MediaWiki  master
PasswordFactory.php
Go to the documentation of this file.
1 <?php
28 final class PasswordFactory {
35  private $default = '';
36 
44  private $types = [
45  '' => [ 'type' => '', 'class' => InvalidPassword::class ],
46  ];
47 
56  public function __construct( array $config = [], $default = '' ) {
57  foreach ( $config as $type => $options ) {
58  $this->register( $type, $options );
59  }
60 
61  if ( $default !== '' ) {
62  $this->setDefaultType( $default );
63  }
64  }
65 
74  public function register( $type, array $config ) {
75  $config['type'] = $type;
76  $this->types[$type] = $config;
77  }
78 
88  public function setDefaultType( $type ) {
89  if ( !isset( $this->types[$type] ) ) {
90  throw new InvalidArgumentException( "Invalid password type $type." );
91  }
92  $this->default = $type;
93  }
94 
100  public function getDefaultType() {
101  return $this->default;
102  }
103 
111  public function init( Config $config ) {
112  foreach ( $config->get( 'PasswordConfig' ) as $type => $options ) {
113  $this->register( $type, $options );
114  }
115 
116  $this->setDefaultType( $config->get( 'PasswordDefault' ) );
117  }
118 
124  public function getTypes() {
125  return $this->types;
126  }
127 
139  public function newFromCiphertext( $hash ) {
140  if ( $hash === null || $hash === false || $hash === '' ) {
141  return new InvalidPassword( $this, [ 'type' => '' ], null );
142  } elseif ( $hash[0] !== ':' ) {
143  throw new PasswordError( 'Invalid hash given' );
144  }
145 
146  $type = substr( $hash, 1, strpos( $hash, ':', 1 ) - 1 );
147  if ( !isset( $this->types[$type] ) ) {
148  throw new PasswordError( "Unrecognized password hash type $type." );
149  }
150 
151  $config = $this->types[$type];
152 
153  return new $config['class']( $this, $config, $hash );
154  }
155 
163  public function newFromType( $type ) {
164  if ( !isset( $this->types[$type] ) ) {
165  throw new PasswordError( "Unrecognized password hash type $type." );
166  }
167 
168  $config = $this->types[$type];
169 
170  return new $config['class']( $this, $config );
171  }
172 
183  public function newFromPlaintext( $password, Password $existing = null ) {
184  if ( $password === null ) {
185  return new InvalidPassword( $this, [ 'type' => '' ], null );
186  }
187 
188  if ( $existing === null ) {
189  $config = $this->types[$this->default];
190  $obj = new $config['class']( $this, $config );
191  } else {
192  $obj = clone $existing;
193  }
194 
195  $obj->crypt( $password );
196 
197  return $obj;
198  }
199 
210  public function needsUpdate( Password $password ) {
211  if ( $password->getType() !== $this->default ) {
212  return true;
213  } else {
214  return $password->needsUpdate();
215  }
216  }
217 
224  public static function generateRandomPasswordString( $minLength = 10 ) {
225  // Decide the final password length based on our min password length,
226  // stopping at a minimum of 10 chars.
227  $length = max( 10, $minLength );
228  // Multiply by 1.25 to get the number of hex characters we need
229  // Generate random hex chars
230  $hex = MWCryptRand::generateHex( ceil( $length * 1.25 ) );
231  // Convert from base 16 to base 32 to get a proper password like string
232  return substr( Wikimedia\base_convert( $hex, 16, 32, $length ), -$length );
233  }
234 
240  public static function newInvalidPassword() {
241  static $password = null;
242 
243  if ( $password === null ) {
244  $factory = new self();
245  $password = new InvalidPassword( $factory, [ 'type' => '' ], null );
246  }
247 
248  return $password;
249  }
250 }
getDefaultType()
Get the default password type.
needsUpdate()
Determine if the hash needs to be updated.
newFromType( $type)
Make a new default password of the given type.
newFromPlaintext( $password, Password $existing=null)
Create a new Hash object from a plaintext password.
static generateRandomPasswordString( $minLength=10)
Generate a random string suitable for a password.
needsUpdate(Password $password)
Determine whether a password object needs updating.
Represents an invalid password hash.
array $types
Mapping of password types to classes.
get( $name)
Get a configuration variable such as "Sitename" or "UploadMaintenance.".
This program is free software; you can redistribute it and/or modify it under the terms of the GNU Ge...
getType()
Get the type name of the password.
Definition: Password.php:120
newFromCiphertext( $hash)
Create a new Hash object from an existing string hash.
Interface for configuration instances.
Definition: Config.php:28
array __construct(array $config=[], $default='')
Most of the time you&#39;ll want to use MediaWikiServices::getInstance()->getPasswordFactory instead...
init(Config $config)
static generateHex( $chars)
Generate a run of cryptographically random data and return it in hexadecimal string format...
Definition: MWCryptRand.php:36
static newInvalidPassword()
Create an InvalidPassword.
setDefaultType( $type)
Set the default password type.
Show an error when any operation involving passwords fails to run.
getTypes()
Get the list of types of passwords.
string $default
The default PasswordHash type.