[BUGFIX] Harden type annotations around user authentication handling

When authenticating and fetching user records, appropriate methods normally pass around either the full database record or `false` in case the user does not exist or could not be authenticated. The expected types are now added to all relevant methods in authentication services. Resolves: #99544 Releases: main, 11.5 Change-Id: Ib45440a39e64b5ac5a1f1c4799e2f59cb13526bf Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77335 Reviewed-by: Benni Mack <benni@typo3.org> Tested-by: core-ci <typo3@b13.com> Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de> Tested-by: Benni Mack <benni@typo3.org> Tested-by: Oliver Klee <typo3-coding@oliverklee.de>

[BUGFIX] Harden type annotations around user authentication handling
When authenticating and fetching user records, appropriate methods normally pass around either the full database record or `false` in case the user does not exist or could not be authenticated. The expected types are now added to all relevant methods in authentication services. Resolves: #99544 Releases: main, 11.5 Change-Id: Ib45440a39e64b5ac5a1f1c4799e2f59cb13526bf Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77335 Reviewed-by: Benni Mack <benni@typo3.org> Tested-by: core-ci <typo3@b13.com> Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de> Tested-by: Benni Mack <benni@typo3.org> Tested-by: Oliver Klee <typo3-coding@oliverklee.de>
35dec164 · Elias Häußler · Benni Mack · 8c1bba31 · 35dec164 · 35dec164
Commit 35dec164 authored 2 years ago by Elias Häußler Committed by Benni Mack 2 years ago
--- a/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php
+++ b/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php
@@ -122,7 +122,7 @@ class AbstractAuthenticationService implements LoggerAwareInterface
     * @param string $username User name
     * @param string $extraWhere Additional WHERE clause: " AND ...
     * @param array|string $dbUserSetup User db table definition, or empty string for $this->db_user
-     * @return mixed User array or FALSE
+     * @return array<string, mixed>|false User array or FALSE
     */
    public function fetchUserRecord($username, $extraWhere = '', $dbUserSetup = '')
    {

--- a/typo3/sysext/core/Classes/Authentication/AuthenticationService.php
+++ b/typo3/sysext/core/Classes/Authentication/AuthenticationService.php
@@ -52,7 +52,7 @@ class AuthenticationService extends AbstractAuthenticationService implements Mim
    /**
     * Find a user (eg. look up the user record in database when a login is sent)
     *
-     * @return mixed User array or FALSE
+     * @return array<string, mixed>|false User array or FALSE
     */
    public function getUser()
    {
@@ -97,7 +97,7 @@ class AuthenticationService extends AbstractAuthenticationService implements Mim
     *  > 0:    User authenticated successfully. Other auth services will still be asked.
     *  <= 0:   Authentication failed, no more checking needed by other auth services.
     *
-     * @param array $user User data
+     * @param array<string, mixed> $user User data
     * @return int Authentication status code, one of 0, 100, 200
     */
    public function authUser(array $user): int