Version 7.0.1

7.0.1 (2020-06-09)

• build: fix the CI release process

Version 7.0.0

7.0.0 (2020-06-09)

• Make the AuthnContextClassRefs available through the context
• Extend YAML parsing to understand the !ENV and !ENVFILE tags, that read
  values or file contents from the environment
• Add satosa.yaml module to handle YAML parsing
• BREAKING: Remove previously deprecated configuration options:
  • hash: use the hasher micro-service instead
  • USER_ID_HASH_SALT: use the hasher micro-service instead
• BREAKING: Remove previously deprecated classes:
  • SAMLInternalResponse: use satosa.internal.InternalData instead
  • InternalRequest: use satosa.internal.InternalData instead
  • InternalResponse: use satosa.internal.InternalData instead
  • UserIdHashType: use the hasher micro-service instead
  • UserIdHasher: use the hasher micro-service instead
• BREAKING: Remove previously deprecated functions:
  • hash_attributes: use the hasher micro-service instead
  • oidc_subject_type_to_hash_type: use satosa.internal.InternalData.subject_type directly
  • saml_name_id_format_to_hash_type: use satosa.internal.InternalData.subject_type directly
  • hash_type_to_saml_name_id_format: use satosa.internal.InternalData.subject_type directly
• BREAKING: Remove previously deprecated modules:
  • src/satosa/internal_data.py
• BREAKING: Remove previously deprecated properties of the saml2.internal.InternalData class:
  • name_id: use use subject_id instead,
  • user_id: use subject_id instead,
  • user_id_hash_type: use subject_type instead,
  • approved_attributes: use attributes instead,
• The cookie is now a session-cookie; To have the the cookie removed
  immediately after use, the CONTEXT_STATE_DELETE configuration option should
  be set to True
• Create dedicated module to handle the proxy version
• Set the logger to log to stdout on DEBUG level by default
• Cleanup code around the wsgi calls
• micro-services: separate core from micro-services; drop checks for
  micro-services order; drop references to the Consent and AccountLinking
  micro-services
• micro-services: generate a random name for the pool name when REUSABLE client
  strategy is used for the ldap-attribute-store micro-service.
• docs: improve example proxy configuration
• docs: minor fixes/typos/etc
• build: update CI to use Travis-CI stages
• build: run tests for Python3.8
• build: tag docker image by commit, branch, PR number, version and "latest"

Version 6.1.0

6.1.0 (2020-02-28)

• Set the SameSite cookie attribute to "None"
• Add compatibility support for the SameSite attribute for incompatible
  browsers
• Set the Secure attribute of the cookie, always
• Set minimum pysaml2 version to make sure we get a version patched for
  CVE-2020-5390
• Fix typos and improve documetation
• Set the session-id when state is created
• Use LinkedIn API v2

Version 6.0.0

6.0.0 (2019-12-17)

• properly support mutliple values when converting internal attributes to OIDC
  claims. For all claims other than the ones define in OIDC core specification,
  the same values as the ones that have been set in the internal representation
  will be returned.
• improve log handling
• micro-services: Better handling of single-value attribute by LdapAttributeStore

Version 5.0.0

5.0.0 (2019-11-07)

Notice: Support for python 3.5 has been dropped.

• Add a dict-like interface to the internal objects
• Fix escaped chars in RegEx strings
• tests: fix warnings
• build: drop support for python 3.5
• misc: typos and formatting

Version 4.5.1

On version 4.5.0 the package version indicator was not changed, but a corresponding branch was created. The version is now changed directly to v4.5.1 to accommodate for the fix commit.

Version 4.5.0

4.5.0 (2019-11-05)

• add options in samlofrontend to encrypt assertion from AuthnResponse
• use saml2.extension.mdui in place of saml2.extension.ui
• improve log handling
• remove logging around state-cookie loading
• print the absolute path of the configuration when failing to read it
• error out if no backend or frontend is configured
• frontends: oidc: support extra_scopes
• frontends: SAMLVirtualCoFrontend: add attribute scope
• backends: orcid: add state parameter to authorization request
• backends: orcid: fix read address attribute
• backends: orcid: fix authorization token header
• backends: bitbucket: new oauth2 backend
• backends: facebook: add more configuration options
• micro-services: improve the ldap_attribute_store
• build: refactor the start.sh docker script
• build: improve travis stages for new releases
• docs: add sequence diagrams for SAML-to-SAML flow
• docs: improve configuration docs
• docs: improve micro-service docs
• misc: correct typos

Version 4.4.0

4.4.0 (2019-07-09)

Trigger new version build to automatically upload to PyPI, docker hub and GitHub.

• Fix travis CI/CD configuration

Version 4.1.0

4.1.0 (2019-07-09)

Trigger new version build to automatically upload to PyPI and docker hub.

• Add release instructions

Version 4.0.0

4.0.0 (2019-07-09)

• Remove the warning filter; users must set the filter themselves
• Refactor internal data representation
  • Deprecate satosa.internal_data module
  • Use satosa.internal module
  • Store the NameID value as satosa.internal.InternalData.subject_id
  • Store the NameID nameid-format as satosa.internal.InternalData.subject_type
• Deprecate hash configuration option set in internal attributes
• Deprecate USER_ID_HASH_SALT configuration option
• Remove attribute hashing
• Deprecate UserIdHasher classes
• Deprecate UserIdHashType enum
• Support SAML NameID nameid-format emailAddress and unspecified
• Accept authn response with no NameID element
• Reset state after cookie decryption failure
• Add API to load data in Context object
  • KEY_BACKEND_METADATA_STORE
  • KEY_TARGET_ENTITYID
  • KEY_FORCE_AUTHN
  • KEY_MEMORIZED_IDP
• Add initial eIDAS support
• Support memoization of IdP selection when using MDQ
• plugins: Warn when AssertionConsumerService binding is HTTP-Redirect in the saml2 backend
• plugins: Add SAMLUnsolicitedFrontend frontend
• plugins: Add SAMLVirtualCoFrontend frontend
• plugins: Add extra_scopes configuration to support multiple scopes
• plugins: Use the latest pyop version
• plugins: Add primary identifier micro-service
• plugins: Misc fixes and improvents for LDAP attribute store micro-service
• plugins: Add verify_ssl option to OIDC backend
• plugins: Add hasher micro-service
• plugins: Add support in frontend for common domain cookie
• plugins: Add Ping frontend
• plugins: Fixes for the account linking micro-service
• tests: Misc improvements
• tests: Use latest pytest
• build: Set supported python versions to py35 py36 py37 and pypy3
  • Dropped support for py34
• build: Set minimum supported pysaml2 version
• docs: Instructions to use with Apache and mod_wsgi
• docs: Add satosa-users mailing list information
• docs: Add ui_info in example configs
• docs: Add GÉANT contribution notice
• docs: Misc typos and improvements