Commit c909277d authored by Torben Hansen's avatar Torben Hansen Committed by Christian Kuhn
Browse files

[TASK] Remove possibility to use ext:rsaauth

Usage of FriendsOfTYPO3/rsaauth is pretty low and there
is no reason to support the extension any more in TYPO3 11.

This patch removes all ext:rsaauth related code.

Resolves: #94279
Releases: master
Change-Id: I8e318bcc3c04fcc66a033507d0dddb931529c17d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/69397


Tested-by: Andreas Fernandez's avatarAndreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Oliver Bartsch's avatarOliver Bartsch <bo@cedev.de>
Tested-by: core-ci's avatarcore-ci <typo3@b13.com>
Tested-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Andreas Fernandez's avatarAndreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Oliver Bartsch's avatarOliver Bartsch <bo@cedev.de>
Reviewed-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
parent b15de12b
......@@ -254,7 +254,6 @@ class LoginRefresh {
autofocus: 'autofocus',
class: 'form-control',
placeholder: TYPO3.lang['mess.refresh_login_password'],
'data-rsa-encryption': 't3-loginrefresh-userident',
}),
),
),
......@@ -275,11 +274,6 @@ class LoginRefresh {
);
this.registerDefaultModalEvents(this.$loginForm).on('submit', this.submitForm);
$('body').append(this.$loginForm);
if (require.specified('TYPO3/CMS/Rsaauth/RsaEncryptionModule')) {
require(['TYPO3/CMS/Rsaauth/RsaEncryptionModule'], function(RsaEncryption: any): void {
RsaEncryption.registerForm($('#beLoginRefresh').get(0));
});
}
}
/**
......
......@@ -104,7 +104,7 @@
"ext-fileinfo": "Used for proper file type detection in the file abstraction layer",
"ext-zlib": "TYPO3 uses zlib for amongst others output compression and un/packing t3x extension files",
"ext-intl": "Used for locale-aware operations",
"ext-openssl": "OpenSSL is required for sending SMTP mails over an encrypted channel endpoint, and for extensions such as \"rsaauth\"",
"ext-openssl": "OpenSSL is required for sending SMTP mails over an encrypted channel endpoint",
"ext-zip": "",
"ext-mysqli": ""
},
......
......@@ -57,7 +57,6 @@ class BackendUserAuthenticator extends \TYPO3\CMS\Core\Middleware\BackendUserAut
'/ajax/login/preflight',
'/ajax/login/refresh',
'/ajax/login/timedout',
'/ajax/rsa/publickey',
'/ajax/core/requirejs',
];
......
......@@ -16,7 +16,7 @@
<div class="form-group t3js-login-password-section" id="t3-login-password-section">
<div class="form-control-wrap">
<div class="form-control-holder">
<input type="password" id="t3-password" name="p_field" value="{presetPassword}" aria-label="{f:translate(key: 'login.password')}" placeholder="{f:translate(key: 'login.password')}" class="form-control input-login t3js-clearable t3js-login-password-field" autocomplete="current-password" required="required" data-rsa-encryption="t3-field-userident" />
<input type="password" id="t3-password" name="p_field" value="{presetPassword}" aria-label="{f:translate(key: 'login.password')}" placeholder="{f:translate(key: 'login.password')}" class="form-control input-login t3js-clearable t3js-login-password-field" autocomplete="current-password" required="required" />
<div role="status" class="form-notice-capslock hidden t3js-login-alert-capslock">
<img aria-hidden="true" src="{images.capslock}" width="14" height="14" alt="" title="{f:translate(key: 'login.error.capslock')}" />
<span class="sr-only"><f:translate key="login.error.capslockStatus" /></span>
......
......@@ -10,4 +10,4 @@
*
* The TYPO3 project - inspiring people to share!
