...
 
Commits (13)
cache:
key: "$CI_COMMIT_REF_NAME-$CI_JOB_STAGE"
paths:
- cache/
- /cache/composer
before_script:
- apk add git --update
......@@ -23,6 +23,7 @@ stages:
- apk add git --update
- php -r "copy('https://getcomposer.org/composer.phar', 'composer.phar');"
- php composer.phar config minimum-stability ${COMPOSER_STABILITY}
- php composer.phar config cache-dir /cache/composer
- php composer.phar remove --dev nimut/testing-framework
- php composer.phar remove typo3/cms-core
- rm composer.lock
......@@ -33,58 +34,14 @@ stages:
script:
- .Build/bin/phpunit -c Configuration/.Build/Tests/UnitTests.xml
- .Build/bin/phpcs --standard=PSR2 --extensions=php *
# Build in PHP 7.0 and TYPO3 7.6
test:php70:typo3_7:
<<: *testing
variables:
DOCKER_TAG: 7.0-alpine
TYPO3_VERSION: typo3/cms:^7.6
NIMUT_TESTFRAMEWORK_VERSION: ^2
COMPOSER_STABILITY: stable
# Build in PHP 7.1 and TYPO3 7.6
test:php71:typo3_7:
<<: *testing
variables:
DOCKER_TAG: 7.1-alpine
TYPO3_VERSION: typo3/cms:^7.6
NIMUT_TESTFRAMEWORK_VERSION: ^2
COMPOSER_STABILITY: stable
# Build in PHP 7.0 and TYPO3 8 (latest stable release)
test:php70:typo3_8:
<<: *testing
variables:
DOCKER_TAG: 7.0-alpine
TYPO3_VERSION: typo3/cms-core:^8
NIMUT_TESTFRAMEWORK_VERSION: ^2
COMPOSER_STABILITY: stable
# Build in PHP 7.1 and TYPO3 8 (latest stable release)
test:php71:typo3_8:
<<: *testing
variables:
DOCKER_TAG: 7.1-alpine
TYPO3_VERSION: typo3/cms-core:^8
NIMUT_TESTFRAMEWORK_VERSION: ^2
COMPOSER_STABILITY: stable
# Build in PHP 7.2 and TYPO3 8 (latest stable release)
test:php72:typo3_8:
<<: *testing
variables:
DOCKER_TAG: 7.2-alpine
TYPO3_VERSION: typo3/cms-core:^8
NIMUT_TESTFRAMEWORK_VERSION: ^3
COMPOSER_STABILITY: stable
allow_failure: true
# Build in PHP 7.2 and TYPO3 (9.x)
test:php72:typo3_9:
<<: *testing
variables:
DOCKER_TAG: 7.2-alpine3.7
TYPO3_VERSION: typo3/minimal
TYPO3_VERSION: typo3/cms-core:^9
NIMUT_TESTFRAMEWORK_VERSION: ^4
COMPOSER_STABILITY: stable
......@@ -106,7 +63,7 @@ ter-upload:
- tags
before_script:
- php -r "copy('https://getcomposer.org/composer.phar', 'composer.phar');"
- export COMPOSER_CACHE_DIR=.cache/composer
- php composer.phar config cache-dir /cache/composer
script:
- php composer.phar require namelesscoder/typo3-repository-client
- >
......
......@@ -4,3 +4,4 @@ Thumbs.db
.Build/Web
.Build/bin
.Build/vendor
/composer.lock
......@@ -16,11 +16,11 @@ namespace SpoonerWeb\BeSecurePw\Evaluation;
use TYPO3\CMS\Core\Utility;
use TYPO3\CMS\Core\Log\LogManager;
use TYPO3\CMS\Lang\LanguageService;
use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Messaging\FlashMessageQueue;
use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility;
use TYPO3\CMS\Saltedpasswords\Salt\SaltFactory;
use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
/**
* Class PasswordEvaluator
......@@ -61,15 +61,8 @@ class PasswordEvaluator
int &$set,
bool $storeFlashMessageInSession = true
): string {
// if $value is a md5 hash, return the value directly
if ($this->isMd5($value) || $this->isSalted($value)) {
return $value;
}
$confArr = unserialize(
$GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['be_secure_pw'],
['allowed_classes' => false]
);
$confArr = $GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['be_secure_pw'];
/** @var \TYPO3\CMS\Core\DataHandling\DataHandler $tce */
$tce = Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Core\DataHandling\DataHandler::class);
......@@ -148,10 +141,10 @@ class PasswordEvaluator
/* no problems */
if ($set) {
// If no saltedpasswords are enabled, hash the password to prevent a clean password in DB
if (!SaltedPasswordsUtility::isUsageEnabled('BE')) {
$value = md5($value);
}
// Hash password before storing it
$hashInstance = Utility\GeneralUtility::makeInstance(PasswordHashFactory::class)->getDefaultHashInstance('BE');
$value = $hashInstance->getHashedPassword($value);
return $value;
}
......@@ -168,30 +161,4 @@ class PasswordEvaluator
return '';
}
/**
* @param string $password
* @return boolean
*/
private function isMd5(string $password): bool
{
return (boolean)preg_match(static::PATTERN_MD5, $password);
}
/**
* @param string $password
* @return boolean
*/
private function isSalted(string $password): bool
{
if (!SaltedPasswordsUtility::isUsageEnabled('BE')) {
return false;
}
$saltFactory = SaltFactory::getSaltingInstance($password, 'BE');
if (!$saltFactory) {
return false;
}
return $saltFactory->isValidSaltedPW($password);
}
}
......@@ -72,17 +72,9 @@ class BackendHook
];
// get configuration of a secure password
$extConf = unserialize(
$GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['be_secure_pw'],
['allowed_classes' => false]
);
// Convert labels/settings back to UTF-8 since json_encode() only works with UTF-8:
if ($GLOBALS['LANG']->charSet !== 'utf-8') {
$GLOBALS['LANG']->csConvObj->convArray($generatedLabels, $GLOBALS['LANG']->charSet, 'utf-8');
}
$extConf = $GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['be_secure_pw'];
$labelsForJS = 'TYPO3.LLL.beSecurePw = ' . json_encode($generatedLabels) . ';';
$labelsForJS = 'TYPO3.lang.beSecurePw = ' . json_encode($generatedLabels) . ';';
/** @var PageRenderer $pageRenderer */
$pageRenderer = GeneralUtility::makeInstance(PageRenderer::class);
......
