Collaboration diagram for ilUserPasswordManager:

Public Member Functions
	__construct (array $config=[])
	Please use the singleton method for instance creation The constructor is still public because of the unit tests. More...

	setSettings (?ilSetting $settings)

	setDb (ilDBInterface $db)

	getEncoderName ()

	setEncoderName (string $encoderName)

	getEncoderFactory ()

	setEncoderFactory (ilUserPasswordEncoderFactory $encoderFactory)

	encodePassword (ilObjUser $user, string $raw)

	isEncodingTypeSupported (string $name)

	verifyPassword (ilObjUser $user, string $raw)

	resetLastPasswordChangeForLocalUsers ()

Static Public Member Functions
static	getInstance ()
	Single method to reduce footprint (included files, created instances) More...

Data Fields
const	MIN_SALT_SIZE = 16

Protected Attributes
	$encoderFactory

	$encoderName

	$config = []

	$settings

	$db

Static Private Attributes
static	$instance

Detailed Description

Definition at line 9 of file class.ilUserPasswordManager.php.

Constructor & Destructor Documentation

◆ __construct()

ilUserPasswordManager::__construct ( array $config = [] )

Please use the singleton method for instance creation The constructor is still public because of the unit tests.

Parameters

array $config

Exceptions

ilUserException

Definition at line 38 of file class.ilUserPasswordManager.php.

References $config, getEncoderFactory(), getEncoderName(), setDb(), setEncoderFactory(), setEncoderName(), and setSettings().

     {
         if (!empty($config)) {
             foreach ($config as $key => $value) {
                 switch (strtolower($key)) {
                     case 'settings':
                         $this->setSettings($value);
                         break;
                     case 'db':
                         $this->setDb($value);
                         break;
                     case 'password_encoder':
                         $this->setEncoderName($value);
                         break;
                     case 'encoder_factory':
                         $this->setEncoderFactory($value);
                         break;
                 }
             }
         }
 
         if (!$this->getEncoderName()) {
             throw new ilUserException(sprintf('"password_encoder" must be set in %s.', json_encode($config)));
         }
 
         if (!($this->getEncoderFactory() instanceof ilUserPasswordEncoderFactory)) {
             throw new ilUserException(sprintf(
                 '"encoder_factory" must be instance of ilUserPasswordEncoderFactory and set in %s.',
                 json_encode($config)
             ));
         }
     }

Here is the call graph for this function:

Member Function Documentation

◆ encodePassword()

ilUserPasswordManager::encodePassword	(	ilObjUser	$user,
		string	$raw
	)

Parameters

ilObjUser	$user
string	$raw	The raw password

Exceptions

ilUserException

Definition at line 157 of file class.ilUserPasswordManager.php.

References ilPasswordUtils\getBytes(), getEncoderFactory(), getEncoderName(), ilObjUser\getPasswordSalt(), IL_PASSWD_CRYPTED, ilObjUser\setPasswd(), ilObjUser\setPasswordEncodingType(), and ilObjUser\setPasswordSalt().

                                                                  : void
     {
         $encoder = $this->getEncoderFactory()->getEncoderByName($this->getEncoderName());
         $user->setPasswordEncodingType($encoder->getName());
         if ($encoder->requiresSalt()) {
             $user->setPasswordSalt(
                 substr(str_replace('+', '.', base64_encode(ilPasswordUtils::getBytes(self::MIN_SALT_SIZE))), 0, 22)
             );
         } else {
             $user->setPasswordSalt(null);
         }
         $user->setPasswd($encoder->encodePassword($raw, (string) $user->getPasswordSalt()), IL_PASSWD_CRYPTED);
     }

Here is the call graph for this function:

◆ getEncoderFactory()

ilUserPasswordManager::getEncoderFactory ( )

Returns: ilUserPasswordEncoderFactory|null

Definition at line 139 of file class.ilUserPasswordManager.php.

References $encoderFactory.

Referenced by __construct(), encodePassword(), isEncodingTypeSupported(), and verifyPassword().

                                         : ?ilUserPasswordEncoderFactory
     {
         return $this->encoderFactory;
     }

Here is the caller graph for this function:

◆ getEncoderName()

ilUserPasswordManager::getEncoderName ( )

Returns: string|null

Definition at line 123 of file class.ilUserPasswordManager.php.

References $encoderName.

Referenced by __construct(), encodePassword(), and verifyPassword().

                                      : ?string
     {
         return $this->encoderName;
     }

Here is the caller graph for this function:

◆ getInstance()

static ilUserPasswordManager::getInstance ( )

static

Single method to reduce footprint (included files, created instances)

Returns: self

Exceptions

ilUserException
ilPasswordException

Definition at line 77 of file class.ilUserPasswordManager.php.

References $DIC, and ilUtil\getDataDir().

