Skip to content

Latest commit

 

History

History
88 lines (60 loc) · 5.15 KB

CHANGELOG.md

File metadata and controls

88 lines (60 loc) · 5.15 KB

Changelog

[0.7.2] - 2020-04-14

Many thanks for major contributions (especially on the testing front where the project was lacking) from Amertz08 and askvortsov1

Added

  • Major and breaking change: Service Providers are now backed by the database instead of being configured via the settings: #51
  • Test coverage has been improved significantly. CI was added to run tests, linting and report code coverage which will improve stability of development.
  • Django 3.0 is added to the tests matrix. We currently are doing Python 3.6, 3.7, 3.8, 3.9 and Django 2.2, 3.0, 3.1.

Removed

  • Dropped Python 3.5.
  • Django 2.0 and 2.1 as they are no longer officially supported Django versions.

[0.6.3] - 2020-02-10

Bugfix release, thanks to contributions from pix666 in #61

[0.6.2] - 2020-02-03

Bugfix release, thanks to contributions from @mjholtkamp in #54, #55, and #56

[0.6.1] - 2019-12-13

Many thanks for contributions to @askvortsov1 and @peppelinux for the contributions in this release

Added

  • More NameID formats supported, and a check on support for a format by the IDP was added. #32, #38, #46
  • The field on user to be used for the NameID can now be configured per SP via the nameid_field in the SAML_IDP_SPCONFIG.
  • The setting for signed responses and assertions can be configured per SP in the SAML_IDP_SPCONFIG. The default algorithm if not specified has been upgraded from SHA1 to SHA256. #35
  • SLO (single_logout_service) support for both POST and REDIRECT binding. The path of the new view is slo/<str:binding>/. #23
  • The attribute_mapping per SP in the SAML_IDP_SPCONFIG for constructing the identity dict now accepts a callable method on an object next to a normal attribute.
  • Assertions can now be encrypted. This can be configured per SP using the encrypt_saml_responses in the SAML_IDP_SPCONFIG, and set globally using the SAML_ENCRYPT_AUTHN_RESPONSE setting. #36

Changed

  • BREAKING CHANGE: the create_identity(...) method on the Processor class has had it's signature change. It now does not accept extra kwargs anymore, only the user and the attribute_mapping. This might or might not be relevant to you; it is if you have subclassed a processor and have customized the create_identity method there.
  • Improved logging with pretty representation of requests/responses.

[0.5.0] - 2019-01-12

Many thanks for contributions to @lgarvey

Added

  • The user identifier attribute is now customizable via the SAML_IDP_DJANGO_USERNAME_FIELD settings. PR#20
  • Supports the HTTP REDIRECT binding. PR#20
  • Bugfix in the NameID generation where destination instead of entity ID was used. #18

Changed

  • BREAKING CHANGE: the has_access(user) method on the Processor class has been changed to has_access(request). This to allow a broader scope of access control checks to perform. If you have subclassed the BaseProcessor class and have overriden this method with a custom implementation, you will need to change this.

[0.4.1] - 2018-08-09

Many thanks for contributions to @jlunger-arcweb

Added

  • IDP-initiated login
  • Example project extended with IDP-initiated login and improved docs on it

[0.4.0] - 2018-08-08

Many thanks for contributions to @peppelinux, @saundersmatt, @JosephKiranBabu

Added

  • Python 3 support
  • Django 2.x supported. Tested with 2.0 and 2.1
  • Added some docstring on certain methods
  • Added decorators to the views to restrict allowed HTTP methods, and disable browser caching of the views.

Changed

  • Multi Factor Authentication: view is now a Class-Based View for easier subclassing. Functionality remains the same, so users who have implemented their own view with this name will not break.
  • Updated certificates included in the example project
  • Reworked login process view to a CBV.
  • Small updates to example project to show where you are in the browser.

Removed

  • Python 2 support
  • Django < 2.x support

[0.3.0] - 2017

Many thanks for contributions to @goetzk

Added

  • Multi factor authentication