db/d0f/class_8ilUserPasswordManager_8php_source.html

 <?php

 declare(strict_types=1);

 class ilUserPasswordManager
 {
     private const MIN_SALT_SIZE = 16;

     private static ?self $instance = null;

     protected ?ilUserPasswordEncoderFactory $encoderFactory = null;
     protected ?ilSetting $settings = null;
     protected ?ilDBInterface $db = null;
     protected ?string $encoderName = null;
     protected array $config = [];

     public function __construct(array $config = [])
     {
         if (!empty($config)) {
             foreach ($config as $key => $value) {
                 switch (strtolower($key)) {
                     case 'settings':
                         $this->setSettings($value);
                         break;
                     case 'db':
                         $this->setDb($value);
                         break;
                     case 'password_encoder':
                         $this->setEncoderName($value);
                         break;
                     case 'encoder_factory':
                         $this->setEncoderFactory($value);
                         break;
                 }
             }
         }

         if (!$this->getEncoderName()) {
             throw new ilUserException(sprintf(
                 '"password_encoder" must be set in %s.',
                 json_encode($config, JSON_THROW_ON_ERROR)
             ));
         }

         if (!($this->getEncoderFactory() instanceof ilUserPasswordEncoderFactory)) {
             throw new ilUserException(sprintf(
                 '"encoder_factory" must be instance of ilUserPasswordEncoderFactory and set in %s.',
                 json_encode($config, JSON_THROW_ON_ERROR)
             ));
         }
     }

     public static function getInstance(): self
     {
         global $DIC;

         if (self::$instance instanceof self) {
             return self::$instance;
         }

         $password_manager = new ilUserPasswordManager(
             [
                 'encoder_factory' => new ilUserPasswordEncoderFactory(
                     [
                         'default_password_encoder' => 'bcryptphp',
                         'ignore_security_flaw' => true,
                         'data_directory' => ilFileUtils::getDataDir()
                     ]
                 ),
                 'password_encoder' => 'bcryptphp',
                 'settings' => $DIC->isDependencyAvailable('settings') ? $DIC->settings() : null,
                 'db' => $DIC->database(),
             ]
         );

         self::$instance = $password_manager;
         return self::$instance;
     }

     public function setSettings(?ilSetting $settings): void
     {
         $this->settings = $settings;
     }

     public function setDb(ilDBInterface $db): void
     {
         $this->db = $db;
     }

     public function getEncoderName(): ?string
     {
         return $this->encoderName;
     }

     public function setEncoderName(string $encoderName): void
     {
         $this->encoderName = $encoderName;
     }

     public function getEncoderFactory(): ?ilUserPasswordEncoderFactory
     {
         return $this->encoderFactory;
     }

     public function setEncoderFactory(ilUserPasswordEncoderFactory $encoderFactory): void
     {
         $this->encoderFactory = $encoderFactory;
     }

     public function encodePassword(ilObjUser $user, string $raw): void
     {
         $encoder = $this->getEncoderFactory()->getEncoderByName($this->getEncoderName());
         $user->setPasswordEncodingType($encoder->getName());
         if ($encoder->requiresSalt()) {
             $user->setPasswordSalt(
                 substr(str_replace('+', '.', base64_encode(ilPasswordUtils::getBytes(self::MIN_SALT_SIZE))), 0, 22)
             );
         } else {
             $user->setPasswordSalt(null);
         }
         $user->setPasswd($encoder->encodePassword($raw, (string) $user->getPasswordSalt()), ilObjUser::PASSWD_CRYPTED);
     }

     public function isEncodingTypeSupported(string $name): bool
     {
         return in_array($name, $this->getEncoderFactory()->getSupportedEncoderNames());
     }

     public function verifyPassword(ilObjUser $user, string $raw): bool
     {
         $encoder = $this->getEncoderFactory()->getEncoderByName($user->getPasswordEncodingType(), true);
         if ($this->getEncoderName() !== $encoder->getName()) {
             if ($encoder->isPasswordValid($user->getPasswd(), $raw, (string) $user->getPasswordSalt())) {
                 $user->resetPassword($raw, $raw);
                 return true;
             }
         } elseif ($encoder->isPasswordValid($user->getPasswd(), $raw, (string) $user->getPasswordSalt())) {
             if ($encoder->requiresReencoding($user->getPasswd())) {
                 $user->resetPassword($raw, $raw);
             }

             return true;
         }

         return false;
     }

     public function resetLastPasswordChangeForLocalUsers(): void
     {
         $defaultAuthMode = $this->settings->get('auth_mode');
         $defaultAuthModeCondition = '';
         if ((int) $defaultAuthMode === ilAuthUtils::AUTH_LOCAL) {
             $defaultAuthModeCondition = ' OR auth_mode = ' . $this->db->quote('default', 'text');
         }

