Commit 028d3420 authored by Christian Kuhn's avatar Christian Kuhn Committed by Anja Leichsenring
Browse files

[!!!][TASK] Remove deprecated code from core Crypto/PasswordHashing

Removed classes:
TYPO3\CMS\Core\Crypto\PasswordHashing\AbstractComposedSalt

Removed interfaces:
TYPO3\CMS\Core\Crypto\PasswordHashing\ComposedPasswordHashInterface
TYPO3\CMS\Core\Crypto\PasswordHashing\ExtensionManagerConfigurationUtility
TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService
TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordsUtility

Removed class aliases:
TYPO3\CMS\Saltedpasswords\Salt\AbstractSalt
TYPO3\CMS\Saltedpasswords\Salt\AbstractComposedSalt
TYPO3\CMS\Saltedpasswords\Salt\Argon2iSalt
TYPO3\CMS\Saltedpasswords\Salt\BcryptSalt
TYPO3\CMS\Saltedpasswords\Salt\BlowfishSalt
TYPO3\CMS\Saltedpasswords\Salt\ComposedSaltInterface
TYPO3\CMS\Saltedpasswords\Salt\Md5Salt
TYPO3\CMS\Saltedpasswords\Salt\SaltFactory
TYPO3\CMS\Saltedpasswords\Salt\SaltInterface
TYPO3\CMS\Saltedpasswords\Salt\Pbkdf2Salt
TYPO3\CMS\Saltedpasswords\Salt\PhpassSalt
TYPO3\CMS\Saltedpasswords\SaltedPasswordsService
TYPO3\CMS\Saltedpasswords\Utility\ExensionManagerConfigurationUtility
TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility

Removed methods:
TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash->getOptions()
TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash->setOptions()
TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash->getOptions()
TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash->setOptions()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getMinHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getSaltLength()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->getSetting()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->setHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->setMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishSalt->setMinHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->getSetting()
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->getSaltLength()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getMinHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getSaltLength()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getSetting()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->setHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->setMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->setMinHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getMinHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getSaltLength()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getSetting()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->setHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->setMaxHashCount()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->setMinHashCount()

Protected methods:
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash->isValidSalt()
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash->base64Encode()
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->isValidSalt()
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->base64Encode()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->isValidSalt()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->base64Encode()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->base64Decode()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->isValidSalt()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->base64Encode()

Removed static methods:
TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::determineSaltingHashingMethod()
TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::getSaltingInstance()
TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::setPreferredHashingMethod()

Second method argument dropped:
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash->getHashedPassword()
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash->getHashedPassword()
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash->getHashedPassword()
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash->getHashedPassword()

Ignored options:
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/saltedpasswords']['saltMethods']

Dropped constants:
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::ITOA64
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::MAX_HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\BlowfishPasswordHash::MIN_HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\Md5PasswordHash::ITOA64
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::ITOA64
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::MAX_HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash::MIN_HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::ITOA64
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::MAX_HASH_COUNT
TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash::MIN_HASH_COUNT

Removed language file aliases:
EXT:saltedpasswords/Resources/Private/Language/locallang.xlf
EXT:saltedpasswords/Resources/Private/Language/locallang_em.xlf

Change-Id: Ia6a18209f104ca1abc6981508fb8b640ef2eb1a3
Resolves: #87203
Releases: master
Reviewed-on: https://review.typo3.org/59197


