The Perl Toolchain Summit 2025 Needs You: You can help 🙏 Learn more

AAR / Dancer2-Plugin-SPID-0.11 / example / app.pl 

            

              
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

              
#!/usr/bin/env perl
# This demo application shows usage of the Dancer::Plugin::SPID module.
# See config.yml for its configuration.
use Dancer2;
use Dancer2::Plugin::SPID;
# We don't need to configure any custom route for SPID. See index.tt and user.tt
# for how to include the SPID button and the logout link.
get '/' => sub {
    # If we have an active SPID session, display a page with user attributes,
    # otherwise show a generic login page containing the SPID button.
    if (spid_session) {
        template 'user';
    } else {
        template 'index';
    }
};
# That's it. Seriously, that's all you need.
# Below you'll see how to customize the behavior further by configuring one or
# more hooks that the SPID plugin will call.
# This hook is called when the login endpoint is called and the AuthnRequest
# is about to be crafted.
hook 'plugin.SPID.before_login' => sub {
    # ...
};
# This hook is called after the SPID session was successfully initiated.
hook 'plugin.SPID.after_login' => sub {
    info "User " . spid_session->nameid . " logged in";
     
    # Here you might want to create the user in your local database or do more
    # things for initializing the session. Make sure everything you do here is
    # idempotent.
     
    # Log assertion as required by the SPID rules.
    # Warning: in order to comply with rules, this should be logged in a more
    # permanent way than regular Dancer logs, so you'd better use a database
    # or a dedicated log file.
    info "SPID Assertion: " . spid_session->assertion_xml;
};
# This hook is called after a failed SPID login.
hook 'plugin.SPID.after_failed_login' => sub {
    my $statuscode = shift;
    info "SPID login failed: $statuscode";
};
# This hook is called when the logout endpoint is called and the LogoutRequest
# is about to be crafted.
hook 'plugin.SPID.before_logout' => sub {
    debug "User " . spid_session->nameid . " is about to logout";
};
# This hook is called when a SPID session is terminated (this might be triggered
# also when user initiated logout from another Service Provider or directly
# within the Identity Provider, thus without calling our logout endpoint and
# the 'before_logout' hook).
hook 'plugin.SPID.after_logout' => sub {
    my $success = shift;  # 'success' or 'partial'
    debug "User " . spid_session->nameid . " logged out";
};
dance;
__END__