Skip to content

Releases: SAML-Toolkits/python-saml

OneLogin's SAML Python Toolkit v2.1.7

14 May 17:58
@pitbulk pitbulk
v2.1.7
4a7b0fc
Compare
Choose a tag to compare
OneLogin's SAML Python Toolkit v2.1.7

Changelog:

  • #117 AttributeConsumingService support
  • #114 Compare Assertion InResponseTo if not None
  • Return empty list when there are no audience values
  • Passing NameQualifier through to logout request
  • Make deflate process when retrieving built SAML messages optional
  • Add debug parameter to decrypt method
  • Fix Idp Metadata parser
  • Add documentation related to the new IdP metadata parser methods
  • Extract the already encoded value directly from get_data
  • #133 Fix typo and add extra assertions in util decrypt test
  • Fix Signature with empty URI support
  • Allow AuthnRequest with no NameIDPolicy
  • Remove requirement of NameID on SAML responses
Assets 2

OneLogin's SAML Python Toolkit v2.1.6

16 Feb 00:42
@pitbulk pitbulk
v2.1.6
bfdedb3
Compare
Choose a tag to compare
OneLogin's SAML Python Toolkit v2.1.6

Changelog:

  • Prevent signature wrapping attack!!
  • #111 Add support for nested NameID children inside 'AttributeValues'
  • ALOWED Misspell
  • Improve how we obtain the settings path.
  • Update docs adding reference to test depencence installation
  • Fix Organization element on SP metadata.
  • #100 Support Responses that don't have AttributeStatements.
Assets 2

OneLogin's SAML Python Toolkit v2.1.5

03 Nov 12:43
@pitbulk pitbulk
v2.1.5
ddaa132
Compare
Choose a tag to compare
OneLogin's SAML Python Toolkit v2.1.5

Changelog:

  • #86 Make idp settings optional (Usefull when validating SP metadata)
  • #79 Remove unnecesary dependence. M2crypto is not used.
  • #77 Fix server_port can be None
  • Fix bug on settings constructor related to sp_validation_only
  • Make SPNameQualifier optional on the generateNameId method. Avoid the use of SPNameQualifier when generating the NameID on the LogoutRequest builder.
  • Allows the RequestedAuthnContext Comparison attribute to be set via settings
  • Be able to retrieve Session Timeout after processResponse
  • Update documentation. Clarify the use of the certFingerprint
Assets 2

OneLogin's SAML Python Toolkit v2.1.4

17 Jul 17:38
@pitbulk pitbulk
v2.1.4
21259a1
Compare
Choose a tag to compare
OneLogin's SAML Python Toolkit v2.1.4

Changelog:

  • Now the SP is able to select the algorithm to be used on signatures (DSA_SHA1, RSA_SHA1, RSA_SHA256, RSA_SHA384, RSA_SHA512).
  • Support sign validation of different kinds of algorithm
  • Add demo example of the Bottle framework.
  • Improve decrypt method #73
  • Handle valid but uncommon dsig block with no URI in the reference
  • Split the setting check methods. Now 1 method for IdP settings and other for SP settings
  • Let the setting object to avoid the IdP setting check. required if we want to publish SP SAML Metadata when the IdP data is still not provided.
Assets 2

OneLogin's SAML Python Toolkit v2.1.3

25 Jun 00:28
@pitbulk pitbulk
v2.1.3
47278a5
Compare
Choose a tag to compare
OneLogin's SAML Python Toolkit v2.1.3

Changelog:

  • Do accesible the ID of the object Logout Request (id attribute)
  • Add SAMLServiceProviderBackend reference to the README.md
  • Solve HTTPs issue on demos
  • Fix PHP-style array element in settings json
  • Add fingerprint algorithm support. Previously the toolkit assumed SHA-1 algorithm
  • Fix creation of metadata with no SLS, when using settings.get_sp_metadata()
  • Allow configuration of metadata caching/expiry via settings
  • Allow metadata signing with SP key specified as config value, not file
  • Set NAMEID_UNSPECIFIED as default NameIDFormat to prevent conflicts
  • Improve validUntil/cacheDuration metadata settings
Assets 2

OneLogin's SAML Python Toolkit v2.1.2

26 Feb 19:55
@pitbulk pitbulk
v2.1.2
984365d
Compare
Choose a tag to compare
OneLogin's SAML Python Toolkit v2.1.2

Changelog:

  • Fix wrong element order in generated metadata (SLS before NameID). metadata xsd updated
  • Added SLO with nameID and SessionIndex in the demos
  • Fix Exception message on Destination validation of the Logout_request

v2.1.1 does not exist, I had a pypi error.

Assets 2

OneLogin's SAML Python Toolkit v2.1.0

14 Jan 13:49
@pitbulk pitbulk
v2.1.0
5f93ad4
Compare
Choose a tag to compare
OneLogin's SAML Python Toolkit v2.1.0

Changelog:

  • Update the dm.xmlsec.binding library to 1.3.2 (Improved transform support, Workaround for buildout problem)
  • Fix flask demo settings example.
  • Add nameID & sessionIndex support on Logout Request
  • Reject SAML Response if not signed and strict = false
  • Add ForceAuh and IsPassive support on AuthN Request
Assets 2

OneLogin's SAML Python Toolkit v2.0.2

04 Dec 23:49
@pitbulk pitbulk
v2.0.2
c640634
Compare
Choose a tag to compare
OneLogin's SAML Python Toolkit v2.0.2

New version of the SAML plugin:

  • Adding AuthnContextClassRef support
  • Process nested StatusCode
  • Fix settings bug
Assets 2

OneLogin's SAML Python Toolkit v2.0.1

13 Nov 19:59
@pitbulk pitbulk
v2.0.1
5a3b477
Compare
Choose a tag to compare
OneLogin's SAML Python Toolkit v2.0.1

New version of the SAML plugin.

Supports:

  • SSO and SLO (SP-Initiated and IdP-Initiated).
  • Assertion and nameId encryption.
  • Assertion signature.
  • Message signature: AuthNRequest, LogoutRequest, LogoutResponses.
  • Enable an Assertion Consumer Service endpoint.
  • Enable a Single Logout Service endpoint.
  • Publish the SP metadata (which can be signed).
Assets 2

OneLogin's SAML Python Toolkit v1.1.0

04 Sep 10:26
@pitbulk pitbulk
v.1.1.0
eb784f8
Compare
Choose a tag to compare
OneLogin's SAML Python Toolkit v1.1.0

Security improved, added more checks at the SAMLResponse validation

Assets 2