- Support for Single Logout (cd3fc43)
- Add issuer information to the metadata endpoint, to allow IdPs to properly configure themselves. (7bbbb67)
- Added the response object to the extra['response_object'], so we can use the raw response object if we want to. (76ed3d6)
- Update
ruby-samlto 1.4.0 to address security fixes. (638212)
- Ensure that subclasses of
OmniAuth::Stategies::SAMLare registered with OmniAuth as strategies (omniauth#95) - Update ruby-saml to 1.3 to address CVE-2016-5697 (Signature wrapping attacks)
- Initialize OneLogin::RubySaml::Response instance with settings
- Adding "settings" to Response Class at initialization to handle signing verification
- Support custom attributes
- change URL from PracticallyGreen to omniauth
- Add specs for ACS fallback URL behavior
- Call validation earlier to get real error instead of 'response missing name_id'
- Avoid mutation of the options hash during requests and callbacks
- update ruby-saml to 1.1
- Configurable attribute_consuming_service
- update ruby-saml to 1.0.0
- Added missing fingerprint key check
- Expose fingerprint on the auth_hash
- add
idp_cert_fingerprint_validatoroption
- provide SP metadata at
/auth/saml/metadata
- no longer set a default
name_identifier_format - pass strategy options to the underlying ruby-saml library
- fallback to omniauth callback url if
assertion_consumer_service_urlis not set - add
idp_sso_target_url_runtime_paramsoption
- remove SAML code and port to ruby-saml gem
- fix incompatibility with OmniAuth 1.1
- validate the SAML response
- 100% test coverage
- now requires ruby 1.9.2+
- return first and last name in the info hash
- no longer use LDAP OIDs for name and email selection
- return SAML attributes as the omniauth raw_info hash
- initial release
- extracts commits from omniauth 0-3-stable branch
- port to omniauth 1.0 strategy format
- update README with more documentation and license
- package as the
omniauth-samlgem