<?xml version="1.0" encoding="UTF-8"?>
<class xmlns="http://xml.phpdox.net/src" full="cymapgt\core\application\authentication\UserCredential\UserCredentialManager" namespace="cymapgt\core\application\authentication\UserCredential" name="UserCredentialManager" abstract="false" final="false" start="19" end="93">
<file path="/home/rhossis/NetBeansProjects/cymapgt/core/application/authentication/UserCredential/src" file="UserCredentialManager.php" realpath="/home/rhossis/NetBeansProjects/cymapgt/core/application/authentication/UserCredential/src/UserCredentialManager.php" size="2552" time="2015-07-18T02:41:08+03:00" unixtime="1437176468" sha1="25a827d7eb08b24c2a2296df198b6f7e119cb150" relative="UserCredentialManager.php"/>
<docblock>
<description compact="UserCredentialManager Manage the authentication and password policy process"/>
<category/>
<package value="cymapgt.core.application.authentication.UserCredential"/>
<copyright value="Copyright (c) 2015 Cymap"/>
<author value="Cyril Ogana <cogana@gmail.com>"/>
<abstract>@TODO link all configurations</abstract>
</docblock>
<extends full="cymapgt\core\application\authentication\UserCredential\abstractclass\UserCredentialAbstract" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="UserCredentialAbstract"/>
<constructor name="__construct" start="22" end="24" abstract="false" final="false" static="false" visibility="public">
<parameter name="userProfile" byreference="false" type="{unknown}"/>
</constructor>
<method name="getBaseEntropy" start="26" end="28" abstract="false" final="false" static="false" visibility="public"/>
<method name="getBaseEntropyOverride" start="30" end="32" abstract="false" final="false" static="false" visibility="public"/>
<method name="getBasePasswordPolicy" start="34" end="36" abstract="false" final="false" static="false" visibility="public"/>
<method name="getPasswordEntropyDescription" start="38" end="40" abstract="false" final="false" static="false" visibility="public"/>
<method name="getPasswordLengthDescription" start="42" end="44" abstract="false" final="false" static="false" visibility="public"/>
<method name="getPasswordPolicyDescription" start="46" end="48" abstract="false" final="false" static="false" visibility="public"/>
<method name="getUdfEntropy" start="50" end="52" abstract="false" final="false" static="false" visibility="public"/>
<method name="getUdfPasswordPolicy" start="54" end="56" abstract="false" final="false" static="false" visibility="public"/>
<method name="setBaseEntropyOverride" start="58" end="60" abstract="false" final="false" static="false" visibility="public">
<parameter name="toggle" byreference="false" type="{unknown}"/>
</method>
<method name="setUdfEntropy" start="62" end="64" abstract="false" final="false" static="false" visibility="public">
<parameter name="entropyObj" byreference="false" type="{unknown}"/>
</method>
<method name="setUdfPasswordPolicy" start="66" end="68" abstract="false" final="false" static="false" visibility="public">
<parameter name="entropyObj" byreference="false" type="{unknown}"/>
</method>
<method name="validateEntropy" start="70" end="72" abstract="false" final="false" static="false" visibility="public"/>
<method name="validateLength" start="74" end="76" abstract="false" final="false" static="false" visibility="public"/>
<method name="validateConsecutiveCharacterRepeat" start="78" end="80" abstract="false" final="false" static="false" visibility="public"/>
<method name="validatePolicy" start="82" end="84" abstract="false" final="false" static="false" visibility="public"/>
<method name="validatePolicyAtChange" start="86" end="88" abstract="false" final="false" static="false" visibility="public"/>
<method name="canChangePassword" start="90" end="92" abstract="false" final="false" static="false" visibility="public"/>
<parent full="cymapgt\core\application\authentication\UserCredential\abstractclass\UserCredentialAbstract" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="UserCredentialAbstract">
<constructor name="__construct" start="38" end="40" abstract="false" final="false" static="false" visibility="public">
<parameter name="userProfile" byreference="false" type="{unknown}"/>
</constructor>
<method name="_getBaseEntropy" start="144" end="148" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get the base entropy data structure Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return description="/ Object" type="array"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_getBasePasswordPolicy" start="160" end="164" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get the base password policy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return description="/ Object" type="array"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_setUdfEntropy" start="176" end="260" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Set the user defined entropy setting Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<param description="/ object entropyObj - array or object implementing ArrayAccess" type="array"/>
<access value="protected"/>
<final/>
</docblock>
<parameter name="entropyObj" byreference="false" type="{unknown}"/>
<inline>
<comment value="initialize if not already initialized as array" line="177"/>
<comment value="validate the array / object" line="187"/>
<comment value="validate that minimum password len has the correct indices, then set it" line="196"/>
<comment value="validate that minimum allowed password characters to repeat has been set" line="204"/>
