Merge branch 'AlexLisenkov-add-custom-matcher'

bjeavons · bjeavons · commit dde9679ac7e9 · 2020-04-29T10:39:34.000-07:00
diff --git a/composer.json b/composer.json
@@ -16,7 +16,7 @@
         "symfony/polyfill-mbstring": ">=1.3.1"
     },
     "require-dev": {
-        "phpunit/phpunit": "^6.0",
+        "phpunit/phpunit": "^7.0",
         "php-coveralls/php-coveralls": "*",
         "squizlabs/php_codesniffer": "3.*"
     },
diff --git a/phpunit.xml.dist b/phpunit.xml.dist
@@ -6,7 +6,6 @@
          convertWarningsToExceptions="true"
          processIsolation="false"
          stopOnFailure="false"
-         syntaxCheck="false"
          bootstrap="test/config/bootstrap.php">
 
     <testsuites>
@@ -22,9 +21,9 @@
     </filter>
 
     <logging>
-      <log type="coverage-html" target="build/coverage" charset="UTF-8"/>
-      <log type="coverage-clover" target="build/logs/clover.xml" charset="UTF-8"/>
-      <log type="junit" target="build/logs/junit.xml" logIncompleteSkipped="false"/>
+      <log type="coverage-html" target="build/coverage"/>
+      <log type="coverage-clover" target="build/logs/clover.xml"/>
+      <log type="junit" target="build/logs/junit.xml"/>
     </logging>
 
 </phpunit>
diff --git a/src/Feedback.php b/src/Feedback.php
@@ -20,7 +20,7 @@ class Feedback
     public function getFeedback($score, array $sequence)
     {
         // starting feedback
-        if (count($sequence) == 0) {
+        if (count($sequence) === 0) {
             return [
                 'warning' => '',
                 'suggestions' => [
@@ -46,7 +46,7 @@ public function getFeedback($score, array $sequence)
             }
         }
 
-        $feedback = $longestMatch->getFeedback(count($sequence) == 1);
+        $feedback = $longestMatch->getFeedback(count($sequence) === 1);
         $extraFeedback = 'Add another word or two. Uncommon words are better.';
 
         array_unshift($feedback['suggestions'], $extraFeedback);
diff --git a/src/Matcher.php b/src/Matcher.php
@@ -3,9 +3,23 @@
 namespace ZxcvbnPhp;
 
 use ZxcvbnPhp\Matchers\Match;
+use ZxcvbnPhp\Matchers\MatchInterface;
 
 class Matcher
 {
+    private const DEFAULT_MATCHERS = [
+        Matchers\DateMatch::class,
+        Matchers\DictionaryMatch::class,
+        Matchers\ReverseDictionaryMatch::class,
+        Matchers\L33tMatch::class,
+        Matchers\RepeatMatch::class,
+        Matchers\SequenceMatch::class,
+        Matchers\SpatialMatch::class,
+        Matchers\YearMatch::class,
+    ];
+
+    private $additionalMatchers = [];
+
     /**
      * Get matches for a password.
      *
@@ -24,14 +38,27 @@ public function getMatches($password, array $userInputs = [])
         foreach ($this->getMatchers() as $matcher) {
             $matched = $matcher::match($password, $userInputs);
             if (is_array($matched) && !empty($matched)) {
-                $matches = array_merge($matches, $matched);
+                $matches[] = $matched;
             }
         }
 
+        $matches = array_merge([], ...$matches);
         self::usortStable($matches, [$this, 'compareMatches']);
+
         return $matches;
     }
 
