Net::SAML2::Binding::Redirect - Net::SAML2::Binding::Redirect - HTTP Redirect binding for SAML
version 0.67
my $redirect = Net::SAML2::Binding::Redirect->new( key => '/path/to/SPsign-nopw-key.pem', # Service Provider (SP) private key url => $sso_url, # Service Provider Single Sign Out URL param => 'SAMLRequest' OR 'SAMLResponse', # Type of request cert => $idp->cert('signing') # Identity Provider (IdP) certificate sig_hash => 'sha1', 'sha224', 'sha256', 'sha384', 'sha512' # Signature to sign request ); my $url = $redirect->sign($authnreq); my $ret = $redirect->verify($url);
Constructor. Creates an instance of the Redirect binding.
Arguments:
The SP's (Service Provider) also known as your application's signing key that your application uses to sign the AuthnRequest. Some IdPs may not verify the signature.
Usually required when param is SAMLRequest.
SAMLRequest
If you don't want to sign the request, you can pass insecure => 1 and not provide a key; in this case, sign will return a non-signed URL.
insecure => 1
sign
IdP's (Identity Provider's) certificate that is used to verify a signed Redirect from the IdP. It is used to verify the signature of the Redirect response. Required with param being SAMLResponse.
SAMLResponse
IdP's SSO (Single Sign Out) service url for the Redirect binding Required with param being SAMLRequest.
query param name to use (SAMLRequest, SAMLResponse) Defaults to SAMLRequest.
RSA hash to use to sign request
Supported:
sha1, sha224, sha256, sha384, sha512
Defaults to sha1.
sha1
Output extra debugging information
Get the redirect URI for a given request, and returns the URL to which the user's browser should be redirected.
Accepts an optional RelayState parameter, a string which will be returned to the requestor when the user returns from the authentication process with the IdP.
The request is signed unless the the object has been instantiated with <insecure = 1>>.
<insecure =
Signs the given request, and returns the URL to which the user's browser should be redirected.
Returns the signed (or unsigned) URL for the SAML2 redirect
Decode a Redirect binding URL.
Verifies the signature on the response.
Requires the *raw* query string to be passed, because URI parses and re-encodes URI-escapes in uppercase (%3f becomes %3F, for instance), which leads to signature verification failures if the other party uses lower case (or mixed case).
%3f
%3F
Returns an ARRAY of containing the verified request and relaystate (if it exists). Croaks on errors.
Chris Andrews <chrisa@cpan.org>
Timothy Legge <timlegge@gmail.com>
This software is copyright (c) 2023 by Venda Ltd, see the CONTRIBUTORS file for others.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.
To install Net::SAML2, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Net::SAML2
CPAN shell
perl -MCPAN -e shell install Net::SAML2
For more information on module installation, please visit the detailed CPAN module installation guide.