ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilUserPasswordManager.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2014 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4require_once 'Services/User/exceptions/class.ilUserException.php';
5
11class ilUserPasswordManager
12{
16 const MIN_SALT_SIZE = 16;
17
21 private static $instance;
22
26 protected $encoder_factory;
27
31 protected $encoder_name;
32
36 protected $config = array();
37
44 public function __construct(array $config = array())
45 {
46 if(!empty($config))
47 {
48 foreach($config as $key => $value)
49 {
50 switch(strtolower($key))
51 {
52 case 'password_encoder':
53 $this->setEncoderName($value);
54 break;
55 case 'encoder_factory':
56 $this->setEncoderFactory($value);
57 break;
58 }
59 }
60 }
61
62 if(!$this->getEncoderName())
63 {
64 throw new ilUserException(sprintf('"password_encoder" must be set in %s.', json_encode($config)));
65 }
66
67 if(!($this->getEncoderFactory() instanceof ilUserPasswordEncoderFactory))
68 {
69 throw new ilUserException(sprintf('"encoder_factory" must be instance of ilUserPasswordEncoderFactory and set in %s.', json_encode($config)));
70 }
71 }
72
77 public static function getInstance()
78 {
79 if(self::$instance instanceof self)
80 {
81 return self::$instance;
82 }
83
84 require_once 'Services/User/classes/class.ilUserPasswordEncoderFactory.php';
85 $password_manager = new ilUserPasswordManager(
86 array(
87 'encoder_factory' => new ilUserPasswordEncoderFactory(
88 array(
89 'default_password_encoder' => 'bcrypt',
90 'ignore_security_flaw' => true
91 )
92 ),
93 'password_encoder' => 'bcrypt'
94 )
95 );
96
97 self::$instance = $password_manager;
98 return self::$instance;
99 }
100
104 public function getEncoderName()
105 {
106 return $this->encoder_name;
107 }
108
112 public function setEncoderName($encoder_name)
113 {
114 $this->encoder_name = $encoder_name;
115 }
116
120 public function getEncoderFactory()
121 {
122 return $this->encoder_factory;
123 }
124
128 public function setEncoderFactory(ilUserPasswordEncoderFactory $encoder_factory)
129 {
130 $this->encoder_factory = $encoder_factory;
131 }
132
137 public function encodePassword(ilObjUser $user, $raw)
138 {
139 $encoder = $this->getEncoderFactory()->getEncoderByName($this->getEncoderName());
140 $user->setPasswordEncodingType($encoder->getName());
141 if($encoder->requiresSalt())
142 {
143 require_once 'Services/Password/classes/class.ilPasswordUtils.php';
144 $user->setPasswordSalt(
145 substr(str_replace('+', '.', base64_encode(ilPasswordUtils::getBytes(self::MIN_SALT_SIZE))), 0, 22)
146 );
147 }
148 else
149 {
150 $user->setPasswordSalt(null);
151 }
152 $user->setPasswd($encoder->encodePassword($raw, $user->getPasswordSalt()), IL_PASSWD_CRYPTED);
153 }
154
159 public function isEncodingTypeSupported($name)
160 {
161 return in_array($name, $this->getEncoderFactory()->getSupportedEncoderNames());
162 }
163
170 public function verifyPassword(ilObjUser $user, $raw, $migrate = true)
171 {
172 $encoder = $this->getEncoderFactory()->getEncoderByName($user->getPasswordEncodingType(), true);
173 if($this->getEncoderName() != $encoder->getName())
174 {
175 if($encoder->isPasswordValid($user->getPasswd(), $raw, $user->getPasswordSalt()))
176 {
177 if($migrate)
178 {
179 $user->resetPassword($raw, $raw);
180 }
181
182 return true;
183 }
184
185 return false;
186 }
187 else
188 {
189 return $encoder->isPasswordValid($user->getPasswd(), $raw, $user->getPasswordSalt());
190 }
191 }
192}
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
ilObjUser\setPasswordEncodingType
setPasswordEncodingType($password_encryption_type)
Definition: class.ilObjUser.php:306
ilObjUser\setPasswd
setPasswd($a_str, $a_type=IL_PASSWD_PLAIN)
set password @access public
Definition: class.ilObjUser.php:1540
ilObjUser\setPasswordSalt
setPasswordSalt($password_salt)
Definition: class.ilObjUser.php:322
ilObjUser\getPasswd
getPasswd()
get password
Definition: class.ilObjUser.php:1553
ilPasswordUtils\getBytes
static getBytes($length)
Generate random bytes using OpenSSL or Mcrypt and mt_rand() as fallback.
Definition: class.ilPasswordUtils.php:16
ilUserException
Class for user related exception handling in ILIAS.
Definition: class.ilUserException.php:34
ilUserPasswordManager\setEncoderFactory
setEncoderFactory(ilUserPasswordEncoderFactory $encoder_factory)
Definition: class.ilUserPasswordManager.php:128
ilUserPasswordManager\getInstance
static getInstance()
Single method to reduce footprint (included files, created instances)
Definition: class.ilUserPasswordManager.php:77
ilUserPasswordManager\verifyPassword
verifyPassword(ilObjUser $user, $raw, $migrate=true)
Definition: class.ilUserPasswordManager.php:170
ilUserPasswordManager\encodePassword
encodePassword(ilObjUser $user, $raw)
Definition: class.ilUserPasswordManager.php:137
ilUserPasswordManager\__construct
__construct(array $config=array())
Please use the singleton method for instance creation The constructor is still public because of the ...
Definition: class.ilUserPasswordManager.php:44