Reviewed-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
Tested-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
Tested-by: default avatarTYPO3com <no-reply@typo3.com>
Reviewed-by: Anja Leichsenring's avatarAnja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Anja Leichsenring's avatarAnja Leichsenring <aleichsenring@ab-softlab.de>
parent cd55808b
<?php
declare(strict_types = 1);
namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
/*
* This file is part of the TYPO3 CMS project.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
/**
* Abstract class with methods needed to be extended
* in a salted hashing class that composes an own salted password hash.
*
* @deprecated and will be removed in TYPO3 v10.0.
*/
abstract class AbstractComposedSalt
{
/**
* Returns a string for mapping an int to the corresponding base 64 character.
*
* @return string String for mapping an int to the corresponding base 64 character
*/
abstract protected function getItoa64(): string;
/**
* Encodes bytes into printable base 64 using the *nix standard from crypt().
*
* @param string $input The string containing bytes to encode.
* @param int $count The number of characters (bytes) to encode.
* @return string Encoded string
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function base64Encode(string $input, int $count): string
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
$output = '';
$i = 0;
$itoa64 = $this->getItoa64();
do {
$value = ord($input[$i++]);
$output .= $itoa64[$value & 63];
if ($i < $count) {
$value |= ord($input[$i]) << 8;
}
$output .= $itoa64[$value >> 6 & 63];
if ($i++ >= $count) {
break;
}
if ($i < $count) {
$value |= ord($input[$i]) << 16;
}
$output .= $itoa64[$value >> 12 & 63];
if ($i++ >= $count) {
break;
}
$output .= $itoa64[$value >> 18 & 63];
} while ($i < $count);
return $output;
}
/**
* Method determines required length of base64 characters for a given
* length of a byte string.
*
* @param int $byteLength Length of bytes to calculate in base64 chars
* @return int Required length of base64 characters
* @deprecated and will be removed in TYPO3 v10.0.
*/
protected function getLengthBase64FromBytes(int $byteLength): int
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
// Calculates bytes in bits in base64
return (int)ceil($byteLength * 8 / 6);
}
}
......@@ -37,8 +37,6 @@ class Argon2iPasswordHash implements PasswordHashInterface
* We raise that significantly by default. At the time of this writing, with the options
* below, password_verify() needs about 130ms on an I7 6820 on 2 CPU's.
*
* Note the default values are set again in 'setOptions' below if needed.
*
* @var array
*/
protected $options = [
......@@ -114,14 +112,10 @@ class Argon2iPasswordHash implements PasswordHashInterface
* Creates a salted hash for a given plaintext password
*
* @param string $password Plaintext password to create a salted hash from
* @param string $salt Deprecated optional custom salt to use
* @return string|null Salted hashed password
*/
public function getHashedPassword(string $password, string $salt = null)
public function getHashedPassword(string $password)
{
if ($salt !== null) {
trigger_error(static::class . ': using a custom salt is deprecated in PHP password api and ignored.', E_USER_DEPRECATED);
}
$hashedPassword = null;
if ($password !== '') {
$hashedPassword = password_hash($password, PASSWORD_ARGON2I, $this->options);
......@@ -162,65 +156,4 @@ class Argon2iPasswordHash implements PasswordHashInterface
}
return $result;
}
/**
* @return array
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function getOptions(): array
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
return $this->options;
}
/**
* Set new memory_cost, time_cost, and thread values.
*
* @param array $options
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function setOptions(array $options): void
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
$newOptions = [];
// Check options for validity, else use hard coded defaults
if (isset($options['memory_cost'])) {
if ((int)$options['memory_cost'] < PASSWORD_ARGON2_DEFAULT_MEMORY_COST) {
throw new \InvalidArgumentException(
'memory_cost must not be lower than ' . PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
1526042080
);
}
$newOptions['memory_cost'] = (int)$options['memory_cost'];
} else {
$newOptions['memory_cost'] = 16384;
}
if (isset($options['time_cost'])) {
if ((int)$options['time_cost'] < PASSWORD_ARGON2_DEFAULT_TIME_COST) {
throw new \InvalidArgumentException(
'time_cost must not be lower than ' . PASSWORD_ARGON2_DEFAULT_TIME_COST,
1526042081
);
}
$newOptions['time_cost'] = (int)$options['time_cost'];
} else {
$newOptions['time_cost'] = 16;
}
if (isset($options['threads'])) {
if ((int)$options['threads'] < PASSWORD_ARGON2_DEFAULT_THREADS) {
throw new \InvalidArgumentException(
'threads must not be lower than ' . PASSWORD_ARGON2_DEFAULT_THREADS,
1526042082
);
}
$newOptions['threads'] = (int)$options['threads'];
} else {
$newOptions['threads'] = 2;
}
$this->options = $newOptions;
}
}
......@@ -37,8 +37,6 @@ class BcryptPasswordHash implements PasswordHashInterface
* Raise default PHP cost (10). At the time of this writing, this leads to
* 150-200ms computing time on a casual I7 CPU.
*
* Note the default values are set again in 'setOptions' below if needed.
*
* @var array
*/
protected $options = [
......@@ -98,14 +96,10 @@ class BcryptPasswordHash implements PasswordHashInterface
* Extend parent method to workaround bcrypt limitations.
