Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
S
simplesamlphp
Manage
Activity
Members
Labels
Plan
Jira
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Model registry
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
This is an archived project. Repository and other project resources are read-only.
Show more breadcrumbs
Perun
Perun ProxyIdP
v1
simplesamlphp
Commits
97d50e54
Commit
97d50e54
authored
6 years ago
by
Tim van Dijen
Browse files
Options
Downloads
Patches
Plain Diff
Fixes for modules/negotiate
parent
c75b81bf
No related branches found
No related tags found
No related merge requests found
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
modules/negotiate/lib/Auth/Source/Negotiate.php
+42
-2
42 additions, 2 deletions
modules/negotiate/lib/Auth/Source/Negotiate.php
psalm.xml
+4
-0
4 additions, 0 deletions
psalm.xml
tests/Utils/Stubs/krb5.php
+173
-0
173 additions, 0 deletions
tests/Utils/Stubs/krb5.php
with
219 additions
and
2 deletions
modules/negotiate/lib/Auth/Source/Negotiate.php
+
42
−
2
View file @
97d50e54
...
@@ -16,20 +16,49 @@ class Negotiate extends \SimpleSAML\Auth\Source
...
@@ -16,20 +16,49 @@ class Negotiate extends \SimpleSAML\Auth\Source
// Constants used in the module
// Constants used in the module
const
STAGEID
=
'\SimpleSAML\Module\negotiate\Auth\Source\Negotiate.StageId'
;
const
STAGEID
=
'\SimpleSAML\Module\negotiate\Auth\Source\Negotiate.StageId'
;
/** @var \SimpleSAML\Auth\LDAP|null */
protected
$ldap
=
null
;
protected
$ldap
=
null
;
/** @var string */
protected
$backend
=
''
;
protected
$backend
=
''
;
/** @var string*/
protected
$hostname
=
''
;
protected
$hostname
=
''
;
/** @var int */
protected
$port
=
389
;
protected
$port
=
389
;
/** @var bool */
protected
$referrals
=
true
;
protected
$referrals
=
true
;
/** @var bool */
protected
$enableTLS
=
false
;
protected
$enableTLS
=
false
;
/** @var bool */
protected
$debugLDAP
=
false
;
protected
$debugLDAP
=
false
;
/** @var int */
protected
$timeout
=
30
;
protected
$timeout
=
30
;
/** @var string */
protected
$keytab
=
''
;
protected
$keytab
=
''
;
/** @var array */
protected
$base
=
[];
protected
$base
=
[];
/** @var array */
protected
$attr
=
[
'uid'
];
protected
$attr
=
[
'uid'
];
/** @var array|null */
protected
$subnet
=
null
;
protected
$subnet
=
null
;
/** @var string|null */
protected
$admin_user
=
null
;
protected
$admin_user
=
null
;
/** @var string|null */
protected
$admin_pw
=
null
;
protected
$admin_pw
=
null
;
/** @var array|null */
protected
$attributes
=
null
;
protected
$attributes
=
null
;
...
@@ -81,6 +110,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
...
@@ -81,6 +110,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
* LDAP is used as a user metadata source.
* LDAP is used as a user metadata source.
*
*
* @param array &$state Information about the current authentication.
* @param array &$state Information about the current authentication.
* @return void
*/
*/
public
function
authenticate
(
&
$state
)
public
function
authenticate
(
&
$state
)
{
{
...
@@ -187,6 +217,10 @@ class Negotiate extends \SimpleSAML\Auth\Source
...
@@ -187,6 +217,10 @@ class Negotiate extends \SimpleSAML\Auth\Source
}
}
/**
* @param array $spMetadata
* @return bool
*/
public
function
spDisabledInMetadata
(
$spMetadata
)
public
function
spDisabledInMetadata
(
$spMetadata
)
{
{
if
(
array_key_exists
(
'negotiate:disable'
,
$spMetadata
))
{
if
(
array_key_exists
(
'negotiate:disable'
,
$spMetadata
))
{
...
@@ -209,7 +243,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
...
@@ -209,7 +243,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
*
*
* Will return TRUE if no subnet option is configured.
* Will return TRUE if no subnet option is configured.
*
*
* @return bool
ean
* @return bool
*/
*/
public
function
checkMask
()
public
function
checkMask
()
{
{
...
@@ -235,6 +269,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
...
@@ -235,6 +269,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
* wants to show the 401 message.
* wants to show the 401 message.
*
*
* @param array $params additional parameters to the URL in the URL in the body.
* @param array $params additional parameters to the URL in the URL in the body.
* @return void
*/
*/
protected
function
sendNegotiate
(
$params
)
protected
function
sendNegotiate
(
$params
)
{
{
...
