<?xml version="1.0" encoding="UTF-8"?>
<class xmlns="http://xml.phpdox.net/src" full="cymapgt\core\application\authentication\UserCredential\abstractclass\UserCredentialAbstract" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="UserCredentialAbstract" abstract="true" final="false" start="20" end="909">
<file path="/home/rhossis/NetBeansProjects/cymapgt/core/application/authentication/UserCredential/src/abstractclass" file="UserCredentialAbstract.php" realpath="/home/rhossis/NetBeansProjects/cymapgt/core/application/authentication/UserCredential/src/abstractclass/UserCredentialAbstract.php" size="35781" time="2015-07-18T03:41:36+03:00" unixtime="1437180096" sha1="100187d05e8a9f28bd997a7edafbca00a6acf58e" relative="abstractclass/UserCredentialAbstract.php"/>
<docblock>
<description compact="This package implements user password policy and credential management"/>
<category value="security"/>
<package value="cymapgt.core.application.authentication.UserCredential"/>
<copyright value="Copyright (c) 2015 Cymap"/>
<author value="Cyril Ogana <cogana@gmail.com>"/>
<abstract>- See http://www.owasp.org/images/0/08/OWASP_SCP_Quick_Reference_Guide_v2.pdf
(authentication section)</abstract>
</docblock>
<member name="_userProfile" type="array" visibility="private" line="22"/>
<member name="_baseEntropySetting" type="array" visibility="private" line="24"/>
<member name="_baseEntropyOverride" type="{unknown}" default="false" visibility="private" line="25"/>
<member name="_udfEntropySetting" type="array" visibility="private" line="26"/>
<member name="_basePasswordPolicy" type="array" visibility="private" line="28"/>
<member name="_udfPasswordPolicy" type="array" visibility="private" line="29"/>
<constructor name="__construct" start="38" end="40" abstract="false" final="false" static="false" visibility="public">
<parameter name="userProfile" byreference="false" type="{unknown}"/>
</constructor>
<method name="_initialize" start="50" end="54" abstract="false" final="false" static="false" visibility="private">
<docblock>
<description compact="Initialize the classes default settings (base entropy) Cyril Ogana <cogana@gmail.com> - 2015-07-18"/>
<param description="/ArrayAccess userProfile" type="array"/>
<access value="private"/>
</docblock>
<parameter name="userProfile" byreference="false" type="{unknown}"/>
</method>
<method name="_initializeProfile" start="65" end="82" abstract="false" final="false" static="false" visibility="private">
<docblock>
<description compact="initializes the user profiles data as per the user credentials provided to the constructor method">Cyril Ogana <cogana@gmail.com> - 2015-07-18</description>
<param description="/ ArrayAccess $userProfile" type="array"/>
<access value="private"/>
</docblock>
<parameter name="userProfile" byreference="false" type="{unknown}"/>
<inline>
<comment value="validate that user profile has the correct information" line="66"/>
</inline>
</method>
<method name="_initializeBaseEntropy" start="91" end="117" abstract="false" final="false" static="false" visibility="private">
<docblock>
<description compact="Initialize entopy requirements to recommended default base entropy as per OWASP Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<access value="private"/>
</docblock>
<inline>
<comment value="initialize if not already initialized as array" line="92"/>
<comment value="minimum password length" line="97"/>
<comment value="minimum characters to repeat consecutively" line="98"/>
<comment value="override the reommended settings?" line="115"/>
</inline>
</method>
<method name="_initializeBasePasswordPolicy" start="126" end="132" abstract="false" final="false" static="false" visibility="private">
<docblock>
<description compact="Initialize policy requirements to recommended default base entropy as per OWASP Cyril Ogana <cogana@gmail.com> 2014-02-11"/>
<access value="private"/>
</docblock>
<inline>
<comment value="count" line="127"/>
<comment value="days" line="128"/>
<comment value="count" line="129"/>
<comment value="seconds" line="130"/>
</inline>
</method>
<method name="_getBaseEntropy" start="144" end="148" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get the base entropy data structure Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return description="/ Object" type="array"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_getBasePasswordPolicy" start="160" end="164" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get the base password policy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return description="/ Object" type="array"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_setUdfEntropy" start="176" end="260" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Set the user defined entropy setting Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<param description="/ object entropyObj - array or object implementing ArrayAccess" type="array"/>
<access value="protected"/>
<final/>
</docblock>
<parameter name="entropyObj" byreference="false" type="{unknown}"/>
<inline>
<comment value="initialize if not already initialized as array" line="177"/>
<comment value="validate the array / object" line="187"/>
<comment value="validate that minimum password len has the correct indices, then set it" line="196"/>
<comment value="validate that minimum allowed password characters to repeat has been set" line="204"/>
<comment value="validate that uppercase snippet has correct indices, then set it" line="213"/>
<comment value="validate that lowercase snippet has correct indices, then set it" line="225"/>
<comment value="validate that numeric chars snippet has correct indices, then set it" line="237"/>
<comment value="validate that special chars snippet has correct indices, then set it" line="249"/>
</inline>
</method>
