NAME

Net::SPID::SAML::Assertion

VERSION

version 0.10

SYNOPSIS

use Net::SPID;

# initialize our SPID object
my $spid = Net::SPID->new(...);

# parse a response from an Identity Provider
my $assertion = eval {
    $spid->parse_assertion($saml_response_xml, $authnreq_id);
};

# perform validation
die "Invalid assertion!" if !$assertion->validate($our_entityid, $request_id);

# read the SPID level
print "SPID Level: ", $assertion->spid_level, "\n";

# get a Net::SPID::Session object (serializable for later reuse, such as logout)
my $session = $assertion->spid_session;

ABSTRACT

This class represents a SPID Response/Assertion message. We get such messages either after an AuthnRequest (Single Sign-On) or after an AttributeQuery.

CONSTRUCTOR

This class is not supposed to be instantiated directly. It is returned by "parse_assertion" in Net::SPID::SAML.

METHODS

xml

This method returns the raw assertion in its XML format.

my $xml = $assertion->xml;

validate

This method performs validation by calling all of the valid_* methods described below.

On success it returns a true value. On failure it will throw an exception.

eval {
    $assertion->validate($request_id);
};
die "Invalid assertion: $@" if $@;

valid_audience

This method checks that the Audience attribute equals our entityID and returns a boolean value.

die "Invalid audience" if !$assertion->valid_audience;

valid_in_response_to

This method checks that the InResponseTo attribute equals the supplied request ID and returns a boolean value.

die "Invalid InResponseTo" if !$assertion->in_response_to($request_id);

valid_not_before

This method checks that the NotBefore condition contained in the assertion is compatible with the current timestamp and returns a boolean value.

die "Invalid NotBefore" if !$assertion->valid_not_before;

valid_not_after

This method checks that the NotAfter condition contained in the assertion is compatible with the current timestamp and returns a boolean value.

die "Invalid NotBefore" if !$assertion->valid_not_after;

spid_level

This method returns the SPID level asserted by the Identity Provider, as an integer (1, 2 or 3). Note that this may not coincide with the level requested in the AuthnRequest.

spid_session

This method returns a Net::SPID::Session object populated with information from this Assertion. It's serializable and you might want to store it for later reuse (i.e. for generating a logout request).

AUTHOR

Alessandro Ranellucci <aar@cpan.org>

COPYRIGHT AND LICENSE

This is free software, licensed under:

The (three-clause) BSD License

To install Net::SPID, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Net::SPID

CPAN shell

perl -MCPAN -e shell
install Net::SPID

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)