- add options to logout_request initialization (c271a37)
- saml
- inherits allows response options from ruby-saml instead of whitelist (a0eedd6)
- saml-response
- whitelist more response options (575198d)
- ambiguous path match in other phase (1b465b9)
- Update ruby-saml gem to 1.7 or later to fix CVE-2017-11430 (6bc28ad)
- Update omniauth gem to 1.3.2 or later 1.3.x (b6bb425)
- default assertion_consumer_service_url not set during callback (4a2a5ef)
- include SessionIndex in logout requests (fb6ad86)
- Support for configurable IdP SLO session destruction (586bf89)
- Add
uid_attribute
option to control the attribute used for the user id. (eacc536)
- Support for Single Logout (cd3fc43)
- Add issuer information to the metadata endpoint, to allow IdPs to properly configure themselves. (7bbbb67)
- Added the response object to the extra['response_object'], so we can use the raw response object if we want to. (76ed3d6)
- Update
ruby-saml
to 1.4.0 to address security fixes. (638212)
- Ensure that subclasses of
OmniAuth::Stategies::SAML
are registered with OmniAuth as strategies (omniauth#95) - Update ruby-saml to 1.3 to address CVE-2016-5697 (Signature wrapping attacks)
- Initialize OneLogin::RubySaml::Response instance with settings
- Adding "settings" to Response Class at initialization to handle signing verification
- Support custom attributes
- change URL from PracticallyGreen to omniauth
- Add specs for ACS fallback URL behavior
- Call validation earlier to get real error instead of 'response missing name_id'
- Avoid mutation of the options hash during requests and callbacks
- update ruby-saml to 1.1
- Configurable attribute_consuming_service
- update ruby-saml to 1.0.0
- Added missing fingerprint key check
- Expose fingerprint on the auth_hash
- add
idp_cert_fingerprint_validator
option
- provide SP metadata at
/auth/saml/metadata
- no longer set a default
name_identifier_format
- pass strategy options to the underlying ruby-saml library
- fallback to omniauth callback url if
assertion_consumer_service_url
is not set - add
idp_sso_target_url_runtime_params
option
- remove SAML code and port to ruby-saml gem
- fix incompatibility with OmniAuth 1.1
- validate the SAML response
- 100% test coverage
- now requires ruby 1.9.2+
- return first and last name in the info hash
- no longer use LDAP OIDs for name and email selection
- return SAML attributes as the omniauth raw_info hash
- initial release
- extracts commits from omniauth 0-3-stable branch
- port to omniauth 1.0 strategy format
- update README with more documentation and license
- package as the
omniauth-saml
gem