+    public function addMatcher(string $className)
+    {
+        if (!is_a($className, MatchInterface::class, true)) {
+            throw new \InvalidArgumentException(sprintf('Matcher class must implement %s', MatchInterface::class));
+        }
+
+        $this->additionalMatchers[$className] = $className;
+
+        return $this;
+    }
+
     /**
      * A stable implementation of usort().
      *
@@ -46,14 +73,14 @@ public function getMatches($password, array $userInputs = [])
      * @param callable $value_compare_func
      * @return bool
      */
-    public static function usortStable(array &$array, $value_compare_func)
+    public static function usortStable(array &$array, callable $value_compare_func)
     {
         $index = 0;
         foreach ($array as &$item) {
             $item = array($index++, $item);
         }
         $result = usort($array, function ($a, $b) use ($value_compare_func) {
-            $result = call_user_func($value_compare_func, $a[1], $b[1]);
+            $result = $value_compare_func($a[1], $b[1]);
             return $result == 0 ? $a[0] - $b[0] : $result;
         });
         foreach ($array as &$item) {
@@ -78,16 +105,9 @@ public static function compareMatches(Match $a, Match $b)
      */
     protected function getMatchers()
     {
-        // @todo change to dynamic
-        return [
-            Matchers\DateMatch::class,
-            Matchers\DictionaryMatch::class,
-            Matchers\ReverseDictionaryMatch::class,
-            Matchers\L33tMatch::class,
-            Matchers\RepeatMatch::class,
-            Matchers\SequenceMatch::class,
-            Matchers\SpatialMatch::class,
-            Matchers\YearMatch::class,
-        ];
+        return array_merge(
+            self::DEFAULT_MATCHERS,
+            array_values($this->additionalMatchers)
+        );
     }
 }
diff --git a/src/Matchers/DateMatch.php b/src/Matchers/DateMatch.php
@@ -14,7 +14,7 @@ class DateMatch extends Match
     public const MAX_YEAR = 2050;
 
     public const MIN_YEAR_SPACE = 20;
-    
+
     public $pattern = 'date';
 
     private static $DATE_SPLITS = [
@@ -369,13 +369,15 @@ protected static function twoToFourDigitYear($year)
     {
         if ($year > 99) {
             return $year;
-        } elseif ($year > 50) {
+        }
+
+        if ($year > 50) {
             // 87 -> 1987
             return $year + 1900;
-        } else {
-            // 15 -> 2015
-            return $year + 2000;
         }
+
+        // 15 -> 2015
+        return $year + 2000;
     }
 
     /**
diff --git a/src/TimeEstimator.php b/src/TimeEstimator.php
@@ -38,20 +38,26 @@ protected function guessesToScore($guesses)
         if ($guesses < 1e3 + $DELTA) {
             # risky password: "too guessable"
             return 0;
-        } elseif ($guesses < 1e6 + $DELTA) {
+        }
+
+        if ($guesses < 1e6 + $DELTA) {
             # modest protection from throttled online attacks: "very guessable"
             return 1;
-        } elseif ($guesses < 1e8 + $DELTA) {
+        }
+
+        if ($guesses < 1e8 + $DELTA) {
             # modest protection from unthrottled online attacks: "somewhat guessable"
             return 2;
-        } elseif ($guesses < 1e10 + $DELTA) {
+        }
+
+        if ($guesses < 1e10 + $DELTA) {
             # modest protection from offline attacks: "safely unguessable"
             # assuming a salted, slow hash function like bcrypt, scrypt, PBKDF2, argon, etc
             return 3;
-        } else {
-            # strong protection from offline attacks under same scenario: "very unguessable"
-            return 4;
         }
+
+        # strong protection from offline attacks under same scenario: "very unguessable"
+        return 4;
     }
 
     protected function displayTime($seconds)
@@ -66,33 +72,45 @@ protected function displayTime($seconds)
 
             if ($seconds < 1) {
                 return [null, 'less than a second'];
-            } elseif ($seconds < $minute) {
+            }
+
+            if ($seconds < $minute) {
                 $base = round($seconds);
                 return [$base, "$base second"];
-            } elseif ($seconds < $hour) {
+            }
+
+            if ($seconds < $hour) {
                 $base = round($seconds / $minute);
                 return [$base, "$base minute"];
-            } elseif ($seconds < $day) {
+            }
+
+            if ($seconds < $day) {
                 $base = round($seconds / $hour);
                 return [$base, "$base hour"];
-            } elseif ($seconds < $month) {
+            }
+
+            if ($seconds < $month) {
                 $base = round($seconds / $day);
                 return [$base, "$base day"];
-            } elseif ($seconds < $year) {
+            }
+
+            if ($seconds < $year) {
                 $base = round($seconds / $month);
                 return [$base, "$base month"];
-            } elseif ($seconds < $century) {
+            }
+
+            if ($seconds < $century) {
                 $base = round($seconds / $year);
                 return [$base, "$base year"];
-            } else {
-                return [null, 'centuries'];
             }
+
+            return [null, 'centuries'];
         };
 
         list($display_num, $display_str) = $callback($seconds);
 
         if ($display_num > 1) {
-            $display_str .= "s";
+            $display_str .= 's';
         }
 
         return $display_str;
diff --git a/src/Zxcvbn.php b/src/Zxcvbn.php
@@ -37,6 +37,13 @@ public function __construct()
         $this->feedback = new \ZxcvbnPhp\Feedback();
     }
 