*/
var __importDefault=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};define(["require","exports","jquery","TYPO3/CMS/Core/Ajax/AjaxRequest","TYPO3/CMS/Backend/Notification"],(function(e,t,o,i,a){"use strict";var s;o=__importDefault(o),function(e){e.loginrefresh="t3js-modal-loginrefresh",e.lockedModal="t3js-modal-backendlocked",e.loginFormModal="t3js-modal-backendloginform"}(s||(s={}));class n{constructor(){this.options={modalConfig:{backdrop:"static"}},this.intervalTime=60,this.intervalId=null,this.backendIsLocked=!1,this.isTimingOut=!1,this.$timeoutModal=null,this.$backendLockedModal=null,this.$loginForm=null,this.loginFramesetUrl="",this.logoutUrl="",this.submitForm=e=>{e.preventDefault();const t=this.$loginForm.find("form"),s=t.find("input[name=p_field]"),n=t.find("input[name=userident]"),l=s.val();if(""===l&&""===n.val())return a.error(TYPO3.lang["mess.refresh_login_failed"],TYPO3.lang["mess.refresh_login_emptyPassword"]),void s.focus();l&&(n.val(l),s.val(""));const d={login_status:"login"};o.default.each(t.serializeArray(),(function(e,t){d[t.name]=t.value})),new i(t.attr("action")).post(d).then(async e=>{(await e.resolve()).login.success?this.hideLoginForm():(a.error(TYPO3.lang["mess.refresh_login_failed"],TYPO3.lang["mess.refresh_login_failed_message"]),s.focus())})},this.checkActiveSession=()=>{new i(TYPO3.settings.ajaxUrls.login_timedout).get().then(async e=>{const t=await e.resolve();t.login.locked?this.backendIsLocked||(this.backendIsLocked=!0,this.showBackendLockedModal()):this.backendIsLocked&&(this.backendIsLocked=!1,this.hideBackendLockedModal()),this.backendIsLocked||(t.login.timed_out||t.login.will_time_out)&&(t.login.timed_out?this.showLoginForm():this.showTimeoutModal())})}}initialize(){this.initializeTimeoutModal(),this.initializeBackendLockedModal(),this.initializeLoginForm(),this.startTask()}startTask(){if(null!==this.intervalId)return;let e=1e3*this.intervalTime;this.intervalId=setInterval(this.checkActiveSession,e)}stopTask(){clearInterval(this.intervalId),this.intervalId=null}setIntervalTime(e){this.intervalTime=Math.min(e,86400)}setLogoutUrl(e){this.logoutUrl=e}setLoginFramesetUrl(e){this.loginFramesetUrl=e}showTimeoutModal(){this.isTimingOut=!0,this.$timeoutModal.modal(this.options.modalConfig),this.$timeoutModal.modal("show"),this.fillProgressbar(this.$timeoutModal)}hideTimeoutModal(){this.isTimingOut=!1,this.$timeoutModal.modal("hide")}showBackendLockedModal(){this.$backendLockedModal.modal(this.options.modalConfig),this.$backendLockedModal.modal("show")}hideBackendLockedModal(){this.$backendLockedModal.modal("hide")}showLoginForm(){new i(TYPO3.settings.ajaxUrls.logout).get().then(()=>{TYPO3.configuration.showRefreshLoginPopup?this.showLoginPopup():(this.$loginForm.modal(this.options.modalConfig),this.$loginForm.modal("show"))})}showLoginPopup(){const e=window.open(this.loginFramesetUrl,"relogin_"+Math.random().toString(16).slice(2),"height=450,width=700,status=0,menubar=0,location=1");e&&e.focus()}hideLoginForm(){this.$loginForm.modal("hide")}initializeBackendLockedModal(){this.$backendLockedModal=this.generateModal(s.lockedModal),this.$backendLockedModal.find(".modal-header h4").text(TYPO3.lang["mess.please_wait"]),this.$backendLockedModal.find(".modal-body").append(o.default("<p />").text(TYPO3.lang["mess.be_locked"])),this.$backendLockedModal.find(".modal-footer").remove(),o.default("body").append(this.$backendLockedModal)}initializeTimeoutModal(){this.$timeoutModal=this.generateModal(s.loginrefresh),this.$timeoutModal.addClass("modal-severity-notice"),this.$timeoutModal.find(".modal-header h4").text(TYPO3.lang["mess.login_about_to_expire_title"]),this.$timeoutModal.find(".modal-body").append(o.default("<p />").text(TYPO3.lang["mess.login_about_to_expire"]),o.default("<div />",{class:"progress"}).append(o.default("<div />",{class:"progress-bar progress-bar-warning progress-bar-striped progress-bar-animated",role:"progressbar","aria-valuemin":"0","aria-valuemax":"100"}).append(o.default("<span />",{class:"sr-only"})))),this.