Have a look at Authen::NZRealMe and its sub modules
The process may be a little different depending on whether you are trying to parse a Service Provider issued SAML AuthnRequest or an Identity Provider issued SAMLResponse
An AuthnRequest will typically be rawdeflated ( IO::Compress::RawDeflate::rawdeflate ), Base64 encoded ( MIME::Base64::encode_base64 ), and URI encoded ( URI::Escape::uri_escape ).
To parse a SAML AuthnRequest you need to process the data in reverse.
Here is a simple example. Note: This example does not verify the digital signature of the AuthnRequest (if it exists).
use warnings;
use strict;
use MIME::Base64 qw(encode_base64 decode_base64);
use URI::Escape qw(uri_escape uri_unescape);
use IO::Uncompress::RawInflate qw(rawinflate $RawInflateError);
my $AuthnRequestXML = '';
my $samlRequest = 'BASE64_ENCODED_SAMLREQUEST_FROM_SERVICE_PROVIDER';
$samlRequest = uri_unescape($samlRequest);
$samlRequest = decode_base64($samlRequest);
rawinflate \$samlRequest => $AuthnRequestXML or return "Error decompre
+ssing data: $RawInflateError\n";
print "SAML AuthnRequest XML:\n$AuthnRequestXML\n";
To make the XML output easier to read, you can send it through XML::Tidy
use XML::Tidy;
XML::Tidy->new('xml'=>$AuthnRequestXML)->tidy()->toString();
|