......@@ -53,10 +53,7 @@ class PasswordExpirationUtility
$lastLogin = (int)$beUser['lastlogin'];
// get configuration of a secure password
$extConf = unserialize(
$GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['be_secure_pw'],
['allowed_classes' => false]
);
$extConf = $GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['be_secure_pw'];
$validUntilConfiguration = trim($extConf['validUntil']);
......
......@@ -22,6 +22,7 @@ $tempColumns = [
'type' => 'input',
'size' => 12,
'eval' => 'datetime',
'default' => 0
]
],
];
......
......@@ -25,8 +25,8 @@ define(['jquery', 'TYPO3/CMS/Backend/Modal'], function ($, Modal) {
$(function () {
if (force) {
Modal.show(
TYPO3.LLL.beSecurePw.passwordReminderWindow_title,
TYPO3.LLL.beSecurePw.passwordReminderWindow_message,
TYPO3.lang.beSecurePw.passwordReminderWindow_title,
TYPO3.lang.beSecurePw.passwordReminderWindow_message,
TYPO3.Severity.warning,
[{
text: TYPO3.lang['button.ok'] || 'OK',
......@@ -40,7 +40,7 @@ define(['jquery', 'TYPO3/CMS/Backend/Modal'], function ($, Modal) {
top.goToModule('user_setup');
});
} else {
Modal.confirm(TYPO3.LLL.beSecurePw.passwordReminderWindow_title, TYPO3.LLL.beSecurePw.passwordReminderWindow_message + " " + TYPO3.LLL.beSecurePw.passwordReminderWindow_confirmation)
Modal.confirm(TYPO3.lang.beSecurePw.passwordReminderWindow_title, TYPO3.lang.beSecurePw.passwordReminderWindow_message + " " + TYPO3.lang.beSecurePw.passwordReminderWindow_confirmation)
.on('confirm.button.ok', function () {
Modal.currentModal.trigger('modal-dismiss');
top.goToModule('user_setup');
......
......@@ -70,7 +70,7 @@ class PasswordEvaluatorTest extends \Nimut\TestingFramework\TestCase\UnitTestCas
public function checkForValidPassword(array $configuration, string $password)
{
$set = true;
$GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['be_secure_pw'] = serialize($configuration);
$GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['be_secure_pw'] = $configuration;
static::assertEquals(
$password,
$this->subject->evaluateFieldValue($password, '', $set)
......@@ -146,7 +146,7 @@ class PasswordEvaluatorTest extends \Nimut\TestingFramework\TestCase\UnitTestCas
public function checkForInvalidPassword(array $configuration, string $password)
{
$set = true;
$GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['be_secure_pw'] = serialize($configuration);
$GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['be_secure_pw'] = $configuration;
static::assertEquals(
'',
$this->subject->evaluateFieldValue($password, '', $set, false)
......
......@@ -26,10 +26,10 @@
"typo3-ter/be-secure-pw": "*"
},
"require": {
"php": "^7.0 || ^7.1 || ^7.2"
},
"require-dev": {
"nimut/testing-framework": "^2 || ^3"
"php": "^7.2",
"typo3/cms-core": "^9.5",
"typo3/cms-setup": "^9.5",
"typo3/cms-beuser": "^9.5"
},
"autoload": {
"psr-4": {
......
......@@ -26,7 +26,7 @@ $EM_CONF[$_EXTKEY] = [
'constraints' => [
'depends' => [
'php' => '7.0',
'typo3' => '7.6.21-9.99.99',
'typo3' => '9.4-9.99.99',
],
'conflicts' => [],
'suggests' => [],
......
......@@ -21,7 +21,7 @@ $boot = function ($extensionKey) {
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['processDatamapClass']['be_secure_pw'] =
BeSecurePw\Hook\BackendHook::class;
$extConf = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf'][$extensionKey]);
$extConf = $GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS'][$extensionKey];
// execution of is hook only needed in backend, but it is in the abstract class and could also be executed
// from frontend otherwise if the backend is set to adminOnly, we can not enforce the change,
......