Google-SAML-Response
view release on metacpan or search on metacpan
- [Crypt::OpenSSL::Bignum](https://metacpan.org/pod/Crypt%3A%3AOpenSSL%3A%3ABignum)
- [XML::Canonical or XML::CanonicalizeXML](https://metacpan.org/pod/XML%3A%3ACanonical%20or%20XML%3A%3ACanonicalizeXML)
- [Digest::SHA](https://metacpan.org/pod/Digest%3A%3ASHA)
- [Date::Format](https://metacpan.org/pod/Date%3A%3AFormat)
- [Google::SAML::Request](https://metacpan.org/pod/Google%3A%3ASAML%3A%3ARequest)
# RESOURCES
- XML-Signature Syntax and Processing
[http://www.w3.org/TR/xmldsig-core/](http://www.w3.org/TR/xmldsig-core/)
- Google-Documentation on SSO and SAML
[https://developers.google.com/google-apps/sso/saml\_reference\_implementation](https://developers.google.com/google-apps/sso/saml_reference_implementation)
- XML Security Library
[http://www.aleksey.com/xmlsec/](http://www.aleksey.com/xmlsec/)
# METHODS
- canonicalizer
The name of the module that will be used to canonicalize parts of our xml. Currently,
[XML::Canonical](https://metacpan.org/pod/XML%3A%3ACanonical) and [XML::CanonicalizeXML](https://metacpan.org/pod/XML%3A%3ACanonicalizeXML) are
supported. [XML::CanonicalizeXML](https://metacpan.org/pod/XML%3A%3ACanonicalizeXML) is the default.
## get\_response\_xml
Generate the signed response xml and return it as a string
The method does what the w3c tells us to do ([http://www.w3.org/TR/xmldsig-core/#sec-CoreGeneration](http://www.w3.org/TR/xmldsig-core/#sec-CoreGeneration)):
> 3.1.1 Reference Generation
>
> For each data object being signed:
>
> 1\. Apply the Transforms, as determined by the application, to the data object.
>
> 2\. Calculate the digest value over the resulting data object.
>
> 3\. Create a Reference element, including the (optional) identification of the data object, any (optional) transform elements, the digest algorithm and the DigestValue. (Note, it is the canonical form of these references that are signed in 3.1.2 an...
lib/Google/SAML/Response.pm view on Meta::CPAN
=item * L<Google::SAML::Request|Google::SAML::Request>
=back
=head1 RESOURCES
=over
=item XML-Signature Syntax and Processing
L<http://www.w3.org/TR/xmldsig-core/>
=item Google-Documentation on SSO and SAML
L<https://developers.google.com/google-apps/sso/saml_reference_implementation>
=item XML Security Library
L<http://www.aleksey.com/xmlsec/>
=back
lib/Google/SAML/Response.pm view on Meta::CPAN
}
return;
}
=head2 get_response_xml
Generate the signed response xml and return it as a string
The method does what the w3c tells us to do (L<http://www.w3.org/TR/xmldsig-core/#sec-CoreGeneration>):
=over
3.1.1 Reference Generation
For each data object being signed:
1. Apply the Transforms, as determined by the application, to the data object.
2. Calculate the digest value over the resulting data object.
lib/Google/SAML/Response.pm view on Meta::CPAN
return "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" . $xml;
}
sub _signature_xml {
my $self = shift;
my $signed_info = shift;
my $signature_value = shift;
return qq|<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
$signed_info
<SignatureValue>$signature_value</SignatureValue>
$self->{ KeyInfo }
</Signature>|;
}
sub _signedinfo_xml {
my $self = shift;
my $digest_xml = shift;
return qq|<SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#$self->{ key_type }-sha1" />
$digest_xml
</SignedInfo>|;
}
sub _reference_xml {
my $self = shift;
my $digest = shift;
return qq|<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>$digest</DigestValue>
</Reference>|;
}
sub _canonicalize_xml {
my $self = shift;
my $xml = shift;
if ( $self->{ canonicalizer } eq 'XML::Canonical' ) {
( run in 2.653 seconds using v1.01-cache-2.11-cpan-71847e10f99 )