<method name="_setUdfPasswordPolicy" start="272" end="323" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Set the user defined password policy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<param description="/ object entropyObj - array or object implementing ArrayAccess" type="array"/>
<access value="protected"/>
<final/>
</docblock>
<parameter name="entropyObj" byreference="false" type="{unknown}"/>
<inline>
<comment value="initialize if not already initialized as array" line="273"/>
<comment value="validate the array / object" line="283"/>
<comment value="validate that illegal attempts limit has correct indices, then set it" line="292"/>
<comment value="validate that password reset frequency has correct indices, then set it" line="300"/>
<comment value="validate that passwordd repeat minimum has correct indices, then set it" line="308"/>
<comment value="validate that password repeat minimum has correct indices, then set it" line="316"/>
</inline>
</method>
<method name="_getUdfEntropy" start="335" end="339" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get the udf entropy data structure Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return description="/ Object" type="array"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_getUdfPasswordPolicy" start="351" end="355" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get the udf password policy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return description="/ Object" type="array"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_setBaseEntropyOverride" start="369" end="375" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Set the value of base entropy toggle flag Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<param description="or false to toggle the attribute" type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\True" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="True"/>
</param>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\void" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="void"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<parameter name="toggle" byreference="false" type="{unknown}"/>
</method>
<method name="_getBaseEntropyOverride" start="387" end="391" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get the current value of base entropy override attrib Cyril Ogana <cogana@gmail.com> 2013-07-18"/>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_regexBuildPattern" start="405" end="431" abstract="false" final="false" static="false" visibility="private">
<docblock>
<description compact="build simple regex patterns based on particular entropy settings Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<param description="patternCode - integer representing defined constants for variable code" type="int"/>
<param description="matchCount - integer representing the count of matched transactions" type="int"/>
<return type="string"/>
<access value="private"/>
</docblock>
<parameter name="patternCode" byreference="false" type="{unknown}"/>
<parameter name="matchCount" byreference="false" type="{unknown}"/>
</method>
<method name="_getPasswordEntropyDescription" start="443" end="487" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get a description of the required password entropy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return type="string"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_getPasswordLengthDescription" start="499" end="507" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get a description of the required password entropy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return type="string"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_getPasswordCharacterRepeatDescription" start="519" end="527" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get a description for the entropy policy regarding repeating a character consecutively Cyril Ogana<cogana@gmail.com> 2015-07-18"/>
<return type="string"/>
<access value="protected"/>
<final/>
</docblock>
</method>
<method name="_getPasswordPolicyDescription" start="539" end="567" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Get a description of the required password policy Cyril Ogana <cogana@gmail.com> 2015-07-18"/>
<return type="string"/>
<access value="protected"/>
<final/>
</docblock>
<parameter name="policyType" byreference="false" type="{unknown}"/>
</method>
<method name="_validateEntropy" start="579" end="662" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="validate the entropy of the password in the userprofile Cyril Ogana <cogana@gmail.com> 2018-07-18"/>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="580"/>
<comment value="validate that user is not using part of username as password" line="589"/>
<comment value="iterate and search for occurrences of name parts" line="601"/>
<comment value="set which entropy to use (base or udf)" line="609"/>
<comment value="build the password entropy regex uppercase" line="615"/>
<todo value="Implement as constants the patterns" line="617"/>
<comment value="build the password entropy regex lowercase" line="625"/>
<comment value="build the password entropy regex numbers" line="634"/>
<comment value="build the password entropy regex special" line="643"/>
<comment value="regex entropy string" line="650"/>
</inline>
</method>
<method name="_validateLength" start="674" end="693" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="validate the password length of the users credentials Cyril Ogana <cogana@gmail.com> 2018-07-18"/>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="675"/>
<comment value="determine which entropy to use (base or udf)" line="684"/>
<comment value="perform length check" line="687"/>
</inline>
</method>
<method name="_validateConsecutiveCharacterRepeat" start="707" end="743" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="validate that there are no instances of consecutive character repetitions beyond allowed number in the users password string">Cyril Ogana <cogana@gmail.com>
