Commit e0a112c6 authored by Dainis Abols's avatar Dainis Abols
Browse files

Typo3 v11 remake

- added type classes
- changed LDAP out methods
- removed deprecated calls
- swapped authorization headers
- version bump 5.0
parent e4e60b43
.idea/
vendor
.idea/
vendor
......@@ -2,6 +2,10 @@
namespace Lu\LuAuth\Models;
use Lu\LuApi\Types\RequestType;
use Lu\LuApi\Types\Table;
use Lu\LuApi\Types\Username;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
......@@ -9,63 +13,27 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
*
* @author Dainis Abols <dainis.abols@lu.lv>
* @owner University of Latvia
* @version 3.0
* @since 28.05.2018
*
* @package Lu\LuAuth\Models
*/
class Groups
class Groups extends Model
{
/**
* Table name
* Username
*
* @var string
* @var Username
*/
protected $table = 'be_groups';
/**
* Set request type
*
* @var string
*/
protected $type = 'be';
/**
* Used username
*
* @var string
*/
private $username;
/**
* Users constructor. Set initial usage.
*
* @param string $type 'be' or 'fe'
*/
public function __construct(string $type)
{
// Set config value
$this->conf = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Configuration\ExtensionConfiguration::class)->get('lu_auth');
// Set used group
if ($type == 'fe') {
$this->table = 'fe_groups';
} else {
$this->table = 'be_groups';
}
// Set used group
$this->type = $type == 'fe' ? 'fe' : 'be';
}
private Username $username;
/**
* Set username
*
* @param string $username
*/
public function setUsername(string $username)
public function setUsername(string $username): void
{
$this->username = $username;
$this->username = new Username($username);
}
/**
......@@ -73,37 +41,33 @@ class Groups
*
* @return string
*/
public function getUsername()
public function getUsername(): string
{
return $this->username;
return $this->username->value;
}
/**
* Retrieve table name by type
*
* @param string $type
* Get request type
*
* @return string
*/
static public function getTable(string $type)
public function getType(): string
{
$self = new self($type);
return $self->table;
return $this->type->value;
}
/**
* Retrieve user groups
*
* @param $username
* @param Username $username
*
* @return array|string
*/
public function getGroupsData($username)
public function getGroupsData(Username $username)
{
$this->username = $username;
if ($this->type == 'fe') {
if ($this->type->equals('fe')) {
return $this->getFEUserGroups();
} else {
return $this->getBEUserGroups();
......@@ -121,13 +85,14 @@ class Groups
$arrGroups = [];
// Read and load groups
$queryBuilder = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Database\ConnectionPool::class)->getQueryBuilderForTable($this->table);
$queryBuilder->select('uid', 'title')
->from($this->table)
->where('deleted = 0 AND hidden = 0');
$result = $queryBuilder->execute()->fetchAll();
foreach ($result as $row) {
$arrGroups[] = $row;$arrGroups[] = $row;
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($this->table->value);
$queryBuilder->select('uid', 'title')->from($this->table->value)->where('deleted = 0 AND hidden = 0');
$result = $queryBuilder->execute();
foreach ($result->fetchAllAssociative() as $row) {
echo '<pre>';
print_r($row);
//die;
$arrGroups[] = $row;
}
return $arrGroups;
......@@ -138,7 +103,7 @@ class Groups
*
* @return string
*/
protected function getFEUserGroups()
protected function getFEUserGroups(): string
{
$eduPersonAffiliation = $this->getServerVar($this->conf['remoteUserGroups']);
......@@ -163,11 +128,10 @@ class Groups
foreach ($affiliation as $title) {
// Fetch existing
$queryBuilder = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Database\ConnectionPool::class)->getQueryBuilderForTable($this->table);
$queryBuilder->select('uid', 'title', 'tx_luauth_synced_group')
->from($this->table)
