NAME
Net::SPID::SAML::Out::AuthnRequest
VERSION
version 0.15
SYNOPSIS
use Net::SPID;
# initialize our SPID object
my $spid = Net::SPID->new(...);
# get an IdP
my $idp = $spid->get_idp('https://www.prova.it/');
# generate an AuthnRequest
my $authnreq = $idp->authnrequest(
acs_index => 0, # index of AssertionConsumerService as per our SP metadata
attr_index => 1, # index of AttributeConsumingService as per our SP metadata
level => 1, # SPID level
);
my $url = $authnreq->redirect_url;
ABSTRACT
This class represents an outgoing AuthnRequest.
CONSTRUCTOR
This class is not supposed to be instantiated directly. You can craft an AuthnRequest by calling the "authnrequest" in Net::SPID::SAML::IdP method on a Net::SPID::SAML::IdP object.
METHODS
xml
This method generates the message in XML format.
my $xml = $authnreq->xml;
redirect_url
This method returns the full URL of the Identity Provider where user should be redirected in order to initiate their Single Sign-On. In SAML words, this implements the HTTP-Redirect binding.
my $url = $authnreq->redirect_url(relaystate => 'foobar');
The following arguments can be supplied:
- relaystate
-
(Optional.) An arbitrary payload can be written in this argument, and it will be returned to us along with the Response/Assertion. Please note that since we're passing this in the query string it can't be too long otherwise the URL will be truncated and the request will fail. Also note that this is transmitted in clear-text and that you are responsible for making sure the value is coupled with this AuthnRequest either cryptographycally or by using a lookup table on your side.
post_form
This method returns an HTML page with a JavaScript auto-post command that submits the request to the Identity Provider in order to initiate their Single Sign-On. In SAML words, this implements the HTTP-POST binding.
my $html = $authnreq->post_form(relaystate => 'foobar');
The following arguments can be supplied:
- relaystate
-
(Optional.) An arbitrary payload can be written in this argument, and it will be returned to us along with the Response/Assertion. Please note that this is not signed and it's transmitted in clear-text; you are responsible for signing it and making sure the value is coupled with this AuthnRequest either cryptographycally or by using a lookup table on your side.
AUTHOR
Alessandro Ranellucci <aar@cpan.org>
COPYRIGHT AND LICENSE
This software is Copyright (c) 2018 by Alessandro Ranellucci.
This is free software, licensed under:
The (three-clause) BSD License