Merge pull request #38 from timlegge/dist-changes

A few more cleanup and fixes

Author: timlegge

Changes

@@ -1,5 +1,38 @@
 Revision history for Perl extension Net::SAML2.
 
+{{$NEXT}}
+
+  [Significant Changes since 0.40]
+
+  - COMPATABILITY WARNING: version 0.44 will likely make sha256 the default
+  - HTTP-Redirect now supports signing and verifying with more than rsa-sha1
+  - include HTTP-Post for SingleLogoutService in generated metadata
+  - Destination missing in LogoutRequest
+  - Added PingIdentity to the tested IdPs
+  - Most other changes related to the testapp Saml2Test (in git repo)
+
+  [Change Log]
+  - f694501 testapp: prevent app error if the are no slo_urls
+  - c2c9e4b testapp: revert previous change to sls-redirect-response
+  - c9532b3 Fixes #30 - Modules withou version and cleanup missing Abstract
+  - 9c5585b Merge pull request #37 from timlegge/testapp
+  - c51ba51 Tested compatiblity against PingIdentity
+  - b4d3fe9 Remove end of line spaces
+  - 41ef582 testapp: provide documentation on how to use the Saml2Test application
+  - 5a8ebb7 Fixes #36 testapp: metadata is rendered as text by the browser
+  - f1e2eca testapp: add .gitignore file testapp
+  - ca4b8bd Fixes #35: Metadata does not include HTTP-Post for SingleLogoutService
+  - 64008da testapp: Better org_name
+  - 22073bb Update certificates with 10 year expiration
+  - f215c40 testapp: add lightttpd.conf to proxy https traffic to testapp on port 3000
+  - f92ba77 testapp: provide lighttpd config to deliver a metatdata.xml file
+  - 2d671a4 Fixes #32: HTTP-Redirect should support more than sha1
+  - 5e2425a testapp: Make required settings configurable
+  - f70b0a5 Fixes #34: testapp: Dancer request_uri is not decoded
+  - 8c0d048 testapp: Fixes #33 Destination is not properly assigned
+  - 6e0a685 Fixes #31 Destination missing in LogoutRequest
+  - 652c763 testapp: support post for LogoutResponse
+
 0.40 - 2021-07-26
 
   [Significant Changes since 0.38]

dist.ini

@@ -32,7 +32,7 @@ contributor = Timothy Legge <[email protected]>
 [ConfirmRelease]
 [UploadToCPAN]
 
-[GatherDir]
+[Git::GatherDir]
 exclude_filename = cpanfile
 exclude_filename = Makefile.PL
 exclude_filename = dev-bin/cpanm
@@ -46,10 +46,10 @@ match = ico
 
 [CPANFile]
 
-[CopyFilesFromBuild::Filtered]
-copy = cpanfile
-copy = Makefile.PL
-copy = README
+;[CopyFilesFromBuild::Filtered]
+;copy = cpanfile
+;copy = Makefile.PL
+;copy = README
 
 [CopyFilesFromRelease]
 copy = cpanfile, Makefile.PL, README
@@ -75,5 +75,18 @@ web = https://github.com/perl-net-saml2/perl-Net-SAML2/issues
 [Test::NoTabs]
 
 [PodWeaver]
-[VersionFromModule]
+[NextRelease]
+format = %v -- %{EEE MMM dd HH:mm:ss VVV yyyy}d
+filename = Changes
+
+[Git::NextVersion]
+first_version = 0.001       ; this is the default
+version_by_branch = 0       ; this is the default
+version_regexp  = ^(0.\d+)$   ; this is the default
+[WriteVersion]
+[Git::Tag]
+tag_format  = %V       ; this is the default
+tag_message = %V       ; this is the default
+[Git::Commit]
+changelog = Changes      ; this is the default
 [Signature]

lib/Net/SAML2.pm

@@ -4,6 +4,8 @@ use warnings;
 
 require 5.008_001;
 
+# ABSTRACT: SAML2 bindings and protocol implementation
+
 our $VERSION = '0.40';
 $VERSION = eval {$VERSION};
 

lib/Net/SAML2/Binding/POST.pm

@@ -5,6 +5,10 @@ use warnings;
 
 use Moose;
 
