MediaWiki REL1_34
PasswordFactory.php
Go to the documentation of this file.
1<?php
28final class PasswordFactory {
35 private $default = '';
36
44 private $types = [
45 '' => [ 'type' => '', 'class' => InvalidPassword::class ],
46 ];
47
57 public function __construct( array $config = [], $default = '' ) {
58 foreach ( $config as $type => $options ) {
59 $this->register( $type, $options );
60 }
61
62 if ( $default !== '' ) {
63 $this->setDefaultType( $default );
64 }
65 }
66
75 public function register( $type, array $config ) {
76 $config['type'] = $type;
77 $this->types[$type] = $config;
78 }
79
89 public function setDefaultType( $type ) {
90 if ( !isset( $this->types[$type] ) ) {
91 throw new InvalidArgumentException( "Invalid password type $type." );
92 }
93 $this->default = $type;
94 }
95
101 public function getDefaultType() {
102 return $this->default;
103 }
104
112 public function init( Config $config ) {
113 foreach ( $config->get( 'PasswordConfig' ) as $type => $options ) {
114 $this->register( $type, $options );
115 }
116
117 $this->setDefaultType( $config->get( 'PasswordDefault' ) );
118 }
119
125 public function getTypes() {
126 return $this->types;
127 }
128
140 public function newFromCiphertext( $hash ) {
141 if ( $hash === null || $hash === false || $hash === '' ) {
142 return new InvalidPassword( $this, [ 'type' => '' ], null );
143 } elseif ( $hash[0] !== ':' ) {
144 throw new PasswordError( 'Invalid hash given' );
145 }
146
147 $type = substr( $hash, 1, strpos( $hash, ':', 1 ) - 1 );
148 if ( !isset( $this->types[$type] ) ) {
149 throw new PasswordError( "Unrecognized password hash type $type." );
150 }
151
152 $config = $this->types[$type];
153
154 return new $config['class']( $this, $config, $hash );
155 }
156
164 public function newFromType( $type ) {
165 if ( !isset( $this->types[$type] ) ) {
166 throw new PasswordError( "Unrecognized password hash type $type." );
167 }
168
169 $config = $this->types[$type];
170
171 return new $config['class']( $this, $config );
172 }
173
184 public function newFromPlaintext( $password, Password $existing = null ) {
185 if ( $password === null ) {
186 return new InvalidPassword( $this, [ 'type' => '' ], null );
187 }
188
189 if ( $existing === null ) {
190 $config = $this->types[$this->default];
191 $obj = new $config['class']( $this, $config );
192 } else {
193 $obj = clone $existing;
194 }
195
196 $obj->crypt( $password );
197
198 return $obj;
199 }
200
211 public function needsUpdate( Password $password ) {
212 if ( $password->getType() !== $this->default ) {
213 return true;
214 } else {
215 return $password->needsUpdate();
216 }
217 }
218
225 public static function generateRandomPasswordString( $minLength = 10 ) {
226 // Decide the final password length based on our min password length,
227 // stopping at a minimum of 10 chars.
228 $length = max( 10, $minLength );
229 // Multiply by 1.25 to get the number of hex characters we need
230 // Generate random hex chars
231 $hex = MWCryptRand::generateHex( ceil( $length * 1.25 ) );
232 // Convert from base 16 to base 32 to get a proper password like string
233 return substr( Wikimedia\base_convert( $hex, 16, 32, $length ), -$length );
234 }
235
241 public static function newInvalidPassword() {
242 static $password = null;
243
244 if ( $password === null ) {
245 $factory = new self();
246 $password = new InvalidPassword( $factory, [ 'type' => '' ], null );
247 }
248
249 return $password;
250 }
251}
Represents an invalid password hash.
static generateHex( $chars)
Generate a run of cryptographically random data and return it in hexadecimal string format.
Show an error when any operation involving passwords fails to run.
Factory class for creating and checking Password objects.
getDefaultType()
Get the default password type.
string $default
The default PasswordHash type.
static generateRandomPasswordString( $minLength=10)
Generate a random string suitable for a password.
newFromType( $type)
Make a new default password of the given type.
needsUpdate(Password $password)
Determine whether a password object needs updating.
setDefaultType( $type)
Set the default password type.
init(Config $config)
__construct(array $config=[], $default='')
Construct a new password factory.
getTypes()
Get the list of types of passwords.
static newInvalidPassword()
Create an InvalidPassword.
array $types
Mapping of password types to classes.
newFromCiphertext( $hash)
Create a new Hash object from an existing string hash.
newFromPlaintext( $password, Password $existing=null)
Create a new Hash object from a plaintext password.
Represents a password hash for use in authentication.
Definition Password.php:61
getType()
Get the type name of the password.
Definition Password.php:120
needsUpdate()
Determine if the hash needs to be updated.
Interface for configuration instances.
Definition Config.php:28
get( $name)
Get a configuration variable such as "Sitename" or "UploadMaintenance.".
This program is free software; you can redistribute it and/or modify it under the terms of the GNU Ge...