->where("deleted = 0 AND pid = ".$this->conf['extraStoragePid']." AND title = '$title'");
$row = $queryBuilder->execute()->fetch();
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($this->table->value);
$queryBuilder->select('uid', 'title', 'tx_luauth_synced_group')->from($this->table->value)
->where("deleted = 0 AND pid = " . $this->conf['extraStoragePid'] . " AND title = '$title'");
$row = $queryBuilder->execute()->fetchAllAssociative();
// Check if any found
if ($row) {
......@@ -175,11 +139,11 @@ class Groups
// Update synced status if not set yet
if (!$row['tx_luauth_synced_group']) {
$queryBuilder = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Database\ConnectionPool::class)->getQueryBuilderForTable($this->table);
$queryBuilder->update($this->table)
->where('uid', $row['uid'])
->set('tx_luauth_synced_group', 1)
->execute();
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($this->table->value);
$queryBuilder->update($this->table->value)
->where('uid', $row['uid'])
->set('tx_luauth_synced_group', 1)
->execute();
}
} else {
$group = [
......@@ -189,10 +153,9 @@ class Groups
];
// Insert new one if none found
$queryBuilder = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Database\ConnectionPool::class)->getQueryBuilderForTable($this->table);
$feGroups[] = $queryBuilder->insert($this->table)->values($group)->execute();
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($this->table->value);
$feGroups[] = $queryBuilder->insert($this->table->value)->values($group)->execute();
}
}
}
......@@ -206,13 +169,13 @@ class Groups
*/
private function getFEUserLocalGroups()
{
$feGroups = [];
// Select usergroups
$queryBuilder = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Database\ConnectionPool::class)->getQueryBuilderForTable($this->table);
// Select user groups
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_users');
$queryBuilder->select('usergroup')
->from(Users::getTable('fe'))
->where("deleted = 0 AND disable=0 AND pid = ".$this->conf['extraStoragePid']." AND username = '{$this->username}'");
$row = $queryBuilder->execute()->fetch();
->from('fe_users')
->where("deleted = 0 AND disable = 0 AND pid = " . $this->conf['extraStoragePid'] . " AND username = '{$this->username->value}'");
$row = $queryBuilder->execute()->fetchAllAssociative();
if ($row) {
$currentGroups = $row['usergroup'];
}
......@@ -223,30 +186,31 @@ class Groups
$currentGroups = 0;
}
// Select usergroups
$queryBuilder = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Database\ConnectionPool::class)->getQueryBuilderForTable($this->table);
// Select user groups
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_users');
$queryBuilder->select('uid')
->from(Groups::getTable('fe'))
->where("deleted = 0 AND pid = ".$this->conf['extraStoragePid']." AND uid IN ($currentGroups) AND TSconfig LIKE 'group.type%=%local'");
$result = $queryBuilder->execute()->fetchAll();
->from('fe_users')
->where("deleted = 0 AND pid = " . $this->conf['extraStoragePid'] . " AND uid IN ($currentGroups) AND TSconfig LIKE 'group.type%=%local'");
$result = $queryBuilder->execute();
foreach ($result as $row) {
// Fill in user gourps
$feGroups = [];
foreach ($result->fetchAllAssociative() as $row) {
$feGroups[] = $row['uid'];
}
// Select groups without sync mention
$queryBuilder = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Database\ConnectionPool::class)->getQueryBuilderForTable($this->table);
$queryBuilder->select('usergroup')
->from(Users::getTable('fe'))
->where("username = '{$this->username}'");
$row = $queryBuilder->execute()->fetch();
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('usergroup');
$queryBuilder->select('usergroup')->from('fe_users')->where("username = '{$this->username->value}'");
$row = $queryBuilder->execute()->fetchAllAssociative();
if ($row['usergroup']) {
$queryBuilder = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Database\ConnectionPool::class)->getQueryBuilderForTable($this->table);
$queryBuilder->select('*')
->from(Groups::getTable('fe'))
->where("uid IN ({$row['usergroup']}) AND (tx_luauth_synced_group IS NULL OR tx_luauth_synced_group <> 1)");
$result = $queryBuilder->execute()->fetchAll();
foreach ($result as $row2) {
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_users');
$queryBuilder->select('*')->from('fe_users')
->where("uid IN ({$row['usergroup']}) AND (tx_luauth_synced_group IS NULL OR tx_luauth_synced_group <> 1)");
$result = $queryBuilder->execute();
foreach ($result->fetchAllAssociative() as $row2) {
$feGroups[] = $row2['uid'];
}
}
......@@ -262,12 +226,12 @@ class Groups
*
* @return null
*/
private function getServerVar($key, $prefix = 'REDIRECT2_')
private function getServerVar($key, string $prefix = 'REDIRECT2_')
{
if (isset($_SERVER[$key])) {
return $_SERVER[$key];
} else if (isset($_SERVER[$prefix.$key])) {
return $_SERVER[$prefix.$key];
} else if (isset($_SERVER[$prefix . $key])) {
return $_SERVER[$prefix . $key];
} else {
foreach ($_SERVER as $k => $v) {
if ($key == str_replace($prefix, '', $k)) {
......
<?php
namespace Lu\LuAuth\Models;
/**
* Class LDAP
*
* @author Dainis Abols <dainis.abols@lu.lv>
* @owner University of Latvia
* @version 2.0
* @since 16.08.2017
*
* Creates an LDAP connection to LU system
*
* @package App\Models
*/
class LDAP
{
/**
* LDAP server name.
*
* @var mixed
*/
private $server;
/**
* LDAP domain component.
*
* @var string
*/
private $dc;
/**
* LDAP main connection.
*
* @var resource
*/
private $conn;
/**
* LDAP constructor.
*/
public function __construct($server, $dc)
{
$this->server = $server;
$this->dc = $dc;
$this->conn = @ldap_connect('ldap://' . $this->server);
ldap_set_option($this->conn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($this->conn, LDAP_OPT_REFERRALS, 0);
}
/**
* LDAP destructor.
*/
public function __destruct()
{
ldap_close($this->conn);
}
/**
* Bind user, if credentials match and return info array
*
* @param $username
* @param $password
*
* @return array|bool
*/
public function authorize($username, $password)
{
if (@ldap_bind($this->conn, "uid={$username},{$this->dc}", $password)) {
if ($search = ldap_search($this->conn, "uid={$username},{$this->dc}", "(cn=*)")) {
$info = ldap_get_entries($this->conn, $search)[0];
$user = [
'username' => $username,
'display_name' => $info['displayname']['0'],
'email' => $info['mail']['0'],
'phone' => $info['telephonenumber']['0'],
];
return $user;
}
}
return false;
}
}
<?php
namespace Lu\LuAuth\Models;
use Lu\LuApi\Types\RequestType;
use Lu\LuApi\Types\Table;
use Psr\Log\LoggerAwareTrait;
use TYPO3\CMS\Core\Configuration\Exception\ExtensionConfigurationExtensionNotConfiguredException;
use TYPO3\CMS\Core\Configuration\Exception\ExtensionConfigurationPathDoesNotExistException;
use TYPO3\CMS\Core\Configuration\ExtensionConfiguration;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
* Abstract model init class
*
* @author Dainis Abols <dainis.abols@lu.lv>
* @owner University of Latvia
* @since 02.02.2022
*/
abstract class Model
{
use LoggerAwareTrait;
/**
* Extension configuration
*
* @array
*/
public $conf;
/**
* Table name
*
* @var Table
*/
protected Table $table;
/**
* Set request type
*
* @var RequestType
*/
protected RequestType $type;
/**
* Set table name
*
* @param string $table
*/
public function setTable(string $table): void
{
$this->table = new Table($table);
}
/**
* Set request type
*
* @param string $type
*/
public function setType(string $type): void
{
$this->type = new RequestType($type);
}
/**
* Users constructor. Set initial usage.