$timeoutModal.find(".modal-footer").append(o.default("<button />",{class:"btn btn-default","data-action":"logout"}).text(TYPO3.lang["mess.refresh_login_logout_button"]).on("click",()=>{top.location.href=this.logoutUrl}),o.default("<button />",{class:"btn btn-primary t3js-active","data-action":"refreshSession"}).text(TYPO3.lang["mess.refresh_login_refresh_button"]).on("click",()=>{new i(TYPO3.settings.ajaxUrls.login_timedout).get().then(()=>{this.hideTimeoutModal()})})),this.registerDefaultModalEvents(this.$timeoutModal),o.default("body").append(this.$timeoutModal)}initializeLoginForm(){if(TYPO3.configuration.showRefreshLoginPopup)return;this.$loginForm=this.generateModal(s.loginFormModal),this.$loginForm.addClass("modal-notice");let t=String(TYPO3.lang["mess.refresh_login_title"]).replace("%s",TYPO3.configuration.username);this.$loginForm.find(".modal-header h4").text(t),this.$loginForm.find(".modal-body").append(o.default("<p />").text(TYPO3.lang["mess.login_expired"]),o.default("<form />",{id:"beLoginRefresh",method:"POST",action:TYPO3.settings.ajaxUrls.login}).append(o.default("<div />").append(o.default("<input />",{type:"text",name:"username",class:"d-none",value:TYPO3.configuration.username}),o.default("<input />",{type:"hidden",name:"userident",id:"t3-loginrefresh-userident"})),o.default("<div />",{class:"form-group"}).append(o.default("<input />",{type:"password",name:"p_field",autofocus:"autofocus",class:"form-control",placeholder:TYPO3.lang["mess.refresh_login_password"],"data-rsa-encryption":"t3-loginrefresh-userident"})))),this.$loginForm.find(".modal-body .d-none").attr("autocomplete","username"),this.$loginForm.find(".modal-body .form-control").attr("autocomplete","current-password"),this.$loginForm.find(".modal-footer").append(o.default("<a />",{href:this.logoutUrl,class:"btn btn-default"}).text(TYPO3.lang["mess.refresh_exit_button"]),o.default("<button />",{type:"button",class:"btn btn-primary","data-action":"refreshSession"}).text(TYPO3.lang["mess.refresh_login_button"]).on("click",()=>{this.$loginForm.find("form").trigger("submit")})),this.registerDefaultModalEvents(this.$loginForm).on("submit",this.submitForm),o.default("body").append(this.$loginForm),e.specified("TYPO3/CMS/Rsaauth/RsaEncryptionModule")&&e(["TYPO3/CMS/Rsaauth/RsaEncryptionModule"],(function(e){e.registerForm(o.default("#beLoginRefresh").get(0))}))}generateModal(e){return o.default("<div />",{id:e,class:"t3js-modal "+e+" modal modal-type-default modal-severity-notice modal-style-light modal-size-small fade"}).append(o.default("<div />",{class:"modal-dialog"}).append(o.default("<div />",{class:"modal-content"}).append(o.default("<div />",{class:"modal-header"}).append(o.default("<h4 />",{class:"modal-title"})),o.default("<div />",{class:"modal-body"}),o.default("<div />",{class:"modal-footer"}))))}fillProgressbar(e){if(!this.isTimingOut)return;let t=0;const o=e.find(".progress-bar"),i=o.children(".sr-only"),a=setInterval(()=>{const e=t>=100;!this.isTimingOut||e?(clearInterval(a),e&&(this.hideTimeoutModal(),this.showLoginForm()),t=0):t+=1;const s=t+"%";o.css("width",s),i.text(s)},300)}registerDefaultModalEvents(e){return e.on("hidden.bs.modal",()=>{this.startTask()}).on("shown.bs.modal",()=>{this.stopTask(),this.$timeoutModal.find(".modal-footer .t3js-active").first().focus()}),e}}let l;try{window.opener&&window.opener.TYPO3&&window.opener.TYPO3.LoginRefresh&&(l=window.opener.TYPO3.LoginRefresh),parent&&parent.window.TYPO3&&parent.window.TYPO3.LoginRefresh&&(l=parent.window.TYPO3.LoginRefresh),top&&top.TYPO3&&top.TYPO3.LoginRefresh&&(l=top.TYPO3.LoginRefresh)}catch(e){}return l||(l=new n,"undefined"!=typeof TYPO3&&(TYPO3.LoginRefresh=l)),l}));
\ No newline at end of file
