Skip to content
Snippets Groups Projects
Commit 97d50e54 authored by Tim van Dijen's avatar Tim van Dijen
Browse files

Fixes for modules/negotiate

parent c75b81bf
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
modules/negotiate/lib/Auth/Source/Negotiate.php
+ 42
2
View file @ 97d50e54
...@@ -16,20 +16,49 @@ class Negotiate extends \SimpleSAML\Auth\Source ...@@ -16,20 +16,49 @@ class Negotiate extends \SimpleSAML\Auth\Source
// Constants used in the module // Constants used in the module
const STAGEID = '\SimpleSAML\Module\negotiate\Auth\Source\Negotiate.StageId'; const STAGEID = '\SimpleSAML\Module\negotiate\Auth\Source\Negotiate.StageId';
/** @var \SimpleSAML\Auth\LDAP|null */
protected $ldap = null; protected $ldap = null;
/** @var string */
protected $backend = ''; protected $backend = '';
/** @var string*/
protected $hostname = ''; protected $hostname = '';
/** @var int */
protected $port = 389; protected $port = 389;
/** @var bool */
protected $referrals = true; protected $referrals = true;
/** @var bool */
protected $enableTLS = false; protected $enableTLS = false;
/** @var bool */
protected $debugLDAP = false; protected $debugLDAP = false;
/** @var int */
protected $timeout = 30; protected $timeout = 30;
/** @var string */
protected $keytab = ''; protected $keytab = '';
/** @var array */
protected $base = []; protected $base = [];
/** @var array */
protected $attr = ['uid']; protected $attr = ['uid'];
/** @var array|null */
protected $subnet = null; protected $subnet = null;
/** @var string|null */
protected $admin_user = null; protected $admin_user = null;
/** @var string|null */
protected $admin_pw = null; protected $admin_pw = null;
/** @var array|null */
protected $attributes = null; protected $attributes = null;
...@@ -81,6 +110,7 @@ class Negotiate extends \SimpleSAML\Auth\Source ...@@ -81,6 +110,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
* LDAP is used as a user metadata source. * LDAP is used as a user metadata source.
* *
* @param array &$state Information about the current authentication. * @param array &$state Information about the current authentication.
* @return void
*/ */
public function authenticate(&$state) public function authenticate(&$state)
{ {
...@@ -187,6 +217,10 @@ class Negotiate extends \SimpleSAML\Auth\Source ...@@ -187,6 +217,10 @@ class Negotiate extends \SimpleSAML\Auth\Source
} }
/**
* @param array $spMetadata
* @return bool
*/
public function spDisabledInMetadata($spMetadata) public function spDisabledInMetadata($spMetadata)
{ {
if (array_key_exists('negotiate:disable', $spMetadata)) { if (array_key_exists('negotiate:disable', $spMetadata)) {
...@@ -209,7 +243,7 @@ class Negotiate extends \SimpleSAML\Auth\Source ...@@ -209,7 +243,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
* *
* Will return TRUE if no subnet option is configured. * Will return TRUE if no subnet option is configured.
* *
* @return boolean * @return bool
*/ */
public function checkMask() public function checkMask()
{ {
...@@ -235,6 +269,7 @@ class Negotiate extends \SimpleSAML\Auth\Source ...@@ -235,6 +269,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
* wants to show the 401 message. * wants to show the 401 message.
* *
* @param array $params additional parameters to the URL in the URL in the body. * @param array $params additional parameters to the URL in the URL in the body.
* @return void
*/ */
protected function sendNegotiate($params) protected function sendNegotiate($params)
{ {
...@@ -256,6 +291,7 @@ class Negotiate extends \SimpleSAML\Auth\Source ...@@ -256,6 +291,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
* Passes control of the login process to a different module. * Passes control of the login process to a different module.
* *
* @param array $state Information about the current authentication. * @param array $state Information about the current authentication.
* @return void
* *
* @throws \SimpleSAML\Error\Error If couldn't determine the auth source. * @throws \SimpleSAML\Error\Error If couldn't determine the auth source.
