NAME

Net::SAML2::IdP - SAML Identity Provider object

VERSION

version 0.79

SYNOPSIS

my $idp = Net::SAML2::IdP->new_from_url(
      url => $url,
      cacert => $cacert,
      ssl_opts =>         # Optional options supported by LWP::Protocol::https
          {
              SSL_ca_file     => '/your/directory/cacert.pem',
              SSL_ca_path     => '/etc/ssl/certs',
              verify_hostname => 1,
          }
      );
my $sso_url = $idp->sso_url('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect');

Note that LWP::UserAgent is used which means that environment variables may affect the use of https see:

METHODS

new( )

Constructor

entityid

new_from_url( url => $url, cacert => $cacert, ssl_opts => {} )

Create an IdP object by retrieving the metadata at the given URL.

Dies if the metadata can't be retrieved with reason.

new_from_xml( xml => $xml, cacert => $cacert )

Constructor. Create an IdP object using the provided metadata XML document.

sso_url( $binding )

Returns the url for the SSO service using the given binding. Binding name should be the full URI.

slo_url( $binding )

Returns the url for the Single Logout Service using the given binding. Binding name should be the full URI.

art_url( $binding )

Returns the url for the Artifact Resolution service using the given binding. Binding name should be the full URI.

cert( $use )

Returns the IdP's certificates for the given use (e.g. signing).

IdP's are generated from the metadata it is possible for multiple certificates to be contained in the metadata and therefore possible for them to be there to be multiple verified certs in $self->certs. At this point any certs in the IdP have been verified and are valid for the specified use. All certs are of type $use are returned.

binding( $name )

Returns the full Binding URI for the given binding name (i.e. redirect or soap). Includes this module's currently-supported bindings.

format( $short_name )

Returns the full NameID Format URI for the given short name.

If no short name is provided, returns the URI for the default format, the one listed first by the IdP.

If no NameID formats were advertised by the IdP, returns undef.

AUTHORS

  • Chris Andrews <chrisa@cpan.org>

  • Timothy Legge <timlegge@gmail.com>

COPYRIGHT AND LICENSE

This software is copyright (c) 2024 by Venda Ltd, see the CONTRIBUTORS file for others.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.