var __importDefault=this&&this.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};define(["require","exports","jquery","TYPO3/CMS/Core/Ajax/AjaxRequest","TYPO3/CMS/Backend/Notification"],(function(e,t,o,i,a){"use strict";var s;o=__importDefault(o),function(e){e.loginrefresh="t3js-modal-loginrefresh",e.lockedModal="t3js-modal-backendlocked",e.loginFormModal="t3js-modal-backendloginform"}(s||(s={}));class n{constructor(){this.options={modalConfig:{backdrop:"static"}},this.intervalTime=60,this.intervalId=null,this.backendIsLocked=!1,this.isTimingOut=!1,this.$timeoutModal=null,this.$backendLockedModal=null,this.$loginForm=null,this.loginFramesetUrl="",this.logoutUrl="",this.submitForm=e=>{e.preventDefault();const t=this.$loginForm.find("form"),s=t.find("input[name=p_field]"),n=t.find("input[name=userident]"),l=s.val();if(""===l&&""===n.val())return a.error(TYPO3.lang["mess.refresh_login_failed"],TYPO3.lang["mess.refresh_login_emptyPassword"]),void s.focus();l&&(n.val(l),s.val(""));const d={login_status:"login"};o.default.each(t.serializeArray(),(function(e,t){d[t.name]=t.value})),new i(t.attr("action")).post(d).then(async e=>{(await e.resolve()).login.success?this.hideLoginForm():(a.error(TYPO3.lang["mess.refresh_login_failed"],TYPO3.lang["mess.refresh_login_failed_message"]),s.focus())})},this.checkActiveSession=()=>{new i(TYPO3.settings.ajaxUrls.login_timedout).get().then(async e=>{const t=await e.resolve();t.login.locked?this.backendIsLocked||(this.backendIsLocked=!0,this.showBackendLockedModal()):this.backendIsLocked&&(this.backendIsLocked=!1,this.hideBackendLockedModal()),this.backendIsLocked||(t.login.timed_out||t.login.will_time_out)&&(t.login.timed_out?this.showLoginForm():this.showTimeoutModal())})}}initialize(){this.initializeTimeoutModal(),this.initializeBackendLockedModal(),this.initializeLoginForm(),this.startTask()}startTask(){if(null!==this.intervalId)return;let e=1e3*this.intervalTime;this.intervalId=setInterval(this.checkActiveSession,e)}stopTask(){clearInterval(this.intervalId),this.intervalId=null}setIntervalTime(e){this.intervalTime=Math.min(e,86400)}setLogoutUrl(e){this.logoutUrl=e}setLoginFramesetUrl(e){this.loginFramesetUrl=e}showTimeoutModal(){this.isTimingOut=!0,this.$timeoutModal.modal(this.options.modalConfig),this.$timeoutModal.modal("show"),this.fillProgressbar(this.$timeoutModal)}hideTimeoutModal(){this.isTimingOut=!1,this.$timeoutModal.modal("hide")}showBackendLockedModal(){this.$backendLockedModal.modal(this.options.modalConfig),this.$backendLockedModal.modal("show")}hideBackendLockedModal(){this.$backendLockedModal.modal("hide")}showLoginForm(){new i(TYPO3.settings.ajaxUrls.logout).get().then(()=>{TYPO3.configuration.showRefreshLoginPopup?this.showLoginPopup():(this.$loginForm.modal(this.options.modalConfig),this.$loginForm.modal("show"))})}showLoginPopup(){const e=window.open(this.loginFramesetUrl,"relogin_"+Math.random().toString(16).slice(2),"height=450,width=700,status=0,menubar=0,location=1");e&&e.focus()}hideLoginForm(){this.$loginForm.modal("hide")}initializeBackendLockedModal(){this.$backendLockedModal=this.generateModal(s.lockedModal),this.$backendLockedModal.find(".modal-header h4").text(TYPO3.lang["mess.please_wait"]),this.$backendLockedModal.find(".modal-body").append(o.default("<p />").text(TYPO3.lang["mess.be_locked"])),this.$backendLockedModal.find(".modal-footer").remove(),o.default("body").append(this.$backendLockedModal)}initializeTimeoutModal(){this.$timeoutModal=this.generateModal(s.loginrefresh),this.$timeoutModal.addClass("modal-severity-notice"),this.$timeoutModal.find(".modal-header h4").text(TYPO3.lang["mess.login_about_to_expire_title"]),this.$timeoutModal.find(".modal-body").append(o.default("<p />").text(TYPO3.lang["mess.login_about_to_expire"]),o.default("<div />",{class:"progress"}).append(o.default("<div />",{class:"progress-bar progress-bar-warning progress-bar-striped progress-bar-animated",role:"progressbar","aria-valuemin":"0","aria-valuemax":"100"}).append(o.default("<span />",{class:"sr-only"})))),this.