DOKK / manpages / debian 11 / liblemonldap-ng-portal-perl / Lemonldap::NG::Portal::Lib::SAML.3pm.en
Lemonldap::NG::Portal::Lib::SAML(3pm) User Contributed Perl Documentation Lemonldap::NG::Portal::Lib::SAML(3pm)

Lemonldap::NG::Portal::Lib::SAML - Common SAML functions

use Lemonldap::NG::Portal::Lib::SAML;

This module contains common methods for SAML authentication and user information loading

Load Lasso module

Load SAML service by creating a Lasso::Server

Load SAML identity providers

Load SAML service providers

Check SAML requests and responses

Log Lasso error code and message if this is actually a Lasso::Error with code > 0

Load service metadata and create Lasso::Server object

Add IDP to an existing Lasso::Server

Add SP to an existing Lasso::Server

Add Attribute Authority to an existing Lasso::Server

Add provider to an existing Lasso::Server

Return name of organization picked up from metadata

Create authentication request for selected IDP

Create Lasso::Login object

Init authentication request

Init authentication request for IDP initiated

Build authentication request message

Process authentication request message

Validate request message

Build authentication response message

Build artifact message

Build assertion

Process authentication response message

Get NameID from Lasso Profile

Create Lasso::Identity object

Create Lasso::Session object

Accept SSO from IDP

Store information in relayState database and return

Extract RelayState information into $self

Get assertion in Lasso::Login object

Get SAML attribute value corresponding to name, format and friendly_name Multivaluated values are separated by ';'

Validate conditions

Create logout request for selected entity

Create Lasso::Logout object

Init logout request

Build logout request message

Set session from dump in Lasso::Profile object

Set identity from dump in Lasso::Profile object

Get URL stored in a service metadata configuration key

Process logout response message

Process logout request message

Validate logout request

Build logout response msg

Store ID of an SAML message in Replay Protection base

Check if SAML message do not correspond to a previously responded message

Resolve artifact to get the real SAML message

Store artifact

Load artifact

Create artifact response

Process artifact response message

Process artifact response message

Send SOAP message and get response

Create a new assertion query

Create an attribute request

Validate an attribute request

Process an attribute request

Build attribute response

Process an attribute response

Convert configuration string into SAML2 NameIDFormat string

Convert configuration string into Lasso HTTP Method integer

Convert configuration Lasso HTTP Method integer into string

Find a suitable HTTP method for an entity with a given protocol

Modify Lasso signature hint to disable signature

Modify Lasso signature hint to force signature

Modify Lasso signature hint to disable signature verification

Modify Lasso signature hint to force signature verification

Convert configuration string into SAML2 AuthnContextClassRef string

Convert timestamp into SAML2 date format

Convert SAML2 date format into timestamp

Send logout response issue from a logout request

Send logout request to a provider

Send logout response issue from a logout request to all other providers. If information have to be displayed to users, such as iframe to send HTTP-Redirect or HTTP-POST logout request, then $self->{_info} will be updated.

Check signature status

Return authentication level corresponding to authnContext

Return SAML authentication context corresponding to authnLevel

If SAML Destination attribute is present, check it

Try to recover the SAML session corresponding to id and return session data

Create a new SAML attribute

Create a new SAML attribute value

Return Lasso encryption mode

Set encryption mode on a provider

Find and delete SAML sessions bounded to a primary session

Send an SLO error response

Get query string with or without CGI query_string() method

Return Lasso signature method

Set signature method on a provider

Lemonldap::NG::Portal::Auth::SAML, Lemonldap::NG::Portal::UserDBSAML

Use OW2 system to report bug or ask for features: <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>

Lemonldap::NG is available at <http://forge.objectweb.org/project/showfiles.php?group_id=274>

See COPYING file for details.

This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.

2023-09-29 perl v5.32.1