Releases: SAML-Toolkits/ruby-saml
Releases · SAML-Toolkits/ruby-saml
1.16.0 (Oct 09, 2023)
1.15.0 (Jan 04, 2023)
- #650 Replace strip! by strip on compute_digest method
- #638 Fix dateTime format for the validUntil attribute of the generated metadata
- #576 Support idp cert multi with string keys
- #567 Improve Code quality
- Add info about new repo, new maintainer, new security contact
- Fix tests, Adjust dependencies, Add Ruby 3.2 and new JRuby versions tests to the CI. Add coveralls support
1.14.0 (Feb 01, 2022)
1.13.0 (Sept 06, 2021)
- #611 Replace MAX_BYTE_SIZE constant with setting: message_max_bytesize
- #605 :allowed_clock_drift is now bidrectional
- #614 Support :name_id_format option for IdpMetadataParser
- #611 IdpMetadataParser should always set idp_cert_multi, even when there is only one cert
- #610 New IDP sso/slo binding params which deprecate :embed_sign
- #602 Refactor the OneLogin::RubySaml::Metadata class
- #586 Support milliseconds in cacheDuration parsing
- #585 Do not append " | " to StatusCode unnecessarily
- #607 Clean up
- Add warning about the use of IdpMetadataParser class and SSRF
- CI: Migrate from Travis to Github Actions
1.12.2 (Apr 08, 2021)
- 575 Fix SloLogoutresponse bug on LogoutRequest
1.12.1 (Apr 05, 2022)
- #577 Fix XPath typo incompatible with Rexml 3.2.5
- Refactor GCM support
1.12.0 (Feb 18, 2021)
- Support AES-128-GCM, AES-192-GCM, and AES-256-GCM encryptions
- Parse & return SLO ResponseLocation in IDPMetadataParser & Settings
- Adding idp_sso_service_url and idp_slo_service_url settings. IDPMetadataParser now parse_to_hash/parse_to_array methods now retrieve those params instead idp_sso_target_url and idp_slo_target_url
- #536 Adding feth method to be able retrieve attributes based on regex
- Reduce size of built gem by excluding the test folder
- Improve protection on Zlib deflate decompression bomb attack.
- Add ValidUntil and cacheDuration support on Metadata generator
- Add support for cacheDuration at the IdpMetadataParser
- Support customizable statusCode on generated LogoutResponse
- #545 More specific error messages for signature validation
- Support Process Transform
- Raise SettingError if invoking an action with no endpoint defined on the settings
- Made IdpMetadataParser more extensible for subclasses
- #548 Add :skip_audience option
- #555 Define 'soft' variable to prevent exception when doc cert is invalid
- Improve documentation
1.11.0 (Jul 24, 2019)
- Add support for certification expiration
- Deprecate the use of settings.issuer. Use instead settings.sp_entity_id
- Add security warning about the use of nokogiri on Readme
1.10.2 (Apr 29, 2019)
- Add valid until, accessor
- Fix Rubygem metadata that requested nokogiri <= 1.5.11
1.10.1 (April 08, 2019)
- Fix ruby 1.8.7 incompatibilities