$timeoutModal.find(".modal-footer").append(o.default("<button />",{class:"btn btn-default","data-action":"logout"}).text(TYPO3.lang["mess.refresh_login_logout_button"]).on("click",()=>{top.location.href=this.logoutUrl}),o.default("<button />",{class:"btn btn-primary t3js-active","data-action":"refreshSession"}).text(TYPO3.lang["mess.refresh_login_refresh_button"]).on("click",()=>{new i(TYPO3.settings.ajaxUrls.login_timedout).get().then(()=>{this.hideTimeoutModal()})})),this.registerDefaultModalEvents(this.$timeoutModal),o.default("body").append(this.$timeoutModal)}initializeLoginForm(){if(TYPO3.configuration.showRefreshLoginPopup)return;this.$loginForm=this.generateModal(s.loginFormModal),this.$loginForm.addClass("modal-notice");let e=String(TYPO3.lang["mess.refresh_login_title"]).replace("%s",TYPO3.configuration.username);this.$loginForm.find(".modal-header h4").text(e),this.$loginForm.find(".modal-body").append(o.default("<p />").text(TYPO3.lang["mess.login_expired"]),o.default("<form />",{id:"beLoginRefresh",method:"POST",action:TYPO3.settings.ajaxUrls.login}).append(o.default("<div />").append(o.default("<input />",{type:"text",name:"username",class:"d-none",value:TYPO3.configuration.username}),o.default("<input />",{type:"hidden",name:"userident",id:"t3-loginrefresh-userident"})),o.default("<div />",{class:"form-group"}).append(o.default("<input />",{type:"password",name:"p_field",autofocus:"autofocus",class:"form-control",placeholder:TYPO3.lang["mess.refresh_login_password"]})))),this.$loginForm.find(".modal-body .d-none").attr("autocomplete","username"),this.$loginForm.find(".modal-body .form-control").attr("autocomplete","current-password"),this.$loginForm.find(".modal-footer").append(o.default("<a />",{href:this.logoutUrl,class:"btn btn-default"}).text(TYPO3.lang["mess.refresh_exit_button"]),o.default("<button />",{type:"button",class:"btn btn-primary","data-action":"refreshSession"}).text(TYPO3.lang["mess.refresh_login_button"]).on("click",()=>{this.$loginForm.find("form").trigger("submit")})),this.registerDefaultModalEvents(this.$loginForm).on("submit",this.submitForm),o.default("body").append(this.$loginForm)}generateModal(e){return o.default("<div />",{id:e,class:"t3js-modal "+e+" modal modal-type-default modal-severity-notice modal-style-light modal-size-small fade"}).append(o.default("<div />",{class:"modal-dialog"}).append(o.default("<div />",{class:"modal-content"}).append(o.default("<div />",{class:"modal-header"}).append(o.default("<h4 />",{class:"modal-title"})),o.default("<div />",{class:"modal-body"}),o.default("<div />",{class:"modal-footer"}))))}fillProgressbar(e){if(!this.isTimingOut)return;let t=0;const o=e.find(".progress-bar"),i=o.children(".sr-only"),a=setInterval(()=>{const e=t>=100;!this.isTimingOut||e?(clearInterval(a),e&&(this.hideTimeoutModal(),this.showLoginForm()),t=0):t+=1;const s=t+"%";o.css("width",s),i.text(s)},300)}registerDefaultModalEvents(e){return e.on("hidden.bs.modal",()=>{this.startTask()}).on("shown.bs.modal",()=>{this.stopTask(),this.$timeoutModal.find(".modal-footer .t3js-active").first().focus()}),e}}let l;try{window.opener&&window.opener.TYPO3&&window.opener.TYPO3.LoginRefresh&&(l=window.opener.TYPO3.LoginRefresh),parent&&parent.window.TYPO3&&parent.window.TYPO3.LoginRefresh&&(l=parent.window.TYPO3.LoginRefresh),top&&top.TYPO3&&top.TYPO3.LoginRefresh&&(l=top.TYPO3.LoginRefresh)}catch(e){}return l||(l=new n,"undefined"!=typeof TYPO3&&(TYPO3.LoginRefresh=l)),l}));
\ No newline at end of file
......@@ -84,7 +84,7 @@
"ext-gd": "GDlib/Freetype is required for building images with text (GIFBUILDER) and can also be used to scale images",
"ext-intl": "TYPO3 with unicode-based filesystems",
"ext-mysqli": "",
"ext-openssl": "OpenSSL is required for sending SMTP mails over an encrypted channel endpoint, and for extensions such as \"rsaauth\"",
"ext-openssl": "OpenSSL is required for sending SMTP mails over an encrypted channel endpoint",
"ext-zip": "",
"ext-zlib": "TYPO3 uses zlib for amongst others output compression and un/packing t3x extension files"
},
......
