Version 1.7.0 with support for Single Log Out

v1.7.0 (2016-10-19)

Features

• Support for Single Logout (cd3fc43)
• Add issuer information to the metadata endpoint, to allow IdPs to properly configure themselves. (7bbbb67)
• Added the response object to the extra['response_object'], so we can use the raw response object if we want to. (76ed3d6)

Chores

• Update ruby-saml to 1.4.0 to address security fixes. (638212)

Version 1.6.0 with updated `ruby-saml`

1.6.0 (2016-06-27)

• Ensure that subclasses of OmniAuth::Stategies::SAML are registered with OmniAuth as strategies (#95)
• Update ruby-saml to 1.3 to address CVE-2016-5697 (Signature wrapping attacks)

v1.5.0 with support for custom attributes

1.5.0 (2016-02-25)

• Initialize OneLogin::RubySaml::Response instance with settings
• Adding "settings" to Response Class at initialization to handle signing verification
• Support custom attributes
• change URL from PracticallyGreen to omniauth
• Add specs for ACS fallback URL behavior
• Call validation earlier to get real error instead of 'response missing name_id'
• Avoid mutation of the options hash during requests and callbacks

Updated `ruby-saml` to 1.1.1

With this release ruby-saml was updated to 1.1.1, which most notably brings support for a SAMLResponse without a ds:x509certificate. It is now possible to define the certificate within the settings and use that certificate to validate the responses.

Configurable attribute_consuming_service

v1.4.1

Configurable attribute_consuming_service.

Now using ruby-saml 1.0.0

v1.4.0

Now using ruby-saml v1.0.0.

ruby-saml adaptations

Merge pull request #35 from tomhipkin/hotfix/ruby-saml-update

Bump ruby-saml to version 0.8.1