Releases: omniauth/omniauth-saml
Releases · omniauth/omniauth-saml
v2.2.0
v2.2.0 (2024-09-10)
This release fixes:
Chores
- use semantic versioning for ruby-saml as per gem build hints (e17f460)
v2.1.1
v2.1.0
f2a7a84
This commit was signed with the committer’s verified signature.
v2.0.0
ed52758
This commit was signed with the committer’s verified signature.
v1.10.3
Release v1.10.3
v1.10.2
Release v1.10.2
Version 1.7.0 with support for Single Log Out
v1.7.0 (2016-10-19)
Features
- Support for Single Logout (cd3fc43)
- Add issuer information to the metadata endpoint, to allow IdPs to properly configure themselves. (7bbbb67)
- Added the response object to the extra['response_object'], so we can use the raw response object if we want to. (76ed3d6)
Chores
- Update
ruby-samlto 1.4.0 to address security fixes. (638212)
Version 1.6.0 with updated `ruby-saml`
1.6.0 (2016-06-27)
- Ensure that subclasses of OmniAuth::Stategies::SAML are registered with OmniAuth as strategies (#95)
- Update ruby-saml to 1.3 to address CVE-2016-5697 (Signature wrapping attacks)
v1.5.0 with support for custom attributes
1.5.0 (2016-02-25)
- Initialize OneLogin::RubySaml::Response instance with settings
- Adding "settings" to Response Class at initialization to handle signing verification
- Support custom attributes
- change URL from PracticallyGreen to omniauth
- Add specs for ACS fallback URL behavior
- Call validation earlier to get real error instead of 'response missing name_id'
- Avoid mutation of the options hash during requests and callbacks
Updated `ruby-saml` to 1.1.1
With this release ruby-saml was updated to 1.1.1, which most notably brings support for a SAMLResponse without a ds:x509certificate. It is now possible to define the certificate within the settings and use that certificate to validate the responses.