Merge pull request #21 from timlegge/issue19

Fixes #19: SP Metadata AuthnRequestsSigned and WantAssertionsSigned s…

Author: timlegge

lib/Net/SAML2/SP.pm

@@ -73,6 +73,17 @@ SP contact email address
 SP organization url.  This is optional and url will be used as in
 previous versions if this is not provided.
 
+=item B<authnreq_signed>
+
+Specifies in the metadata whether the SP signs the AuthnRequest
+Optional (0 or 1) defaults to 1 (TRUE) if not specified.
+
+=item B<want_assertions_signed>
+
+Specifies in the metadata whether the SP wants the Assertion from
+the IdP to be signed
+Optional (0 or 1) defaults to 1 (TRUE) if not specified.
+
 =back
 
 =cut
@@ -90,6 +101,9 @@ has 'org_url'          => (isa => 'Str', is => 'ro', required => 0);
 
 has '_cert_text' => (isa => 'Str', is => 'rw', required => 0);
 
+has 'authnreq_signed'         => (isa => 'Bool', is => 'ro', required => 0);
+has 'want_assertions_signed'  => (isa => 'Bool', is => 'ro', required => 0);
+
 =head2 BUILD ( hashref of the parameters passed to the constructor )
 
 Called after the object is created to load the cert from a file
@@ -296,8 +310,8 @@ sub metadata {
             entityID => $self->id },
         $x->SPSSODescriptor(
             $md,
-            { AuthnRequestsSigned => '1',
-              WantAssertionsSigned => '1',
+            { AuthnRequestsSigned => defined($self->authnreq_signed) ? $self->authnreq_signed : '1',
+              WantAssertionsSigned => defined($self->want_assertions_signed) ? $self->want_assertions_signed : '1',
               errorURL => $self->url . '/saml/error',
               protocolSupportEnumeration => 'urn:oasis:names:tc:SAML:2.0:protocol' },
             $x->KeyDescriptor(

t/lib/Test/Net/SAML2/Util.pm

@@ -39,6 +39,8 @@ sub net_saml2_sp {
         org_display_name => 'Test',
         org_contact      => 'test@example.com',
         org_url          => 'http://www.example.com', 
+        authnreq_signed  => '0',
+        want_assertions_signed => '0',
         @_,
     );
 }