- Update major versions of dependencies #896
- Update to @node-saml/node-saml v5 #894
- Update to Node 18 #893
- Clean up types #813
- Update minor dependencies #895
- Fix circular references #879 #880
- [needs-review] StrategyOptionsCallback shouldn't have to pass all SAML options #838
- Fix README to require correct module name #884
- Update README to point to
node-samldocumentation #886 - Clarify SLO support in
passport-saml#862 - Roll-up changelog entries for beta releases #867
- Adjust type enforcement to remove warnings #889
- Update
package.jsonscript to mirrornode-saml#888 - Remove unused
AuthorizeOptionstype #887 - Add bot to close stale issues #864
- Revised AbstractStrategy for authenticate method to match PassportStrategy expectation #861
- Update docs/adfs/README.md and move to wiki #840
- [security] Use secure version of node-saml #855
- Fix minor typos #853
- [javascript] Bump eslint from 8.26.0 to 8.29.0 #827
- [javascript] Bump @typescript-eslint/parser from 5.41.0 to 5.46.1 #826
- [javascript] Bump @xmldom/xmldom from 0.8.3 to 0.8.6 #825
- [javascript] Bump prettier from 2.7.1 to 2.8.0 #821
- [javascript] Bump @types/node from 14.18.33 to 14.18.34 #819
- [javascript] Bump @typescript-eslint/eslint-plugin from 5.41.0 to 5.45.0 #818
- Reference
node-samldocumentation from README #815 - Update README formatting and to provide clearer explanation of examples #812
- Update README.md #810
- Update changelog #797
- deps: use node-saml v4. See node-saml changelog for breaking changes: https://github.com/node-saml/node-saml/blob/master/CHANGELOG.md#v400-2022-10-28 #796
- Update node-saml to beta 5 -- See node-saml changelog for breaking changes #783
- Update node-saml dependency #770
- Update to support node-saml@4.0.0-beta.3 #707
- Update passport to 0.6.x -- See passport changelog for breaking changes #698
- Update packages; set minimum Node to 14 #685
- [security] Check user matches logout request before reporting logout success #619
- Remove
node-samlcode and use an import instead #612
- Add support for multiple signing certs in metadata #655
- [javascript] Bump @xmldom/xmldom from 0.7.5 to 0.7.6 #794
- [javascript] Bump @types/mocha from 9.1.1 to 10.0.0 #781
- [javascript] Bump @types/express from 4.17.13 to 4.17.14 #785
- [javascript] Bump @types/chai from 4.3.1 to 4.3.3 #787
- [javascript] Bump @typescript-eslint/parser from 5.36.2 to 5.40.0 #786
- [javascript] Bump eslint from 8.23.0 to 8.25.0 #784
- [github_actions] Bump codecov/codecov-action from 3.1.0 to 3.1.1 #782
- [javascript] Bump @types/passport from 1.0.10 to 1.0.11 #778
- [javascript] Bump vm2 from 3.9.9 to 3.9.11 #777
- [javascript] Bump concurrently from 7.3.0 to 7.4.0 #773
- [javascript] Bump @types/node from 14.18.22 to 14.18.28 #772
- [javascript] Bump @types/passport from 1.0.9 to 1.0.10 #771
- [javascript] Bump @typescript-eslint/eslint-plugin from 5.30.7 to 5.36.2 #766
- [javascript] Bump eslint from 8.20.0 to 8.23.0 #759
- [javascript] Bump @typescript-eslint/parser from 5.30.7 to 5.36.2 #767
- [javascript] Bump concurrently from 7.2.2 to 7.3.0 #741
- [javascript] Bump @types/node from 14.18.21 to 14.18.22 #740
- [javascript] Bump @typescript-eslint/parser from 5.30.5 to 5.30.7 #737
- [javascript] Bump eslint from 8.19.0 to 8.20.0 #736
- [javascript] Bump @types/sinon from 10.0.12 to 10.0.13 #738
- [javascript] Bump ts-node from 10.8.2 to 10.9.1 #732
- [javascript] Bump @typescript-eslint/eslint-plugin from 5.30.5 to 5.30.7 #739
- [javascript] Bump parse-url from 6.0.0 to 6.0.2 #730
- [javascript] Bump @typescript-eslint/parser from 5.30.3 to 5.30.5 #726
- [javascript] Bump eslint-plugin-prettier from 4.0.0 to 4.2.1 #722
- [javascript] Bump eslint from 8.18.0 to 8.19.0 #719
- [javascript] Bump @typescript-eslint/eslint-plugin from 5.30.3 to 5.30.5 #725
- [javascript] Bump ts-node from 10.8.0 to 10.8.2 #723
- [javascript] Bump @typescript-eslint/eslint-plugin from 5.29.0 to 5.30.3 #716
