Permalink
Commits on Feb 19, 2018
  1. Merge pull request #152 from nicolasleger/patch-1

    md5 committed Feb 19, 2018
    chore: Test against Ruby 2.4 and 2.5
  2. chore: Test against Ruby 2.4 and 2.5

    nicolasleger committed Feb 19, 2018
  3. Merge pull request #154 from qstream/fix-matching-provider-name-subst…

    md5 committed Feb 19, 2018
    …ring
    
    fix: ambiguous path match in other phase
  4. fix: ambiguous path match in other phase

    tommymccallig committed Feb 19, 2018
    This closes #153
Commits on Feb 1, 2018
  1. Merge pull request #150 from omniauth/security-versioning-policy

    md5 committed Feb 1, 2018
    chore: Clarify versioning policy for security updates
Commits on Jan 31, 2018
  1. Bump `omniauth-saml` to v1.9.0

    supernova32 committed Jan 31, 2018
  2. chore: Clarify versioning policy for security updates

    md5 committed Jan 31, 2018
  3. Merge pull request #148 from lowellrex/patch-1

    md5 committed Jan 31, 2018
    Update omniauth gem to 1.3.2 or later 1.3.x
  4. fix: Update omniauth gem to 1.3.2 or later 1.3.x

    lowellrex authored and md5 committed Jan 29, 2018
    CVE-2017-18076 describes a bug in omniauth prior to version 1.3.2 (https://nvd.nist.gov/vuln/detail/CVE-2017-18076). This pull request upgrades the version of omniauth to 1.3.2 or later.
  5. Merge pull request #149 from appropriate/fix-rack-1-tests

    md5 committed Jan 31, 2018
    chore: Fix Travis specs by locking rack-test
  6. chore: Fix Travis specs by locking rack-test

    md5 committed Jan 31, 2018
Commits on Jul 4, 2017
  1. Merge pull request #142 from appropriate/authn-requests-signed-spec

    md5 committed Jul 4, 2017
    test: Add a basic spec for AuthnRequest signing
  2. test: Add a basic spec for AuthnRequest signing

    md5 committed Jul 4, 2017
Commits on Jun 22, 2017
  1. Bump to version 1.8.1

    supernova32 committed Jun 22, 2017
Commits on Jun 8, 2017
  1. Merge pull request #140 from machinima/feat/service_url_default

    md5 committed Jun 8, 2017
    fix: default assertion_consumer_service_url not set during callback
  2. fix: default assertion_consumer_service_url not set during callback

    justinhoward committed Jun 8, 2017
    Fix a bug where ruby-saml would fail SubjectConfirmation Recipient
    validation when using the default assertion_consumer_service_url. The
    url was not being set during the callback phase.
    
    This closes #139
Commits on Jun 7, 2017
  1. chore: Release version 1.8.0

    supernova32 committed Jun 7, 2017
Commits on May 19, 2017
  1. Merge pull request #135 from tosch/feat/Allow_parsing_the_metadata_di…

    md5 committed May 19, 2017
    …rectly_from_idp
    
    Chore: Add section about parsing IdP metadata to README
  2. chore: require latest version of ruby-saml

    tosch committed May 19, 2017
    ruby-saml 1.4.3 ships with IdpMetadataParser#parse_to_hash which is
    mentioned in our README.
Commits on May 18, 2017
  1. chore: Use is_expected instead of should in specs

    tosch authored and supernova32 committed May 10, 2017
  2. chore: Increase Coverage

    tosch authored and supernova32 committed May 9, 2017
Commits on May 10, 2017
  1. chore: Add section about IdpMetadataParser to README

    tosch committed May 10, 2017
    ***Do not merge into master before onelogin/ruby-saml#393 is in their
    master.***
  2. Merge pull request #136 from tosch/refactor/split_up_phase_methods

    md5 committed May 10, 2017
    refactor: Split up phase methods
Commits on May 9, 2017
  1. refactor: Split up phase methods

    tosch committed May 3, 2017
    This encapsulates different aspects of the business logic better and
    allows overwriting certain aspects of it when desired.
Commits on Mar 23, 2017
  1. Merge pull request #131 from omniauth/ruby-2.1-readme

    md5 committed Mar 23, 2017
    chore: Update README for Ruby 2.1 requirement
  2. chore: Update README for Ruby 2.1 requirement

    md5 committed Mar 23, 2017
  3. Merge pull request #124 from iainbeeston/session-index

    md5 committed Mar 23, 2017
    feat: include SessionIndex in logout requests
  4. feat: include SessionIndex in logout requests

    iainbeeston committed Jan 17, 2017
    Some idp's use the sessionindex rather than the uid to find the correct
    session to sign out. I've made this work by saving it in the session
    alongside the uid, then putting it back into the logout request where
    ruby-saml can handle it, and include it in the logout request
Commits on Mar 22, 2017
  1. chore: Require Ruby 2.1 or higher

    md5 authored and supernova32 committed Mar 22, 2017
Commits on Feb 16, 2017
  1. Merge pull request #128 from ilikepi/docs/clarify_sp_metadata_url

    md5 committed Feb 16, 2017
    docs: clarify SP metadata URL when using Devise
  2. docs: clarify SP metadata URL when using Devise

    ilikepi committed Feb 16, 2017
Commits on Feb 11, 2017
  1. Merge pull request #125 from hundio/slo-session-destruction

    supernova32 committed Feb 11, 2017
    feat: Support for configurable IdP SLO session destruction
  2. feat: Support for configurable IdP SLO session destruction

    brennana committed Jan 31, 2017
Commits on Feb 9, 2017
  1. Merge pull request #123 from iainbeeston/improve-sso-docs

    supernova32 committed Feb 9, 2017
    Add more detail to the readme on SSO
  2. chore: added more detail on SLO to the readme

    iainbeeston committed Dec 21, 2016
    Made slo docs use `user_saml_omniauth_authorize_path` rather than
    `user_omniauth_authorize_url(:saml)`, as the former matches what
    is used in the devise omniauth wiki page. This should make
    it more obvious that the two are doing very similar things.