Referenced by ilObjUser\assignData(), ilPDNewsBlockGUI\changeFeedSettings(), ilObjUserFolderGUI\forceUserPasswordResetObject(), ilObjUser\isPasswordChangeDemanded(), ilSetup\loginAsClient(), ilObjUser\refreshLogin(), ilPersonalSettingsGUI\savePassword(), and ilPDOAuthentication\setAuth().

                                          : self
     {
         global $DIC;
 
         if (self::$instance instanceof self) {
             return self::$instance;
         }
 
         $password_manager = new ilUserPasswordManager(
             [
                 'encoder_factory' => new ilUserPasswordEncoderFactory(
                     [
                         'default_password_encoder' => 'bcryptphp',
                         'ignore_security_flaw' => true,
                         'data_directory' => ilUtil::getDataDir()
                     ]
                 ),
                 'password_encoder' => 'bcryptphp',
                 'settings' => $DIC->isDependencyAvailable('settings') ? $DIC->settings() : null,
                 'db' => $DIC->database(),
             ]
         );
 
         self::$instance = $password_manager;
         return self::$instance;
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ isEncodingTypeSupported()

ilUserPasswordManager::isEncodingTypeSupported ( string $name )

Parameters

string $name

Returns: bool

Definition at line 175 of file class.ilUserPasswordManager.php.

References getEncoderFactory().

                                                           : bool
     {
         return in_array($name, $this->getEncoderFactory()->getSupportedEncoderNames());
     }

Here is the call graph for this function:

◆ resetLastPasswordChangeForLocalUsers()

ilUserPasswordManager::resetLastPasswordChangeForLocalUsers ( )

Definition at line 208 of file class.ilUserPasswordManager.php.

References AUTH_LOCAL, and settings().

                                                            : void
     {
         $defaultAuthMode = $this->settings->get('auth_mode');
         $defaultAuthModeCondition = '';
         if ((int) $defaultAuthMode === (int) AUTH_LOCAL) {
             $defaultAuthModeCondition = ' OR auth_mode = ' . $this->db->quote('default', 'text');
         }
 
         $this->db->manipulateF(
             "
                         UPDATE usr_data
                         SET passwd_policy_reset = %s
                         WHERE (auth_mode = %s $defaultAuthModeCondition)",
             ['integer', 'text'],
             [1, 'local']
         );
     }

Here is the call graph for this function:

◆ setDb()

ilUserPasswordManager::setDb ( ilDBInterface $db )

Parameters

ilDBInterface $db

Definition at line 115 of file class.ilUserPasswordManager.php.

References $db.

Referenced by __construct().

                                              : void
     {
         $this->db = $db;
     }

Here is the caller graph for this function:

◆ setEncoderFactory()

ilUserPasswordManager::setEncoderFactory ( ilUserPasswordEncoderFactory $encoderFactory )

Parameters

ilUserPasswordEncoderFactory $encoderFactory

Definition at line 147 of file class.ilUserPasswordManager.php.

References $encoderFactory.

Referenced by __construct().

                                                                                     : void
     {
         $this->encoderFactory = $encoderFactory;
     }

Here is the caller graph for this function:

◆ setEncoderName()

ilUserPasswordManager::setEncoderName ( string $encoderName )

Parameters

string $encoderName

Definition at line 131 of file class.ilUserPasswordManager.php.

References $encoderName.

Referenced by __construct().

                                                         : void
     {
         $this->encoderName = $encoderName;
     }

Here is the caller graph for this function:

◆ setSettings()

ilUserPasswordManager::setSettings ( ?ilSetting $settings )

Parameters

ilSetting | null $settings

Definition at line 107 of file class.ilUserPasswordManager.php.

References $settings, and settings().

Referenced by __construct().

                                                       : void
     {
         $this->settings = $settings;
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ verifyPassword()

ilUserPasswordManager::verifyPassword	(	ilObjUser	$user,
		string	$raw
	)

Parameters

ilObjUser	$user
string	$raw

Returns: bool

Exceptions

ilUserException

Definition at line 186 of file class.ilUserPasswordManager.php.

References getEncoderFactory(), getEncoderName(), ilObjUser\getPasswd(), ilObjUser\getPasswordEncodingType(), and ilObjUser\getPasswordSalt().

                                                                  : bool
     {
         $encoder = $this->getEncoderFactory()->getEncoderByName($user->getPasswordEncodingType(), true);
         if ($this->getEncoderName() != $encoder->getName()) {
             if ($encoder->isPasswordValid((string) $user->getPasswd(), $raw, (string) $user->getPasswordSalt())) {
                 $user->resetPassword($raw, $raw);
                 return true;
             }
         } elseif ($encoder->isPasswordValid((string) $user->getPasswd(), $raw, (string) $user->getPasswordSalt())) {
             if ($encoder->requiresReencoding((string) $user->getPasswd())) {
                 $user->resetPassword($raw, $raw);
             }
 
             return true;
         }
 
         return false;
     }