PasswordUpdate.php 2.16 KB
Newer Older
1
<?php
2
3
namespace T3o\T3oLdap\Utility;

4
5
6
7
8
9
10
11
12
13
14
/*
 * (c) 2016 by mehrwert intermediale kommunikation GmbH
 *
 * It is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License, either version 2
 * of the License, or any later version.
 *
 * For the full copyright and license information, please read the
 * LICENSE.txt file that was distributed with this source code.
 */

15
use TYPO3\CMS\Core\Utility\GeneralUtility;
16
17
18
19

/**
 * Password updating facility.
 */
20
21
class PasswordUpdate
{
22
    const PASSWORD_METHODS = ['md5', 'sha1', 'crypt'];
23

24
25
26
    /**
     * Update a password in various places (LDAP, TYPO3)
     *
27
28
     * @param string $username The username to update the password for
     * @param string $clearTextPassword Cleartext password to hash and update
29
30
     * @return void
     */
31
    public function updatePassword(string $username, string $clearTextPassword)
32
    {
33

34
        $extensionConfiguration = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['t3o_ldap']);
35

36
        // Check if LDAP updates are enabled in extension configuration
37
        if ((int)$extensionConfiguration['enableLdapPasswordUpdates'] === 1) {
38
39
            /** @var \T3o\T3oLdap\Connectors\Ldap $ldap */
            $ldap = GeneralUtility::makeInstance(\T3o\T3oLdap\Connectors\Ldap::class);
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
            if ($ldap->setLdapPasswords($username, $this->getHashedPasswords($clearTextPassword))) {
                GeneralUtility::sysLog(
                    'Password successfully updated (Mechanisms: ' . strtoupper(implode(', ', self::PASSWORD_METHODS)) . ')',
                    't3o_ldap',
                    GeneralUtility::SYSLOG_SEVERITY_INFO
                );
            }
        }
    }

    public function getHashedPasswords(string $clearTextPassword): array
    {
        $passwords = [];
        $passwordHashing = GeneralUtility::makeInstance(PasswordHashing::class);
        foreach (self::PASSWORD_METHODS as $passwordAlgorithm) {
            $hash = $passwordHashing->getPasswordHash($clearTextPassword, $passwordAlgorithm);
            if ($hash) {
                $passwords[$passwordAlgorithm] = $hash;
58
59
            }
        }
60
61

        return $passwords;
62
63
    }
}