forked from pool/python-python3-saml
Matej Cepl
2487e2a9f5
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-python3-saml?expand=0&rev=16
145 lines
6.1 KiB
Plaintext
145 lines
6.1 KiB
Plaintext
-------------------------------------------------------------------
|
|
Fri Dec 30 13:03:38 UTC 2022 - Matej Cepl <mcepl@suse.com>
|
|
|
|
- Clean up SPEC file
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 18 13:36:10 UTC 2022 - Markéta Machová <mmachova@suse.com>
|
|
|
|
- No need to skip Python 3.10 anymore
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 23 07:59:12 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 1.14.0:
|
|
* Add support for python 3.10 and cleanup the GHA
|
|
* Remove stats from coveralls removed as they are no longer maintained
|
|
* Add rejectDeprecatedAlgorithm settings in order to be able reject messages
|
|
signed with deprecated algorithms
|
|
* Support building a LogoutResponse with non-success status
|
|
* Replace double-underscored names with single underscores
|
|
* Deprecate server_port from request data dictionary
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 23 07:12:16 UTC 2021 - Matej Cepl <mcepl@suse.com>
|
|
|
|
- Update to 1.11.0:
|
|
- #261 Allow duplicate named attributes, controlled by a new
|
|
setting
|
|
- #268 Make the redirect scheme matcher case-insensitive
|
|
- #256 Improve signature validation process. Add an option to
|
|
use query string for validation
|
|
- #259 Add get metadata timeout
|
|
- #246 Add the ability to change the ProtocolBinding in the
|
|
authn request.
|
|
- #248 Move storing the response data into its own method in
|
|
the Auth class
|
|
- Remove the dependency on defusedxml
|
|
- #241 Improve AttributeConsumingService support
|
|
- Update expired dates from test responses
|
|
- The test suite is still ignored.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 16 09:31:58 UTC 2021 - Matej Cepl <mcepl@suse.com>
|
|
|
|
- The test suite is a complete disaster right now, switching it
|
|
off (gh#onelogin/python3-saml#272).
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 8 09:57:53 UTC 2021 - Matej Cepl <mcepl@suse.com>
|
|
|
|
- Update to 1.10.1:
|
|
- Fix bug on LogoutRequest class, get_idp_slo_response_url was
|
|
used instead get_idp_slo_url
|
|
- Added custom lxml parser based on the one defined at
|
|
xmldefused. Parser will ignore comments and processing
|
|
instructions and by default have deactivated huge_tree, DTD
|
|
and access to external documents
|
|
- Destination URL Comparison is now case-insensitive for netloc
|
|
- Support single-label-domains as valid. New security parameter
|
|
allowSingleLabelDomains
|
|
- Added get_idp_sso_url, get_idp_slo_url and
|
|
get_idp_slo_response_url methods to the Settings class and
|
|
use it in the toolkit
|
|
- #212 Overridability enhancements. Made classes overridable by
|
|
subclassing. Use of classmethods instead staticmethods
|
|
- Add get_friendlyname_attributes support
|
|
- Remove external lib method get_ext_lib_path. Add
|
|
set_cert_path in order to allow set the cert path in a
|
|
different folder than the toolkit
|
|
- Add sha256 instead sha1 algorithm for sign/digest as
|
|
recommended value on documentation and settings
|
|
- #178 Support for adding idp.crt from filesystem
|
|
- Add samlUserdata to demo-flask session
|
|
- Fix autoreloading in demo-tornado
|
|
- Remove bug-testDecryptElement.patch, which has been included
|
|
upstream.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 20 10:36:31 UTC 2020 - pgajdos@suse.com
|
|
|
|
- version update to 1.9.0
|
|
* Allow any number of decimal places for seconds on SAML datetimes
|
|
* Fix failOnAuthnContextMismatch code
|
|
* Improve signature validation when no reference uri
|
|
* Update demo versions. Improve them and add Tornado demo.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 22 13:05:59 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
|
|
|
- Update to 1.7.0:
|
|
* Adjusted acs endpoint to extract NameQualifier and SPNameQualifier from
|
|
SAMLResponse.
|
|
* Adjusted single logout service to provide NameQualifier and SPNameQualifier
|
|
to logout method.
|
|
* Add getNameIdNameQualifier to Auth and SamlResponse.
|
|
* Extend logout method from Auth and LogoutRequest constructor to support.
|
|
* Added get_in_response_to method to Response and LogoutResponse classes
|
|
* Update defusexml dependency
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 10 16:35:14 UTC 2019 - John Vandenberg <jayvdb@gmail.com>
|
|
|
|
- Add explicit dependency on libxmlsec1-openssl1, recommended
|
|
by dependency python-xmlsec so this package may be used without
|
|
needing to select a libxmlsec backend
|
|
- Activate test suite, adding bug-testDecryptElement.patch to
|
|
workaround a test failure, and remove bcond test
|
|
- Build for Python 2, as support has been added upstream
|
|
- Remove unnecessary build dependency on python-devel
|
|
- Use %license
|
|
- Remove live dependency_links and remove == pins from setup.py,
|
|
so installed egg-info isnt broken
|
|
- Update to v1.6.0
|
|
* Add support for Subjects on AuthNRequests by the new
|
|
name_id_value_req parameter
|
|
* Fix for SLO when XML specifies encoding
|
|
* Fixed setting NameFormat attribute for AttributeValue tags
|
|
- from v1.5.0
|
|
* Security improvements. Use of tagid to prevent XPath injection
|
|
Disable DTD on fromstring defusedxml method
|
|
* Check that the response has all of the AuthnContexts provided
|
|
* Adapt renders from Django demo for Django 1.11 version
|
|
* If debug enable, print reason for the SAMLResponse invalidation
|
|
* Fix DSA constant
|
|
* Support NameID children inside of AttributeValue elements
|
|
- from v1.4.1
|
|
* Add ID to EntityDescriptor before sign it on add_sign method
|
|
* Update defusedxml dependencies
|
|
* Update copyright and license reference
|
|
- from 1.4.0
|
|
* Fix CVE-2017-11427. Process text of nodes properly, ignoring comments
|
|
* Improve how fingerprint is calcultated
|
|
* Fix issue with LogoutRequest rejected by ADFS due NameID with
|
|
unspecified format instead no format attribute
|
|
* Fix signature position in the SP metadata
|
|
* Preserve xmlns:xs namespace when signing and serializing responses
|
|
* Redefine NSMAP constant
|
|
* Updated Django demo (Django 1.11)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 25 16:22:46 UTC 2017 - sean.marlow@suse.com
|
|
|
|
- Intial package. v1.3.0
|
|
|