<comment value="validate that uppercase snippet has correct indices, then set it" line="213"/>
<comment value="validate that lowercase snippet has correct indices, then set it" line="225"/>
<comment value="validate that numeric chars snippet has correct indices, then set it" line="237"/>
<comment value="validate that special chars snippet has correct indices, then set it" line="249"/>
</inline>
</method>
<method name="_setUdfPasswordPolicy" start="272" end="323" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Set the user defined password policy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<param description="/ object entropyObj - array or object implementing ArrayAccess" type="array"/>
<access value="protected"/>
<final/>
</docblock>
<parameter name="entropyObj" byreference="false" type="{unknown}"/>
<inline>
<comment value="initialize if not already initialized as array" line="273"/>
<comment value="validate the array / object" line="283"/>
<comment value="validate that illegal attempts limit has correct indices, then set it" line="292"/>
<comment value="validate that password reset frequency has correct indices, then set it" line="300"/>
<comment value="validate that passwordd repeat minimum has correct indices, then set it" line="308"/>
<comment value="validate that password repeat minimum has correct indices, then set it" line="316"/>
</inline>
</method>
<method name="_getUdfEntropy" start="335" end="339" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get the udf entropy data structure Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return description="/ Object" type="array"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_getUdfPasswordPolicy" start="351" end="355" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get the udf password policy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return description="/ Object" type="array"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_setBaseEntropyOverride" start="369" end="375" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Set the value of base entropy toggle flag Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<param description="or false to toggle the attribute" type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\True" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="True"/>
</param>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\void" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="void"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<parameter name="toggle" byreference="false" type="{unknown}"/>
</method>
<method name="_getBaseEntropyOverride" start="387" end="391" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get the current value of base entropy override attrib Cyril Ogana <cogana@gmail.com> 2013-07-18"/>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_getPasswordEntropyDescription" start="443" end="487" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get a description of the required password entropy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return type="string"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_getPasswordLengthDescription" start="499" end="507" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get a description of the required password entropy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return type="string"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_getPasswordCharacterRepeatDescription" start="519" end="527" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get a description for the entropy policy regarding repeating a character consecutively Cyril Ogana<cogana@gmail.com> 2015-07-18"/>
<return type="string"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_getPasswordPolicyDescription" start="539" end="567" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get a description of the required password policy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return type="string"/>
<access value="protected"/>
<final/>
</docblock>
<parameter name="policyType" byreference="false" type="{unknown}"/>
</method>
<method name="_validateEntropy" start="579" end="662" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="validate the entropy of the password in the userprofile Cyril Ogana <cogana@gmail.com> 2018-07-18"/>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="580"/>
<comment value="validate that user is not using part of username as password" line="589"/>
<comment value="iterate and search for occurrences of name parts" line="601"/>
<comment value="set which entropy to use (base or udf)" line="609"/>
<comment value="build the password entropy regex uppercase" line="615"/>
<todo value="Implement as constants the patterns" line="617"/>
<comment value="build the password entropy regex lowercase" line="625"/>
<comment value="build the password entropy regex numbers" line="634"/>
<comment value="build the password entropy regex special" line="643"/>
<comment value="regex entropy string" line="650"/>
</inline>
</method>
<method name="_validateLength" start="674" end="693" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="validate the password length of the users credentials Cyril Ogana <cogana@gmail.com> 2018-07-18"/>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="675"/>
<comment value="determine which entropy to use (base or udf)" line="684"/>
<comment value="perform length check" line="687"/>
</inline>
</method>
