signed OpenID, if signature did not match this is empty
         */
        protected function getSignedClaimedOpenIDIdentifier() {
-               $result = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('tx_openid_claimed');
+               $result = GeneralUtility::_GP('tx_openid_claimed');
                $signature = $this->getSignature($result);
-               if ($signature !== \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('tx_openid_signature')) {
+               if ($signature !== GeneralUtility::_GP('tx_openid_signature')) {
                        $result = '';
                }
                return $result;
@@ -519,9 +540,9 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
         * @return string
         */
        protected function getSignedParameter($parameterName) {
-               $signedParametersList = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('openid_signed');
-               if (\TYPO3\CMS\Core\Utility\GeneralUtility::inList($signedParametersList, substr($parameterName, 7))) {
-                       $result = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP($parameterName);
+               $signedParametersList = GeneralUtility::_GP('openid_signed');
+               if (GeneralUtility::inList($signedParametersList, substr($parameterName, 7))) {
+                       $result = GeneralUtility::_GP($parameterName);
                } else {
                        $result = '';
                }
@@ -538,8 +559,8 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
         * parameters. The syntax is the same as for sprintf()
         *
         * @param string $message Message to output
-        * @return      void
-        * @see \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog()
+        * @return void
+        * @see GeneralUtility::sysLog()
         * @see \TYPO3\CMS\Core\TimeTracker\TimeTracker::setTSlogMessage()
         */
        protected function writeLog($message) {
@@ -548,13 +569,13 @@ class OpenidService extends \TYPO3\CMS\Core\Service\AbstractService {
                        array_shift($params);
                        $message = vsprintf($message, $params);
                }
-               if (TYPO3_MODE == 'BE') {
-                       \TYPO3\CMS\Core\Utility\GeneralUtility::sysLog($message, $this->extKey, \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_NOTICE);
+               if (TYPO3_MODE === 'BE') {
+                       GeneralUtility::sysLog($message, $this->extKey, GeneralUtility::SYSLOG_SEVERITY_NOTICE);
                } else {
                        $GLOBALS['TT']->setTSlogMessage($message);
                }
                if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['enable_DLOG']) {
-                       \TYPO3\CMS\Core\Utility\GeneralUtility::devLog($message, $this->extKey, \TYPO3\CMS\Core\Utility\GeneralUtility::SYSLOG_SEVERITY_NOTICE);
+                       GeneralUtility::devLog($message, $this->extKey, GeneralUtility::SYSLOG_SEVERITY_NOTICE);
                }
        }
 
index e4e502e..10e3f08 100644 (file)
@@ -32,11 +32,24 @@ namespace TYPO3\CMS\Openid;
 class OpenidStore extends \Auth_OpenID_OpenIDStore {
 
        const ASSOCIATION_TABLE_NAME = 'tx_openid_assoc_store';
-       const ASSOCIATION_EXPIRATION_SAFETY_INTERVAL = 120;
-       /* 2 minutes */
        const NONCE_TABLE_NAME = 'tx_openid_nonce_store';
-       const NONCE_STORAGE_TIME = 864000;
+       /* 2 minutes */
+       const ASSOCIATION_EXPIRATION_SAFETY_INTERVAL = 120;
        /* 10 days */
+       const NONCE_STORAGE_TIME = 864000;
+
+       /**
+        * @var \TYPO3\CMS\Core\Database\DatabaseConnection
+        */
+       protected $databaseConnection;
+
+       /**
+        * @param null|\TYPO3\CMS\Core\Database\DatabaseConnection $databaseConnection
+        */
+       public function __construct($databaseConnection = NULL) {
+               $this->databaseConnection = $databaseConnection ?: $GLOBALS['TYPO3_DB'];
+       }
+
        /**
         * Sores the association for future use
         *
@@ -46,13 +59,13 @@ class OpenidStore extends \Auth_OpenID_OpenIDStore {
         */
        public function storeAssociation($serverUrl, $association) {
                /* @var $association \Auth_OpenID_Association */
-               $GLOBALS['TYPO3_DB']->sql_query('START TRANSACTION');
+               $this->databaseConnection->sql_query('START TRANSACTION');
                if ($this->doesAssociationExist($serverUrl, $association->handle)) {
                        $this->updateExistingAssociation($serverUrl, $association);
                } else {
                        $this->storeNewAssociation($serverUrl, $association);
                }
-               $GLOBALS['TYPO3_DB']->sql_query('COMMIT');
+               $this->databaseConnection->sql_query('COMMIT');
        }
 
        /**
@@ -62,8 +75,8 @@ class OpenidStore extends \Auth_OpenID_OpenIDStore {
         */
        public function cleanupAssociations() {
                $where = sprintf('expires<=%d', time());
-               $GLOBALS['TYPO3_DB']->exec_DELETEquery(self::ASSOCIATION_TABLE_NAME, $where);
-               return $GLOBALS['TYPO3_DB']->sql_affected_rows();
+               $this->databaseConnection->exec_DELETEquery(self::ASSOCIATION_TABLE_NAME, $where);
+               return $this->databaseConnection->sql_affected_rows();
        }
 
