Mojo-SAML
4 results

 view release on metacpan or  search on metacpan

lib/Mojo/XMLSig.pm  view on Meta::CPAN 

=head1 NAME

Mojo::XMLSig - An implementation of XML-Sig using the Mojo toolkit

=head1 SYNOPSIS

  use Mojo::XMLSig;

  # sign
  my $xml = ...;
  my $key = Crypt::OpenSSL::RSA->new_private_key(...);
  my $signed = Mojo::XMLSig::sign($xml, $key);

  # verify using an embedded certificate
  my $verified = Mojo::XMLSig::verify($signed);

  # verify using a known public certificate
  my $pub = Crypt::OpenSSL::RSA->new_public_key(...);
  my $verified = Mojo::XMLSig::verify($signed, $pub);

=head1 DESCRIPTION

lib/Mojolicious/Plugin/SAML.pm  view on Meta::CPAN 

}

sub register {
  my ($plugin, $app, $conf) = @_;
  $conf ||= {};
  $conf = { %$conf, %{$app->config->{SAML}} };
  Carp::croak 'No SAML configuration given'
    unless keys %$conf;

  my $login = $conf->{handle_login} // Carp::croak 'handle_login is required';
  my $key   = Crypt::OpenSSL::RSA->new_private_key(path($conf->{key})->slurp);
  my $cert  = Crypt::OpenSSL::X509->new_from_string(path($conf->{cert})->slurp);
  my $idp   = Mojo::SAML::IdP->new->from($conf->{idp});

  my $location  = $conf->{location};
  my $entity_id = $conf->{entity_id} // $location;

  my $key_info = KeyInfo->new(cert => $cert);
  my $key_desc = KeyDescriptor->new(
    key_info => $key_info,
    use => 'signing',

t/build_xmlsig_test.pl  view on Meta::CPAN 

use Mojo::Base -strict;

use Mojo::SAML ':docs';

use Crypt::OpenSSL::RSA;
use Crypt::OpenSSL::X509;
use Mojo::File 'path';

my $key = Crypt::OpenSSL::RSA->new_private_key(path('t/test.key')->slurp);
my $cert = Crypt::OpenSSL::X509->new_from_string(path('t/test.cer')->slurp);

my $key_info = KeyInfo->new(cert => $cert);
my $doc = Mojo::SAML::Document->new(
  insert_signature => Signature->new(key_info => $key_info),
  sign_with_key => $key,
);  
$doc->template($doc->build_template(<<'XML'));
<Thing ID="abc123">
  <Important>Cool Stuff</Important>

t/xmlsig.t  view on Meta::CPAN 

subtest 'existing document' => sub {
  my $req = path('t/keycloak_saml_response.xml')->slurp;
  ok Mojo::XMLSig::has_signature($req), 'sample request has signature';
  ok Mojo::XMLSig::verify($req), 'sample request verifies itself';
};

subtest 'create document, sign, and verify' => sub {
  my $cert = path('t/test.cer')->slurp;
  my $x509 = Crypt::OpenSSL::X509->new_from_string($cert);
  my $pub  = Crypt::OpenSSL::RSA->new_public_key($x509->pubkey);
  my $key  = Crypt::OpenSSL::RSA->new_private_key(path('t/test.key')->slurp);

  $cert = Mojo::XMLSig::trim_cert($cert);

  my $xml = <<"XML";
<Thing ID="abc123"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo>
    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
    <ds:Reference URI="#abc123">
      <ds:Transforms>



( run in 0.244 second using v1.01-cache-2.11-cpan-a5abf4f5562 )