NAME

Net::SAML2::Protocol::Assertion - Net::SAML2::Protocol::Assertion - SAML2 assertion object

VERSION

version 0.58

SYNOPSIS

my $assertion = Net::SAML2::Protocol::Assertion->new_from_xml(
  xml => decode_base64($SAMLResponse)
);

NAME

Net::SAML2::Protocol::Assertion - SAML2 assertion object

METHODS

new_from_xml( ... )

Constructor. Creates an instance of the Assertion object, parsing the given XML to find the attributes, session and nameid.

Arguments:

xml

XML data

key_file

Optional but Required handling Encrypted Assertions.

path to the SP's private key file that matches the SP's public certificate used by the IdP to Encrypt the response (or parts of the response)

cacert

path to the CA certificate for verification. Optional: This is only used for validating the certificate provided for a signed Assertion that was found when the EncryptedAssertion is decrypted.

While optional it is recommended for ensuring that the Assertion in an EncryptedAssertion is properly validated.

name( )

Returns the CN attribute, if provided.

nameid

Returns the NameID

nameid_format

Returns the NameID Format

valid( $audience, $in_response_to )

Returns true if this Assertion is currently valid for the given audience.

Also accepts $in_response_to which it checks against the returned Assertion. This is very important for security as it helps ensure that the assertion that was received was for the request that was made.

Checks the audience matches, and that the current time is within the Assertions validity period as specified in its Conditions element.

AUTHOR

Chris Andrews <chrisa@cpan.org>

COPYRIGHT AND LICENSE

This software is copyright (c) 2022 by Chris Andrews and Others, see the git log.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.