Single Responsibility Principle
KUP_FACADE filters events and provides access to all the endpoints. This should be changed to classes KUP_Facade KUP_Gatehouse and KUP_Assessments. Created accountCreator interface iAccountCreator that removes the responsibility of creating an account from authentication manager to a seperate class. Added interface iAuthenticationRules. HMAC service has a iMACbuilder interface that builds the MACs whereas the HMAC service requests MACS from the builder and varifies any received MAC matches what is expected. Added interface ISanitiser that is a collection of text sanitisers that an assessmentValidator can use to find e.g any QL queries, HQL, OSQL, NOSQL, Xpath query tampering, XML External Entity attacks, and XML injection attacks in submissions from participants. IinputFilterDatabase has been introduced to limit the size of the templates to a suitable size limit. The filters and interceptors have been changed to classes as they already implement the filter and interceptor interfaces and used at the KUP_Gatehouse.
Open-Closed Principle
Classes eyed to obey this principle are AssessmentManager, AccountManager, AuthenticationManager. Also moved the AssessmentCreator to be directly accessed from KUPAssessments this way the AssessmentManager can be passed directly from within AssessmentCreator and assessmentParticipant ,once wrapped in an AssessmentLibrarian Interface.
Liskov substitution principle
Inheritance is to be generally avoided and interfaces shall be preferred.
Interface segregation principle & Dependency inversion principle
Although I cannot see any interfaces to separate out at this stage. I have identified that AccountDatabase, CredentialsDatabase and AssessmentDatabase should be interfaces which allows flexibility if these are injected. Assessments have been changed to a class with build-able components that follow the IassessmentComponent. The IAssessment should also follow the open closed principle.