......@@ -46,7 +46,7 @@
<div>
<label>
<f:translate key="password"/>
<f:form.password name="pass" data="{rsa-encryption: ''}"/>
<f:form.password name="pass"/>
</label>
</div>
......
......@@ -24,7 +24,6 @@ use TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash;
use TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash;
use TYPO3\CMS\Core\Crypto\Random;
use TYPO3\CMS\Core\Utility\Exception\MissingArrayPathException;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Install\Service\Exception\ConfigurationChangedException;
......@@ -222,46 +221,35 @@ class SilentConfigurationUpgradeService
}
/**
* Backend login security is set to rsa if rsaauth
* is installed (but not used) otherwise the default value "normal" has to be used.
* This forces either 'normal' or 'rsa' to be set in LocalConfiguration.
* This forces 'normal' for backend login security level.
*
* @throws ConfigurationChangedException
*/
protected function configureBackendLoginSecurity()
{
$rsaauthLoaded = ExtensionManagementUtility::isLoaded('rsaauth');
try {
$currentLoginSecurityLevelValue = $this->configurationManager->getLocalConfigurationValueByPath('BE/loginSecurityLevel');
if ($rsaauthLoaded && $currentLoginSecurityLevelValue !== 'rsa') {
$this->configurationManager->setLocalConfigurationValueByPath('BE/loginSecurityLevel', 'rsa');
$this->throwConfigurationChangedException();
} elseif (!$rsaauthLoaded && $currentLoginSecurityLevelValue !== 'normal') {
if ($currentLoginSecurityLevelValue !== 'normal') {
$this->configurationManager->setLocalConfigurationValueByPath('BE/loginSecurityLevel', 'normal');
$this->throwConfigurationChangedException();
}
} catch (MissingArrayPathException $e) {
// If an exception is thrown, the value is not set in LocalConfiguration
$this->configurationManager->setLocalConfigurationValueByPath(
'BE/loginSecurityLevel',
$rsaauthLoaded ? 'rsa' : 'normal'
);
$this->configurationManager->setLocalConfigurationValueByPath('BE/loginSecurityLevel', 'normal');
$this->throwConfigurationChangedException();
}
}
/**
* Frontend login security is set to normal in case
* any other value is set while ext:rsaauth is not loaded.
* Frontend login security is set to normal in case other value is set.
*
* @throws ConfigurationChangedException
*/
protected function configureFrontendLoginSecurity()
{
$rsaauthLoaded = ExtensionManagementUtility::isLoaded('rsaauth');
try {
$currentLoginSecurityLevelValue = $this->configurationManager->getLocalConfigurationValueByPath('FE/loginSecurityLevel');
if (!$rsaauthLoaded && $currentLoginSecurityLevelValue !== 'normal') {
if ($currentLoginSecurityLevelValue !== 'normal') {
$this->configurationManager->setLocalConfigurationValueByPath('FE/loginSecurityLevel', 'normal');
$this->throwConfigurationChangedException();
}
......
......@@ -82,7 +82,7 @@ class Check implements CheckInterface
protected $suggestedPhpExtensions = [
'fileinfo' => 'This extension is used for proper file type detection in the File Abstraction Layer.',
'intl' => 'This extension is used for correct language and locale handling.',
'openssl' => 'This extension is used for sending SMTP mails over an encrypted channel endpoint, and for extensions such as "rsaauth".'
'openssl' => 'This extension is used for sending SMTP mails over an encrypted channel endpoint.'
];
public function __construct()
......
<?php
/*
* This file is part of the TYPO3 CMS project.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
namespace TYPO3\CMS\Install\Updates;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
/**
* Installs and downloads EXT:rsaauth if requested
* @internal This class is only meant to be used within EXT:install and is not part of the TYPO3 Core API.
*/
class RsaauthExtractionUpdate extends AbstractDownloadExtensionUpdate
{
/**
* @var \TYPO3\CMS\Install\Updates\ExtensionModel
*/
protected $extension;
/**
* @var \TYPO3\CMS\Install\Updates\Confirmation
*/
protected $confirmation;
public function __construct()
{
$this->extension = new ExtensionModel(
'rsaauth',
'Deprecated rsaauth extension',
'10.0.0',
'friendsoftypo3/rsaauth',
'Contains a service to authenticate TYPO3 BE and FE users using private/public key encryption of passwords.'
