NAME
Authen::NZigovt::ResolutionResponse - Encapsulates the response from the IdP to the artifact resolution request
DESCRIPTION
This package is used by the Authen::NZigovt::ServiceProvider to represent the response received from the Identity Provider.
The is_success or is_error methods can be used to determine whether the user's logon was successful.
On success, the user's FLT can be retrieved using the flt method.
On failure, the URN identifying the exact error can be determined using the status_urn method. Convenience methods are also provided for identifying common error codes that you might want to handle (see: is_cancel, is_timeout, is_not_registered).
METHODS
new
Constructor. Should not be called directly. Instead, call the resolve_artifact method on the service provider object.
xml
The raw XML response from the IdP. Useful for logging and diagnostics.
status_urn
The 'StatusCode' 'Value' (most specific if more than one) in the response from the IdP. You probably want to use the convenience methods (such as is_cancel) rather than querying this directly although in the case of errors you will want to log this value.
status_message
In some error cases the IdP will return a human readable message relating to the error condition. If provided, you should include it in the error screen you display to your users. This routine will return an empty string if the response contained no message.
is_success
Returns true if the artifact resolution was successful and an FLT is available. Returns false otherwise.
is_error
Returns true if the artifact resolution was not successful. Returns false otherwise.
is_timeout
Returns true if the igovt logon service timed out waiting for the user to enter their account details. After this error, it is safe to present the user with a "try again" link.
is_cancel
Returns true if the user selected 'Cancel' or 'Return to agency site' rather than logging in. After this error, it is safe to present the user with a "try again" link.
is_not_registered
Returns true if the logon was successful but the user's igovt logon account has not been associated with this service provider (agency web site).
This situation will only occur if the original authentication request specified a false value for the allow_create option. Agency sites which use a separate flow for the initial sign-up process will need to handle this error.
flt
If the artifact resolution was successful, use this method to retrieve the user's FLT - a token uniquely identifying the user.
logon_strength
The URN indicating the logon strength returned by the IdP.
Note: If you have specific logon strength requirements, you should specify them using the logon_strength and strength_match options when calling the service provider's resolve_artifact method.
PRIVATE METHODS
The following methods are used by the service provider while setting up the response object and are not intended for use by the calling application.
- set_status_urn
- set_status_message
- set_logon_strength
- set_flt
SEE ALSO
See Authen::NZigovt for documentation index.
LICENSE AND COPYRIGHT
Copyright (c) 2010-2011 the New Zealand Electoral Enrolment Centre
Written by Grant McLean <grant@catalyst.net.nz>
This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.