MediaWiki REL1_31
PasswordFactory.php
Go to the documentation of this file.
1<?php
28final class PasswordFactory {
35 private $default = '';
36
43 private $types = [
44 '' => [ 'type' => '', 'class' => InvalidPassword::class ],
45 ];
46
53 public function register( $type, array $config ) {
54 $config['type'] = $type;
55 $this->types[$type] = $config;
56 }
57
64 public function setDefaultType( $type ) {
65 if ( !isset( $this->types[$type] ) ) {
66 throw new InvalidArgumentException( "Invalid password type $type." );
67 }
68 $this->default = $type;
69 }
70
76 public function getDefaultType() {
77 return $this->default;
78 }
79
85 public function init( Config $config ) {
86 foreach ( $config->get( 'PasswordConfig' ) as $type => $options ) {
87 $this->register( $type, $options );
88 }
89
90 $this->setDefaultType( $config->get( 'PasswordDefault' ) );
91 }
92
98 public function getTypes() {
99 return $this->types;
100 }
101
113 public function newFromCiphertext( $hash ) {
114 if ( $hash === null || $hash === false || $hash === '' ) {
115 return new InvalidPassword( $this, [ 'type' => '' ], null );
116 } elseif ( $hash[0] !== ':' ) {
117 throw new PasswordError( 'Invalid hash given' );
118 }
119
120 $type = substr( $hash, 1, strpos( $hash, ':', 1 ) - 1 );
121 if ( !isset( $this->types[$type] ) ) {
122 throw new PasswordError( "Unrecognized password hash type $type." );
123 }
124
125 $config = $this->types[$type];
126
127 return new $config['class']( $this, $config, $hash );
128 }
129
137 public function newFromType( $type ) {
138 if ( !isset( $this->types[$type] ) ) {
139 throw new PasswordError( "Unrecognized password hash type $type." );
140 }
141
142 $config = $this->types[$type];
143
144 return new $config['class']( $this, $config );
145 }
146
157 public function newFromPlaintext( $password, Password $existing = null ) {
158 if ( $password === null ) {
159 return new InvalidPassword( $this, [ 'type' => '' ], null );
160 }
161
162 if ( $existing === null ) {
163 $config = $this->types[$this->default];
164 $obj = new $config['class']( $this, $config );
165 } else {
166 $obj = clone $existing;
167 }
168
169 $obj->crypt( $password );
170
171 return $obj;
172 }
173
184 public function needsUpdate( Password $password ) {
185 if ( $password->getType() !== $this->default ) {
186 return true;
187 } else {
188 return $password->needsUpdate();
189 }
190 }
191
198 public static function generateRandomPasswordString( $minLength = 10 ) {
199 // Decide the final password length based on our min password length,
200 // stopping at a minimum of 10 chars.
201 $length = max( 10, $minLength );
202 // Multiply by 1.25 to get the number of hex characters we need
203 // Generate random hex chars
204 $hex = MWCryptRand::generateHex( ceil( $length * 1.25 ) );
205 // Convert from base 16 to base 32 to get a proper password like string
206 return substr( Wikimedia\base_convert( $hex, 16, 32, $length ), -$length );
207 }
208
214 public static function newInvalidPassword() {
215 static $password = null;
216
217 if ( $password === null ) {
218 $factory = new self();
219 $password = new InvalidPassword( $factory, [ 'type' => '' ], null );
220 }
221
222 return $password;
223 }
224}
InvalidPassword
Represents an invalid password hash.
Definition InvalidPassword.php:32
MWCryptRand\generateHex
static generateHex( $chars, $forceStrong=false)
Generate a run of (ideally) cryptographically random data and return it in hexadecimal string format.
Definition MWCryptRand.php:76
PasswordError
Show an error when any operation involving passwords fails to run.
Definition PasswordError.php:26
PasswordFactory
Factory class for creating and checking Password objects.
Definition PasswordFactory.php:28
PasswordFactory\getDefaultType
getDefaultType()
Get the default password type.
Definition PasswordFactory.php:76
PasswordFactory\$default
string $default
The default PasswordHash type.
Definition PasswordFactory.php:35
PasswordFactory\generateRandomPasswordString
static generateRandomPasswordString( $minLength=10)
Generate a random string suitable for a password.
Definition PasswordFactory.php:198
PasswordFactory\newFromType
newFromType( $type)
Make a new default password of the given type.
Definition PasswordFactory.php:137
PasswordFactory\needsUpdate
needsUpdate(Password $password)
Determine whether a password object needs updating.
Definition PasswordFactory.php:184
PasswordFactory\setDefaultType
setDefaultType( $type)
Set the default password type.
Definition PasswordFactory.php:64
PasswordFactory\init
init(Config $config)
Initialize the internal static variables using the global variables.
Definition PasswordFactory.php:85
PasswordFactory\getTypes
getTypes()
Get the list of types of passwords.
Definition PasswordFactory.php:98
PasswordFactory\newInvalidPassword
static newInvalidPassword()
Create an InvalidPassword.
Definition PasswordFactory.php:214
PasswordFactory\$types
array $types
Mapping of password types to classes.
Definition PasswordFactory.php:43
PasswordFactory\newFromCiphertext
newFromCiphertext( $hash)
Create a new Hash object from an existing string hash.
Definition PasswordFactory.php:113
PasswordFactory\newFromPlaintext
newFromPlaintext( $password, Password $existing=null)
Create a new Hash object from a plaintext password.
Definition PasswordFactory.php:157
Password
Represents a password hash for use in authentication.
Definition Password.php:66
Password\getType
getType()
Get the type name of the password.
Definition Password.php:122
Password\needsUpdate
needsUpdate()
Determine if the hash needs to be updated.
$options
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped & $options
Definition hooks.txt:2001
Config
Interface for configuration instances.
Definition Config.php:28
Config\get
get( $name)
Get a configuration variable such as "Sitename" or "UploadMaintenance.".