*
* @param string $type 'be' or 'fe'
*/
public function __construct(string $type)
{
// Set config value
try {
$this->conf = GeneralUtility::makeInstance(ExtensionConfiguration::class)->get('lu_auth');
} catch (ExtensionConfigurationExtensionNotConfiguredException | ExtensionConfigurationPathDoesNotExistException $e) {
$this->logger->info("Extension `lu_auth` not configured!");
}
// Set used group
if ($type === 'fe') {
$this->setType(RequestType::FE);
$this->setTable('fe_groups');
} else {
$this->setType(RequestType::BE);
$this->setTable('be_groups');
}
}
}
\ No newline at end of file
<?php
namespace Lu\LuAuth\Models;
use Psr\Log\LoggerAwareTrait;
use TYPO3\CMS\Core\Configuration\Exception\ExtensionConfigurationExtensionNotConfiguredException;
use TYPO3\CMS\Core\Configuration\Exception\ExtensionConfigurationPathDoesNotExistException;
use TYPO3\CMS\Core\Configuration\ExtensionConfiguration;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
* @author Dainis Abols <dainis.abols@lu.lv>
* @owner University of Latvia
* @since 07.02.2022
*/
class Server
{
use LoggerAwareTrait;
/**
* @var string
*/
private string $remoteIdentityProvider;
/**
* @var string
*/
private string $remoteSessionId;
/**
* @var string
*/
private string $remoteUser;
/**
* @var mixed
*/
public $conf;
/**
* @return string
*/
public function getRemoteIdentityProvider(): string
{
return $this->remoteIdentityProvider;
}
/**
* @return string
*/
public function getRemoteSessionId(): string
{
return $this->remoteSessionId;
}
/**
* @return string
*/
public function getRemoteUser(): string
{
return $this->remoteUser;
}
/**
* @return mixed
*/
public function getConf()
{
return $this->conf;
}
/**
* Initialize configuration
*/
public function __construct()
{
// Set config value
try {
$this->conf = GeneralUtility::makeInstance(ExtensionConfiguration::class)->get('lu_auth');
} catch (ExtensionConfigurationExtensionNotConfiguredException | ExtensionConfigurationPathDoesNotExistException $e) {
$this->logger->info("Extension `lu_auth` not configured!");
}
// Set server variables
$this->remoteIdentityProvider = $_SERVER[$this->conf['remoteIdentityProvider']];
$this->remoteSessionId = $_SERVER[$this->conf['remoteSessionId']];
$this->remoteUser = $_SERVER[$this->conf['remoteUser']];
}
/**
* @param $OK
* @param $user
* @param $auth
* @param false $log
* @return false|mixed
*/
public function checkDomainLock($OK, $user, $auth, bool $log = false)
{
if ($OK && $user['lockToDomain'] && $user['lockToDomain'] != $auth['HTTP_HOST']) {
if ($log) {
$this->logger->info(sprintf("Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!",
$auth['REMOTE_ADDR'],
$auth['REMOTE_HOST'],
$user[$auth['db_user']['username_column']],
$user['lockToDomain'], $auth['HTTP_HOST']
));
}
$OK = false;
}
return $OK;
}
}
\ No newline at end of file
......@@ -2,6 +2,7 @@
namespace Lu\LuAuth\Models;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
......@@ -14,22 +15,8 @@ use TYPO3\CMS\Core\Utility\GeneralUtility;
*
* @package Lu\LuAuth\Models
*/
class Sessions
class Sessions extends Model
{
/**
* Table name
*
* @var string
*/
protected $table = 'be_sessions';
/**
* Set request type
*
* @var string
*/
protected $type = 'be';
/**
* Users constructor. Set initial usage.
*
......@@ -37,18 +24,15 @@ class Sessions
*/
public function __construct(string $type)
{
// Set config value
$this->conf =