v0.3.0
Significant changes, primarily around preventing replay attacks:
- Check validity of
NotBefore
andNotOnOrAfter
elements in assertions -- #35, #38- Note that this is on by default, so is a potentially breaking change.
- Optionally, check
inResponseTo
ids to make sure each response matches a request, and that there is only one response to any request -- #37 - Require latest xml-crypto, and stop monkey-patching xml-crypto
- Documentation fix #39