From a3c140945d8ff8ef4bcc3432e16ad695daca6fe1 Mon Sep 17 00:00:00 2001 From: Chris Andrews Date: Dec 20 2010 13:31:23 +0000 Subject: Use Test::NoTabs properly, and untabify where necessary. --- diff --git a/lib/Net/SAML2/Binding/POST.pm b/lib/Net/SAML2/Binding/POST.pm index 9544bd6..927bb09 100644 --- a/lib/Net/SAML2/Binding/POST.pm +++ b/lib/Net/SAML2/Binding/POST.pm @@ -41,21 +41,21 @@ Base64-encoded response, from the SAMLResponse CGI parameter. sub handle_response { my ($self, $response) = @_; - # unpack and check the signature + # unpack and check the signature my $xml = decode_base64($response); my $x = XML::Sig->new({ x509 => 1 }); my $ret = $x->verify($xml); - die "signature check failed" unless $ret; + die "signature check failed" unless $ret; - # verify the signing certificate - my $cert = $x->signer_cert; - my $ca = Crypt::OpenSSL::VerifyX509->new($self->cacert); - $ret = $ca->verify($cert); + # verify the signing certificate + my $cert = $x->signer_cert; + my $ca = Crypt::OpenSSL::VerifyX509->new($self->cacert); + $ret = $ca->verify($cert); - if ($ret) { - return sprintf("%s (verified)", $cert->subject); - } - return; + if ($ret) { + return sprintf("%s (verified)", $cert->subject); + } + return; } 1; diff --git a/lib/Net/SAML2/Binding/Redirect.pm b/lib/Net/SAML2/Binding/Redirect.pm index caf7b2a..f78791a 100644 --- a/lib/Net/SAML2/Binding/Redirect.pm +++ b/lib/Net/SAML2/Binding/Redirect.pm @@ -101,27 +101,27 @@ Verifies the signature on the response. sub verify { my ($self, $url) = @_; - my $u = URI->new($url); - + my $u = URI->new($url); + # verify the response - my $sigalg = $u->query_param('SigAlg'); - die "can't verify '$sigalg' signatures" - unless $sigalg eq 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'; + my $sigalg = $u->query_param('SigAlg'); + die "can't verify '$sigalg' signatures" + unless $sigalg eq 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'; my $cert = Crypt::OpenSSL::X509->new_from_string($self->cert); my $rsa_pub = Crypt::OpenSSL::RSA->new_public_key($cert->pubkey); - - my $sig = decode_base64($u->query_param_delete('Signature')); - my $signed = $u->query; - die "bad sig" unless $rsa_pub->verify($signed, $sig); + + my $sig = decode_base64($u->query_param_delete('Signature')); + my $signed = $u->query; + die "bad sig" unless $rsa_pub->verify($signed, $sig); - # unpack the SAML request + # unpack the SAML request my $deflated = decode_base64($u->query_param($self->param)); my $request = ''; rawinflate \$deflated => \$request; - # unpack the relaystate - my $relaystate = $u->query_param('RelayState'); + # unpack the relaystate + my $relaystate = $u->query_param('RelayState'); return ($request, $relaystate); } diff --git a/lib/Net/SAML2/Binding/SOAP.pm b/lib/Net/SAML2/Binding/SOAP.pm index ca7b5ea..82cf7be 100644 --- a/lib/Net/SAML2/Binding/SOAP.pm +++ b/lib/Net/SAML2/Binding/SOAP.pm @@ -43,7 +43,7 @@ Arguments: =cut has 'ua' => (isa => Object, is => 'ro', required => 1, - default => sub { LWP::UserAgent->new }); + default => sub { LWP::UserAgent->new }); has 'url' => (isa => Uri, is => 'ro', required => 1, coerce => 1); has 'key' => (isa => Str, is => 'ro', required => 1); @@ -61,7 +61,7 @@ Returns the Response, or dies if there was an error. sub request { my ($self, $message) = @_; - my $request = $self->create_soap_envelope($message); + my $request = $self->create_soap_envelope($message); my $soap_action = 'http://www.oasis-open.org/committees/security'; @@ -74,7 +74,7 @@ sub request { my $ua = $self->ua; my $res = $ua->request($req); - return $self->handle_response($res->content); + return $self->handle_response($res->content); } =head2 handle_response( $response ) @@ -86,28 +86,28 @@ Accepts a string containing the complete SOAP response. =cut sub handle_response { - my ($self, $response) = @_; + my ($self, $response) = @_; - # verify the response + # verify the response my $x = XML::Sig->new({ x509 => 1, cert_text => $self->idp_cert }); my $ret = $x->verify($response); die "bad SOAP response" unless $ret; - # verify the signing certificate - my $cert = $x->signer_cert; - my $ca = Crypt::OpenSSL::VerifyX509->new($self->cacert); - $ret = $ca->verify($cert); - die "bad signer cert" unless $ret; - - my $subject = sprintf("%s (verified)", $cert->subject); - - # parse the SOAP response and return the payload - my $parser = XML::XPath->new( xml => $response ); - $parser->set_namespace('soap-env', 'http://schemas.xmlsoap.org/soap/envelope/'); - $parser->set_namespace('samlp', 'urn:oasis:names:tc:SAML:2.0:protocol'); - - my $saml = $parser->findnodes_as_string('/soap-env:Envelope/soap-env:Body/*'); - return ($subject, $saml); + # verify the signing certificate + my $cert = $x->signer_cert; + my $ca = Crypt::OpenSSL::VerifyX509->new($self->cacert); + $ret = $ca->verify($cert); + die "bad signer cert" unless $ret; + + my $subject = sprintf("%s (verified)", $cert->subject); + + # parse the SOAP response and return the payload + my $parser = XML::XPath->new( xml => $response ); + $parser->set_namespace('soap-env', 'http://schemas.xmlsoap.org/soap/envelope/'); + $parser->set_namespace('samlp', 'urn:oasis:names:tc:SAML:2.0:protocol'); + + my $saml = $parser->findnodes_as_string('/soap-env:Envelope/soap-env:Body/*'); + return ($subject, $saml); } =head2 handle_request( $request ) @@ -119,29 +119,29 @@ Accepts a string containing the complete SOAP request. =cut sub handle_request { - my ($self, $request) = @_; - - my $parser = XML::XPath->new( xml => $request ); - $parser->set_namespace('soap-env', 'http://schemas.xmlsoap.org/soap/envelope/'); - $parser->set_namespace('samlp', 'urn:oasis:names:tc:SAML:2.0:protocol'); + my ($self, $request) = @_; + + my $parser = XML::XPath->new( xml => $request ); + $parser->set_namespace('soap-env', 'http://schemas.xmlsoap.org/soap/envelope/'); + $parser->set_namespace('samlp', 'urn:oasis:names:tc:SAML:2.0:protocol'); - my $saml = $parser->findnodes_as_string('/soap-env:Envelope/soap-env:Body/*'); + my $saml = $parser->findnodes_as_string('/soap-env:Envelope/soap-env:Body/*'); - if (defined $saml) { - my $x = XML::Sig->new({ x509 => 1, cert_text => $self->idp_cert }); - my $ret = $x->verify($saml); - die "bad signature" unless $ret; + if (defined $saml) { + my $x = XML::Sig->new({ x509 => 1, cert_text => $self->idp_cert }); + my $ret = $x->verify($saml); + die "bad signature" unless $ret; - my $cert = $x->signer_cert; - my $ca = Crypt::OpenSSL::VerifyX509->new($self->cacert); - $ret = $ca->verify($cert); - die "bad certificate in request: ".$cert->subject unless $ret; + my $cert = $x->signer_cert; + my $ca = Crypt::OpenSSL::VerifyX509->new($self->cacert); + $ret = $ca->verify($cert); + die "bad certificate in request: ".$cert->subject unless $ret; - my $subject = $cert->subject; - return ($subject, $saml); - } + my $subject = $cert->subject; + return ($subject, $saml); + } - return; + return; } =head2 create_soap_envelope($message) @@ -151,34 +151,34 @@ Signs and SOAP-wraps the given message. =cut sub create_soap_envelope { - my ($self, $message) = @_; + my ($self, $message) = @_; - # sign the message + # sign the message my $sig = XML::Sig->new({ - x509 => 1, - key => $self->key, - cert => $self->cert, - }); + x509 => 1, + key => $self->key, + cert => $self->cert, + }); my $signed_message = $sig->sign($message); - - # OpenSSO ArtifactResolve hack - # - # OpenSSO's ArtifactResolve parser is completely hateful. It demands that - # the order of child elements in an ArtifactResolve message be: - # - # 1: saml:Issuer - # 2: dsig:Signature - # 3: samlp:Artifact - # - # Really. - # - if ($signed_message =~ /ArtifactResolve/) { - $signed_message =~ s!()!!s; - my $signature = $1; - $signed_message =~ s/(<\/saml:Issuer>)/$1$signature/; - } - - # test verify + + # OpenSSO ArtifactResolve hack + # + # OpenSSO's ArtifactResolve parser is completely hateful. It demands that + # the order of child elements in an ArtifactResolve message be: + # + # 1: saml:Issuer + # 2: dsig:Signature + # 3: samlp:Artifact + # + # Really. + # + if ($signed_message =~ /ArtifactResolve/) { + $signed_message =~ s!()!!s; + my $signature = $1; + $signed_message =~ s/(<\/saml:Issuer>)/$1$signature/; + } + + # test verify my $ret = $sig->verify($signed_message); die "failed to sign" unless $ret; @@ -189,7 +189,7 @@ $signed_message SOAP - return $soap; + return $soap; } 1; diff --git a/lib/Net/SAML2/IdP.pm b/lib/Net/SAML2/IdP.pm index 9f00486..aa8443e 100644 --- a/lib/Net/SAML2/IdP.pm +++ b/lib/Net/SAML2/IdP.pm @@ -55,7 +55,7 @@ sub new_from_url { die "no metadata" unless $res->is_success; my $xml = $res->content; - return $class->new_from_xml( xml => $xml, cacert => $args{cacert} ); + return $class->new_from_xml( xml => $xml, cacert => $args{cacert} ); } =head2 new_from_xml( xml => $xml, cacert => $cacert ) @@ -66,13 +66,13 @@ document. =cut sub new_from_xml { - my ($class, %args) = @_; + my ($class, %args) = @_; my $xpath = XML::XPath->new( xml => $args{xml} ); $xpath->set_namespace('md', 'urn:oasis:names:tc:SAML:2.0:metadata'); - $xpath->set_namespace('ds', 'http://www.w3.org/2000/09/xmldsig#'); + $xpath->set_namespace('ds', 'http://www.w3.org/2000/09/xmldsig#'); - my $data; + my $data; for my $sso ($xpath->findnodes('//md:EntityDescriptor/md:IDPSSODescriptor/md:SingleSignOnService')) { my $binding = $sso->getAttribute('Binding'); @@ -89,34 +89,34 @@ sub new_from_xml { $data->{Art}->{$binding} = $art->getAttribute('Location'); } - for my $key ($xpath->findnodes('//md:EntityDescriptor/md:IDPSSODescriptor/md:KeyDescriptor')) { - my $use = $key->getAttribute('use'); - my ($text) = $key->findvalue('ds:KeyInfo/ds:X509Data/ds:X509Certificate') =~ /^\s+(.+?)\s+$/s; - $data->{Cert}->{$use} = sprintf("-----BEGIN CERTIFICATE-----\n%s\n-----END CERTIFICATE-----\n", $text); - } - - my $self = $class->new( - entityid => $xpath->findvalue('//md:EntityDescriptor/@entityID')->value, - sso_urls => $data->{SSO}, - slo_urls => $data->{SLO}, - art_urls => $data->{Art}, - certs => $data->{Cert}, - cacert => $args{cacert}, - ); + for my $key ($xpath->findnodes('//md:EntityDescriptor/md:IDPSSODescriptor/md:KeyDescriptor')) { + my $use = $key->getAttribute('use'); + my ($text) = $key->findvalue('ds:KeyInfo/ds:X509Data/ds:X509Certificate') =~ /^\s+(.+?)\s+$/s; + $data->{Cert}->{$use} = sprintf("-----BEGIN CERTIFICATE-----\n%s\n-----END CERTIFICATE-----\n", $text); + } + + my $self = $class->new( + entityid => $xpath->findvalue('//md:EntityDescriptor/@entityID')->value, + sso_urls => $data->{SSO}, + slo_urls => $data->{SLO}, + art_urls => $data->{Art}, + certs => $data->{Cert}, + cacert => $args{cacert}, + ); return $self; } sub BUILD { - my ($self) = @_; - my $ca = Crypt::OpenSSL::VerifyX509->new($self->cacert); - - for my $use (keys %{ $self->certs }) { - my $cert = Crypt::OpenSSL::X509->new_from_string($self->certs->{$use}); - unless ($ca->verify($cert)) { - die "can't verify IdP '$use' cert"; - } - } + my ($self) = @_; + my $ca = Crypt::OpenSSL::VerifyX509->new($self->cacert); + + for my $use (keys %{ $self->certs }) { + my $cert = Crypt::OpenSSL::X509->new_from_string($self->certs->{$use}); + unless ($ca->verify($cert)) { + die "can't verify IdP '$use' cert"; + } + } } =head2 sso_url($binding) @@ -162,8 +162,8 @@ Returns the IdP's certificate for the given use (e.g. 'signing'). =cut sub cert { - my ($self, $use) = @_; - return $self->certs->{$use}; + my ($self, $use) = @_; + return $self->certs->{$use}; } 1; diff --git a/lib/Net/SAML2/Protocol/ArtifactResolve.pm b/lib/Net/SAML2/Protocol/ArtifactResolve.pm index 7f51cd9..acd45f5 100644 --- a/lib/Net/SAML2/Protocol/ArtifactResolve.pm +++ b/lib/Net/SAML2/Protocol/ArtifactResolve.pm @@ -61,7 +61,7 @@ sub as_xml { EOXML - return $self->template($template); + return $self->template($template); } 1; diff --git a/lib/Net/SAML2/Protocol/Assertion.pm b/lib/Net/SAML2/Protocol/Assertion.pm index 21acb33..047ca8b 100644 --- a/lib/Net/SAML2/Protocol/Assertion.pm +++ b/lib/Net/SAML2/Protocol/Assertion.pm @@ -44,20 +44,20 @@ sub new_from_xml { my $xpath = XML::XPath->new( xml => $args{xml} ); $xpath->set_namespace('saml', 'urn:oasis:names:tc:SAML:2.0:assertion'); - my $attributes = {}; + my $attributes = {}; for my $node ($xpath->findnodes('//saml:Assertion/saml:AttributeStatement/saml:Attribute')) { - my @values = $node->findnodes('saml:AttributeValue'); + my @values = $node->findnodes('saml:AttributeValue'); $attributes->{$node->getAttribute('Name')} = [ - map { $_->string_value } @values - ]; + map { $_->string_value } @values + ]; } - my $not_before = DateTime::Format::XSD->parse_datetime( - $xpath->findvalue('//saml:Conditions/@NotBefore')->value - ); - my $not_after = DateTime::Format::XSD->parse_datetime( - $xpath->findvalue('//saml:Conditions/@NotOnOrAfter')->value - ); + my $not_before = DateTime::Format::XSD->parse_datetime( + $xpath->findvalue('//saml:Conditions/@NotBefore')->value + ); + my $not_after = DateTime::Format::XSD->parse_datetime( + $xpath->findvalue('//saml:Conditions/@NotOnOrAfter')->value + ); my $self = $class->new( attributes => $attributes, @@ -67,7 +67,7 @@ sub new_from_xml { not_before => $not_before, not_after => $not_after, ); - + return $self; } @@ -79,8 +79,7 @@ Returns the CN attribute, if provided. sub name { my ($self) = @_; - return $self->attributes->{CN}->[0]; + return $self->attributes->{CN}->[0]; } 1; - diff --git a/lib/Net/SAML2/Protocol/AuthnRequest.pm b/lib/Net/SAML2/Protocol/AuthnRequest.pm index 11bb752..164d304 100644 --- a/lib/Net/SAML2/Protocol/AuthnRequest.pm +++ b/lib/Net/SAML2/Protocol/AuthnRequest.pm @@ -33,7 +33,7 @@ Arguments: =cut -has 'issuer' => (isa => Uri, is => 'ro', required => 1, coerce => 1); +has 'issuer' => (isa => Uri, is => 'ro', required => 1, coerce => 1); has 'destination' => (isa => Uri, is => 'ro', required => 1, coerce => 1); =head2 as_xml() @@ -58,8 +58,7 @@ sub as_xml { EOXML - return $self->template($template); + return $self->template($template); } 1; - diff --git a/lib/Net/SAML2/Protocol/LogoutRequest.pm b/lib/Net/SAML2/Protocol/LogoutRequest.pm index 9248aea..e2b58d1 100644 --- a/lib/Net/SAML2/Protocol/LogoutRequest.pm +++ b/lib/Net/SAML2/Protocol/LogoutRequest.pm @@ -34,9 +34,9 @@ Arguments: =cut -has 'session' => (isa => NonEmptySimpleStr, is => 'ro', required => 1); -has 'nameid' => (isa => NonEmptySimpleStr, is => 'ro', required => 1); -has 'issuer' => (isa => Uri, is => 'ro', required => 1, coerce => 1); +has 'session' => (isa => NonEmptySimpleStr, is => 'ro', required => 1); +has 'nameid' => (isa => NonEmptySimpleStr, is => 'ro', required => 1); +has 'issuer' => (isa => Uri, is => 'ro', required => 1, coerce => 1); has 'destination' => (isa => Uri, is => 'ro', required => 1, coerce => 1); =head2 new_from_xml @@ -46,21 +46,21 @@ Create a LogoutRequest object from the given XML. =cut sub new_from_xml { - my ($class, %args) = @_; + my ($class, %args) = @_; my $xpath = XML::XPath->new( xml => $args{xml} ); $xpath->set_namespace('saml', 'urn:oasis:names:tc:SAML:2.0:assertion'); - $xpath->set_namespace('samlp', 'urn:oasis:names:tc:SAML:2.0:protocol'); + $xpath->set_namespace('samlp', 'urn:oasis:names:tc:SAML:2.0:protocol'); - my $self = $class->new( - id => $xpath->findvalue('/samlp:LogoutRequest/@ID')->value, - session => $xpath->findvalue('/samlp:LogoutRequest/samlp:SessionIndex')->value, - issuer => $xpath->findvalue('/samlp:LogoutRequest/saml:Issuer')->value, - nameid => $xpath->findvalue('/samlp:LogoutRequest/saml:NameID')->value, - destination => $xpath->findvalue('/samlp:LogoutRequest/saml:NameID/@NameQualifier')->value, - ); + my $self = $class->new( + id => $xpath->findvalue('/samlp:LogoutRequest/@ID')->value, + session => $xpath->findvalue('/samlp:LogoutRequest/samlp:SessionIndex')->value, + issuer => $xpath->findvalue('/samlp:LogoutRequest/saml:Issuer')->value, + nameid => $xpath->findvalue('/samlp:LogoutRequest/saml:NameID')->value, + destination => $xpath->findvalue('/samlp:LogoutRequest/saml:NameID/@NameQualifier')->value, + ); - return $self; + return $self; } =head2 as_xml() @@ -72,19 +72,19 @@ Returns the LogoutRequest as XML. sub as_xml { my ($self) = @_; - my $template = <<'EOXML'; + my $template = <<'EOXML'; - issuer ?> - + issuer ?> + nameid ?> - session ?> + session ?> EOXML - return $self->template($template); + return $self->template($template); } __PACKAGE__->meta->make_immutable; diff --git a/lib/Net/SAML2/Protocol/LogoutResponse.pm b/lib/Net/SAML2/Protocol/LogoutResponse.pm index 61623f8..3e9c3db 100644 --- a/lib/Net/SAML2/Protocol/LogoutResponse.pm +++ b/lib/Net/SAML2/Protocol/LogoutResponse.pm @@ -34,9 +34,9 @@ Arguments: =cut -has 'issuer' => (isa => Uri, is => 'ro', required => 1, coerce => 1); +has 'issuer' => (isa => Uri, is => 'ro', required => 1, coerce => 1); has 'destination' => (isa => Uri, is => 'ro', required => 1, coerce => 1); -has 'status' => (isa => Str, is => 'ro', required => 1); +has 'status' => (isa => Str, is => 'ro', required => 1); has 'response_to' => (isa => Str, is => 'ro', required => 1); =head2 new_from_xml @@ -46,22 +46,22 @@ Create a LogoutResponse object from the given XML. =cut sub new_from_xml { - my ($class, %args) = @_; + my ($class, %args) = @_; - my $xpath = XML::XPath->new( xml => $args{xml} ); - $xpath->set_namespace('saml', 'urn:oasis:names:tc:SAML:2.0:assertion'); - $xpath->set_namespace('samlp', 'urn:oasis:names:tc:SAML:2.0:protocol'); - - my $self = $class->new( - id => $xpath->findvalue('/samlp:LogoutResponse/@ID')->value, - response_to => $xpath->findvalue('/samlp:LogoutResponse/@InResponseTo')->value, - destination => $xpath->findvalue('/samlp:LogoutResponse/@Destination')->value, - session => $xpath->findvalue('/samlp:LogoutResponse/samlp:SessionIndex')->value, - issuer => $xpath->findvalue('/samlp:LogoutResponse/saml:Issuer')->value, - status => $xpath->findvalue('/samlp:LogoutResponse/samlp:Status/samlp:StatusCode/@Value')->value, - ); - - return $self; + my $xpath = XML::XPath->new( xml => $args{xml} ); + $xpath->set_namespace('saml', 'urn:oasis:names:tc:SAML:2.0:assertion'); + $xpath->set_namespace('samlp', 'urn:oasis:names:tc:SAML:2.0:protocol'); + + my $self = $class->new( + id => $xpath->findvalue('/samlp:LogoutResponse/@ID')->value, + response_to => $xpath->findvalue('/samlp:LogoutResponse/@InResponseTo')->value, + destination => $xpath->findvalue('/samlp:LogoutResponse/@Destination')->value, + session => $xpath->findvalue('/samlp:LogoutResponse/samlp:SessionIndex')->value, + issuer => $xpath->findvalue('/samlp:LogoutResponse/saml:Issuer')->value, + status => $xpath->findvalue('/samlp:LogoutResponse/samlp:Status/samlp:StatusCode/@Value')->value, + ); + + return $self; } =head2 as_xml() @@ -71,9 +71,9 @@ Returns the LogoutResponse as XML. =cut sub as_xml { - my ($self) = @_; + my ($self) = @_; - my $template =<<'EOXML'; + my $template =<<'EOXML'; EOXML - return $self->template($template); + return $self->template($template); } 1; diff --git a/lib/Net/SAML2/Role/ProtocolMessage.pm b/lib/Net/SAML2/Role/ProtocolMessage.pm index ec4406e..a7e91f1 100644 --- a/lib/Net/SAML2/Role/ProtocolMessage.pm +++ b/lib/Net/SAML2/Role/ProtocolMessage.pm @@ -18,18 +18,18 @@ has 'id' => (isa => Str, is => 'ro', required => 1); has 'issue_instant' => (isa => Str, is => 'ro', required => 1); around 'BUILDARGS' => sub { - my $orig = shift; - my $class = shift; - my %args = @_; - - # random ID for this message - $args{id} ||= unpack 'H*', Crypt::OpenSSL::Random::random_pseudo_bytes(16); - - # IssueInstant in UTC - my $dt = DateTime->now( time_zone => 'UTC' ); - $args{issue_instant} ||= $dt->strftime('%FT%TZ'); - - return \%args; + my $orig = shift; + my $class = shift; + my %args = @_; + + # random ID for this message + $args{id} ||= unpack 'H*', Crypt::OpenSSL::Random::random_pseudo_bytes(16); + + # IssueInstant in UTC + my $dt = DateTime->now( time_zone => 'UTC' ); + $args{issue_instant} ||= $dt->strftime('%FT%TZ'); + + return \%args; }; 1; diff --git a/lib/Net/SAML2/Role/Templater.pm b/lib/Net/SAML2/Role/Templater.pm index f97878c..4007a28 100644 --- a/lib/Net/SAML2/Role/Templater.pm +++ b/lib/Net/SAML2/Role/Templater.pm @@ -19,10 +19,10 @@ Evaluates the given template using $self as the context. =cut sub template { - my ($self, $template) = @_; - my $renderer = build_mt($template); - my $xml = $renderer->($self)->as_string; - return $xml; + my ($self, $template) = @_; + my $renderer = build_mt($template); + my $xml = $renderer->($self)->as_string; + return $xml; } 1; diff --git a/lib/Net/SAML2/SP.pm b/lib/Net/SAML2/SP.pm index 124a372..a1e8dc6 100644 --- a/lib/Net/SAML2/SP.pm +++ b/lib/Net/SAML2/SP.pm @@ -45,20 +45,20 @@ has 'id' => (isa => Str, is => 'ro', required => 1); has 'cert' => (isa => Str, is => 'ro', required => 1); has 'cacert' => (isa => Str, is => 'ro', required => 1); -has 'org_name' => (isa => Str, is => 'ro', required => 1); +has 'org_name' => (isa => Str, is => 'ro', required => 1); has 'org_display_name' => (isa => Str, is => 'ro', required => 1); has 'org_contact' => (isa => Str, is => 'ro', required => 1); has '_cert_text' => (isa => Str, is => 'rw', required => 0); sub BUILD { - my ($self) = @_; + my ($self) = @_; my $cert = Crypt::OpenSSL::X509->new_from_file($self->cert); my $text = $cert->as_string; $text =~ s/-----[^-]*-----//gm; - $self->_cert_text($text); - + $self->_cert_text($text); + return $self; } @@ -70,15 +70,15 @@ given destination, which should be the identity URI of the IdP. =cut sub authn_request { - my ($self, $destination) = @_; - - my $authnreq = Net::SAML2::Protocol::AuthnRequest->new( - issueinstant => DateTime->now, - issuer => $self->id, - destination => $destination, - ); - - return $authnreq; + my ($self, $destination) = @_; + + my $authnreq = Net::SAML2::Protocol::AuthnRequest->new( + issueinstant => DateTime->now, + issuer => $self->id, + destination => $destination, + ); + + return $authnreq; } =head2 logout_request($destination, $nameid, $session) @@ -91,16 +91,16 @@ Also requires the nameid and session to be logged out. =cut sub logout_request { - my ($self, $destination, $nameid, $session) = @_; + my ($self, $destination, $nameid, $session) = @_; - my $logout_req = Net::SAML2::Protocol::LogoutRequest->new( + my $logout_req = Net::SAML2::Protocol::LogoutRequest->new( issuer => $self->id, destination => $destination, nameid => $nameid, session => $session, ); - return $logout_req; + return $logout_req; } =head2 logout_response($destination, $status, $response_to) @@ -114,16 +114,16 @@ LogoutRequest. =cut sub logout_response { - my ($self, $destination, $status, $response_to) = @_; + my ($self, $destination, $status, $response_to) = @_; - my $logout_req = Net::SAML2::Protocol::LogoutResponse->new( + my $logout_req = Net::SAML2::Protocol::LogoutResponse->new( issuer => $self->id, destination => $destination, - status => $status, - response_to => $response_to, + status => $status, + response_to => $response_to, ); - return $logout_req; + return $logout_req; } =head2 artifact_request($destination, $artifact) @@ -135,16 +135,16 @@ IdP. =cut sub artifact_request { - my ($self, $destination, $artifact) = @_; - - my $artifact_request = Net::SAML2::Protocol::ArtifactResolve->new( - issuer => $self->id, - destination => $destination, - artifact => $artifact, - issueinstant => DateTime->now, - ); - - return $artifact_request; + my ($self, $destination, $artifact) = @_; + + my $artifact_request = Net::SAML2::Protocol::ArtifactResolve->new( + issuer => $self->id, + destination => $destination, + artifact => $artifact, + issueinstant => DateTime->now, + ); + + return $artifact_request; } =head2 sso_redirect_binding($idp, $param) @@ -156,16 +156,16 @@ parameter involved - typically SAMLRequest. =cut sub sso_redirect_binding { - my ($self, $idp, $param) = @_; - - my $redirect = Net::SAML2::Binding::Redirect->new( + my ($self, $idp, $param) = @_; + + my $redirect = Net::SAML2::Binding::Redirect->new( url => $idp->sso_url('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'), cert => $idp->cert('signing'), key => $self->cert, param => $param, - ); - - return $redirect; + ); + + return $redirect; } =head2 slo_redirect_binding @@ -177,16 +177,16 @@ parameter involved - typically SAMLRequest or SAMLResponse. =cut sub slo_redirect_binding { - my ($self, $idp, $param) = @_; - - my $redirect = Net::SAML2::Binding::Redirect->new( + my ($self, $idp, $param) = @_; + + my $redirect = Net::SAML2::Binding::Redirect->new( url => $idp->slo_url('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'), cert => $idp->cert('signing'), key => $self->cert, param => $param, - ); - - return $redirect; + ); + + return $redirect; } =head2 soap_binding @@ -199,18 +199,18 @@ XXX UA =cut sub soap_binding { - my ($self, $ua, $idp_url, $idp_cert) = @_; - - my $soap = Net::SAML2::Binding::SOAP->new( - ua => $ua, - key => $self->cert, - cert => $self->cert, - url => $idp_url, - idp_cert => $idp_cert, - cacert => $self->cacert, - ); - - return $soap; + my ($self, $ua, $idp_url, $idp_cert) = @_; + + my $soap = Net::SAML2::Binding::SOAP->new( + ua => $ua, + key => $self->cert, + cert => $self->cert, + url => $idp_url, + idp_cert => $idp_cert, + cacert => $self->cacert, + ); + + return $soap; } =head2 post_binding @@ -220,13 +220,13 @@ Returns a POST binding object for this SP. =cut sub post_binding { - my ($self) = @_; - + my ($self) = @_; + my $post = Net::SAML2::Binding::POST->new( - cacert => $self->cacert, - ); - - return $post; + cacert => $self->cacert, + ); + + return $post; } =head2 metadata @@ -266,7 +266,7 @@ sub metadata { EOXML - return $self->template($template); + return $self->template($template); } 1; diff --git a/t/author/notabs.t b/t/author/notabs.t index 5f3efe8..9c796c2 100644 --- a/t/author/notabs.t +++ b/t/author/notabs.t @@ -1,3 +1,3 @@ use Test::NoTabs; -all_perl_files_ok; +all_perl_files_ok('lib', 't');