- [javascript] Bump @types/sinon from 10.0.11 to 10.0.12 #717
- [javascript] Bump @typescript-eslint/parser from 5.29.0 to 5.30.3 #718
- [github_actions] Bump actions/checkout from 2 to 3 #713
- [github_actions] Bump github/codeql-action from 1 to 2 #712
- Update dependencies #696
- Bump follow-redirects from 1.14.4 to 1.15.1 #695
- Bump npm from 8.6.0 to 8.12.0 #694
- [security] Bump ansi-regex from 4.1.0 to 4.1.1 #688
- Move TypeScript-required types to dependencies from devDependencies #686
- Code cleanup in preparation for logout validation #658
- Update packages #641
- add MultiStrategyConfig type export #675
- Update changelog and changelog building tools #774
- Update badges for scoped package #710
- Update badges for scoped package #709
- docs: move history note to the bottom and expand it. #708
- Update README to remove an insecure suggestion #704
- Document passive option #660
- Read me update for authnContext example for ADFS #647
- Clean working folder before doing a release build #793
- Update changelog build tools #792
- Add prerelease script #775
- Reduce dependabot update frequency #765
- Have dependabot update package.json too #764
- Have dependabot update package.json too #724
- Add dependabot config file #711
- Move to NPM organization #705
- Add code coverage workflow #706
- Replace integration tests with unit tests #702
- Add code coverage #701
- Adjust .mochars.json #699
- Migrate from "should" to "chai" #687
- Update issue templates #652
- Fix main path in package.json #623
- [security] Limit transforms for signed nodes #595
- Fix: Conflicting profile properties between profile and attributes #593
- Fix validateInResponseTo null check #596
- Rebuild changelog for 3.0.0 #605
- Fix typo OnBefore -> NotBefore #611
- Update README with new Cache Provider interface #608
- Update all dependencies to latest #590
- Add Node 16 support; drop Node 10 #589
- Enforce more secure XML encryption #584
- Node saml separation #574
- Remove support for deprecated
privateCert#569 - Require cert for every strategy #548
- Add optional setting to set a ceiling on how old a SAML response is allowed to be #577
- Move XML functions to utility module #571
- Improve the typing of the Strategy class hierarchy. #554
- Resolve XML-encoded carriage returns during signature validation #576
- Make sure CI builds test latest versions of dependencies #570
- Add WantAssertionsSigned #536
- Update xml-crypto to v2.1.1 #558
- Allow for authnRequestBinding in SAML options #529
- Update all packages to latest semver-minor #588
- Update xml-encryption to v1.2.3 #567
- Revert "Update xml-encryption to v1.2.3" #564
- Update xml-encryption to v1.2.3 #560
- bump xmldom to 0.5.x since all lower versions have security issue #551
- Fix incorrect import of compiled files in tests #572
- Remove deprecated field
privateCertfrom README, tests #591 - Add support for more tags in the changelog #592
- Changelog #587
- Create of Code of Conduct #573
- Update readme on using multiSamlStrategy #531
- Fix lint npm script to match all files including in src/ #555
- remove old callback functions, tests use async/await #545
- Tests use typescript #534
- async / await in cache interface #532
- Format code and enforce code style on PR #527
- async/await for saml.ts #496
- Ignore
testfolder when building npm package #526
- Generating changelog using gren #518
- dev: add @types/xml-encryption #517
- Reexport SamlConfig type to solve a regression in consumer packages #516
- normalize signature line endings before loading signature block to xml-crypto #512
- fix: derive SamlConfig from SAMLOptions #515
- fix(typing): Export Multi SAML types #505
- add ts-ignore to generated type definitions for multisaml strategy #508
- fix(typing): multi saml strategy export #503
- support windows line breaks in keys #500
- Prettier + ESLint + onchange = Happiness #493
- normalize line endings before signature validation #498
- Add deprecation notice for privateCert; fix bug #492
