The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.
 / 
XML-Compile-WSS-Signature-2.01
River stage one • 1 direct dependent • 1 total dependent
1 ++
/ XML::Compile::WSS::KeyInfo

NAME

XML::Compile::WSS::KeyInfo - handling WSS key info structures

SYNOPSIS

  # Not for end-users
  my $sig = XML::Compile::WSS::Signature->new(key_info => HASH);
  my $ki  = $sig->keyInfo;

DESCRIPTION

The specifications define at least 10 different ways to provide security keys to the messages. This module implements the logic to read and write tokens and keyinfo references to these tokens in the XML message.

METHODS

Constructors

XML::Compile::WSS::KeyInfo->fromConfig(HASH|PAIRS)

Take default values to be used with the readers and writers, which are created by this object. So, the configuration contains all parameters to builder()

XML::Compile::WSS::KeyInfo->new(OPTIONS)

End-user should use XML::Compile::WSS::Signature::new(key_info) to pass a HASH of OPTIONS. These options do not have accessors yet.

Attributes

$obj->config()

Token administration

$obj->addToken(TOKEN, [TOKEN...])
$obj->findToken(OPTIONS)
 -Option     --Default
  fingerprint  undef
  name         undef
  uri          undef
fingerprint => BINARY
name => STRING
uri => URI
$obj->tokens()

Handlers

$obj->builder(WSS, OPTIONS)

Not for end-users. Returns a CODE which will be called to produce the token representation in some output message.

 -Option       --Default
  publish_token  'SECTOKREF_URI'
publish_token => 'NO'|CONSTANTS|CODE

How to publish the security token. The INCLUDE_BY_REF constant will add the token as BinarySecurityToken in the message, plus a keyinfo structure with a reference to that token. See "DETAILS" about the various choices and additional options they imply.

$obj->getTokens(WSS, OPTIONS)

Not for end-users. Returns a CODE which needs to be called with a parsed incoming message.

DETAILS

Supported KeyInfo types

KeyInfo

On the top level, we have the following options:

  keyinfo_id          an xsd:ID value for the Id attribute (namespaceless)

KEYNAME

X509DATA

Currently only read-support for Net::Domain::SMD.

SecurityTokenReference

The wsse:SecurityTokenReference structure contains various other constructs. They share the following options:

   sectokref_id      the wsu:Id of the SecurityTokenReference
   usage             list of URIs

SECTOKREF_KEYID

(At least) used in EncryptedKeys structures. The "ThumbprintSHA1" is the SHA1 of the fingerprint of an key.

Example:

 <wsse:SecurityTokenReference>
   <wsse:KeyIdentifier
      EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
      ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">+tkVcx0cyPfbKrQtVePbC98Kjc0=</wsse:KeyIdentifier>
   </wsse:SecurityTokenReference>
 </ds:KeyInfo>

Options and defaults:

   keyid_value       WSM11_PRINT_SHA1
   keyid_encoding    WSM10_BASE64
   keyident_id       the wsu:Id of the KeyIdentifier

SECTOKREF_URI

Creates a KeyInfo structure which refers to the key via an URI. But, this will also add the BinarySecurityToken to the Security header, if not yet present.

Example:

 <ds:KeyInfo Id="KI-1">
   <wsse:SecurityTokenReference wsu:Id="STR-2">
     <wsse:Reference URI="#X509-3"
        ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
   </wsse:SecurityTokenReference>
 </ds:KeyInfo>

 <wsse:Security
   <wsse:BinarySecurityToken wsu:Id="X509-3"
      EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
      ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">
        MIIB..akDNgQ==
   </wsse:BinarySecurityToken>
 </wsse:Security>

Options and defaults:

  sectokref_uri    Relative or absolute URI

SEE ALSO

This module is part of XML-Compile-WSS-Signature distribution version 2.01, built on October 11, 2013. Website: http://perl.overmeer.net/xml-compile/

Other distributions in this suite: XML::Compile, XML::Compile::SOAP, XML::Compile::SOAP12, XML::Compile::SOAP::Daemon, XML::Compile::SOAP::WSA, XML::Compile::C14N, XML::Compile::WSS, XML::Compile::WSS::Signature, XML::Compile::Tester, XML::Compile::Cache, XML::Compile::Dumper, XML::Compile::RPC, XML::Rewrite and XML::LibXML::Simple.

Please post questions or ideas to the mailinglist at http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/xml-compile . For live contact with other developers, visit the #xml-compile channel on irc.perl.org.

LICENSE

Copyrights 2012-2013 by [Mark Overmeer]. For other contributors see ChangeLog.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See http://www.perl.com/perl/misc/Artistic.html