<method name="_validateConsecutiveCharacterRepeat" start="707" end="743" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="validate that there are no instances of consecutive character repetitions beyond allowed number in the users password string">Cyril Ogana <cogana@gmail.com>
2018-07-18</description>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="708"/>
<comment value="determine which entropy to use (base or udf)" line="717"/>
<comment value="because we offset by -2 when doing regex, if the limit is not greater or equal to 2, default to 2" line="721"/>
<comment value="offset for purposes of matching (TODO: fix?)" line="726"/>
<comment value="build regex" line="729"/>
<comment value="die(print_r($maxConsecutiveCharsRegex));" line="731"/>
</inline>
</method>
<method name="_validatePolicy" start="756" end="790" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="validate the password policy during authentication">Cyril Ogana <cogana@gmail.com>
2018-07-18</description>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="757"/>
<comment value="determine which entropy to use (base or udf)" line="766"/>
<comment value="check attempt limits" line="769"/>
<comment value="check needs reset" line="780"/>
</inline>
</method>
<method name="_validatePolicyAtChange" start="803" end="828" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="validate the password policy during process of making a password change">Cyril Ogana <cogana@gmail.com>
2018-07-18</description>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="804"/>
<comment value="determine which entropy to use (base or udf)" line="813"/>
<comment value="check password repeat" line="816"/>
<comment value="iterate and verify" line="820"/>
</inline>
</method>
<method name="_canChangePassword" start="842" end="861" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Check that a user can change password in case you want to implement limits on changing passwords only once in 24 hours">Cyril Ogana <cogana@gmail.com>
2018-07-18</description>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="843"/>
<comment value="Verify if the password was changed today or server has been futuredated" line="852"/>
<comment value="Password was changed today or in the future" line="855"/>
</inline>
</method>
<method name="passwordStrength" start="876" end="887" abstract="false" final="false" static="true" visibility="public">
<docblock>
<description compact="Check password strength using NIST Or Wolfram adapter (default NIST) See https://github.com/rchouinard/phpass Many thanks to Ryan Chouinard for the phpass package"/>
<param description="- The password string to evaluate" type="string" variable="$passwordString"/>
<param description="- Named constant representing adapter to use (default NIST)" type="int" variable="$strengthAdapter"/>
<return type="int"/>
<access value="public"/>
<static/>
</docblock>
<parameter name="passwordString" byreference="false" type="{unknown}"/>
<parameter name="strengthAdapter" byreference="false" type="{unknown}" default="PHPASS_PASSWORDSTRENGTHADAPTER_NIST"/>
</method>
<method name="getBaseEntropy" start="892" end="892" abstract="true" final="false" static="false" visibility="public">
<docblock>
<description compact="Abstract methods for concrete implementation"/>
</docblock>
</method>
<method name="getBaseEntropyOverride" start="893" end="893" abstract="true" final="false" static="false" visibility="public"/>
<method name="getBasePasswordPolicy" start="894" end="894" abstract="true" final="false" static="false" visibility="public"/>
<method name="getPasswordEntropyDescription" start="895" end="895" abstract="true" final="false" static="false" visibility="public"/>
<method name="getPasswordLengthDescription" start="896" end="896" abstract="true" final="false" static="false" visibility="public"/>
<method name="getPasswordPolicyDescription" start="897" end="897" abstract="true" final="false" static="false" visibility="public"/>
<method name="getUdfEntropy" start="898" end="898" abstract="true" final="false" static="false" visibility="public"/>
<method name="getUdfPasswordPolicy" start="899" end="899" abstract="true" final="false" static="false" visibility="public"/>
<method name="setBaseEntropyOverride" start="900" end="900" abstract="true" final="false" static="false" visibility="public">
<parameter name="toggle" byreference="false" type="{unknown}"/>
</method>
<method name="setUdfEntropy" start="901" end="901" abstract="true" final="false" static="false" visibility="public">
<parameter name="entropyObj" byreference="false" type="{unknown}"/>
</method>
<method name="setUdfPasswordPolicy" start="902" end="902" abstract="true" final="false" static="false" visibility="public">
<parameter name="entropyObj" byreference="false" type="{unknown}"/>
</method>
<method name="validateEntropy" start="903" end="903" abstract="true" final="false" static="false" visibility="public"/>
<method name="validateLength" start="904" end="904" abstract="true" final="false" static="false" visibility="public"/>
<method name="validateConsecutiveCharacterRepeat" start="905" end="905" abstract="true" final="false" static="false" visibility="public"/>
<method name="validatePolicy" start="906" end="906" abstract="true" final="false" static="false" visibility="public"/>
<method name="validatePolicyAtChange" start="907" end="907" abstract="true" final="false" static="false" visibility="public"/>
<method name="canChangePassword" start="908" end="908" abstract="true" final="false" static="false" visibility="public"/>
</parent>
</class>
|