@@ -16,20 +16,49 @@ class Negotiate extends \SimpleSAML\Auth\Source
1616 // Constants used in the module
1717 const STAGEID = '\SimpleSAML\Module\negotiate\Auth\Source\Negotiate.StageId ' ;
1818
19+ /** @var \SimpleSAML\Auth\LDAP|null */
1920 protected $ ldapnull ;
21+
22+ /** @var string */
2023 protected $ backend'' ;
24+
25+ /** @var string*/
2126 protected $ hostname'' ;
27+
28+ /** @var int */
2229 protected $ port389 ;
30+
31+ /** @var bool */
2332 protected $ referralstrue ;
33+
34+ /** @var bool */
2435 protected $ enableTLSfalse ;
36+
37+ /** @var bool */
2538 protected $ debugLDAPfalse ;
39+
40+ /** @var int */
2641 protected $ timeout30 ;
42+
43+ /** @var string */
2744 protected $ keytab'' ;
45+
46+ /** @var array */
2847 protected $ base
48+
49+ /** @var array */
2950 protected $ attr'uid ' ];
51+
52+ /** @var array|null */
3053 protected $ subnetnull ;
54+
55+ /** @var string|null */
3156 protected $ admin_usernull ;
57+
58+ /** @var string|null */
3259 protected $ admin_pwnull ;
60+
61+ /** @var array|null */
3362 protected $ attributesnull ;
3463
3564
@@ -81,6 +110,7 @@ public function __construct($info, $config)
81110 * LDAP is used as a user metadata source.
82111 *
83112 * @param array &$state Information about the current authentication.
113+ * @return void
84114 */
85115 public function authenticate (&$ state
86116 {
@@ -187,6 +217,10 @@ public function authenticate(&$state)
187217 }
188218
189219
220+ /**
221+ * @param array $spMetadata
222+ * @return bool
223+ */
190224 public function spDisabledInMetadata ($ spMetadata
191225 {
192226 if (array_key_exists ('negotiate:disable ' , $ spMetadata
@@ -209,7 +243,7 @@ public function spDisabledInMetadata($spMetadata)
209243 *
210244 * Will return TRUE if no subnet option is configured.
211245 *
212- * @return boolean
246+ * @return bool
213247 */
214248 public function checkMask ()
215249 {
@@ -235,6 +269,7 @@ public function checkMask()
235269 * wants to show the 401 message.
236270 *
237271 * @param array $params additional parameters to the URL in the URL in the body.
272+ * @return void
238273 */
239274 protected function sendNegotiate ($ params
240275 {
@@ -256,6 +291,7 @@ protected function sendNegotiate($params)
256291 * Passes control of the login process to a different module.
257292 *
258293 * @param array $state Information about the current authentication.
294+ * @return void
259295 *
260296 * @throws \SimpleSAML\Error\Error If couldn't determine the auth source.
261297 * @throws \SimpleSAML\Error\Exception
@@ -290,7 +326,7 @@ public static function fallBack(&$state)
290326 *
291327 * @param string $user The Kerberos user identifier.
292328 *
293- * @return string The DN to the user or NULL if not found.
329+ * @return array|null The attributes for the user or NULL if not found.
294330 */
295331 protected function lookupUserData ($ user
296332 {
@@ -315,6 +351,9 @@ protected function lookupUserData($user)
315351 /**
316352 * Elevates the LDAP connection to allow restricted lookups if
317353 * so configured. Does nothing if not.
354+ *
355+ * @return void
356+ * @throws \SimpleSAML\Error\AuthSource
318357 */
319358 protected function adminBind ()
320359 {
@@ -339,6 +378,7 @@ protected function adminBind()
339378 * logout call to the fallback module.
340379 *
341380 * @param array &$state Information about the current logout operation.
381+ * @return void
342382 */
343383 public function logout (&$ state
344384 {
0 commit comments