ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilUserPasswordManager.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2014 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 require_once 'Services/User/exceptions/class.ilUserException.php';
5 
11 class ilUserPasswordManager
12 {
16  const MIN_SALT_SIZE = 16;
17 
21  private static $instance;
22 
26  protected $encoder_factory;
27 
31  protected $encoder_name;
32 
36  protected $config = array();
37 
44  public function __construct(array $config = array())
45  {
46  if (!empty($config)) {
47  foreach ($config as $key => $value) {
48  switch (strtolower($key)) {
49  case 'password_encoder':
50  $this->setEncoderName($value);
51  break;
52  case 'encoder_factory':
53  $this->setEncoderFactory($value);
54  break;
55  }
56  }
57  }
58 
59  if (!$this->getEncoderName()) {
60  throw new ilUserException(sprintf('"password_encoder" must be set in %s.', json_encode($config)));
61  }
62 
63  if (!($this->getEncoderFactory() instanceof ilUserPasswordEncoderFactory)) {
64  throw new ilUserException(sprintf('"encoder_factory" must be instance of ilUserPasswordEncoderFactory and set in %s.', json_encode($config)));
65  }
66  }
67 
72  public static function getInstance()
73  {
74  if (self::$instance instanceof self) {
75  return self::$instance;
76  }
77 
78  require_once 'Services/User/classes/class.ilUserPasswordEncoderFactory.php';
79  $password_manager = new ilUserPasswordManager(
80  array(
81  'encoder_factory' => new ilUserPasswordEncoderFactory(
82  array(
83  'default_password_encoder' => 'bcryptphp',
84  'ignore_security_flaw' => true,
85  'data_directory' => ilUtil::getDataDir()
86  )
87  ),
88  'password_encoder' => 'bcryptphp'
89  )
90  );
91 
92  self::$instance = $password_manager;
93  return self::$instance;
94  }
95 
99  public function getEncoderName()
100  {
101  return $this->encoder_name;
102  }
103 
107  public function setEncoderName($encoder_name)
108  {
109  $this->encoder_name = $encoder_name;
110  }
111 
115  public function getEncoderFactory()
116  {
117  return $this->encoder_factory;
118  }
119 
123  public function setEncoderFactory(ilUserPasswordEncoderFactory $encoder_factory)
124  {
125  $this->encoder_factory = $encoder_factory;
126  }
127 
132  public function encodePassword(ilObjUser $user, $raw)
133  {
134  $encoder = $this->getEncoderFactory()->getEncoderByName($this->getEncoderName());
135  $user->setPasswordEncodingType($encoder->getName());
136  if ($encoder->requiresSalt()) {
137  require_once 'Services/Password/classes/class.ilPasswordUtils.php';
138  $user->setPasswordSalt(
139  substr(str_replace('+', '.', base64_encode(ilPasswordUtils::getBytes(self::MIN_SALT_SIZE))), 0, 22)
140  );
141  } else {
142  $user->setPasswordSalt(null);
143  }
144  $user->setPasswd($encoder->encodePassword($raw, $user->getPasswordSalt()), IL_PASSWD_CRYPTED);
145  }
146 
151  public function isEncodingTypeSupported($name)
152  {
153  return in_array($name, $this->getEncoderFactory()->getSupportedEncoderNames());
154  }
155 
161  public function verifyPassword(ilObjUser $user, $raw)
162  {
163  $encoder = $this->getEncoderFactory()->getEncoderByName($user->getPasswordEncodingType(), true);
164  if ($this->getEncoderName() != $encoder->getName()) {
165  if ($encoder->isPasswordValid($user->getPasswd(), $raw, $user->getPasswordSalt())) {
166  $user->resetPassword($raw, $raw);
167  return true;
168  }
169  } elseif ($encoder->isPasswordValid($user->getPasswd(), $raw, $user->getPasswordSalt())) {
170  if ($encoder->requiresReencoding($user->getPasswd())) {
171  $user->resetPassword($raw, $raw);
172  }
173 
174  return true;
175  }
176 
177  return false;
178  }
179 }
ilUserPasswordManager\verifyPassword
verifyPassword(ilObjUser $user, $raw)
Definition: class.ilUserPasswordManager.php:161
ilUserException
Class for user related exception handling in ILIAS.
Definition: class.ilUserException.php:33
ilUserPasswordManager\encodePassword
encodePassword(ilObjUser $user, $raw)
Definition: class.ilUserPasswordManager.php:132
ilUserPasswordManager\__construct
__construct(array $config=array())
Please use the singleton method for instance creation The constructor is still public because of the ...
Definition: class.ilUserPasswordManager.php:44
ilUserPasswordManager\setEncoderFactory
setEncoderFactory(ilUserPasswordEncoderFactory $encoder_factory)
Definition: class.ilUserPasswordManager.php:123
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
ilPasswordUtils\getBytes
static getBytes($length)
Generate random bytes using OpenSSL or Mcrypt and mt_rand() as fallback.
Definition: class.ilPasswordUtils.php:16
ilObjUser\setPasswd
setPasswd($a_str, $a_type=IL_PASSWD_PLAIN)
set password public
Definition: class.ilObjUser.php:1557
$user
$user
Definition: migrateto20.php:57
ilUtil\getDataDir
static getDataDir()
get data directory (outside webspace)
Definition: class.ilUtil.php:1521
ilObjUser\getPasswd
getPasswd()
get password
Definition: class.ilObjUser.php:1570
$name
$name
Definition: client_example.php:35
ilObjUser\setPasswordSalt
setPasswordSalt($password_salt)
Definition: class.ilObjUser.php:328
ilObjUser\setPasswordEncodingType
setPasswordEncodingType($password_encryption_type)
Definition: class.ilObjUser.php:312
$key
$key
Definition: croninfo.php:18
ilUserPasswordManager\getInstance
static getInstance()
Single method to reduce footprint (included files, created instances)
Definition: class.ilUserPasswordManager.php:72