1.7.0 (Feb 27, 2018)

1.7.0

• Fix vulnerability CVE-2017-11428. Process text of nodes properly, ignoring comments

1.6.2 (Feb 28, 2018)

• Fix vulnerability CVE-2017-11428. Process text of nodes properly, ignoring comments

v0.9.3

0.9.3 (Feb 27, 2018)

• Fix vulnerability CVE-2017-11428. Process text of nodes properly, ignoring comments

v0.8.3

0.8.3 (Feb 27, 2018)

• Fix vulnerability CVE-2017-11428. Process text of nodes properly, ignoring comments
• Fix DigestMethod lookup bug #144

1.6.1 (January 15, 2018)

• #428 Fix a bug on IdPMetadataParser when parsing certificates
• #426 Ensure Rails responds to logger

1.6.0 (November 27, 2017)

• #418 Improve SAML message signature validation using original encoded parameters instead decoded in order to avoid conflicts (URL-encoding is not canonical, reported issues with ADFS)
• #420 Expose NameID Format on SloLogoutrequest
• #423 Allow format_cert to work with chained certificates
• #422 Use to_s for requested attribute value

1.5.0 (August 31, 2017)

• #400 When validating Signature use stored IdP certficate if Signature contains no info about Certificate
• #402 Fix validate_response_state method that rejected SAMLResponses when using idp_cert_multi and idp_cert and idp_cert_fingerprint were not provided.
• #411 Allow space in Base64 string
• #407 Improve IdpMetadataParser raising an ArgumentError when parser method receive a metadata string with no IDPSSODescriptor element.
• #374 Support more than one level of StatusCode
• #405 Support ADFS encrypted key (Accept KeyInfo nodes with no ds namespace)

1.4.3 (May 18, 2017)

• Added SubjectConfirmation Recipient validation
• #393 Implement IdpMetadataParser#parse_to_hash
• Adapt IdP XML metadata parser to take care of multiple IdP certificates and be able to inject the data obtained on the settings.
• Improve binding detection on idp metadata parser
• #373 Allow metadata to be retrieved from source containing data for multiple entities
• Be able to register future SP x509cert on the settings and publish it on SP metadata
• Be able to register more than 1 Identity Provider x509cert, linked with an specific use (signing or encryption.
• Improve regex to detect base64 encoded messages
• Fix binding configuration example in README.md
• Add Fix SLO request. Correct NameQualifier/SPNameQualifier values.
• Validate serial number as string to work around libxml2 limitation
• Propagate isRequired on md:RequestedAttribute when generating SP metadata

1.4.2 (January 11, 2017)

• Improve tests format
• Fix nokogiri requirements based on ruby version
• Only publish KeyDescriptor[use="encryption"] at SP metadata if security[:want_assertions_encrypted] is true
• Be able to skip destination validation
• Improved inResponse validation on SAMLResponses and LogoutResponses
• [#354] Allow scheme and domain to match ignoring case
• [#363] Add support for multiple requested attributes

1.4.1 (October 19, 2016)

• #357 Add EncryptedAttribute support. Improve decrypt method
• Allow multiple authn_context_decl_ref in settings
• Allow options[:settings] to be an hash for Settings overrides in IdpMetadataParser#parse
• Recover issuers method