* @throws \SimpleSAML\Error\Exception * @throws \SimpleSAML\Error\Exception
...@@ -290,7 +326,7 @@ class Negotiate extends \SimpleSAML\Auth\Source ...@@ -290,7 +326,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
* *
* @param string $user The Kerberos user identifier. * @param string $user The Kerberos user identifier.
* *
* @return string The DN to the user or NULL if not found. * @return array|null The attributes for the user or NULL if not found.
*/ */
protected function lookupUserData($user) protected function lookupUserData($user)
{ {
...@@ -315,6 +351,9 @@ class Negotiate extends \SimpleSAML\Auth\Source ...@@ -315,6 +351,9 @@ class Negotiate extends \SimpleSAML\Auth\Source
/** /**
* Elevates the LDAP connection to allow restricted lookups if * Elevates the LDAP connection to allow restricted lookups if
* so configured. Does nothing if not. * so configured. Does nothing if not.
*
* @return void
* @throws \SimpleSAML\Error\AuthSource
*/ */
protected function adminBind() protected function adminBind()
{ {
...@@ -339,6 +378,7 @@ class Negotiate extends \SimpleSAML\Auth\Source ...@@ -339,6 +378,7 @@ class Negotiate extends \SimpleSAML\Auth\Source
* logout call to the fallback module. * logout call to the fallback module.
* *
* @param array &$state Information about the current logout operation. * @param array &$state Information about the current logout operation.
* @return void
*/ */
public function logout(&$state) public function logout(&$state)
{ {
......
psalm.xml
+ 4
0
View file @ 97d50e54
...@@ -27,4 +27,8 @@ ...@@ -27,4 +27,8 @@
<UnusedClass errorLevel="info" /> <UnusedClass errorLevel="info" />
<PossiblyUnusedMethod errorLevel="info" /> <PossiblyUnusedMethod errorLevel="info" />
</issueHandlers> </issueHandlers>
<stubs>
<file name="tests/Utils/Stubs/krb5.php" />
</stubs>
</psalm> </psalm>
tests/Utils/Stubs/krb5.php 0 → 100644
+ 173
0
View file @ 97d50e54
<?php
class KRB5NegotiateAuth
{
/**
* @param string $keytab
* @param string $spn
*/
public function __construct($keytab, $spn)
{
}
/**
* @return bool
*/
public function doAuthentication()
{
}
/**
* @return string
*/
public function getAuthenticatedUser()
{
}
/**
* @param KRB5CCache $ccache
* @return void
*/
public function getDelegatedCredentials(KRB5CCache $ccache)
{
}
}
class KRB5CCache
{
/**
*
*/
public function __construct()
{
}
/**
* @return string
*/
public function getName()
{
}
/**
* @param string $src
* @return bool
*/
public function open($src)
{
}
/**
* @param string $dest
* @return bool
*/
public function save($dest)
{
}
/**
* @param string $principal
* @param string $pass
* @param array|null $options
* @return bool
*/
public function initPassword($principal, $pass, $options = null)
{
}
/**
* @param string $principal
* @param string $keytab_file
* @param array|null $options
* @return bool
*/
public function initKeytab($principal, $keytab_file, $options = null)
{
}
/**
* @return string
*/
public function getPrincipal()
{
}
/**
* @return string
*/
public function getRealm()
{
}
/**
* @return array
*/
public function getLifetime()
{
}
/**
* @return array
*/
public function getEntries()
{
}
/**
* @param int $timeRemain
* @return bool
*/
public function isValid($timeRemain = 0)
{
}
/**
* @param string|null $prefix
* @return array
*/
public function getTktAttrs($prefix = null)
{
}
/**
* @return bool
*/
public function renew()
{
}
/**
* @param string $principal
* @param string $oldpass
* @param string $newpass
* @return bool
*/
public function changePassword($principal, $oldpass, $newpass)
{
}
/**
* @return array
*/
public function getExpirationTime()
{
}
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment