/**
* @param \TYPO3\FLOW3\Security\Account $account
* @param array $password
* @FLOW3\Validate(argumentName="password", type="\TYPO3\TYPO3\Validation\Validator\PasswordValidator", options={ "allowEmpty"=1, "minimum"=1, "maximum"=255 })
* @return void
* @todo Handle validation errors for account (accountIdentifier) & check if there's another account with the same accountIdentifier when changing it
* @todo Security
*/
public function updateAction(\TYPO3\FLOW3\Security\Account $account, array $password = array())
{
$password = array_shift($password);
if (strlen(trim(strval($password))) > 0) {
$account->setCredentialsSource($this->hashService->hashPassword($password, 'default'));
}
$this->accountRepository->update($account);
$this->partyRepository->update($account->getParty());
$this->addFlashMessage('The user profile has been updated.');
$this->redirect('index');
}
/**
* Creates a new account and sets the given password and roles
*
* @param string $identifier Identifier of the account, must be unique
* @param string $password The clear text password
* @param array $roleIdentifiers Optionally an array of role identifiers to assign to the new account
* @param string $authenticationProviderName Optional name of the authentication provider the account is affiliated with
* @param string $passwordHashingStrategy Optional password hashing strategy to use for the password
* @return \TYPO3\FLOW3\Security\Account A new account, not yet added to the account repository
*/
public function createAccountWithPassword($identifier, $password, $roleIdentifiers = array(), $authenticationProviderName = 'DefaultProvider', $passwordHashingStrategy = 'default')
{
$roles = array();
foreach ($roleIdentifiers as $roleIdentifier) {
$roles[] = new \TYPO3\FLOW3\Security\Policy\Role($roleIdentifier);
}
$account = new \TYPO3\FLOW3\Security\Account();
$account->setAccountIdentifier($identifier);
$account->setCredentialsSource($this->hashService->hashPassword($password, $passwordHashingStrategy));
$account->setAuthenticationProviderName($authenticationProviderName);
$account->setRoles($roles);
return $account;
}
/**
* Set a new password for the given user
*
* This allows for setting a new password for an existing user account.
*
* @param string $username Username of the account to modify
* @param string $password The new password
* @return void
*/
public function setPasswordCommand($username, $password)
{
$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, 'Typo3BackendProvider');
if (!$account instanceof \TYPO3\FLOW3\Security\Account) {
$this->outputLine('User "%s" does not exists.', array($username));
$this->quit(1);
}
$account->setCredentialsSource($this->hashService->hashPassword($password, 'default'));
$this->accountRepository->update($account);
$this->outputLine('The new password for user "%s" was set.', array($username));
}
/**
* @test
*/
public function hashPasswordWillIncludeStrategyIdentifierInHashedPassword()
{
$settings = array('security' => array('cryptography' => array('hashingStrategies' => array('TestStrategy' => 'TYPO3\\FLOW3\\Test\\TestStrategy'))));
$this->hashService->injectSettings($settings);
$mockStrategy = $this->getMock('TYPO3\\FLOW3\\Security\\Cryptography\\PasswordHashingStrategyInterface');
$mockStrategy->expects($this->any())->method('hashPassword')->will($this->returnValue('---hashed-password---'));
$mockObjectManager = $this->getMock('TYPO3\\FLOW3\\Object\\ObjectManagerInterface');
$mockObjectManager->expects($this->any())->method('get')->will($this->returnValue($mockStrategy));
\TYPO3\FLOW3\Reflection\ObjectAccess::setProperty($this->hashService, 'objectManager', $mockObjectManager, TRUE);
$result = $this->hashService->hashPassword('myTestPassword', 'TestStrategy');
$this->assertEquals('TestStrategy=>---hashed-password---', $result);
}
/**
* Persists a key to the file system
*
* @param string $name
* @param string $password
* @return void
* @throws \TYPO3\FLOW3\Security\Exception
*/
protected function persistKey($name, $password)
{
$hashedPassword = $this->hashService->hashPassword($password, $this->passwordHashingStrategy);
$keyPathAndFilename = $this->getKeyPathAndFilename($name);
if (!is_dir($this->getPath())) {
Files::createDirectoryRecursively($this->getPath());
}
$result = file_put_contents($keyPathAndFilename, $hashedPassword);
if ($result === FALSE) {
throw new \TYPO3\FLOW3\Security\Exception(sprintf('The key could not be stored ("%s").', $keyPathAndFilename), 1305812921);
}
}
/**
* @param string $password
*/
public function setPassword($password)
{
$account = $this->getPrimaryAccount();
$account->setCredentialsSource($this->hashService->hashPassword($password));
}
