NAME

Authen::NZRealMe::TokenGenerator - generate SAML ID strings

DESCRIPTION

This class is responsible for generating random ID tokens such as:

  e5111f121b7b5f8533d18d98e1ec8ade294c62cc3

Although the methods are described below, the preferred way to use this class is via the ServiceProvider:

  $sp->generate_saml_id( args );

Any arguments provided will be ignored if strong_token is used (see below) or will be passed to weak_token for the fallback implementation.

METHODS

new

Constructor. Should not be called directly. Instead, call:

  Authen::NZRealMe->token_generator();

saml_id

Generates and returns a hex-encoded random token (guaranteed to start with a letter) using strong_token if possible and weak_token otherwise.

strong_token

On systems where the device /dev/urandom is available, it will be used. This method will read 20 bytes from the random device and return a hex-encoded representation of those bytes.

Otherwise, returns undef.

weak_token

Will be called if strong_token is not able to find a strong source of random data. As this method uses Perl's built-in rand function, which is not a cryptographically strong source of randomness, its use should be avoided.

If your platform does not provide /dev/urandom, you are advised to use the Authen::NZRealMe->register_class method to provide an alternative implementation for 'token_generator'.

SEE ALSO

See Authen::NZRealMe for documentation index.

LICENSE AND COPYRIGHT

Copyright (c) 2014-2019 Enrolment Services, New Zealand Electoral Commission

Written by Grant McLean <grant@catalyst.net.nz>

This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.

See http://dev.perl.org/licenses/ for more information.