‪TYPO3CMS  9.5
Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | List of all members
TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService Class Reference
Inheritance diagram for TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService:
TYPO3\CMS\Core\Authentication\AbstractAuthenticationService TYPO3\CMS\Core\Service\AbstractService TYPO3\CMS\Saltedpasswords\SaltedPasswordService

Public Member Functions

 __construct ()
 
bool init ()
 
bool compareUident (array $user, array $loginData, $passwordCompareStrategy='')
 
int authUser (array $user)
 
 writeLogMessage ($message,... $params)
 
- ‪Public Member Functions inherited from ‪TYPO3\CMS\Core\Authentication\AbstractAuthenticationService
 initAuth ($mode, $loginData, $authInfo, $pObj)
 
 writelog ($type, $action, $error, $details_nr, $details, $data, $tablename='', $recuid='', $recpid='')
 
mixed fetchUserRecord ($username, $extraWhere='', $dbUserSetup='')
 
- ‪Public Member Functions inherited from ‪TYPO3\CMS\Core\Service\AbstractService
array getServiceInfo ()
 
string getServiceKey ()
 
string getServiceTitle ()
 
mixed getServiceOption ($optionName, $defaultValue='', $includeDefaultConfig=true)
 
 devLog ($msg, $severity=0, $dataVar=false)
 
 errorPush ($errNum=self::ERROR_GENERAL, $errMsg='Unspecified error occurred')
 
 errorPull ()
 
int bool getLastError ()
 
string getLastErrorMsg ()
 
array getErrorMsgArray ()
 
array getLastErrorArray ()
 
 resetErrors ()
 
bool checkExec ($progList)
 
 deactivateService ()
 
string bool checkInputFile ($absFile)
 
string bool readFile ($absFile, $length=0)
 
string bool writeFile ($content, $absFile='')
 
string bool tempFile ($filePrefix)
 
 registerTempFile ($absFile)
 
 unlinkTempFiles ()
 
 setInput ($content, $type='')
 
 setInputFile ($absFile, $type='')
 
mixed getInput ()
 
string getInputFile ($createFile='')
 
 setOutputFile ($absFile)
 
mixed getOutput ()
 
mixed getOutputFile ($absFile='')
 
 reset ()
 
 __destruct ()
 

Public Attributes

string $prefixId = 'tx_saltedpasswords_sv1'
 
string $extKey = 'saltedpasswords'
 
- ‪Public Attributes inherited from ‪TYPO3\CMS\Core\Authentication\AbstractAuthenticationService
AbstractUserAuthentication $pObj
 
string $mode
 
array $login = array( )
 
array $authInfo = array( )
 
array $db_user = array( )
 
array $db_groups = array( )
 
bool $writeAttemptLog = false
 
- ‪Public Attributes inherited from ‪TYPO3\CMS\Core\Service\AbstractService
const ERROR_GENERAL = -1
 
const ERROR_SERVICE_NOT_AVAILABLE = -2
 
const ERROR_WRONG_SUBTYPE = -3
 
const ERROR_NO_INPUT = -4
 
const ERROR_FILE_NOT_FOUND = -20
 
const ERROR_FILE_NOT_READABLE = -21
 
const ERROR_FILE_NOT_WRITEABLE = -22
 
const ERROR_PROGRAM_NOT_FOUND = -40
 
const ERROR_PROGRAM_FAILED = -41
 
array $info = array( )
 
array $error = array( )
 
string $out = ''
 
string $inputFile = ''
 
string $inputContent = ''
 
string $inputType = ''
 
string $outputFile = ''
 
array $tempFiles = array( )
 

Protected Member Functions

 updatePassword ($uid, $updateFields)
 

Protected Attributes

mixed $extConf
 
TYPO3 CMS Core Crypto PasswordHashing PasswordHashInterface $objInstanceSaltedPW
 
bool $authenticationFailed = false
 
- ‪Protected Attributes inherited from ‪TYPO3\CMS\Core\Service\AbstractService
array $shutdownRegistry = array( )
 
string $prefixId = ''
 

Detailed Description

Class implements salted-password hashes authentication service. Contains authentication service class for salted hashed passwords.