- Always throw error objects instead of strings #412
- Allow for use of privateKey instead of privateCert #488
- feat(authorize-request): idp scoping provider #428
- inlineSources option for better source maps #487
- validateSignature: Support XML docs that contain multiple signed node⦠#481
- validateSignature: Support XML docs that contain multiple signed nodes #455
- Revert "validateSignature: Support XML docs that contain multiple signed nodes" #480
- outdated Q library was removed #478
- Primary files use typescript #477
- compatibility with @types/passport-saml, fixes #475 #476
- Drop support for Node 8 #462
- try to use curl when wget is not available #468
- Only make an attribute an object if it has child elements #464
- fix: add catch block to NameID decryption #461
- Ts secondary files #474
- support typescript compilation #469
- Add GitHub Actions as Continuos Integration provider #463
- Return object for XML-valued AttributeValues #447
- Revert "doc: announce site move." #446
- Fix multi saml strategy race conditions #426
- Singleline private keys #423
- Revert "convert privateCert to PEM for signing" #421
- Upgrade xml-encryption to 1.0.0 #420
- convert privateCert to PEM for signing #390
- add support for encrypted nameIDs in SLO request handling #408
- Issue #206: Support signing AuthnRequests using the HTTP-POST Binding #207
- Add tests to check for correct logout #418
- added passReqToCallback to docs #417
- Fix an issue readme formatting #416
- attributeConsumingServiceIndex can be zero #414
- Bring-up xml-crypto to 1.4.0 #400
- fix #393 adding 'inResponseTo' in the profile #404
- Fix #355 missing parts: tests. #402
- Fix minimum version of Node.js in Travis #399
- Add .editorconfig as suggested in #373 #398
- feat: add RequestedAuthnContext Comparison Type parameter #360
- Add option to disable SAML spec AuthnRequest optional value Assertion⦠#315
- Fix broken tests #367
- Update README.md #363
- InResponseTo support for logout #356
- Set explicitChar: true to make XML parsing consistent. Fixes issue #283 and #187 #361
- update xml crypto to 1.1.4 #352
- Create a way to get provider metadata when using the MultiSamlStrategy #323
- Fix Node Buffer deprecation warning: update 'new Buffer' to 'Buffer.from()' #342
- Fix #128 documentation for body-parser dependency #326
- Update Node version in package.json to >=6 #340
- Upgrade xml-crypto to 1.1.2 #344
- Fix for failing test #347
- Support InResponseTo validations in MultiSaml #350
- Add SamlResponseXML method to profile object #330
- Adds signing key in the metadata service provider generation. #306
- Update xml-crypto to 1.0.2 #321
- Validate issuer on logout requests/responses if configured #314
- feat(logout): handle null and undefined on nameQualifier #311
- Extend and document the profile object #301
- Handle case of missing InResponseTo when validation is on #302
- entryPoint is compulsory for signed requests #299
- Include support for run-time params to be included in the generated URLs #136
- support multiple authnContext #298
No changelog for this release.
No changelog for this release.
- New Feature: allow customizing the name of the strategy. #262
No changelog for this release.
- Support multiple and dynamic signing certificates #218
- Upd: Mention ADFS 2016 with NameIDFormatError. #242
- [security] Use crypto.randomBytes for ID generation #235
- Fix: "TypeError: Cannot read property 'documentElement' of null" #239
No changelog for this release.
- Add badges to readme #202
- Update README to clarify that saml.cert requires a PEM-encoded x509 c⦠#133
No changelog for this release.
No changelog for this release.
- Remove unused ejs package from devDeps #195
- Add the ability to sign with SHA-512 #173
- Support detached encrypted key #166
- Fixes #170: Clarify that the certificate are looking for is: #171
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.
No changelog for this release.