EngineBlock 4.3.0

OpenConext EngineBlock v4.3.0 Release Notes

Full support for SP Proxies and improvements to error handling.

SP Proxies are Service Providers that:

• Have 'coin:trusted_proxy' set
• Sign their AuthnRequests
• Mention another Service Provider, also known to EB, in the AuthnRequest > Scoping > RequesterId.

For these proxies EB will act like a big brother and do consent, attribute release, WAYF and attribute manipulation
for them. Most notable implementation is the upcoming SURFconext Step Up Gateway.

List of issues resolved:

• EB > 4 accepts SAML Responses over HTTP Redirect #83
• Remove Management of 3rd party OpenSocial Group Providers from Profile #81
• WAYF screen not valid HTML #79
• Consistently apply licensing file header #76
• Remove Internal endpoint #74
• Full support for SP Proxies #64
• Show more informative error when IdP denies user access #61
• Add specific error message for IdP cert mismatch #55
• Improve error message for invalid IdP signing certificate #25

See: https://github.com/OpenConext/OpenConext-engineblock/issues?q=milestone%3A4.3.0+is%3Aclosed

Also https://github.com/OpenConext/OpenConext-engine-test-stand can be used for functional tests.

And the following dependencies were updated:

|package                     | prev version  | current version |
|----------------------------|---------------|-----------------|
|kriswallsmith/assetic       | dev-master    | v1.2.0          |
|simplesamlphp/saml2         | v0.4.2        | v0.5.0          |
|simplesamlphp/simplesamlphp | v1.12.0       | v1.13.0         |
|phake/phake                 | v2.0.0-alpha2 | v2.0.0-beta2    |
|phpunit/phpunit             | v3.7.19       | v4.3.4          |