*
* @param string $password Plaintext password to create a salted hash from
* @param string $salt Deprecated optional custom salt to use
* @return string Salted hashed password
*/
public function getHashedPassword(string $password, string $salt = null)
public function getHashedPassword(string $password)
{
if ($salt !== null) {
trigger_error(static::class . ': using a custom salt is deprecated in PHP password api and thus ignored.', E_USER_DEPRECATED);
}
$hashedPassword = null;
if ($password !== '') {
$password = $this->processPlainPassword($password);
......@@ -174,41 +168,4 @@ class BcryptPasswordHash implements PasswordHashInterface
{
return $cost >= PASSWORD_BCRYPT_DEFAULT_COST && $cost <= 31;
}
/**
* @return array
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function getOptions(): array
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
return $this->options;
}
/**
* Set new memory_cost, time_cost, and thread values.
*
* @param array $options
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function setOptions(array $options): void
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
$newOptions = [];
// Check options for validity, else use hard coded defaults
if (isset($options['cost'])) {
if (!$this->isValidBcryptCost((int)$options['cost'])) {
throw new \InvalidArgumentException(
'cost must not be lower than ' . PASSWORD_BCRYPT_DEFAULT_COST . ' or higher than 31',
1526042084
);
}
$newOptions['cost'] = (int)$options['cost'];
} else {
$newOptions['cost'] = 12;
}
$this->options = $newOptions;
}
}
......@@ -15,7 +15,6 @@ namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
* The TYPO3 project - inspiring people to share!
*/
use TYPO3\CMS\Core\Compatibility\PublicMethodDeprecationTrait;
use TYPO3\CMS\Core\Crypto\Random;
use TYPO3\CMS\Core\Utility\GeneralUtility;
......@@ -28,16 +27,6 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
*/
class BlowfishPasswordHash implements PasswordHashInterface
{
use PublicMethodDeprecationTrait;
/**
* @var array
*/
private $deprecatedPublicMethods = [
'isValidSalt' => 'Using BlowfishPasswordHash::isValidSalt() is deprecated and will not be possible anymore in TYPO3 v10.0.',
'base64Encode' => 'Using BlowfishPasswordHash::base64Encode() is deprecated and will not be possible anymore in TYPO3 v10.0.',
];
/**
* Prefix for the password hash.
*/
......@@ -50,37 +39,6 @@ class BlowfishPasswordHash implements PasswordHashInterface
'hash_count' => 7
];
/**
* Keeps a string for mapping an int to the corresponding
* base 64 character.
*
* @deprecated and will be removed in TYPO3 v10.0.
*/
const ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
/**
* The default log2 number of iterations for password stretching.
*
* @deprecated and will be removed in TYPO3 v10.0.
*/
const HASH_COUNT = 7;
/**
* The default maximum allowed log2 number of iterations for
* password stretching.
*
* @deprecated and will be removed in TYPO3 v10.0.
*/
const MAX_HASH_COUNT = 17;
/**
* The default minimum allowed log2 number of iterations for
* password stretching.
*
* @deprecated and will be removed in TYPO3 v10.0.
*/
const MIN_HASH_COUNT = 4;
/**
* Constructor sets options if given
*
......@@ -133,14 +91,10 @@ class BlowfishPasswordHash implements PasswordHashInterface
* Method creates a salted hash for a given plaintext password
*
* @param string $password plaintext password to create a salted hash from
* @param string $salt Deprecated optional custom salt with setting to use
* @return string Salted hashed password
*/
public function getHashedPassword(string $password, string $salt = null)
public function getHashedPassword(string $password)
{
if ($salt !== null) {
trigger_error(static::class . ': using a custom salt is deprecated.', E_USER_DEPRECATED);
}
$saltedPW = null;
if (!empty($password)) {
if (empty($salt) || !$this->isValidSalt($salt)) {
......@@ -322,102 +276,4 @@ class BlowfishPasswordHash implements PasswordHashInterface
// Calculates bytes in bits in base64
return (int)ceil($byteLength * 8 / 6);
}
/**
* Method returns log2 number of iterations for password stretching.
*
* @return int log2 number of iterations for password stretching
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function getHashCount(): int
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
return $this->options['hash_count'];
}
/**
* Method returns maximum allowed log2 number of iterations for password stretching.
*
* @return int Maximum allowed log2 number of iterations for password stretching
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function getMaxHashCount(): int
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
return 17;
}
/**
* Method returns minimum allowed log2 number of iterations for password stretching.
*
* @return int Minimum allowed log2 number of iterations for password stretching
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function getMinHashCount(): int
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
return 4;
}
/**
* Returns length of a Blowfish salt in bytes.
*
* @return int Length of a Blowfish salt in bytes
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function getSaltLength(): int
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
return 16;
}
/**
* Returns setting string of Blowfish salted hashes.
*
* @return string Setting string of Blowfish salted hashes
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function getSetting(): string
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
return self::PREFIX;
}
/**