);
$this->confirmation = new Confirmation(
'Are you sure?',
'Do not install this extension. Use HTTPS instead. ' . $this->extension->getDescription(),
false
);
}
/**
* Return a confirmation message instance
*
* @return \TYPO3\CMS\Install\Updates\Confirmation
*/
public function getConfirmation(): Confirmation
{
return $this->confirmation;
}
/**
* Return the identifier for this wizard
* This should be the same string as used in the ext_localconf class registration
*
* @return string
*/
public function getIdentifier(): string
{
return 'rsaauthExtension';
}
/**
* Return the speaking name of this wizard
*
* @return string
*/
public function getTitle(): string
{
return 'Install extension "rsaauth" from TER if the site is still not secured using HTTPS';
}
/**
* Return the description for this wizard
*
* @return string
*/
public function getDescription(): string
{
return 'The extension "rsaauth" adds a public/private key based encryption for Backend and Frontend'
. ' login passwords. The approach is limited and has various flaws. The extension is fully'
. ' obsolete if the instance uses HTTPS.';
}
/**
* Is an update necessary?
* Is used to determine whether a wizard needs to be run.
*
* @return bool
*/
public function updateNecessary(): bool
{
return !ExtensionManagementUtility::isLoaded('rsaauth');
}
/**
* Returns an array of class names of Prerequisite classes
* This way a wizard can define dependencies like "database up-to-date" or
* "reference index updated"
*
* @return string[]
*/
public function getPrerequisites(): array
{
return [
DatabaseUpdatedPrerequisite::class
];
}
}
......@@ -26,10 +26,8 @@ use TYPO3\CMS\Core\Configuration\ConfigurationManager;
use TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2idPasswordHash;
use TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash;
use TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash;
use TYPO3\CMS\Core\Package\PackageManager;
use TYPO3\CMS\Core\Tests\Unit\Utility\AccessibleProxies\ExtensionManagementUtilityAccessibleProxy;
use TYPO3\CMS\Core\Utility\Exception\MissingArrayPathException;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\Core\Cache\FluidTemplateCache;
use TYPO3\CMS\Install\Service\Exception\ConfigurationChangedException;
......@@ -79,29 +77,10 @@ class SilentConfigurationUpgradeServiceTest extends UnitTestCase
->getMock();
}
/**
* Dataprovider for configureBackendLoginSecurity
*
* @return array
*/
public function configureBackendLoginSecurityLocalconfiguration(): array
{
return [
['', 'rsa', true, false],
['normal', 'rsa', true, true],
['rsa', 'normal', false, true],
];
}
/**
* @test
* @dataProvider configureBackendLoginSecurityLocalconfiguration
* @param string $current
* @param string $setting
* @param bool $isPackageActive
* @param bool $hasLocalConfig
*/
public function configureBackendLoginSecurity($current, $setting, $isPackageActive, $hasLocalConfig)
public function configureBackendLoginSecurity(): void
{
/** @var $silentConfigurationUpgradeServiceInstance SilentConfigurationUpgradeService|\PHPUnit\Framework\MockObject\MockObject|\TYPO3\TestingFramework\Core\AccessibleObjectInterface */
$silentConfigurationUpgradeServiceInstance = $this->getAccessibleMock(
......@@ -112,19 +91,9 @@ class SilentConfigurationUpgradeServiceTest extends UnitTestCase
false
);
/** @var $packageManager PackageManager|\PHPUnit\Framework\MockObject\MockObject */
$packageManager = $this->createMock(PackageManager::class);
$packageManager->expects(self::any())
->method('isPackageActive')
->willReturn($isPackageActive);
ExtensionManagementUtility::setPackageManager($packageManager);
$currentLocalConfiguration = [
['BE/loginSecurityLevel', $current]
['BE/loginSecurityLevel', 'rsa']
];
$closure = function () {
throw new MissingArrayPathException('Path does not exist in array', 1538160231);
};
$this->createConfigurationManagerWithMockedMethods(
[
......@@ -132,18 +101,12 @@ class SilentConfigurationUpgradeServiceTest extends UnitTestCase
'setLocalConfigurationValueByPath',
]
);
if ($hasLocalConfig) {
$this->configurationManager->expects(self::once())
->method('getLocalConfigurationValueByPath')
->willReturnMap($currentLocalConfiguration);
} else {
$this->configurationManager->expects(self::once())
->method('getLocalConfigurationValueByPath')
