TYPO3 12.4 support #144
TYPO3 12.4 support #144
Conversation
The frontend login process is protected against CSRF beginning with TYPO3 12. For now we fake the request token when the GET variable tx_oidc is set. I doubt connect action‘s redirect is still necessary. This should still be checked.
# Conflicts: # Classes/Service/AuthenticationService.php # ext_emconf.php # ext_localconf.php
|
Thanks. Will review asap |
| Causal\Oidc\EventListener\ProcessRequestTokenListener: | ||
| tags: | ||
| - name: event.listener | ||
| identifier: 'causal/oidc-request-token' |
There was a problem hiding this comment.
Which event are we listening to?
There was a problem hiding this comment.
It is this Event: BeforeRequestTokenProcessedEvent
We introduced this. See this commit:
undkonsorten@f2e4250
There was a problem hiding this comment.
This is needed for CSRF in typo3 12 for fe_login.
But this is breaking and might not work under typo3 11.
There was a problem hiding this comment.
Sorry, I wasn't clear about this: I meant we should explicitly name the event we are listening for here in the yaml. Otherwise I need to open the event listener to see which event is covered, which I consider a bit cumbersome. (I know it works this way, but I do not consider it particularly readable.)
But it is up to @xperseguers to decide on this "taste".
There was a problem hiding this comment.
Yeah i agree with that.
| @@ -66,7 +63,7 @@ public function processDatamap_afterDatabaseOperations(string $operation, string | |||
| 'fe_users', | |||
| [ | |||
| 'usergroup' => implode(',', $userGroups), | |||
| 'tstamp' => $GLOBALS['EXEC_TIME'], | |||
| 'tstamp' => GeneralUtility::makeInstance(Context::class)->getPropertyFromAspect('date', 'timestamp'), | |||
There was a problem hiding this comment.
I know this is the way to go nowadays, but still, I can't see this without wondering why we go to such a outrageous way of getting the well-known "execution time" :(
There was a problem hiding this comment.
i think its not about readability, its about the internal request and ability tho make subrequest with another context
|
Resolves #130 |
|
I hope we can get #153 in first, so this one needs a rebase then, but should get quite a bit smaller on the way. |
|
Do you still need stuff changed by me in this pull request? |
|
Or in other words: Can i help you with something? |
|
@Starkmann We got a lot of improvements merged now. It's now time to rebase this PR here and get this one ready/in. Thanks for your patience. |
|
How is the progress here? |
|
@gemeinling Feel free to rebase this PR and test. That would be a lot of help already. |
|
As I'm new to contributing and pull requests, it took some time. I have now rebased this PR onto the master branch here. Unfortunately, I don't have permissions in one of these repositories. What are the next steps? Currently, the rebase is done here: https://github.com/gemeinling/t3ext-oidc/tree/typo3-12.4 |
|
@gemeinling Thanks for you work. Feel free to open a new PR against your fork. |
|
Closing this PR in favor of #162 |
Compatibility for TYPO3 12.4 since we do not use all features i have not tested everything, but main functionality works.
Also haven't tested backwards compatibility to TYPO311