# `ExSaml.Core.Sp` [🔗](https://github.com/docJerem/ex_saml/blob/main/lib/ex_saml/core/sp.ex#L1) SAML Service Provider (SP) operations. Pure Elixir port of the Erlang `esaml_sp` module. Provides functions for generating and validating SAML AuthnRequests, LogoutRequests, LogoutResponses, Assertions, and SP metadata. # `dupe_fun` ```elixir @type dupe_fun() :: (ExSaml.Core.Assertion.t(), binary() -> :ok | term()) ``` # `xml` ```elixir @type xml() :: {:xmlElement, name :: term(), expanded_name :: term(), nsinfo :: term(), namespace :: term(), parents :: term(), pos :: term(), attributes :: term(), content :: term(), language :: term(), xmlbase :: term(), elementdef :: term()} ``` # `generate_authn_request` ```elixir @spec generate_authn_request(String.t(), ExSaml.Core.SpConfig.t()) :: xml() ``` Generates an AuthnRequest XML element. Delegates to `generate_authn_request/3` with `nil` name ID format. # `generate_authn_request` ```elixir @spec generate_authn_request(String.t(), ExSaml.Core.SpConfig.t(), String.t() | nil) :: xml() ``` Generates an AuthnRequest XML element with an optional NameID format. Returns a signed XML element when SP signing is enabled, otherwise an unsigned element with a generated ID attribute. # `generate_logout_request` ```elixir @spec generate_logout_request(String.t(), String.t(), ExSaml.Core.SpConfig.t()) :: xml() ``` Generates a LogoutRequest XML element. Delegates to `generate_logout_request/4` with an empty session index and a Subject built from the given name ID string. # `generate_logout_request` ```elixir @spec generate_logout_request( String.t(), String.t(), ExSaml.Core.Subject.t(), ExSaml.Core.SpConfig.t() ) :: xml() ``` Generates a LogoutRequest XML element with a session index and Subject. # `generate_logout_response` ```elixir @spec generate_logout_response(String.t(), atom(), ExSaml.Core.SpConfig.t()) :: xml() ``` Generates a LogoutResponse XML element. # `generate_metadata` ```elixir @spec generate_metadata(ExSaml.Core.SpConfig.t()) :: xml() ``` Generates SP metadata as an XML element. # `setup` ```elixir @spec setup(ExSaml.Core.SpConfig.t()) :: ExSaml.Core.SpConfig.t() ``` Initializes and validates an SP configuration. Validates that `metadata_uri` and `consume_uri` are set. Converts trusted fingerprints to normalised binaries. Enables request and metadata signing when both `key` and `certificate` are present. Raises on invalid configuration. # `validate_assertion` ```elixir @spec validate_assertion(xml(), ExSaml.Core.SpConfig.t()) :: {:ok, ExSaml.Core.Assertion.t()} | {:error, term()} ``` Validates and decodes a SAML Response XML element. Uses a no-op duplicate detection function. # `validate_assertion` ```elixir @spec validate_assertion(xml(), dupe_fun(), ExSaml.Core.SpConfig.t()) :: {:ok, ExSaml.Core.Assertion.t()} | {:error, term()} ``` Validates and decodes a SAML Response XML element. The `duplicate_fun` callback receives the decoded assertion and the XML digest, and should return `:ok` or an error term to reject duplicates. # `validate_logout_request` ```elixir @spec validate_logout_request(xml(), ExSaml.Core.SpConfig.t()) :: {:ok, ExSaml.Core.LogoutRequest.t()} | {:error, term()} ``` Validates and decodes a LogoutRequest XML element. # `validate_logout_response` ```elixir @spec validate_logout_response(xml(), ExSaml.Core.SpConfig.t()) :: {:ok, ExSaml.Core.LogoutResponse.t()} | {:error, term()} ``` Validates and decodes a LogoutResponse XML element. # `xmlAttribute` *macro* # `xmlAttribute` *macro* # `xmlElement` *macro* # `xmlElement` *macro* # `xmlNamespace` *macro* # `xmlNamespace` *macro* # `xmlText` *macro* # `xmlText` *macro* --- *Consult [api-reference.md](api-reference.md) for complete listing*