Skip to content
This repository has been archived by the owner on Dec 22, 2023. It is now read-only.

Release 2.1.0
Compare
Choose a tag to compare
@Wynndow Wynndow released this 22 Oct 14:29
· 97 commits to master since this release
2.1.0
95d7fba
This commit was signed with the committer’s verified signature.
Wynndow Chris Wynne
GPG key ID: 3F39649334A4B606
Learn about vigilant mode.

View Diff

Accept identities from more European countries

The eIDAS specification does not require assertions to be signed, whereas the Verify specification does. This release adds the ability to for the VSP to accept these unsigned assertions in a secure manner.

This is achieved by validating the signature of the original eIDAS SAML Response from the country which is now passed through to the VSP. Signed eIDAS and Verify assertions are still verified as before.

Configuration Changes

  • Configuration parameter hubConnectorEntityId in the europeanIdentity section is now optional and can be removed from the configuration file.
  • Configuration parameters europeanIdentity and msaMetadata are now mutually exclusive. The VSP's eIDAS support is only available when it operates without an MSA.

Zip file should have the following checksum:

$ shasum -a 256 /tmp/verify-service-provider-2.1.0.zip
826f83fea88f097738cb6bae318ce8767c630e06bd13424f868a4d89f2459a58  /tmp/verify-service-provider-2.1.0.zip
Assets 3