From 35dec1645cc22e51daae0cc7dd8dc4b95358590f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Elias=20H=C3=A4u=C3=9Fler?= <elias@haeussler.dev>
Date: Sat, 14 Jan 2023 17:28:40 +0100
Subject: [PATCH] [BUGFIX] Harden type annotations around user authentication
 handling

When authenticating and fetching user records, appropriate methods
normally pass around either the full database record or `false` in case
the user does not exist or could not be authenticated. The expected
types are now added to all relevant methods in authentication services.

Resolves: #99544
Releases: main, 11.5
Change-Id: Ib45440a39e64b5ac5a1f1c4799e2f59cb13526bf
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/77335
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: core-ci <typo3@b13.com>
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Tested-by: Benni Mack <benni@typo3.org>
Tested-by: Oliver Klee <typo3-coding@oliverklee.de>
---
 .../Classes/Authentication/AbstractAuthenticationService.php  | 2 +-
 .../core/Classes/Authentication/AuthenticationService.php     | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php b/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php
index 6c8b0983dcb1..c7b928afb95d 100644
--- a/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php
+++ b/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php
@@ -122,7 +122,7 @@ class AbstractAuthenticationService implements LoggerAwareInterface
      * @param string $username User name
      * @param string $extraWhere Additional WHERE clause: " AND ...
      * @param array|string $dbUserSetup User db table definition, or empty string for $this->db_user
-     * @return mixed User array or FALSE
+     * @return array<string, mixed>|false User array or FALSE
      */
     public function fetchUserRecord($username, $extraWhere = '', $dbUserSetup = '')
     {
diff --git a/typo3/sysext/core/Classes/Authentication/AuthenticationService.php b/typo3/sysext/core/Classes/Authentication/AuthenticationService.php
index 49b5508a50d1..8073e73bb781 100644
--- a/typo3/sysext/core/Classes/Authentication/AuthenticationService.php
+++ b/typo3/sysext/core/Classes/Authentication/AuthenticationService.php
@@ -52,7 +52,7 @@ class AuthenticationService extends AbstractAuthenticationService implements Mim
     /**
      * Find a user (eg. look up the user record in database when a login is sent)
      *
-     * @return mixed User array or FALSE
+     * @return array<string, mixed>|false User array or FALSE
      */
     public function getUser()
     {
@@ -97,7 +97,7 @@ class AuthenticationService extends AbstractAuthenticationService implements Mim
      *  > 0:    User authenticated successfully. Other auth services will still be asked.
      *  <= 0:   Authentication failed, no more checking needed by other auth services.
      *
-     * @param array $user User data
+     * @param array<string, mixed> $user User data
      * @return int Authentication status code, one of 0, 100, 200
      */
     public function authUser(array $user): int
-- 
GitLab