.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.40) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" ======================================================================== .\" .IX Title "Lemonldap::NG::Portal::Main::Issuer 3pm" .TH Lemonldap::NG::Portal::Main::Issuer 3pm "2023-05-13" "perl v5.32.1" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" Lemonldap::NG::Portal::Main::Issuer \- Base class for identity providers. .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 5 \& package Lemonldap::NG::Portal::Issuer::My; \& use strict; \& use Mouse; \& extends \*(AqLemonldap::NG::Portal::Main::Issuer\*(Aq; \& use Lemonldap::NG::Portal::Main::Constants qw(PE_OK); \& \& # Required: URL root path \& use constant path => \*(Aqsaml\*(Aq; \& \& # Optional initialization method \& sub init { \& my ($self) = @_; \& ... \& # Must return 1 (succeed) or 0 (failure) \& } \& \& # Required methods are run() and logout(), they are launched only for \& # authenticated users \& # $req is a Lemonldap::NG::Portal::Main::Request object \& # They must return a Lemonldap::NG::Portal::Main::Constants constant \& sub run { \& my ( $self, $req ) = @_ \& ... \& return PE_OK \& } \& \& sub logout { \& my ( $self, $req ) = @_ \& ... \& return PE_OK \& } \& 1; .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" Lemonldap::NG::Portal::Main::Issuer is a base class to write identity providers for Lemonldap::NG web-SSO system. It provide several methods to write easily an IdP and manage authentication if the identity request comes before authentication. .SH "WRITING AN IDENTITY PROVIDER" .IX Header "WRITING AN IDENTITY PROVIDER" To write a classic identity provider, you just have to inherit this class and write \fBrun()\fR and \fBlogout()\fR methods. These methods must return a Lemonldap::NG::Portal::Main::Constants constant. .PP A classic identity provider needs a \*(L"issuerDB>XXXpath\*(C'\fR) because it is caught by this module, but you can catch sub-routes (ie \f(CW\*(C`/path/something\*(C'\fR). .PP Example: .PP .Vb 12 \& sub init { \& my ($self) = @_; \& ... \& $self\->addUnauthRoute( saml => { soap => \*(AqsoapServer\*(Aq }, [ \*(AqPOST\*(Aq ] ); \& return 1; \& } \& sub soapServer { \& my ( $self, $req ) = @_; \& ... \& # You must return a valid PSGI response \& return [ 200, [ \*(AqContent\-Type\*(Aq => \*(Aqapplication/xml\*(Aq ], [] ]; \& } .Ve .SS "avoid conflicts in path" .IX Subsection "avoid conflicts in path" If you share base \s-1URI\s0 path with another plugin (a \f(CW\*(C`Auth::*\*(C'\fR module for example), it is recommended to write a \f(CW\*(C`ssoMatch\*(C'\fR function that returns true if \f(CW\*(C`$req\->uri\*(C'\fR has to be handled by Issuer module. See \f(CW\*(C`Issuer::SAML\*(C'\fR or \f(CW\*(C`Issuer::OpenIDConnect\*(C'\fR to have some examples. .SH "SEE ALSO" .IX Header "SEE ALSO" .SH "AUTHORS" .IX Header "AUTHORS" .IP "LemonLDAP::NG team " 4 .IX Item "LemonLDAP::NG team " .SH "BUG REPORT" .IX Header "BUG REPORT" Use \s-1OW2\s0 system to report bug or ask for features: .SH "DOWNLOAD" .IX Header "DOWNLOAD" Lemonldap::NG is available at .SH "COPYRIGHT AND LICENSE" .IX Header "COPYRIGHT AND LICENSE" See \s-1COPYING\s0 file for details. .PP This library is free software; you can redistribute it and/or modify it under the terms of the \s-1GNU\s0 General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. .PP This program is distributed in the hope that it will be useful, but \s-1WITHOUT ANY WARRANTY\s0; without even the implied warranty of \&\s-1MERCHANTABILITY\s0 or \s-1FITNESS FOR A PARTICULAR PURPOSE.\s0 See the \&\s-1GNU\s0 General Public License for more details. .PP You should have received a copy of the \s-1GNU\s0 General Public License along with this program. If not, see .