* Method sets log2 number of iterations for password stretching.
*
* @param int $hashCount log2 number of iterations for password stretching to set
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function setHashCount(int $hashCount = null)
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
if ($hashCount >= 4 && $hashCount <= 17) {
$this->options['hash_count'] = $hashCount;
}
}
/**
* Method sets maximum allowed log2 number of iterations for password stretching.
*
* @param int $maxHashCount Maximum allowed log2 number of iterations for password stretching to set
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function setMaxHashCount(int $maxHashCount = null)
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
// Empty, max hash count is hard coded to 17
}
/**
* Method sets minimum allowed log2 number of iterations for password stretching.
*
* @param int $minHashCount Minimum allowed log2 number of iterations for password stretching to set
* @deprecated and will be removed in TYPO3 v10.0.
*/
public function setMinHashCount(int $minHashCount = null)
{
trigger_error('This method will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
// Empty, min hash count is hard coded to 4
}
}
<?php
declare(strict_types = 1);
namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
/*
* This file is part of the TYPO3 CMS project.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
/**
* Interface for implementing salts that compose the password-hash string
* themselves.
*
* @deprecated and will be removed in TYPO3 v10.0.
*/
interface ComposedPasswordHashInterface extends PasswordHashInterface
{
/**
* Returns length of required salt.
*
* @return int Length of required salt
*/
public function getSaltLength(): int;
/**
* Method determines if a given string is a valid salt
*
* @param string $salt String to check
* @return bool TRUE if it's valid salt, otherwise FALSE
*/
public function isValidSalt(string $salt): bool;
}
<?php
namespace TYPO3\CMS\Core\Crypto\PasswordHashing;
/*
* This file is part of the TYPO3 CMS project.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
use TYPO3\CMS\Core\Configuration\ExtensionConfiguration;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
* class providing configuration checks for saltedpasswords.
*
* @deprecated since TYPO3 v9, will be removed in TYPO3 v10.0
*/
class ExtensionManagerConfigurationUtility
{
/**
* @var array
*/
protected $extConf = [];
/**
* Deprecate this class
*/
public function __construct()
{
trigger_error(self::class . ' is obsolete and will be removed in TYPO3 v10.0.', E_USER_DEPRECATED);
}
/**
* Initializes this object.
*/
private function init()
{
$requestSetup = $this->processPostData((array)$_REQUEST['data']);
$extConf = GeneralUtility::makeInstance(ExtensionConfiguration::class)->get('saltedpasswords');
$this->extConf['BE'] = array_merge((array)$extConf['BE'], (array)$requestSetup['BE']);
$this->extConf['FE'] = array_merge((array)$extConf['FE'], (array)$requestSetup['FE']);
$this->getLanguageService()->includeLLFile('EXT:saltedpasswords/Resources/Private/Language/locallang.xlf');
}
/**
* Renders a selector element that allows to select the hash method to be used.
*
* @param array $params Field information to be rendered
* @param string $disposal The configuration disposal ('FE' or 'BE')
* @return string The HTML selector
*/
protected function buildHashMethodSelector(array $params, $disposal)
{
$this->init();
$propertyName = $params['propertyName'];
$unknownVariablePleaseRenameMe = '\'' . substr(md5($propertyName), 0, 10) . '\'';
$pField = '';
$registeredMethods = \TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory::getRegisteredSaltedHashingMethods();
foreach ($registeredMethods as $class => $reference) {
$classInstance = GeneralUtility::makeInstance($reference);
if ($classInstance instanceof \TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashInterface && $classInstance->isAvailable()) {
$sel = $this->extConf[$disposal]['saltedPWHashingMethod'] == $class ? ' selected="selected" ' : '';
$label = 'ext.saltedpasswords.title.' . strtolower(end(explode('\\', $class)));
$pField .= '<option value="' . htmlspecialchars($class) . '"' . $sel . '>' . $GLOBALS['LANG']->getLL($label) . '</option>';
}
}
$pField = '<select class="form-control" id="' . $propertyName . '" name="' . $params['fieldName'] .
'" onChange="uFormUrl(' . $unknownVariablePleaseRenameMe . ')">' . $pField . '</select>';
return $pField;
}
/**
* Renders a selector element that allows to select the hash method to be
* used (frontend disposal).
*
* @param array $params Field information to be rendered
* @return string The HTML selector
*/
public function buildHashMethodSelectorFE(array $params)
{
return $this->buildHashMethodSelector($params, 'FE');
}
/**
* Renders a selector element that allows to select the hash method to
* be used (backend disposal)
*
* @param array $params Field information to be rendered
* @return string The HTML selector
*/
public function buildHashMethodSelectorBE(array $params)
{
return $this->buildHashMethodSelector($params, 'BE');
}
/**
* Processes the information submitted by the user using a POST request and
* transforms it to a TypoScript node notation.
*
* @param array $postArray Incoming POST information
* @return array Processed and transformed POST information
*/
protected function processPostData(array $postArray = [])
{
foreach ($postArray as $key => $value) {
// @todo Explain
$parts = explode('.', $key, 2);
if (count($parts) == 2) {