->willReturnCallback($closure);
}
$this->configurationManager->expects(self::once())
->method('getLocalConfigurationValueByPath')
->willReturnMap($currentLocalConfiguration);
$this->configurationManager->expects(self::once())
->method('setLocalConfigurationValueByPath')
->with(self::equalTo('BE/loginSecurityLevel'), self::equalTo($setting));
->with(self::equalTo('BE/loginSecurityLevel'), self::equalTo('normal'));
$this->expectException(ConfigurationChangedException::class);
......@@ -152,29 +115,10 @@ class SilentConfigurationUpgradeServiceTest extends UnitTestCase
$silentConfigurationUpgradeServiceInstance->_call('configureBackendLoginSecurity');
}
/**
* Dataprovider for configureBackendLoginSecurity
*
* @return array
*/
public function configureFrontendLoginSecurityLocalconfiguration(): array
{
return [
['', 'rsa', true, false],
['normal', 'rsa', true, true],
['rsa', 'normal', false, true],
];
}
/**
* @test
* @dataProvider configureFrontendLoginSecurityLocalconfiguration
* @param string $current
* @param string $setting
* @param bool $isPackageActive
* @param bool $hasLocalConfig
*/
public function configureFrontendLoginSecurity($current, $setting, $isPackageActive, $hasLocalConfig)
public function configureFrontendLoginSecurity(): void
{
/** @var $silentConfigurationUpgradeServiceInstance SilentConfigurationUpgradeService|\PHPUnit\Framework\MockObject\MockObject|\TYPO3\TestingFramework\Core\AccessibleObjectInterface */
$silentConfigurationUpgradeServiceInstance = $this->getAccessibleMock(
......@@ -185,19 +129,9 @@ class SilentConfigurationUpgradeServiceTest extends UnitTestCase
false
);
/** @var $packageManager PackageManager|\PHPUnit\Framework\MockObject\MockObject */
$packageManager = $this->createMock(PackageManager::class);
$packageManager->expects(self::any())
->method('isPackageActive')
->willReturn($isPackageActive);
ExtensionManagementUtility::setPackageManager($packageManager);
$currentLocalConfiguration = [
['FE/loginSecurityLevel', $current]
['FE/loginSecurityLevel', 'rsa']
];
$closure = function () {
throw new MissingArrayPathException('Path does not exist in array', 1476109311);
};
$this->createConfigurationManagerWithMockedMethods(
[
......@@ -205,22 +139,14 @@ class SilentConfigurationUpgradeServiceTest extends UnitTestCase
'setLocalConfigurationValueByPath',
]
);
if ($hasLocalConfig) {
$this->configurationManager->expects(self::once())
->method('getLocalConfigurationValueByPath')
->willReturnMap($currentLocalConfiguration);
} else {
$this->configurationManager->expects(self::once())
->method('getLocalConfigurationValueByPath')
->willReturnCallback($closure);
}
if ($isPackageActive === false) {
$this->configurationManager->expects(self::once())
->method('setLocalConfigurationValueByPath')
->with(self::equalTo('FE/loginSecurityLevel'), self::equalTo($setting));
$this->configurationManager->expects(self::once())
->method('getLocalConfigurationValueByPath')
->willReturnMap($currentLocalConfiguration);
$this->configurationManager->expects(self::once())
->method('setLocalConfigurationValueByPath')
->with(self::equalTo('FE/loginSecurityLevel'), self::equalTo('normal'));
$this->expectException(ConfigurationChangedException::class);
}
$this->expectException(ConfigurationChangedException::class);
$silentConfigurationUpgradeServiceInstance->_set('configurationManager', $this->configurationManager);
......
......@@ -3,8 +3,6 @@
defined('TYPO3') or die();
// v9->v10 wizards below this line
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/install']['update']['rsaauthExtension']
= \TYPO3\CMS\Install\Updates\RsaauthExtractionUpdate::class;
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/install']['update']['feeditExtension']
= \TYPO3\CMS\Install\Updates\FeeditExtractionUpdate::class;
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/install']['update']['taskcenterExtension']
......
......@@ -512,7 +512,6 @@ class SetupModuleController
if ($type === 'password') {
$value = '';
$noAutocomplete = 'autocomplete="new-password" ';
$more .= ' data-rsa-encryption=""';
}
$html = '<input aria-labelledby="label_' . htmlspecialchars($fieldName) . '" id="field_' . htmlspecialchars($fieldName) . '"
type="' . htmlspecialchars($type) . '"
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment