ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
class.ilUserPasswordManager.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2014 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4require_once 'Services/User/exceptions/class.ilUserException.php';
5
11class ilUserPasswordManager
12{
16 const MIN_SALT_SIZE = 16;
17
21 private static $instance;
22
26 protected $encoder_factory;
27
31 protected $encoder_name;
32
36 protected $config = array();
37
44 public function __construct(array $config = array())
45 {
46 if (!empty($config)) {
47 foreach ($config as $key => $value) {
48 switch (strtolower($key)) {
49 case 'password_encoder':
50 $this->setEncoderName($value);
51 break;
52 case 'encoder_factory':
53 $this->setEncoderFactory($value);
54 break;
55 }
56 }
57 }
58
59 if (!$this->getEncoderName()) {
60 throw new ilUserException(sprintf('"password_encoder" must be set in %s.', json_encode($config)));
61 }
62
63 if (!($this->getEncoderFactory() instanceof ilUserPasswordEncoderFactory)) {
64 throw new ilUserException(sprintf('"encoder_factory" must be instance of ilUserPasswordEncoderFactory and set in %s.', json_encode($config)));
65 }
66 }
67
72 public static function getInstance()
73 {
74 if (self::$instance instanceof self) {
75 return self::$instance;
76 }
77
78 require_once 'Services/User/classes/class.ilUserPasswordEncoderFactory.php';
79 $password_manager = new ilUserPasswordManager(
80 array(
81 'encoder_factory' => new ilUserPasswordEncoderFactory(
82 array(
83 'default_password_encoder' => 'bcryptphp',
84 'ignore_security_flaw' => true,
85 'data_directory' => ilUtil::getDataDir()
86 )
87 ),
88 'password_encoder' => 'bcryptphp'
89 )
90 );
91
92 self::$instance = $password_manager;
93 return self::$instance;
94 }
95
99 public function getEncoderName()
100 {
101 return $this->encoder_name;
102 }
103
107 public function setEncoderName($encoder_name)
108 {
109 $this->encoder_name = $encoder_name;
110 }
111
115 public function getEncoderFactory()
116 {
117 return $this->encoder_factory;
118 }
119
123 public function setEncoderFactory(ilUserPasswordEncoderFactory $encoder_factory)
124 {
125 $this->encoder_factory = $encoder_factory;
126 }
127
132 public function encodePassword(ilObjUser $user, $raw)
133 {
134 $encoder = $this->getEncoderFactory()->getEncoderByName($this->getEncoderName());
135 $user->setPasswordEncodingType($encoder->getName());
136 if ($encoder->requiresSalt()) {
137 require_once 'Services/Password/classes/class.ilPasswordUtils.php';
138 $user->setPasswordSalt(
139 substr(str_replace('+', '.', base64_encode(ilPasswordUtils::getBytes(self::MIN_SALT_SIZE))), 0, 22)
140 );
141 } else {
142 $user->setPasswordSalt(null);
143 }
144 $user->setPasswd($encoder->encodePassword($raw, $user->getPasswordSalt()), IL_PASSWD_CRYPTED);
145 }
146
151 public function isEncodingTypeSupported($name)
152 {
153 return in_array($name, $this->getEncoderFactory()->getSupportedEncoderNames());
154 }
155
161 public function verifyPassword(ilObjUser $user, $raw)
162 {
163 $encoder = $this->getEncoderFactory()->getEncoderByName($user->getPasswordEncodingType(), true);
164 if ($this->getEncoderName() != $encoder->getName()) {
165 if ($encoder->isPasswordValid($user->getPasswd(), $raw, $user->getPasswordSalt())) {
166 $user->resetPassword($raw, $raw);
167 return true;
168 }
169 } elseif ($encoder->isPasswordValid($user->getPasswd(), $raw, $user->getPasswordSalt())) {
170 if ($encoder->requiresReencoding($user->getPasswd())) {
171 $user->resetPassword($raw, $raw);
172 }
173
174 return true;
175 }
176
177 return false;
178 }
179}
sprintf
sprintf('%.4f', $callTime)
Definition: 01pharSimple.php:87
php
An exception for terminatinating execution or to throw for unit testing.
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
ilObjUser\setPasswordEncodingType
setPasswordEncodingType($password_encryption_type)
Definition: class.ilObjUser.php:296
ilObjUser\setPasswd
setPasswd($a_str, $a_type=IL_PASSWD_PLAIN)
set password @access public
Definition: class.ilObjUser.php:1466
ilObjUser\setPasswordSalt
setPasswordSalt($password_salt)
Definition: class.ilObjUser.php:312
ilObjUser\getPasswd
getPasswd()
get password
Definition: class.ilObjUser.php:1479
ilPasswordUtils\getBytes
static getBytes($length)
Generate random bytes using OpenSSL or Mcrypt and mt_rand() as fallback.
Definition: class.ilPasswordUtils.php:16
ilUserException
Class for user related exception handling in ILIAS.
Definition: class.ilUserException.php:34
ilUserPasswordManager\verifyPassword
verifyPassword(ilObjUser $user, $raw)
Definition: class.ilUserPasswordManager.php:161
ilUserPasswordManager\setEncoderFactory
setEncoderFactory(ilUserPasswordEncoderFactory $encoder_factory)
Definition: class.ilUserPasswordManager.php:123
ilUserPasswordManager\getInstance
static getInstance()
Single method to reduce footprint (included files, created instances)
Definition: class.ilUserPasswordManager.php:72
ilUserPasswordManager\encodePassword
encodePassword(ilObjUser $user, $raw)
Definition: class.ilUserPasswordManager.php:132
ilUserPasswordManager\__construct
__construct(array $config=array())
Please use the singleton method for instance creation The constructor is still public because of the ...
Definition: class.ilUserPasswordManager.php:44
ilUtil\getDataDir
static getDataDir()
get data directory (outside webspace)
Definition: class.ilUtil.php:1535
$key
$key
Definition: croninfo.php:18
$name
if($format !==null) $name
Definition: metadata.php:146