NAME

Net::SPID::SAML::IdP

VERSION

version 0.15

SYNOPSIS

use Net::SPID;

# get an IdP
my $idp = $spid->get_idp('https://www.prova.it/');

# generate an AuthnRequest
my $authnreq = $idp->authnrequest(
    #acs_url    => 'https://...',   # URL of AssertionConsumerServiceURL to use
    acs_index   => 0,   # index of AssertionConsumerService as per our SP metadata
    attr_index  => 1,   # index of AttributeConsumingService as per our SP metadata
    level       => 1,   # SPID level
);

# generate a LogoutRequest
my $logoutreq = $idp->logoutrequest(session => $spid_session);

# generate a LogoutResponse
my $logoutres = $idp->logoutresponse(in_response_to => $logoutreq->id, status => 'success');

ABSTRACT

This class represents an Identity Provider.

CONSTRUCTOR

new_from_xml

This constructor takes the metadata in XML form and parses it into a Net::SPID::SAML::IdP object:

my $idp = Net::SPID::SAML::IdP->new_from_xml(xml => $xml);

If the metadata is signed, this method will croak in case the signature is not valid.

Note that you don't usually need to construct this object manually. You load metadata using the methods offered by Net::SPID::SAML and then you retrieve the IdP you need using "get_idp" in Net::SPID::SAML.

METHODS

authnrequest

This method generates an AuthnRequest addressed to this Identity Provider. Note that this method does not perform any network call, it just generates a Net::SPID::SAML::Out::AuthnRequest object.

my $authnrequest = $idp->authnrequest(
    #acs_url    => 'https://...',   # URL of AssertionConsumerServiceURL to use
    acs_index   => 0,   # index of AssertionConsumerService as per our SP metadata
    attr_index  => 1,   # index of AttributeConsumingService as per our SP metadata
    level       => 1,   # SPID level
);

The following arguments can be supplied to authnrequest():

acs_url: The value to use for AssertionConsumerServiceURL in AuthnRequest. This is the URL where the user will be redirected (via GET or POST) by the Identity Provider after Single Sign-On. This should be one of the URLs configured in the "sp_assertionconsumerservice" in Net::SPID parameter at initialization time, otherwise the Response will not be validated. If omitted, the first configured one will be used.
acs_index: The value to use for AssertionConsumerServiceIndex in AuthnRequest. As an alternative to specifying the URL explicitely in each AuthnRequest using acs_url, a numeric index referring to the URL(s) specified in the Service Provider metadata can be supplied. Make sure the corresponding URL is listed in the "sp_assertionconsumerservice" in Net::SPID parameter, otherwise the response will not be validated.
attr_index: (Optional.) The value to use for AttributeConsumingServiceIndex in AuthnRequest. This refers to the AttributeConsumingService specified in the Service Provider metadata. If omitted, no attributes will be requested at all.
level: (Optional.) The SPID level requested (as an integer; can be 1, 2 or 3). If omitted, 1 will be used.

logoutrequest

This method generates a LogoutRequest addressed to this Identity Provider. Note that this method does not perform any network call, it just generates a Net::SPID::SAML::LogoutRequest object.

my $logoutreq = $idp->logoutrequest(session => $spid_session);

The following arguments can be supplied to logoutrequest():

session_index: The Net::SPID::Session object (originally returned by "parse_response" in Net::SPID::SAML through a Net::SPID::SAML::In::Response object) representing the SPID session to close.

logoutresponse

This method generates a LogoutResponse addressed to this Identity Provider. You usually need to generate a LogoutResponse when user initiated a logout on another Service Provider (or from the Identity Provider itself) and thus you got a LogoutRequest from the Identity Provider. Note that this method does not perform any network call, it just generates a Net::SPID::SAML::LogoutResponse object.

my $logoutres = $idp->logoutresponse(
    status          => 'success',
    in_response_to  => $logoutreq->id,
);

The following arguments can be supplied to logoutresponse():

status: This can be either success, partial, requester or responder according to the SAML specs.

cert

Returns the signing certificate for this Identity Provider as a Crypt::OpenSSL::X509 object.

xml

Returns the XML representation of this Identity Provider's metadata.

entityID

Returns the entityID of this Identity Provider.

sso_urls

Hashref of SingleSignOnService bindings, whose keys are the binding methods (urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST or urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect) and values contain the URLs.

sloreq_urls

Hashref of SingleLogoutService bindings to be used for sending LogoutRequest messages. Keys are the binding methods (urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST or urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect) and values contain the URLs.

slores_urls

Hashref of SingleLogoutService bindings to be used for sending LogoutResponse messages. Keys are the binding methods (urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST or urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect) and values contain the URLs.

AUTHOR

Alessandro Ranellucci <aar@cpan.org>

COPYRIGHT AND LICENSE

This is free software, licensed under:

The (three-clause) BSD License

To install Net::SPID, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Net::SPID

CPAN shell

perl -MCPAN -e shell
install Net::SPID

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)