Deprecated:
‪since TYPO3 v9, will be removed in TYPO3 v10.0

Definition at line 28 of file SaltedPasswordService.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::__construct ( )

Constructor deprecates this class.

Definition at line 67 of file SaltedPasswordService.php.

Member Function Documentation

◆ authUser()

int TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::authUser ( array  $user)

Method adds a further authUser method.

Will return one of following authentication status codes:

  • ‪0 - authentication failure
  • ‪100 - just go on. User is not authenticated but there is still no reason to stop
  • ‪200 - the service was able to authenticate the user
Parameters
array$user‪Array containing FE user data of the logged user.
Returns
‪int Authentication statuscode, one of 0,100 and 200

Definition at line 158 of file SaltedPasswordService.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService\compareUident(), TYPO3\CMS\Core\Authentication\AbstractAuthenticationService\writelog(), and TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService\writeLogMessage().

◆ compareUident()

bool TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::compareUident ( array  $user,
array  $loginData,
  $passwordCompareStrategy = '' 
)

Checks the login data with the user record data for builtin login method.

Parameters
array$user‪User data array
array$loginData‪Login data array
string$passwordCompareStrategy‪Password compare strategy
Returns
‪bool TRUE if login data matched

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractAuthenticationService.

Definition at line 92 of file SaltedPasswordService.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordsUtility\getDefaultSaltingHashingMethod(), TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory\getSaltingInstance(), and TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService\updatePassword().

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService\authUser().

◆ init()

bool TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::init ( )

Set salted passwords extension configuration to $this->extConf

Returns
‪bool TRUE

Reimplemented from TYPO3\CMS\Core\Service\AbstractService.

Definition at line 77 of file SaltedPasswordService.php.

References TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordsUtility\returnExtConf().

◆ updatePassword()

TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::updatePassword (   $uid,
  $updateFields 
)
protected

Method updates a FE/BE user record - in this case a new password string will be set.

Parameters
int$uid‪uid of user record that will be updated
mixed$updateFields‪Field values as key=>value pairs to be updated in database

Definition at line 204 of file SaltedPasswordService.php.

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService\compareUident().

◆ writeLogMessage()

TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::writeLogMessage (   $message,
  $params 
)

Writes log message. Destination log depends on the current system mode. For FE the function writes to the admin panel log. For BE messages are sent to the system log. If developer log is enabled, messages are also sent there.

This function accepts variable number of arguments and can format parameters. The syntax is the same as for sprintf()

Parameters
string$message‪Message to output
array<int,mixed>‪$params

Definition at line 230 of file SaltedPasswordService.php.

Referenced by TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService\authUser().

Member Data Documentation

◆ $authenticationFailed

bool TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::$authenticationFailed = false
protected

Indicates whether the salted password authentication has failed.

Prevents authentication bypass. See vulnerability report: http://forge.typo3.org/issues/22030

Definition at line 62 of file SaltedPasswordService.php.

◆ $extConf

mixed TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::$extConf
protected

Keeps extension configuration.

Definition at line 46 of file SaltedPasswordService.php.

◆ $extKey

string TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::$extKey = 'saltedpasswords'

Keeps extension key.

Definition at line 40 of file SaltedPasswordService.php.

◆ $objInstanceSaltedPW

TYPO3 CMS Core Crypto PasswordHashing PasswordHashInterface TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::$objInstanceSaltedPW
protected

An instance of the salted hashing method. This member is set in the getSaltingInstance() function.

Definition at line 53 of file SaltedPasswordService.php.

◆ $prefixId

string TYPO3\CMS\Core\Crypto\PasswordHashing\SaltedPasswordService::$prefixId = 'tx_saltedpasswords_sv1'

Keeps class name.

Definition at line 34 of file SaltedPasswordService.php.