         $this->db->manipulateF(
             "UPDATE usr_data SET passwd_policy_reset = %s WHERE (auth_mode = %s $defaultAuthModeCondition)",
             ['integer', 'text'],
             [1, 'local']
         );
     }
 }
ilUserException
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilUserException.php:21

ilUserPasswordManager\setDb
setDb(ilDBInterface $db)
Definition: class.ilUserPasswordManager.php:122

ilObjUser\resetPassword
resetPassword(string $raw, string $raw_retype)
Resets the user password.
Definition: class.ilObjUser.php:760

ilUserPasswordManager\$encoderName
string $encoderName
Definition: class.ilUserPasswordManager.php:35

ilUserPasswordEncoderFactory
Definition: class.ilUserPasswordEncoderFactory.php:26

ilUserPasswordManager\MIN_SALT_SIZE
const MIN_SALT_SIZE
Definition: class.ilUserPasswordManager.php:28

ilUserPasswordManager\$db
ilDBInterface $db
Definition: class.ilUserPasswordManager.php:34

ilUserPasswordManager
Definition: class.ilUserPasswordManager.php:26

ilUserPasswordManager\$instance
static self $instance
Definition: class.ilUserPasswordManager.php:30

ilUserPasswordManager\encodePassword
encodePassword(ilObjUser $user, string $raw)
Definition: class.ilUserPasswordManager.php:147

ilUserPasswordManager\__construct
__construct(array $config=[])
Please use the singleton method for instance creation The constructor is still public because of the ...
Definition: class.ilUserPasswordManager.php:48

ilUserPasswordManager\isEncodingTypeSupported
isEncodingTypeSupported(string $name)
Definition: class.ilUserPasswordManager.php:161

ilObjUser\setPasswordSalt
setPasswordSalt(?string $password_salt)
Definition: class.ilObjUser.php:227

ilUserPasswordManager\$encoderFactory
ilUserPasswordEncoderFactory $encoderFactory
Definition: class.ilUserPasswordManager.php:32

ilObjUser\setPasswd
setPasswd(string $a_str, string $a_type=ilObjUser::PASSWD_PLAIN)
Definition: class.ilObjUser.php:1231

$DIC
global $DIC
Definition: feed.php:28

$name
if($format !==null) $name
Definition: metadata.php:247

ilObjUser

ilObjUser\getPasswordSalt
getPasswordSalt()
Definition: class.ilObjUser.php:222

ilUserPasswordManager\setSettings
setSettings(?ilSetting $settings)
Definition: class.ilUserPasswordManager.php:117

ILIAS\LTI\ToolProvider\$key
string $key
Consumer key/client ID value.
Definition: System.php:193

ilPasswordUtils\getBytes
static getBytes(int $length)
Generate random bytes using OpenSSL or Mcrypt and mt_rand() as fallback.
Definition: class.ilPasswordUtils.php:32

ilUserPasswordManager\setEncoderFactory
setEncoderFactory(ilUserPasswordEncoderFactory $encoderFactory)
Definition: class.ilUserPasswordManager.php:142

ilDBInterface

ilFileUtils\getDataDir
static getDataDir()
get data directory (outside webspace)
Definition: class.ilFileUtils.php:358

ilUserPasswordManager\$settings
ilSetting $settings
Definition: class.ilUserPasswordManager.php:33

ILIAS\Repository\settings
settings()
Definition: trait.GlobalDICDomainServices.php:91

ilObjUser\PASSWD_CRYPTED
const PASSWD_CRYPTED
Definition: class.ilObjUser.php:30

ilObjUser\setPasswordEncodingType
setPasswordEncodingType(?string $password_encryption_type)
Definition: class.ilObjUser.php:217

ilUserPasswordManager\getEncoderName
getEncoderName()
Definition: class.ilUserPasswordManager.php:127

ilObjUser\getPasswd
getPasswd()
Definition: class.ilObjUser.php:1242

ilUserPasswordManager\$config
array $config
Definition: class.ilUserPasswordManager.php:39

ilUserPasswordManager\verifyPassword
verifyPassword(ilObjUser $user, string $raw)
Definition: class.ilUserPasswordManager.php:166

ilUserPasswordManager\resetLastPasswordChangeForLocalUsers
resetLastPasswordChangeForLocalUsers()
Definition: class.ilUserPasswordManager.php:185

ilObjUser\getPasswordEncodingType
getPasswordEncodingType()
Definition: class.ilObjUser.php:212

ilSetting

ilUserPasswordManager\getInstance
static getInstance()
Singleton method to reduce footprint (included files, created instances)
Definition: class.ilUserPasswordManager.php:90

ilUserPasswordManager\setEncoderName
setEncoderName(string $encoderName)
Definition: class.ilUserPasswordManager.php:132

ilUserPasswordManager\getEncoderFactory
getEncoderFactory()
Definition: class.ilUserPasswordManager.php:137

ilAuthUtils\AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:33