Commit a2d12007 authored by Helmut Hummel's avatar Helmut Hummel

Allow SOAP endpoint to authenticate via session

Since we call the SOAP endpoint for certain actions
of an authenticated user on extensions.typo3.org
(like registering ext keys) and we do not know
the password at this point any more,
we now include the session id in the SOAP request,
so that TYPO3 will login this user before the SOAP
endpoint is triggered.

In the endpoint, we can then just check if a user is
already logged in and whether the username given
matches the username of the logged in user.
parent c1262252
Pipeline #2140 passed with stages
......@@ -144,7 +144,7 @@ class tx_ter_helper
);
if ($row = $this->getDatabaseConnection()->sql_fetch_assoc($res)) {
if (!$this->ldapValidationSucceeded($accountData)) {
if (!$this->userIsAlreadyLoggedIn($accountData) && !$this->ldapValidationSucceeded($accountData)) {
throw new tx_ter_exception_unauthorized ('Wrong password.', TX_TER_ERROR_GENERAL_WRONGPASSWORD);
}
} else {
......@@ -158,6 +158,24 @@ class tx_ter_helper
return $row;
}
/**
* We check whether a user is logged in by TYPO3
* because of a sent session cookie
*
* @param $accountData
* @return bool
*/
private function userIsAlreadyLoggedIn($accountData)
{
/** @var \TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController $tsfe */
$tsfe = $GLOBALS['TSEF'];
if (!empty($tsfe->fe_user->user['username']) && $accountData->username === $tsfe->fe_user->user['username']) {
return true;
}
return false;
}
/**
* Check if LDAP authenticates the credentials
*
......
......@@ -109,6 +109,8 @@ class Soap implements \TYPO3\CMS\Core\SingletonInterface
'password' => $this->httpAuth['password'] ?: ''
));
$this->soapConnection->__setCookie('fe_typo_user', $_COOKIE['fe_typo_user']);
// Get authentication header
if (!empty($this->username) && !empty($this->password)) {
$headerData = array('username' => $this->username, 'password' => $this->password);
......
......@@ -59,7 +59,6 @@ class Ter
* @param string $username
* @param string $password
* @param array $httpAuth
* @return void
*/
public function __construct($wsdlUrl, $username, $password, array $httpAuth = [])
{
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment