forked from SAML-Toolkits/php-saml
-
Notifications
You must be signed in to change notification settings - Fork 1
/
CHANGELOG
127 lines (108 loc) · 5.49 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
CHANGELOG
=========
v.2.9.1
.......
* [134](https://github.com/onelogin/php-saml/pull/134) PHP7 production settings compiles out assert(), throw an exception explicitly
* [132](https://github.com/onelogin/php-saml/pull/132) Add note for "wantAssertionsEncrypted"
* Update copyright on LICENSE
v.2.9.0
-------
* Change the decrypt assertion process.
* Add 2 extra validations to prevent Signature wrapping attacks.
* Remove reference to wrong NameIDFormat: urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified should be urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
* [128](https://github.com/onelogin/php-saml/pull/128) Test php7 and upgrade phpunit
* Update Readme with more descriptive requestedAuthnContext description and Security Guidelines
v.2.8.0
-------
* Make NameIDPolicy of AuthNRequest optional
* Make nameID requirement on SAMLResponse optional
* Fix empty URI support
* Symmetric encryption key support
* Add more Auth Context options to the constant class
* Fix DSA_SHA1 constant on xmlseclibs
* Set none requestedAuthnContext as default behaviour
* Update xmlseclibs lib
* Improve formatPrivateKey method
* Fix bug when signing metadata, the SignatureMethod was not provided
* Fix getter for lastRequestID parameter in OneLogin_Saml2_Auth class
* Add $wantEncrypted parameter on addX509KeyDescriptors method that will allow to set KeyDescriptor[use='encryption'] if wantNameIdEncrypted or wantAssertionsEncrypted enabled
* Add $stay parameter on redirectTo method. (login/logout supports $stay but I forgot add this on previous 2.7.0 version)
* Improve code style
v.2.7.0
-------
* Trim acs, slo and issuer urls.
* Fix PHP 7 error (used continue outside a loop/switch).
* Fix bug on organization element of the SP metadata builder.
* Fix typos on documentation. Fix ALOWED Misspell.
* Be able to extract RequestID. Add RequestID validation on demo1.
* Add $stay parameter to login, logout and processSLO method.
v.2.6.1
-------
* Fix bug on cacheDuration of the Metadata XML generated.
* Make SPNameQualifier optional on the generateNameId method. Avoid the use of SPNameQualifier when generating the NameID on the LogoutRequest builder.
* Allows the authn comparsion attribute to be set via config.
* Retrieve Session Timeout after processResponse with getSessionExpiration().
* Improve readme readability.
* Allow single log out to work for applications not leveraging php session_start. Added a callback parameter in order to close the session at processSLO.
v.2.6.0
-------
* Set NAMEID_UNSPECIFIED as default NameIDFormat to prevent conflicts with IdPs that don't support NAMEID_PERSISTENT.
* Now the SP is able to select the algorithm to be used on signatures (DSA_SHA1, RSA_SHA1, RSA_SHA256, RSA_SHA384, RSA_SHA512).
* Change visibility of _decryptAssertion to protected.
* Update xmlseclibs library.
* Handle valid but uncommon dsig block with no URI in the reference.
* login, logout and processSLO now return ->redirectTo instead of just call it.
* Split the setting check methods. Now 1 method for IdP settings and other for SP settings.
* Let the setting object to avoid the IdP setting check. required if we want to publish SP SAML Metadata when the IdP data is still not provided.
v.2.5.0
-------
* Do accesible the ID of the object Logout Request (id attribute).
* Add note about the fact that PHP 5.3 is unssuported.
* Add fingerprint algorithm support.
* Add dependences to composer.
v.2.4.0
-------
* Fix wrong element order in generated metadata.
* Added SLO with nameID and SessionIndex in demo1.
* Improve isHTTPS method in order to support HTTP_X_FORWARDED_PORT.
* Set optional the XMLvalidation (enable/disable it with wantXMLValidation security setting).
v.2.3.0
-------
* Resolve namespace problem. Some IdPs uses saml2p:Response and saml2:Assertion instead of samlp:Response saml:Assertion.
* Improve test and documentation.
* Improve ADFS compatibility.
* Remove unnecessary XSDs files.
* Make available the reason for the saml message invalidation.
* Adding ability to set idp cert once the Setting object initialized.
* Fix status info issue.
* Reject SAML Response if not signed and strict = false.
* Support NameId and SessionIndex in LogoutRequest.
* Add ForceAuh and IsPassive support.
v.2.2.0
-------
* Fix bug with Encrypted nameID on LogoutRequest.
* Fixed usability bug. SP will inform about AuthFail status after process a Response.
* Added SessionIndex support on LogoutRequest, and know is accesible from the Auth class.
* LogoutRequest and LogoutResponse classes now accept non deflated xml.
* Improved the XML metadata/ Decrypted Assertion output. (prettyprint).
* Fix bug in formatPrivateKey method, the key could be not RSA.
* Explicit warning message for signed element problem.
* Decrypt method improved.
* Support more algorithm at the SigAlg in the Signed LogoutRequests and LogoutResponses
* AuthNRequest now stores ID (it can be retrieved later).
* Fixed a typo on the 'NameIdPolicy' attribute that appeared at the README and settings_example file.
v.2.1.0
-------
* The isValid method of the Logout Request is now non-static. (affects processSLO method of Auth.php).
* Logout Request constructor now accepts encoded logout requests.
* Now after validate a message, if fails a method getError of the object will return the cause.
* Fix typos.
* Added extra parameters option to login and logout methods.
* Improve Test (new test, use the new getError method for testing).
* Bugfix namespace problem when getting Attributes.
v.2.0.0
-------
* New PHP SAML Toolkit (SLO, Sign, Encryptation).
v.1.0.0
-------
* Old PHP SAML Toolkit.