ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilUserPasswordManager.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2014 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 require_once 'Services/User/exceptions/class.ilUserException.php';
5 
11 class ilUserPasswordManager
12 {
16  const MIN_SALT_SIZE = 16;
17 
21  private static $instance;
22 
26  protected $encoder_factory;
27 
31  protected $encoder_name;
32 
36  protected $config = array();
37 
44  public function __construct(array $config = array())
45  {
46  if(!empty($config))
47  {
48  foreach($config as $key => $value)
49  {
50  switch(strtolower($key))
51  {
52  case 'password_encoder':
53  $this->setEncoderName($value);
54  break;
55  case 'encoder_factory':
56  $this->setEncoderFactory($value);
57  break;
58  }
59  }
60  }
61 
62  if(!$this->getEncoderName())
63  {
64  throw new ilUserException(sprintf('"password_encoder" must be set in %s.', json_encode($config)));
65  }
66 
67  if(!($this->getEncoderFactory() instanceof ilUserPasswordEncoderFactory))
68  {
69  throw new ilUserException(sprintf('"encoder_factory" must be instance of ilUserPasswordEncoderFactory and set in %s.', json_encode($config)));
70  }
71  }
72 
77  public static function getInstance()
78  {
79  if(self::$instance instanceof self)
80  {
81  return self::$instance;
82  }
83 
84  require_once 'Services/User/classes/class.ilUserPasswordEncoderFactory.php';
85  $password_manager = new ilUserPasswordManager(
86  array(
87  'encoder_factory' => new ilUserPasswordEncoderFactory(
88  array(
89  'default_password_encoder' => 'bcrypt',
90  'ignore_security_flaw' => true
91  )
92  ),
93  'password_encoder' => 'bcrypt'
94  )
95  );
96 
97  self::$instance = $password_manager;
98  return self::$instance;
99  }
100 
104  public function getEncoderName()
105  {
106  return $this->encoder_name;
107  }
108 
112  public function setEncoderName($encoder_name)
113  {
114  $this->encoder_name = $encoder_name;
115  }
116 
120  public function getEncoderFactory()
121  {
122  return $this->encoder_factory;
123  }
124 
128  public function setEncoderFactory(ilUserPasswordEncoderFactory $encoder_factory)
129  {
130  $this->encoder_factory = $encoder_factory;
131  }
132 
137  public function encodePassword(ilObjUser $user, $raw)
138  {
139  $encoder = $this->getEncoderFactory()->getEncoderByName($this->getEncoderName());
140  $user->setPasswordEncodingType($encoder->getName());
141  if($encoder->requiresSalt())
142  {
143  require_once 'Services/Password/classes/class.ilPasswordUtils.php';
144  $user->setPasswordSalt(
145  substr(str_replace('+', '.', base64_encode(ilPasswordUtils::getBytes(self::MIN_SALT_SIZE))), 0, 22)
146  );
147  }
148  else
149  {
150  $user->setPasswordSalt(null);
151  }
152  $user->setPasswd($encoder->encodePassword($raw, $user->getPasswordSalt()), IL_PASSWD_CRYPTED);
153  }
154 
159  public function isEncodingTypeSupported($name)
160  {
161  return in_array($name, $this->getEncoderFactory()->getSupportedEncoderNames());
162  }
163 
170  public function verifyPassword(ilObjUser $user, $raw, $migrate = true)
171  {
172  $encoder = $this->getEncoderFactory()->getEncoderByName($user->getPasswordEncodingType(), true);
173  if($this->getEncoderName() != $encoder->getName())
174  {
175  if($encoder->isPasswordValid($user->getPasswd(), $raw, $user->getPasswordSalt()))
176  {
177  if($migrate)
178  {
179  $user->resetPassword($raw, $raw);
180  }
181 
182  return true;
183  }
184 
185  return false;
186  }
187  else
188  {
189  return $encoder->isPasswordValid($user->getPasswd(), $raw, $user->getPasswordSalt());
190  }
191  }
192 }
ilUserException
Class for user related exception handling in ILIAS.
Definition: class.ilUserException.php:33
ilUserPasswordManager\encodePassword
encodePassword(ilObjUser $user, $raw)
Definition: class.ilUserPasswordManager.php:137
ilUserPasswordManager\__construct
__construct(array $config=array())
Please use the singleton method for instance creation The constructor is still public because of the ...
Definition: class.ilUserPasswordManager.php:44
ilUserPasswordManager\setEncoderFactory
setEncoderFactory(ilUserPasswordEncoderFactory $encoder_factory)
Definition: class.ilUserPasswordManager.php:128
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
ilPasswordUtils\getBytes
static getBytes($length)
Generate random bytes using OpenSSL or Mcrypt and mt_rand() as fallback.
Definition: class.ilPasswordUtils.php:16
ilObjUser\setPasswd
setPasswd($a_str, $a_type=IL_PASSWD_PLAIN)
set password public
Definition: class.ilObjUser.php:1540
ilObjUser\getPasswd
getPasswd()
get password
Definition: class.ilObjUser.php:1553
ilUserPasswordManager\verifyPassword
verifyPassword(ilObjUser $user, $raw, $migrate=true)
Definition: class.ilUserPasswordManager.php:170
ilObjUser\setPasswordSalt
setPasswordSalt($password_salt)
Definition: class.ilObjUser.php:322
ilObjUser\setPasswordEncodingType
setPasswordEncodingType($password_encryption_type)
Definition: class.ilObjUser.php:306
ilUserPasswordManager\getInstance
static getInstance()
Single method to reduce footprint (included files, created instances)
Definition: class.ilUserPasswordManager.php:77