1.16.0 (Oct 09, 2023)

• #671 Add support on LogoutRequest with Encrypted NameID

1.15.0 (Jan 04, 2023)

• #650 Replace strip! by strip on compute_digest method
• #638 Fix dateTime format for the validUntil attribute of the generated metadata
• #576 Support idp cert multi with string keys
• #567 Improve Code quality
• Add info about new repo, new maintainer, new security contact
• Fix tests, Adjust dependencies, Add Ruby 3.2 and new JRuby versions tests to the CI. Add coveralls support

1.14.0 (Feb 01, 2022)

• #627 Support escape downcasing for validating SLO Signatures of ADFS/Azure
• #633 Support ability to change ID prefix
• Make the uuid editable on the SAML Messages generated by the toolkit
• #622 Add security setting to more strictly enforce audience validation

1.13.0 (Sept 06, 2021)

• #611 Replace MAX_BYTE_SIZE constant with setting: message_max_bytesize
• #605 :allowed_clock_drift is now bidrectional
• #614 Support :name_id_format option for IdpMetadataParser
• #611 IdpMetadataParser should always set idp_cert_multi, even when there is only one cert
• #610 New IDP sso/slo binding params which deprecate :embed_sign
• #602 Refactor the OneLogin::RubySaml::Metadata class
• #586 Support milliseconds in cacheDuration parsing
• #585 Do not append " | " to StatusCode unnecessarily
• #607 Clean up
• Add warning about the use of IdpMetadataParser class and SSRF
• CI: Migrate from Travis to Github Actions

1.12.2 (Apr 08, 2021)

• 575 Fix SloLogoutresponse bug on LogoutRequest

1.12.1 (Apr 05, 2022)

• #577 Fix XPath typo incompatible with Rexml 3.2.5
• Refactor GCM support

1.12.0 (Feb 18, 2021)

• Support AES-128-GCM, AES-192-GCM, and AES-256-GCM encryptions
• Parse & return SLO ResponseLocation in IDPMetadataParser & Settings
• Adding idp_sso_service_url and idp_slo_service_url settings. IDPMetadataParser now parse_to_hash/parse_to_array methods now retrieve those params instead idp_sso_target_url and idp_slo_target_url
• #536 Adding feth method to be able retrieve attributes based on regex
• Reduce size of built gem by excluding the test folder
• Improve protection on Zlib deflate decompression bomb attack.
• Add ValidUntil and cacheDuration support on Metadata generator
• Add support for cacheDuration at the IdpMetadataParser
• Support customizable statusCode on generated LogoutResponse
• #545 More specific error messages for signature validation
• Support Process Transform
• Raise SettingError if invoking an action with no endpoint defined on the settings
• Made IdpMetadataParser more extensible for subclasses
• #548 Add :skip_audience option
• #555 Define 'soft' variable to prevent exception when doc cert is invalid
• Improve documentation

1.11.0 (Jul 24, 2019)

• Add support for certification expiration
• Deprecate the use of settings.issuer. Use instead settings.sp_entity_id
• Add security warning about the use of nokogiri on Readme

1.10.2 (Apr 29, 2019)

• Add valid until, accessor
• Fix Rubygem metadata that requested nokogiri <= 1.5.11

1.10.1 (April 08, 2019)

• Fix ruby 1.8.7 incompatibilities