+    public function addMatcher(string $className)
+    {
+        $this->matcher->addMatcher($className);
+
+        return $this;
+    }
+
     /**
      * Calculate password strength via non-overlapping minimum entropy patterns.
      *
diff --git a/test/MatcherTest.php b/test/MatcherTest.php
@@ -4,6 +4,7 @@
 
 use PHPUnit\Framework\TestCase;
 use ZxcvbnPhp\Matcher;
+use ZxcvbnPhp\Matchers\Bruteforce;
 use ZxcvbnPhp\Matchers\DictionaryMatch;
 
 /**
@@ -63,4 +64,22 @@ public function testUserDefinedWords()
         $this->assertInstanceOf(DictionaryMatch::class, $matches[0], "user input match is correct class");
         $this->assertEquals('wQbg', $matches[0]->token, "user input match has correct token");
     }
+
+    public function testAddMatcherWillThrowException()
+    {
+        $this->expectException(\InvalidArgumentException::class);
+
+        $matcher = new Matcher();
+        $matcher->addMatcher('invalid className');
+
+        $this->expectNotToPerformAssertions();
+    }
+
+    public function testAddMatcherWillReturnSelf()
+    {
+        $matcher = new Matcher();
+        $result = $matcher->addMatcher(Bruteforce::class);
+
+        $this->assertSame($matcher, $result);
+    }
 }
diff --git a/test/ZxcvbnTest.php b/test/ZxcvbnTest.php
@@ -3,6 +3,7 @@
 namespace ZxcvbnPhp\Test;
 
 use PHPUnit\Framework\TestCase;
+use ZxcvbnPhp\Matchers\Bruteforce;
 use ZxcvbnPhp\Matchers\DictionaryMatch;
 use ZxcvbnPhp\Matchers\Match;
 use ZxcvbnPhp\Zxcvbn;
@@ -130,4 +131,20 @@ public function testMultibyteUserDefinedWords()
         $this->assertInstanceOf(DictionaryMatch::class, $result['sequence'][0], "user input match is correct class");
         $this->assertEquals('المفاتيح', $result['sequence'][0]->token, "user input match has correct token");
     }
+
+    public function testAddMatcherWillThrowException()
+    {
+        $this->expectException(\InvalidArgumentException::class);
+
+        $this->zxcvbn->addMatcher('invalid className');
+
+        $this->expectNotToPerformAssertions();
+    }
+
+    public function testAddMatcherWillReturnSelf()
+    {
+        $result = $this->zxcvbn->addMatcher(Bruteforce::class);
+
+        $this->assertSame($this->zxcvbn, $result);
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,7 @@ class Feedback`
`20`	`20`	`public function getFeedback($score, array $sequence)`
`21`	`21`	`{`
`22`	`22`	`// starting feedback`
`23`		`- if (count($sequence) == 0) {`
	`23`	`+ if (count($sequence) === 0) {`
`24`	`24`	`return [`
`25`	`25`	`'warning' => '',`
`26`	`26`	`'suggestions' => [`
`@@ -46,7 +46,7 @@ public function getFeedback($score, array $sequence)`
`46`	`46`	`}`
`47`	`47`	`}`
`48`	`48`
`49`		`- $feedback = $longestMatch->getFeedback(count($sequence) == 1);`
	`49`	`+ $feedback = $longestMatch->getFeedback(count($sequence) === 1);`
`50`	`50`	`$extraFeedback = 'Add another word or two. Uncommon words are better.';`
`51`	`51`
`52`	`52`	`array_unshift($feedback['suggestions'], $extraFeedback);`
Original file line number	Diff line number	Diff line change
`@@ -37,6 +37,13 @@ public function __construct()`
`37`	`37`	`$this->feedback = new \ZxcvbnPhp\Feedback();`
`38`	`38`	`}`
`39`	`39`
	`40`	`+ public function addMatcher(string $className)`
	`41`	`+ {`
	`42`	`+ $this->matcher->addMatcher($className);`
	`43`	`+`
	`44`	`+ return $this;`
	`45`	`+ }`
	`46`	`+`
`40`	`47`	`/**`
`41`	`48`	`* Calculate password strength via non-overlapping minimum entropy patterns.`
`42`	`49`	`*`