        /**
@@ -75,14 +88,14 @@ class OpenidStore extends \Auth_OpenID_OpenIDStore {
         */
        public function getAssociation($serverUrl, $handle = NULL) {
                $this->cleanupAssociations();
-               $where = sprintf('server_url=%s AND expires>%d', $GLOBALS['TYPO3_DB']->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), time());
+               $where = sprintf('server_url=%s AND expires>%d', $this->databaseConnection->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), time());
                if ($handle != NULL) {
-                       $where .= sprintf(' AND assoc_handle=%s', $GLOBALS['TYPO3_DB']->fullQuoteStr($handle, self::ASSOCIATION_TABLE_NAME));
+                       $where .= sprintf(' AND assoc_handle=%s', $this->databaseConnection->fullQuoteStr($handle, self::ASSOCIATION_TABLE_NAME));
                        $sort = '';
                } else {
                        $sort = 'tstamp DESC';
                }
-               $row = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow('uid, content', self::ASSOCIATION_TABLE_NAME, $where, '', $sort);
+               $row = $this->databaseConnection->exec_SELECTgetSingleRow('uid, content', self::ASSOCIATION_TABLE_NAME, $where, '', $sort);
                $result = NULL;
                if (is_array($row)) {
                        $result = @unserialize(base64_decode($row['content']));
@@ -101,12 +114,11 @@ class OpenidStore extends \Auth_OpenID_OpenIDStore {
         * @param string $serverUrl Server URL
         * @param string $handle Association handle (optional)
         * @return boolean TRUE if the association existed
-        * @todo Define visibility
         */
        public function removeAssociation($serverUrl, $handle) {
-               $where = sprintf('server_url=%s AND assoc_handle=%s', $GLOBALS['TYPO3_DB']->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), $GLOBALS['TYPO3_DB']->fullQuoteStr($handle, self::ASSOCIATION_TABLE_NAME));
-               $GLOBALS['TYPO3_DB']->exec_DELETEquery(self::ASSOCIATION_TABLE_NAME, $where);
-               $deletedCount = $GLOBALS['TYPO3_DB']->sql_affected_rows();
+               $where = sprintf('server_url=%s AND assoc_handle=%s', $this->databaseConnection->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), $this->databaseConnection->fullQuoteStr($handle, self::ASSOCIATION_TABLE_NAME));
+               $this->databaseConnection->exec_DELETEquery(self::ASSOCIATION_TABLE_NAME, $where);
+               $deletedCount = $this->databaseConnection->sql_affected_rows();
                return $deletedCount > 0;
        }
 
@@ -117,7 +129,7 @@ class OpenidStore extends \Auth_OpenID_OpenIDStore {
         */
        public function cleanupNonces() {
                $where = sprintf('crdate<%d', time() - self::NONCE_STORAGE_TIME);
-               $GLOBALS['TYPO3_DB']->exec_DELETEquery(self::NONCE_TABLE_NAME, $where);
+               $this->databaseConnection->exec_DELETEquery(self::NONCE_TABLE_NAME, $where);
        }
 
        /**
@@ -137,8 +149,8 @@ class OpenidStore extends \Auth_OpenID_OpenIDStore {
                                'server_url' => $serverUrl,
                                'tstamp' => $timestamp
                        );
-                       $GLOBALS['TYPO3_DB']->exec_INSERTquery(self::NONCE_TABLE_NAME, $values);
-                       $affectedRows = $GLOBALS['TYPO3_DB']->sql_affected_rows();
+                       $this->databaseConnection->exec_INSERTquery(self::NONCE_TABLE_NAME, $values);
+                       $affectedRows = $this->databaseConnection->sql_affected_rows();
                        $result = $affectedRows > 0;
                }
                return $result;
@@ -150,8 +162,8 @@ class OpenidStore extends \Auth_OpenID_OpenIDStore {
         * @return void
         */
        public function reset() {
-               $GLOBALS['TYPO3_DB']->exec_DELETEquery(self::ASSOCIATION_TABLE_NAME, '1=1');
-               $GLOBALS['TYPO3_DB']->exec_DELETEquery(self::NONCE_TABLE_NAME, '1=1');
+               $this->databaseConnection->exec_TRUNCATEquery(self::ASSOCIATION_TABLE_NAME);
+               $this->databaseConnection->exec_TRUNCATEquery(self::NONCE_TABLE_NAME);
        }
 
        /**
@@ -162,8 +174,8 @@ class OpenidStore extends \Auth_OpenID_OpenIDStore {
         * @return boolean
         */
        protected function doesAssociationExist($serverUrl, $association) {
-               $where = sprintf('server_url=%s AND assoc_handle=%s AND expires>%d', $GLOBALS['TYPO3_DB']->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), $GLOBALS['TYPO3_DB']->fullQuoteStr($association->handle, self::ASSOCIATION_TABLE_NAME), time());
-               $row = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow('COUNT(*) as assocCount', self::ASSOCIATION_TABLE_NAME, $where);
+               $where = sprintf('server_url=%s AND assoc_handle=%s AND expires>%d', $this->databaseConnection->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), $this->databaseConnection->fullQuoteStr($association->handle, self::ASSOCIATION_TABLE_NAME), time());
+               $row = $this->databaseConnection->exec_SELECTgetSingleRow('COUNT(*) as assocCount', self::ASSOCIATION_TABLE_NAME, $where);
                return $row['assocCount'] > 0;
        }
 
