NAME
Authen::NZRealMe::ResolutionResponse - Encapsulates the response from the IdP to the artifact resolution request
DESCRIPTION
This package is used by the Authen::NZRealMe::ServiceProvider to represent the response received from the Identity Provider.
The is_success
or is_error
methods can be used to determine whether the user's logon was successful.
On success, the user's FLT can be retrieved using the flt
method.
On failure, the URN identifying the exact error can be determined using the status_urn
method. Convenience methods are also provided for identifying common error codes that you might want to handle (see: is_cancel
, is_timeout
, is_not_registered
).
METHODS
new
Constructor. Should not be called directly. Instead, call the resolve_artifact
method on the service provider object.
xml
The raw XML response from the IdP. Useful for logging and diagnostics.
service_type
Accessor for the type of service ("login" or "assertion") this response originated from.
status_urn
The 'StatusCode' 'Value' (most specific if more than one) in the response from the IdP. You probably want to use the convenience methods (such as is_cancel
) rather than querying this directly although in the case of errors you will want to log this value.
status_message
In some error cases the IdP will return a human readable message relating to the error condition. If provided, you should include it in the error screen you display to your users. This routine will return an empty string if the response contained no message.
is_success
Returns true if the artifact resolution was successful and an FLT is available. Returns false otherwise.
is_error
Returns true if the artifact resolution was not successful. Returns false otherwise.
is_timeout
Returns true if the RealMe Login service timed out waiting for the user to enter their account details. After this error, it is safe to present the user with a "try again" link.
is_cancel
Returns true if the user selected 'Cancel' or 'Return to agency site' rather than logging in. After this error, it is safe to present the user with a "try again" link.
is_not_registered
Returns true if the logon was successful but the user's RealMe Login account has not been associated with this service provider (agency web site).
This situation will only occur if the original authentication request specified a false value for the allow_create
option. Agency sites which use a separate flow for the initial sign-up process will need to handle this error.
as_string
Returns a string listing all the attributes from the assertion (including the FLT if requested). This is useful for logging and debiugging purposes.
RESPONSE ATTRIBUTE METHODS
The following methods are available for querying attributes returned in the response (after the artifact resolution has been completed successfully).
Note most of the attributes will only be available if they were requested during your application's integration with the assertion service and if the user consented to those details being shared with your application.
flt
Returns the user's FLT (Federated Login Tag) - a token uniquely identifying the relationship between the user, the login service and your application.
logon_strength
The URN indicating the logon strength returned by the Login Service IdP (not available in responses from the assertion service).
Note: If you have specific logon strength requirements, you should specify them using the logon_strength
and strength_match
options when calling the service provider's resolve_artifact
method.
fit
Returns the user's FIT (Federated Identity Tag) - a token uniquely identifying the relationship between the user, the assertion service and your application.
date_of_birth
Returns the user's date of birth as an ISO date string.
place_of_birth
Returns the user's place of birth as a string containing a town name.
country_of_birth
Returns the user's country of birth as a string containing a country name.
surname
Returns the user's surname.
first_name
Returns the user's first name (if they have one).
mid_names
Returns the user's midnames (if they have any).
gender
Returns the user's gender as "M" (Male), "F" (Female) or "U" (Unknown).
address
Returns all available details of the verified address (if one was available) as a hashref with keys: "unit", "street", "suburb", "town_city" and "postcode".
If no address details are available, returns undef
.
address_unit
Returns the unit identifier (e.g.: "Flat 1") from the user's address if it has one.
address_street
Returns the house number and street name (e.g.: "25 Example Street") from the user's address.
address_rural_delivery
Returns the rural delivery identifier (e.g.: "RD 7") from the user's address (if it has one).
address_suburb
Returns the suburb name (e.g.: "Herne Bay") from the user's address if it has one.
address_town_city
Returns the town or city name (e.g.: "Auckland") from the user's address.
address_postcode
Returns the postcode (e.g.: "1001") from the user's address.
PRIVATE METHODS
The following methods are used by the service provider while setting up the response object and are not intended for use by the calling application.
- set_service_type
- set_status_urn
- set_status_message
- set_logon_strength
- set_flt
- set_fit
- set_surname
- set_first_name
- set_mid_names
- set_gender
- set_date_of_birth
- set_place_of_birth
- set_country_of_birth
- set_address_unit
- set_address_street
- set_address_rural_delivery
- set_address_suburb
- set_address_town_city
- set_address_postcode
SEE ALSO
See Authen::NZRealMe for documentation index.
LICENSE AND COPYRIGHT
Copyright (c) 2010-2022 Enrolment Services, New Zealand Electoral Commission
Written by Grant McLean <grant@catalyst.net.nz>
This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.