- #273 Support SAMLResponse without ds:x509certificate
- #270 Allow SAML elements to come from any namespace (at decryption process)
- #261 Allow validate_subject_confirmation Response validation to be skipped
- #258 Fix allowed_clock_drift on the validate_session_expiration test
- #256 Separate the create_authentication_xml_doc in two methods.
- #255 Refactor validate signature.
- #254 Handle empty URI references
- #251 Support qualified and unqualified NameID in attributes
- #234 Add explicit support for JRuby
- #247 Avoid entity expansion (XEE attacks)
- #246 Fix bug generating Logout Response (issuer was at wrong order)
- #243 and #244 Fix metadata builder errors. Fix metadata xsd.
- #241 Add decrypt support (EncryptID and EncryptedAssertion). Improve compatibility with namespaces.
- #240 and #238 Improve test coverage and refactor.
- #239 Improve security: Add more validations to SAMLResponse, LogoutRequest and LogoutResponse. Refactor code and improve tests coverage.
- #237 Don't pretty print metadata by default.
- #235 Remove the soft parameter from validation methods. Now can be configured on the settings and each class read it and store as an attribute of the class. Adding some validations and refactor old ones.
- #232 Improve validations: Store the causes in the errors array, code refactor
- #231 Refactor HTTP-Redirect Sign method, Move test data to right folder
- #226 Ensure IdP certificate is formatted properly
- #225 Add documentation to several methods. Fix xpath injection on xml_security.rb
- #223 Allow logging to be delegated to an arbitrary Logger
- #222 No more silent failure fetching idp metadata (OneLogin::RubySaml::HttpError raised).
- #216 Add fingerprint algorithm support
- #218 Update README.md
- #214 Cleanup
SamlMessageclass - #213 Add ability to sign metadata. (Improved)
- #212 Rename library entry point
- #210 Call assert in tests
- #208 Update tests and CI for Ruby 2.2.0
- #205 Allow requirement of single files
- #204 Require ‘net/http’ library
- #201 Freeze and duplicate default security settings hash so that it doesn't get modified.
- #200 Set default SSL certificate store in Ruby 1.8.
- #199 Change Nokogiri's runtime dependency to fix support for Ruby 1.8.7.
- #179 Add support for setting the entity ID and name ID format when parsing metadata
- #175 Introduce thread safety to SAML schema validation
- #171 Fix inconsistent results with using regex matches in decode_raw_saml
- #169 WantAssertionSigned should be either true or false
- #167 (doc update) make unit of clock drift obvious
- #160 Extended solution for Attributes method [] can raise NoMethodError
- #158 Added ability to specify attribute services in metadata
- #154 Fix incorrect gem declaration statement
- #152 Fix the PR #99
- #150 Nokogiri already in gemspec
- #147 Fix LogoutResponse issuer validation and implement SAML Response issuer validation.
- #144 Fix DigestMethod lookup bug
- #139 Fixes handling of some soft and hard validation failures
- #138 Change logoutrequest.rb to UTC time
- #136 Remote idp metadata
- #135 Restored support for NIL as well as empty AttributeValues
- #134 explicitly require "onelogin/ruby-saml/logging"
- #133 Added license to gemspec
- #132 Support AttributeConsumingServiceIndex in AuthnRequest
- #131 Add ruby 2.1.1 to .travis.yml
- #122 Fixes #112 and #117 in a backwards compatible manner
- #119 Add support for extracting IdP details from metadata xml
- #183 Resolved a security vulnerability where string interpolation in a
REXML::XPath.first()method call allowed for arbitrary code execution.
IMPORTANT: This release changed namespace of the gem from OneLogin::Saml to OneLogin::RubySaml. Please update your implementations of the gem accordingly.
Updated gem dependencies to be compatible with Ruby 1.8.7-p374 and 1.9.3-p448. Removed unnecessary canonix gem dependency.