From a6bc0045b01cecfd31bdeb21afef5fb06a732319 Mon Sep 17 00:00:00 2001
From: Benni Mack <benni@typo3.org>
Date: Tue, 25 Jun 2019 06:23:35 +0200
Subject: [PATCH] [!!!][TASK] Remove AbstractService inheritance from
AbstractAuthService
The current Authentication Service API looks like this:
AbstractService
-> AbstractAuthenticationService
-> AuthenticationService
Most of the functionality of AbstractService is not
used and leads to a confusing PHP inheritance structure,
where most functionality is not needed actually.
Since there are no proper contracts APIs for neither
makeInstanceService / Service API nor Authentication,
the first step is to decouple the logic of both
areas and allow Authentication to continue without
a strong dependency on AbstractService.
This is a pre-patch to decouple Authentication logic
from Service logic.
Resolves: #88646
Releases: master
Change-Id: I525f7510d06747fcb1e204c63cf7cbc3296a54a2
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61125
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
---
.../AbstractAuthenticationService.php | 89 ++++++++++++++++++-
...rviceFromAbstractAuthenticationService.rst | 47 ++++++++++
2 files changed, 134 insertions(+), 2 deletions(-)
create mode 100644 typo3/sysext/core/Documentation/Changelog/master/Breaking-88646-RemovedInheritanceOfAbstractServiceFromAbstractAuthenticationService.rst
diff --git a/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php b/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php
index 68bc151b00eb..4a5cd4af5220 100644
--- a/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php
+++ b/typo3/sysext/core/Classes/Authentication/AbstractAuthenticationService.php
@@ -14,17 +14,20 @@ namespace TYPO3\CMS\Core\Authentication;
* The TYPO3 project - inspiring people to share!
*/
+use Psr\Log\LoggerAwareInterface;
+use Psr\Log\LoggerAwareTrait;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Database\Query\QueryHelper;
use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
-use TYPO3\CMS\Core\Service\AbstractService;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
* Authentication services class
*/
-class AbstractAuthenticationService extends AbstractService
+class AbstractAuthenticationService implements LoggerAwareInterface
{
+ use LoggerAwareTrait;
+
/**
* User object
*
@@ -74,6 +77,11 @@ class AbstractAuthenticationService extends AbstractService
*/
public $writeAttemptLog = false;
+ /**
+ * @var array service description array
+ */
+ public $info = [];
+
/**
* Initialize authentication service
*
@@ -152,4 +160,81 @@ class AbstractAuthenticationService extends AbstractService
}
return $user;
}
+
+ /**
+ * Initialization of the service.
+ * This is a stub as needed by GeneralUtility::makeInstanceService()
+ * @internal this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
+ */
+ public function init(): bool
+ {
+ return true;
+ }
+
+ /**
+ * Resets the service.
+ * This is a stub as needed by GeneralUtility::makeInstanceService()
+ * @internal this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
+ */
+ public function reset()
+ {
+ // nothing to do
+ }
+
+ /**
+ * Returns the service key of the service
+ *
+ * @return string Service key
+ * @internal this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
+ */
+ public function getServiceKey()
+ {
+ return $this->info['serviceKey'];
+ }
+
+ /**
+ * Returns the title of the service
+ *
+ * @return string Service title
+ * @internal this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
+ */
+ public function getServiceTitle()
+ {
+ return $this->info['title'];
+ }
+
+ /**
+ * Returns service configuration values from the $TYPO3_CONF_VARS['SVCONF'] array
+ *
+ * @param string $optionName Name of the config option
+ * @param mixed $defaultValue Default configuration if no special config is available
+ * @param bool $includeDefaultConfig If set the 'default' config will be returned if no special config for this service is available (default: TRUE)
+ * @return mixed Configuration value for the service
+ * @internal this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
+ */
+ public function getServiceOption($optionName, $defaultValue = '', $includeDefaultConfig = true)
+ {
+ $config = null;
+ $serviceType = $this->info['serviceType'] ?? '';
+ $serviceKey = $this->info['serviceKey'] ?? '';
+ $svOptions = $GLOBALS['TYPO3_CONF_VARS']['SVCONF'][$serviceType] ?? [];
+ if (isset($svOptions[$serviceKey][$optionName])) {
+ $config = $svOptions[$serviceKey][$optionName];
+ } elseif ($includeDefaultConfig && isset($svOptions['default'][$optionName])) {
+ $config = $svOptions['default'][$optionName];
+ }
+ if (!isset($config)) {
+ $config = $defaultValue;
+ }
+ return $config;
+ }
+
+ /**
+ * @return array
+ * @internal this is part of the Service API which should be avoided to be used and only used within TYPO3 internally
+ */
+ public function getLastErrorArray(): array
+ {
+ return [];
+ }
}
diff --git a/typo3/sysext/core/Documentation/Changelog/master/Breaking-88646-RemovedInheritanceOfAbstractServiceFromAbstractAuthenticationService.rst b/typo3/sysext/core/Documentation/Changelog/master/Breaking-88646-RemovedInheritanceOfAbstractServiceFromAbstractAuthenticationService.rst
new file mode 100644
index 000000000000..1902a470b1e8
--- /dev/null
+++ b/typo3/sysext/core/Documentation/Changelog/master/Breaking-88646-RemovedInheritanceOfAbstractServiceFromAbstractAuthenticationService.rst
@@ -0,0 +1,47 @@
+.. include:: ../../Includes.txt
+
+============================================================================================
+Breaking: #88646 - Removed inheritance of AbstractService from AbstractAuthenticationService
+============================================================================================
+
+See :issue:`88646`
+
+Description
+===========
+
+The AbstractAuthenticationService PHP class is used for any kind of Authentication
+or Authorization towards Backend Users and Frontend Users.
+
+It was previously based on :php:`AbstractService` for any kind of Service API, which
+also includes manipulating files and execution of external applications, which is
+there for legacy reasons since TYPO3 3.x, where the Service API via :php:`GeneralUtility::makeInstanceService` was added.
+
+In order to refactor the Authentication API, the AbstractAuthenticationService
+class does not inherit from AbstractService anymore. Instead, the most required
+methods for executing a service is added to the Abstract class directly.
+
+
+Impact
+======
+
+Any calls or checks on the AbstractAuthenticationService class or methods, properties or constants that reside within AbstractService will result in PHP errors or warnings.
+
+Since AbstractAuthenticationService is used for most custom Authentication APIs,
+this could affect some of the hooks or custom authentication providers available.
+
+
+Affected Installations
+======================
+
+TYPO3 installations that have custom Authentication providers for frontend or backend
+users / groups - e.g. LDAP or Two-Factor-Authentication.
+
+
+Migration
+=========
+
+If your custom Authentication Service extends from AbstractAuthenticationService
+but requires methods or properties from AbstractService, ensure to copy over the
+necessary methods/properties/constants into your custom Authentication provider.
+
+.. index:: PHP-API, NotScanned
\ No newline at end of file
--
GitLab