+our $VERSION = '0.40';
+
+# ABSTRACT: Net::SAML2::Binding::POST - HTTP POST binding for SAML
+
 =head1 NAME
 
 Net::SAML2::Binding::POST - HTTP POST binding for SAML2

lib/Net/SAML2/Binding/Redirect.pm

@@ -6,6 +6,10 @@ use warnings;
 use Moose;
 use MooseX::Types::URI qw/ Uri /;
 
+our $VERSION = '0.40';
+
+# ABSTRACT: Net::SAML2::Binding::Redirect - HTTP Redirect binding for SAML
+
 =head1 NAME
 
 Net::SAML2::Binding::Redirect

lib/Net/SAML2/Binding/SOAP.pm

@@ -3,6 +3,10 @@ use Moose;
 use MooseX::Types::URI qw/ Uri /;
 use Net::SAML2::XML::Util qw/ no_comments /;
 
+our $VERSION = '0.40';
+
+# ABSTRACT: Net::SAML2::Binding::Artifact - SOAP binding for SAML
+
 =head1 NAME
 
 Net::SAML2::Binding::Artifact - SOAP binding for SAML2

lib/Net/SAML2/IdP.pm

@@ -2,6 +2,10 @@ package Net::SAML2::IdP;
 use Moose;
 use MooseX::Types::URI qw/ Uri /;
 
+our $VERSION = '0.40';
+
+# ABSTRACT: Net::SAML2::IdP - SAML Identity Provider object
+
 =head1 NAME
 
 Net::SAML2::IdP - SAML Identity Provider object

lib/Net/SAML2/Protocol/ArtifactResolve.pm

@@ -4,6 +4,10 @@ use MooseX::Types::URI qw/ Uri /;
 
 with 'Net::SAML2::Role::ProtocolMessage';
 
+our $VERSION = '0.40';
+
+# ABSTRACT: Net::SAML2::Protocol::ArtifactResolve - ArtifactResolve protocol class
+
 =head1 NAME
 
 Net::SAML2::Protocol::ArtifactResolve - ArtifactResolve protocol class.

lib/Net/SAML2/Protocol/Assertion.pm

@@ -10,6 +10,10 @@ use XML::LibXML;
 
 with 'Net::SAML2::Role::ProtocolMessage';
 
+our $VERSION = '0.40';
+
+# ABSTRACT: Net::SAML2::Protocol::Assertion - SAML2 assertion object
+
 =head1 NAME
 
 Net::SAML2::Protocol::Assertion - SAML2 assertion object

lib/Net/SAML2/Protocol/AuthnRequest.pm

@@ -10,6 +10,12 @@ with 'Net::SAML2::Role::ProtocolMessage';
 
 # ABSTRACT: SAML2 AuthnRequest object
 
+our $VERSION = '0.40';
+
+=head1 NAME
+
+Net::SAML2::Protocol::AuthnRequest - SAML2 AuthnRequest object
+
 =head1 SYNOPSIS
 
   my $authnreq = Net::SAML2::Protocol::AuthnRequest->new(

lib/Net/SAML2/Protocol/LogoutRequest.pm

@@ -6,6 +6,10 @@ use Net::SAML2::XML::Util qw/ no_comments /;
 
 with 'Net::SAML2::Role::ProtocolMessage';
 
+# ABSTRACT: SAML2 LogoutRequest Protocol object
+
+our $VERSION = '0.40';
+
 =head1 NAME
 
 Net::SAML2::Protocol::LogoutRequest - the SAML2 LogoutRequest object

lib/Net/SAML2/Protocol/LogoutResponse.pm

@@ -5,6 +5,10 @@ use Net::SAML2::XML::Util qw/ no_comments /;
 
 with 'Net::SAML2::Role::ProtocolMessage';
 
+# ABSTRACT: SAML2 LogoutResponse Protocol object
+
+our $VERSION = '0.40';
+
 =head1 NAME
 
 Net::SAML2::Protocol::LogoutResponse - the SAML2 LogoutResponse object

lib/Net/SAML2/Role/ProtocolMessage.pm

@@ -10,6 +10,13 @@ use DateTime;
 use MooseX::Types::URI qw/ Uri /;
 use Net::SAML2::Util qw(generate_id);
 
+our $VERSION = '0.40';
+
+=head1 NAME
+
+Net::SAML2::Role::ProtocolMessage - the SAML2 ProtocolMessage Role object
+
+
 =head1 DESCRIPTION
 
 Provides default ID and timestamp arguments for Protocol classes.

lib/Net/SAML2/SP.pm

@@ -2,6 +2,10 @@ package Net::SAML2::SP;
 use Moose;
 use MooseX::Types::URI qw/ Uri /;
 
+our $VERSION = '0.40';
+
+# ABSTRACT: Net::SAML2::SP - SAML Service Provider object
+
 =head1 NAME
 
 Net::SAML2::SP - SAML Service Provider object

lib/Net/SAML2/Util.pm

@@ -3,6 +3,8 @@ package Net::SAML2::Util;
 use strict;
 use warnings;
 
+our $VERSION = '0.40';
+
 use Crypt::OpenSSL::Random qw(random_pseudo_bytes);
 
 # ABSTRACT: Utility functions for Net:SAML2

lib/Net/SAML2/XML/Sig.pm

@@ -3,6 +3,8 @@ package Net::SAML2::XML::Sig;
 use strict;
 use warnings;
 
+# ABSTRACT: Net::SAML2::XML::Sig - A toolkit to help sign and verify XML Digital Signatures
+
 =head1 NAME
 
 Net::SAML2::XML::Sig - A toolkit to help sign and verify XML Digital Signatures.
@@ -36,7 +38,7 @@ use vars qw($VERSION @EXPORT_OK %EXPORT_TAGS $DEBUG);
 
 $DEBUG = 0;
 # Based on XML::Sig VERSION = '0.47';
-$VERSION = '0.40';
+our $VERSION = '0.40';
 
 use base qw(Class::Accessor);
 Net::SAML2::XML::Sig->mk_accessors(qw(key));

lib/Net/SAML2/XML/Util.pm

@@ -9,14 +9,16 @@ use XML::LibXML;
 use vars qw($VERSION @EXPORT_OK %EXPORT_TAGS $DEBUG);
 
 $DEBUG = 0;
-$VERSION = '0.40';
+our $VERSION = '0.40';
 
 # We are exporting functions
 use base qw/Exporter/;
 
 # Export list - to allow fine tuning of export table
 @EXPORT_OK = qw( no_comments );
 
+# ABSTRACT: Net::SAML2::XML::Util - XML Util class
+
 =head1 NAME
 
 Net::SAML2::XML::Util - XML Util class.

xt/testapp/lib/Saml2Test.pm

@@ -16,7 +16,7 @@ Demo app to show use of Net::SAML2 as an SP.
 use Dancer ':syntax';
 use Net::SAML2;
 use MIME::Base64 qw/ decode_base64 /;
-use URI::Encode;
+use URI::Encode qw(uri_encode uri_decode);
 
 our $VERSION = '0.1';
 
@@ -47,6 +47,11 @@ get '/logout-redirect' => sub {
     my $idp = _idp();
     my $sp = _sp();
 
+    if ( ! defined $idp->slo_url('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect') ) {
+        redirect "/", 302;
+        return; # "Redirected\n";
+    }
+
     my $logoutreq = $sp->logout_request(
         $idp->slo_url('urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'),
         params->{nameid},
@@ -64,6 +69,12 @@ get '/logout-redirect' => sub {
 get '/logout-soap' => sub {
     my $idp = _idp();
     my $slo_url = $idp->slo_url('urn:oasis:names:tc:SAML:2.0:bindings:SOAP');
+
+    if ( ! defined $slo_url ) {
+        redirect "/", 302;
+        return "Redirected\n";
+    }
+
     my $idp_cert = $idp->cert('signing');
 
     my $sp = _sp();
@@ -142,8 +153,9 @@ get '/sls-redirect-response' => sub {
     my $sp = _sp();
     my $redirect = $sp->slo_redirect_binding($idp, 'SAMLResponse');
 
-    my $uri     = URI::Encode->new( { encode_reserved => 0 } );
-    my ($response, $relaystate) = $redirect->verify($uri->decode(request->request_uri));
+    my $decoded = uri_decode(request->uri);
+
+    my ($response, $relaystate) = $redirect->verify($decoded);
 
     redirect $relaystate || '/', 302;
     return "Redirected\n";