2018-07-18</description>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="708"/>
<comment value="determine which entropy to use (base or udf)" line="717"/>
<comment value="because we offset by -2 when doing regex, if the limit is not greater or equal to 2, default to 2" line="721"/>
<comment value="offset for purposes of matching (TODO: fix?)" line="726"/>
<comment value="build regex" line="729"/>
<comment value="die(print_r($maxConsecutiveCharsRegex));" line="731"/>
</inline>
</method>
<method name="_validatePolicy" start="756" end="790" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="validate the password policy during authentication">Cyril Ogana <cogana@gmail.com>
2018-07-18</description>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="757"/>
<comment value="determine which entropy to use (base or udf)" line="766"/>
<comment value="check attempt limits" line="769"/>
<comment value="check needs reset" line="780"/>
</inline>
</method>
<method name="_validatePolicyAtChange" start="803" end="828" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="validate the password policy during process of making a password change">Cyril Ogana <cogana@gmail.com>
2018-07-18</description>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="804"/>
<comment value="determine which entropy to use (base or udf)" line="813"/>
<comment value="check password repeat" line="816"/>
<comment value="iterate and verify" line="820"/>
</inline>
</method>
<method name="_canChangePassword" start="842" end="861" abstract="false" final="true" static="false" visibility="protected">
<docblock>
<description compact="Check that a user can change password in case you want to implement limits on changing passwords only once in 24 hours">Cyril Ogana <cogana@gmail.com>
2018-07-18</description>
<return type="object">
<type full="cymapgt\core\application\authentication\UserCredential\abstractclass\bool" namespace="cymapgt\core\application\authentication\UserCredential\abstractclass" name="bool"/>
</return>
<access value="protected"/>
<final/>
</docblock>
<inline>
<comment value="validate that required indices exist" line="843"/>
<comment value="Verify if the password was changed today or server has been futuredated" line="852"/>
<comment value="Password was changed today or in the future" line="855"/>
</inline>
</method>
<method name="passwordStrength" start="876" end="887" abstract="false" final="false" static="true" visibility="public">
<docblock>
<description compact="Check password strength using NIST Or Wolfram adapter (default NIST) See https://github.com/rchouinard/phpass Many thanks to Ryan Chouinard for the phpass package"/>
<param description="- The password string to evaluate" type="string" variable="$passwordString"/>
<param description="- Named constant representing adapter to use (default NIST)" type="int" variable="$strengthAdapter"/>
<return type="int"/>
<access value="public"/>
<static/>
</docblock>
<parameter name="passwordString" byreference="false" type="{unknown}"/>
<parameter name="strengthAdapter" byreference="false" type="{unknown}" default="PHPASS_PASSWORDSTRENGTHADAPTER_NIST"/>
</method>
<method name="getBaseEntropy" start="892" end="892" abstract="true" final="false" static="false" visibility="public">
<docblock>
<description compact="Abstract methods for concrete implementation"/>
</docblock>
</method>
<method name="getBaseEntropyOverride" start="893" end="893" abstract="true" final="false" static="false" visibility="public"/>
<method name="getBasePasswordPolicy" start="894" end="894" abstract="true" final="false" static="false" visibility="public"/>
<method name="getPasswordEntropyDescription" start="895" end="895" abstract="true" final="false" static="false" visibility="public"/>
<method name="getPasswordLengthDescription" start="896" end="896" abstract="true" final="false" static="false" visibility="public"/>
<method name="getPasswordPolicyDescription" start="897" end="897" abstract="true" final="false" static="false" visibility="public"/>
<method name="getUdfEntropy" start="898" end="898" abstract="true" final="false" static="false" visibility="public"/>
<method name="getUdfPasswordPolicy" start="899" end="899" abstract="true" final="false" static="false" visibility="public"/>
<method name="setBaseEntropyOverride" start="900" end="900" abstract="true" final="false" static="false" visibility="public">
<parameter name="toggle" byreference="false" type="{unknown}"/>
</method>
<method name="setUdfEntropy" start="901" end="901" abstract="true" final="false" static="false" visibility="public">
<parameter name="entropyObj" byreference="false" type="{unknown}"/>
</method>
<method name="setUdfPasswordPolicy" start="902" end="902" abstract="true" final="false" static="false" visibility="public">
<parameter name="entropyObj" byreference="false" type="{unknown}"/>
</method>
<method name="validateEntropy" start="903" end="903" abstract="true" final="false" static="false" visibility="public"/>
<method name="validateLength" start="904" end="904" abstract="true" final="false" static="false" visibility="public"/>
<method name="validateConsecutiveCharacterRepeat" start="905" end="905" abstract="true" final="false" static="false" visibility="public"/>
<method name="validatePolicy" start="906" end="906" abstract="true" final="false" static="false" visibility="public"/>
<method name="validatePolicyAtChange" start="907" end="907" abstract="true" final="false" static="false" visibility="public"/>
<method name="canChangePassword" start="908" end="908" abstract="true" final="false" static="false" visibility="public"/>
<extender full="cymapgt\core\application\authentication\UserCredential\UserCredentialManager" namespace="cymapgt\core\application\authentication\UserCredential" name="UserCredentialManager"/>
</class>
|