@@ -256,6 +291,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
...
@@ -256,6 +291,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
* Passes control of the login process to a different module.
* Passes control of the login process to a different module.
*
*
* @param array $state Information about the current authentication.
* @param array $state Information about the current authentication.
* @return void
*
*
* @throws \SimpleSAML\Error\Error If couldn't determine the auth source.
* @throws \SimpleSAML\Error\Error If couldn't determine the auth source.
* @throws \SimpleSAML\Error\Exception
* @throws \SimpleSAML\Error\Exception
...
@@ -290,7 +326,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
...
@@ -290,7 +326,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
*
*
* @param string $user The Kerberos user identifier.
* @param string $user The Kerberos user identifier.
*
*
* @return
string The DN to
the user or NULL if not found.
* @return
array|null The attributes for
the user or NULL if not found.
*/
*/
protected
function
lookupUserData
(
$user
)
protected
function
lookupUserData
(
$user
)
{
{
...
@@ -315,6 +351,9 @@ class Negotiate extends \SimpleSAML\Auth\Source
...
@@ -315,6 +351,9 @@ class Negotiate extends \SimpleSAML\Auth\Source
/**
/**
* Elevates the LDAP connection to allow restricted lookups if
* Elevates the LDAP connection to allow restricted lookups if
* so configured. Does nothing if not.
* so configured. Does nothing if not.
*
* @return void
* @throws \SimpleSAML\Error\AuthSource
*/
*/
protected
function
adminBind
()
protected
function
adminBind
()
{
{
...
@@ -339,6 +378,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
...
@@ -339,6 +378,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
* logout call to the fallback module.
* logout call to the fallback module.
*
*
* @param array &$state Information about the current logout operation.
* @param array &$state Information about the current logout operation.
* @return void
*/
*/
public
function
logout
(
&
$state
)
public
function
logout
(
&
$state
)
{
{
...
...
This diff is collapsed.
Click to expand it.
psalm.xml
+
4
−
0
View file @
97d50e54
...
@@ -27,4 +27,8 @@
...
@@ -27,4 +27,8 @@
<UnusedClass
errorLevel=
"info"
/>
<UnusedClass
errorLevel=
"info"
/>
<PossiblyUnusedMethod
errorLevel=
"info"
/>
<PossiblyUnusedMethod
errorLevel=
"info"
/>
</issueHandlers>
</issueHandlers>
<stubs>
<file
name=
"tests/Utils/Stubs/krb5.php"
/>
</stubs>
</psalm>
</psalm>
This diff is collapsed.
Click to expand it.
tests/Utils/Stubs/krb5.php
0 → 100644
+
173
−
0
View file @
97d50e54
<?php
class
KRB5NegotiateAuth
{
/**
* @param string $keytab
* @param string $spn
*/
public
function
__construct
(
$keytab
,
$spn
)
{
}
/**
* @return bool
*/
public
function
doAuthentication
()
{
}
/**
* @return string
*/
public
function
getAuthenticatedUser
()
{
}
/**
* @param KRB5CCache $ccache
* @return void
*/
public
function
getDelegatedCredentials
(
KRB5CCache
$ccache
)
{
}
}
class
KRB5CCache
{
/**
*
*/
public
function
__construct
()
{
}
/**
* @return string
*/
public
function
getName
()
{
}
/**
* @param string $src
* @return bool
*/
public
function
open
(
$src
)
{
}
/**
* @param string $dest
* @return bool
*/
public
function
save
(
$dest
)
{
}
/**
* @param string $principal
* @param string $pass
* @param array|null $options
* @return bool
*/
public
function
initPassword
(
$principal
,
$pass
,
$options
=
null
)
{
}
/**
* @param string $principal
* @param string $keytab_file
* @param array|null $options
* @return bool
*/
public
function
initKeytab
(
$principal
,
$keytab_file
,
$options
=
null
)
{
}
/**
* @return string
*/
public
function
getPrincipal
()
{
}
/**
* @return string
*/
public
function
getRealm
()
{
}
/**
* @return array
*/
public
function
getLifetime
()
{
}
/**
* @return array
*/
public
function
getEntries
()
{
}
/**
* @param int $timeRemain
* @return bool
*/
public
function
isValid
(
$timeRemain
=
0
)
{
}
/**
* @param string|null $prefix
* @return array
*/
public
function
getTktAttrs
(
$prefix
=
null
)
{
}
/**
* @return bool
*/
public
function
renew
()
{
}
/**
* @param string $principal
* @param string $oldpass
* @param string $newpass
* @return bool
*/
public
function
changePassword
(
$principal
,
$oldpass
,
$newpass
)
{
}
/**
* @return array
*/
public
function
getExpirationTime
()
{
}
}
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment