package Authen::NZRealMe::ResolutionRequest;
$Authen::NZRealMe::ResolutionRequest::VERSION = '1.23';
use warnings;
use strict;
require XML::Generator;
use MIME::Base64 qw(decode_base64);
use Authen::NZRealMe::CommonURIs qw(URI NS_PAIR);
my $ns_soap_env = [ NS_PAIR('soap11') ];
my $ns_saml = [ NS_PAIR('saml') ];
my $ns_samlp = [ NS_PAIR('samlp') ];
sub new {
my $class = shift;
my $sp = shift;
my $artifact = shift;
my $self = bless {
artifact => $artifact,
}, $class;
return $self->_init($sp);
}
sub _init {
my($self, $sp) = @_;
$self->{request_id} = $sp->generate_saml_id('ArtifactResolve'),
$self->{issuer} = $sp->entity_id;
$self->{request_time} = $sp->now_as_iso();
my $bytes = decode_base64($self->artifact);
my($type_code, $index, $source_id, $msg_handle) = unpack('nna20a20', $bytes);
if($type_code != 4) {
die sprintf('Unexpected type code in received artifact: 0x%04X', $type_code);
}
my $idp = $sp->idp;
$idp->validate_source_id($source_id); # dies on error
$self->{destination_url} = $sp->idp->artifact_resolution_location($index);
$self->_generate_artifact_resolve_doc();
return $self;
}
sub artifact { shift->{artifact}; }
sub request_id { shift->{request_id}; }
sub issuer { shift->{issuer}; }
sub request_time { shift->{request_time}; }
sub destination_url { shift->{destination_url}; }
sub soap_request { shift->{soap_request}; }
sub _generate_artifact_resolve_doc {
my $self = shift;
my $x = XML::Generator->new(':pretty',
namespace => [ @$ns_soap_env, @$ns_saml, @$ns_samlp ],
);
$self->{soap_request} = $x->Envelope($ns_soap_env,
$x->Body($ns_soap_env,
$x->ArtifactResolve($ns_samlp,
{
Version => '2.0',
ID => $self->request_id(),
IssueInstant => $self->request_time(),
},
$x->Issuer($ns_saml,
$self->issuer
),
$x->Artifact($ns_samlp,
$self->artifact
),
),
),
) . "\n"; # ensure result is stringified
}
1;
__END__
=head1 NAME
Authen::NZRealMe::ResolutionRequest - Generate a SOAP request for resolving an
artifact to an FLT
=head1 DESCRIPTION
This package is used by the L<Authen::NZRealMe::ServiceProvider> to generate a
properly formatted SOAP Request containing a SAML2 ArtifactResolve message to
resolve an artifact to an FLT.
=head1 METHODS
=head2 new
Constructor. Should not be called directly. Instead, call the
C<resolve_artifact> method on the service provider object.
=head2 artifact
Accessor method to return the (base64 encoded) artifact string as returned
by the NZ RealMe Login service Identity Provider.
=head2 request_id
Accessor for the generated unique ID for this request.
=head2 issuer
Accessor for the entity ID of the Service Provider which generated the request.
=head2 request_time
Accessor for the request creation time formatted as an ISO date/time string.
=head2 destination_url
Accessor for the URL of the Identity Provider's artifact resolution service, to
which this request will be sent.
=head2 soap_request
Accessor for the XML document which will be sent as a SOAP request to the
Identity Provider's artifact resolution service.
=head1 SEE ALSO
See L<Authen::NZRealMe> for documentation index.
=head1 LICENSE AND COPYRIGHT
Copyright (c) 2010-2022 Enrolment Services, New Zealand Electoral Commission
Written by Grant McLean E<lt>grant@catalyst.net.nzE<gt>
This program is free software; you can redistribute it and/or modify it
under the terms of either: the GNU General Public License as published
by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.
=cut