@@ -175,13 +187,13 @@ class OpenidStore extends \Auth_OpenID_OpenIDStore {
         * @return void
         */
        protected function updateExistingAssociation($serverUrl, \Auth_OpenID_Association $association) {
-               $where = sprintf('server_url=%s AND assoc_handle=%s AND expires>%d', $GLOBALS['TYPO3_DB']->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), $GLOBALS['TYPO3_DB']->fullQuoteStr($association->handle, self::ASSOCIATION_TABLE_NAME), time());
+               $where = sprintf('server_url=%s AND assoc_handle=%s AND expires>%d', $this->databaseConnection->fullQuoteStr($serverUrl, self::ASSOCIATION_TABLE_NAME), $this->databaseConnection->fullQuoteStr($association->handle, self::ASSOCIATION_TABLE_NAME), time());
                $serializedAssociation = serialize($association);
                $values = array(
                        'content' => base64_encode($serializedAssociation),
                        'tstamp' => time()
                );
-               $GLOBALS['TYPO3_DB']->exec_UPDATEquery(self::ASSOCIATION_TABLE_NAME, $where, $values);
+               $this->databaseConnection->exec_UPDATEquery(self::ASSOCIATION_TABLE_NAME, $where, $values);
        }
 
        /**
@@ -203,7 +215,7 @@ class OpenidStore extends \Auth_OpenID_OpenIDStore {
                );
                // In the next query we can get race conditions. sha1_hash prevents many
                // asociations from being stored for one server
-               $GLOBALS['TYPO3_DB']->exec_INSERTquery(self::ASSOCIATION_TABLE_NAME, $values);
+               $this->databaseConnection->exec_INSERTquery(self::ASSOCIATION_TABLE_NAME, $values);
        }
 
        /**
@@ -217,7 +229,7 @@ class OpenidStore extends \Auth_OpenID_OpenIDStore {
                $values = array(
                        'tstamp' => time()
                );
-               $GLOBALS['TYPO3_DB']->exec_UPDATEquery(self::ASSOCIATION_TABLE_NAME, $where, $values);
+               $this->databaseConnection->exec_UPDATEquery(self::ASSOCIATION_TABLE_NAME, $where, $values);
        }
 
 }
index ff80f78..423c9d8 100644 (file)
@@ -6,6 +6,6 @@
  */
 require_once \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath('openid') . 'Classes/OpenidEid.php';
 $module = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Openid\\OpenidEid');
-/* @var tx_openid_eID $module */
+/* @var \TYPO3\CMS\Openid\OpenidEid $module */
 $module->main();
 ?>
\ No newline at end of file
index 7068e1a..f997f97 100644 (file)
@@ -34,6 +34,6 @@ require_once '../../init.php';
  */
 require_once \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath('openid') . 'Classes/OpenidReturn.php';
 $module = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Openid\\OpenidReturn');
-/* @var tx_openid_return $module */
+/* @var \TYPO3\CMS\Openid\OpenidReturn $module */
 $module->main();
 ?>
\ No newline at end of file
index 9685ad7..b2b0e67 100644 (file)
@@ -4,7 +4,7 @@ if (!defined('TYPO3_MODE')) {
        die('Access denied.');
 }
 // Register OpenID authentication service with TYPO3
-\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addService($_EXTKEY, 'auth', 'TYPO3\\CMS\\Openid\\OpenidService', array(
+\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::addService($_EXTKEY, 'auth', 'tx_openid_service', array(
        'title' => 'OpenID Authentication',
        'description' => 'OpenID authentication service for Frontend and Backend',
        'subtype' => 'getUserFE,authUserFE,getUserBE,authUserBE',
@@ -19,7 +19,7 @@ if (!defined('TYPO3_MODE')) {
 
 // Register eID script that performs final FE user authentication. It will be called by the OpenID provider
 $GLOBALS['TYPO3_CONF_VARS']['FE']['eID_include']['tx_openid'] = 'EXT:openid/class.tx_openid_eid.php';
-$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['setup']['accessLevelCheck']['TYPO3\\CMS\\Openid\\OpenidModuleSetup'] = 'EXT:openid/class.tx_openid_mod_setup.php';
+$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['setup']['accessLevelCheck']['TYPO3\\CMS\\Openid\\OpenidModuleSetup'] = '';
 // Use popup window to refresh login instead of the AJAX relogin:
 $TYPO3_CONF_VARS['BE']['showRefreshLoginPopup'] = 1;
 ?>
\ No newline at end of file