Validation checks fixes

Version 5.0.4

Classes/Services/LUBEAuthService.php

@@ -23,6 +23,8 @@ use Lu\LuAuth\Models\Users;
 use Lu\LDAPAuthorization\LDAP;
 use TYPO3\CMS\Core\Authentication\AbstractAuthenticationService;
 use TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
+use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
+use TYPO3\CMS\Core\Utility\GeneralUtility;
 
 /**
  * Class LUBEAuthService
@@ -82,14 +84,15 @@ class LUBEAuthService extends AbstractAuthenticationService
      *
      * @return array|null
      */
-    public function getUser(): ?array
+    public function getUser()
     {
-        // Set initial authenticated value un false
-        $user = [
+        // Set initial authenticated value false and prepare for default data
+        $hashInstance = GeneralUtility::makeInstance(PasswordHashFactory::class)->getDefaultHashInstance('BE');
+        $user         = [
             'authenticated' => false,
+            'password'      => $hashInstance->getHashedPassword($this->password),
         ];
 
-
         // Check if login request
         $server = new Server();
         if ($this->loginData['status'] == 'login' && !$this->username->empty()) {
@@ -98,7 +101,8 @@ class LUBEAuthService extends AbstractAuthenticationService
 
             // Bind and get user data
             $ldapuser = $ldap->authorize($this->username->toString(), $this->password);// Check if data received
-            if ($ldapuser) {
+
+            if ($ldapuser->isValid()) {
                 // Fetch user data
                 $UserModel = new Users(RequestType::BE);
                 $user      = $UserModel->getUserData($this->username);
@@ -106,8 +110,6 @@ class LUBEAuthService extends AbstractAuthenticationService
                 if ($user) {
                     $user['authenticated'] = true;
                 }
-            } else {
-                return null;
             }
         }
 

Classes/Services/LUFEAuthService.php

@@ -94,17 +94,17 @@ class LUFEAuthService extends AbstractAuthenticationService
     /**
      * Initialize authentication service
      *
-     * @param string $mode Subtype of the service which is used to call the service.
-     * @param array $loginData Submitted login form data
-     * @param array $authInfo Information array. Holds submitted form data etc.
-     * @param AbstractUserAuthentication $pObj Parent object
+     * @param string                     $mode      Subtype of the service which is used to call the service.
+     * @param array                      $loginData Submitted login form data
+     * @param array                      $authInfo  Information array. Holds submitted form data etc.
+     * @param AbstractUserAuthentication $pObj      Parent object
      */
     public function initAuth($mode, $loginData, $authInfo, $pObj)
     {
         // Store login and authentication data
-        $this->login = $loginData;
+        $this->login    = $loginData;
         $this->authInfo = $authInfo;
-        $this->pObj = $pObj;
+        $this->pObj     = $pObj;
     }
 
     /**
@@ -114,8 +114,8 @@ class LUFEAuthService extends AbstractAuthenticationService
      */
     public function getUser()
     {
-        // Set initial authenticated value un false
-        $user = [
+        // Set initial authenticated value false and prepare for default data
+        $user         = [
             'authenticated' => false,
         ];
 
@@ -153,11 +153,14 @@ class LUFEAuthService extends AbstractAuthenticationService
             // Failed login attempt (wrong password) - write that to the log!
             if (!$OK) {
                 if ($this->writeAttemptLog) {
-                    $this->logger->info(sprintf("Login-attempt from %s (%s), username '%s', password not accepted!",
-                        $this->info['REMOTE_ADDR'],
-                        $this->info['REMOTE_HOST'],
-                        $this->username->toString()
-                    ));
+                    $this->logger->info(
+                        sprintf(
+                            "Login-attempt from %s (%s), username '%s', password not accepted!",
+                            $this->info['REMOTE_ADDR'],
+                            $this->info['REMOTE_HOST'],
+                            $this->username->toString()
+                        )
+                    );
                 }
             }
 
@@ -178,7 +181,7 @@ class LUFEAuthService extends AbstractAuthenticationService
     {
         // Pre-set used models
         $UserModel = new Users(RequestType::FE);
-        $LuisLib = new LuisLibrary();
+        $LuisLib   = new LuisLibrary();
 
         // Get user date and reactivate if disabled
         $user = $UserModel->getUserData($this->username, 'activate');
@@ -221,7 +224,7 @@ class LUFEAuthService extends AbstractAuthenticationService
         $server = new Server();
         if (!empty($server->conf['logoutInfoUrl'])) {
             $redirectUrl = GeneralUtility::sanitizeLocalUrl($this->conf['logoutInfoUrl']);
-            header('Location: ' . GeneralUtility::locationHeaderUrl($redirectUrl));
+            header('Location: '.GeneralUtility::locationHeaderUrl($redirectUrl));
             die;
         }
     }

composer.json

 {
   "name": "luitd/lu-auth",
-  "version": "5.0.3",
+  "version": "5.0.4",
   "description": "TYPO3 Authentication for University of Latvia",
   "type": "typo3-cms-extension",
   "keywords": [

ext_emconf.php

@@ -14,7 +14,7 @@ $EM_CONF[$_EXTKEY] = [
     'title'              => 'LU Authentication',
     'description'        => 'TYPO3 Authentication for University of Latvia',
     'category'           => 'misc',
-    'version'            => '5.0.3',
+    'version'            => '5.0.4',
     'dependencies'       => 'typo3,lu_api',
     'state'              => 'stable',
     'clearCacheOnLoad'   => 1,

readme.md

@@ -3,7 +3,7 @@
 
 ## Version
 
- 5.0.3
+ 5.0.4
 
 ## Dependencies