Revision history for Perl extension Net::SAML2.
0.60 -- Mon Sep 19 10:53:23 ADT 2022
[ Significant Changes since 0.59 ]
There are multiple potentially BREAKING CHANGES depending on how you
have written your application. Your application may need updates for
this version.
[BREAKING CHANGES]
- Support multiple signing keys in the metadata. This version attempts
to ensure compatibility but the call to Net::SAML2::IdP->cert will return
an array of certs for each 'use'. It is, however, likely that there will
only be one cert in the array.
- Net::SAML2::Binding::SOAP was improved. The call to
Net::SAML2::Binding::SOAP->handle_request() now returns the XML whereas in
the past it returned the certificate's subject and the xml as an array.
This make it consistent with the Redirect and POST Bindings.
- Net::SAML2::Binding::POST was also improved. Previously the call to
Net::SAML2::Binding::POST->handle_response() returned inconsistent results
depending on whether a cacert was provided. This version returns the XML
of the decoded request.
- The testapp required only changes related to the call to
Net::SAML2::IdP->cert($use) that now returns an ARRAY.
[Changes of note:]
- Support multiple signing keys in the metadata. This version attempts to
ensure compatability but the call to Net::SAML2::IdP->cert will return an
array of certs for each $use. It is, however, likely that there will only
be one cert in the array.
- Redirects now validate the raw URI that is passed to the call. It is
assumed that the URI that your application has sent is unmodified from the
response that the web server received. lighttpd in particular normalizes
the response and will break Redirects from Microsoft Azure
(see lighttpd.conf in xt/testapp for a working configuration)
- Net::SAML2::Binding::SOAP and Net::SAML2::Binding::POST were improved.
- SAML trust anchors were implemented and the verification of the SAML
response was improved. It is possible to validate the response with
subject, issuer or issuer_hash as anchors in addition to the cacert.
Neither cacert nor anchors are required as long as the signature of
the response is valid. The cacert has not been required for the
Redirect or SOAP binding so this treats SOAP the same.
[Required Application Updates]
- There were several changed to the test suite that will likely need to be
made in your application:
- To support metadata.xml containing multiple KeyDescriptors the call to
Net::SAML2::IdP->cert($use) now returns an ARRAY. As this is an helper
function that is meant to allow you to pass the cert to another Net::SAML2
call it was deemed low risk. Your code may be unaffected.
- The call to Net::SAML2::Binding::SOAP->handle_request() needs to be updated
to reflect that it returns only the decoded XML not an array of the
Certificate Subject and XML. Depending how your application uses the
response will determine whether changes are required.
- The call to Net::SAML2::Binding::POST->handle_response() returned
inconsistent results depending on whether a cacert was provided. This
version returns the XML of the decoded request. Previously it returned
either 1 for success or if a cacert was used, either "(verified) and the
certificate Subject" or 0 if the certificate verification failed.
- The lighttpd.conf for the testapp did require a change to prevent it from
"normalizing" a SAML Logout Redirect. There are contradictory RFCs
concerning SAML and the "normalising" URIs. If you use lighttpd in a SAML
application with AZURE as your SAML IdP see
[lighttpd.conf](https://github.com/perl-net-saml2/perl-Net-SAML2/commit/3855393eb454097e1e326a516a573f37ce3456a3#diff-8fd15aaa870fd2b9cda596bf3bb870ce2723ae412e55f0b653124b45d87e1bea)
[Possible Impacts]
- It is worth noting that the testapp (that implements a rudimentary Service
Provider) included in the git repo did not require any changes to the
application for this version.
- While my setup tests against multiple IdPs I do not have a working SOAP
IdP at present.
[ Full Change Log ]
- e95e7c2 Fix bug where two keys with different usage fails
- 33092f1 Add isDefault when isDefault is missing in assertion_consumer_service
- 66a4146 Bump version to .60
- 812ea36 0.59 updates
- f589dd0 v0.59
- c1b25f9 Sync changes with the wiki page and clean up indents
- 2c432f2 Remove unnecessary parameters
- 3855393 Allow URIs that do not include scheme and host in redirect
- e1774b6 Update docs for Net::SAML2::Protocol::LogoutRequest
- fdcfbeb Fix docs for Net::SAML2::Binding::Redirect
- 8d24c89 Update docs for Net::SAML2::Protocol::ArtifactResolve
- 27f6508 Update docs for Net::SAML::SP
- 4a89679 Fix docs for Net::SAML2::Binding::SOAP
- f43727d Verify the SAMLResponse based on the raw query string
- 50f5c8a Fixes #12 - multiple signing keys in metadata
- 4902c89 Make SAML trust anchors work on verification of the SAML request
- af68b68 SOAP binding does not require a cacert anymore
- 1854e35 Implement verify_xml() call which only verifies the XML
0.59 -- Wed Aug 24 22:23:53 ADT 2022
There were no changes other than incrementing the version number
from 0.58-TRIAL.
- 564fa93 (tag: 0.59) Update Changes for .58 release
- 2a43f4e v0.58
0.58 -- Fri Aug 12 16:25:59 ADT 2022
[ Significant Changes since 0.57 ]
You will want to test this release. There are numerous changes and
improvements but nothing that obviously breaks functionality.
- Fix bug where NameID Format was an empty string and broke the
constructor for the LogoutRequest in Net::SAML::SP logout_request.
- Add tests for lowercase URL encoded data
A potential change is upcoming, so we want to have tests to ack/nack
the claims of that new change.
- Enclose SOAP action in double quotes
- Allow error URI to be a full fledged URI in Net::SAML::SP
- The generated id is now 32 bytes of randomness instead of 16 bytes
previously
- SAML2 constants moved to URN::OASIS::SAML2
- Make cacert optional in Net::SAML2::SP as it is only needed for the
SOAP request call
- Add Indexes to the assertion_consumer_service in Net::SAML::SP
This allows you to later on ask for the default assertion service by
using get_default_assertion_service().
- Allow injecting own LWP::UserAgent to IdP new_from_url
- When reading metadata we previously always provided a default NameID
Format. We no longer do this, we only return the NameID format if it
was provided by the metadata.
- Make provider optional in Protocol::ArtifactResolve
Previous versions supplied a default when as_xml was called, this
default has been removed.
- Optional parameters in Binding::Redirect
You now need to supply less parameters when verifying the redirect
request (SAMLResponse).
- Optional attributes for NameID in LogoutRequest
In order to respect the SAML specifications the NameQualifier and
SPNameQualifier are omitted from the LogoutRequest. In case you need
the NameQualifier and the SPNameQualifier you'll now need
include_name_qualifier to be set in the constructor. When the NameID
Format is urn:oasis:names:tc:SAML:2.0:nameidformat:persistent, both
become mandatory. For those who need to set the SPNameQualifier to
be the Affiliation Group ID we have affiliation_group_id for you in
the constructor.
[ Change Log ]
- a245b94 Add test for lowercase url escaping
- ba0a803 Fix author tests with dzil
- 97898a2 fix pod for Assertion->nameid_format
- 523ba92 Add missing POD for nameid, nameid_format in Protocol::Assertion
- fb3085d Update Changes for 0.57
- 6c63ed1 Make attributes in NameID optional
- d69b7dd Install sub::name first to prevent pipeline failures
- 7310b6c Bump version string post .57 release
- 8b83b3e Make params optional in Binding::Redirect for SAMLResponse
- 3b2b96b Use cpm instead of cpanminus
- bc7eb07 nameid_format cannot be a zero length string
- 1c5af31 Be able to inject own LWP::UserAgent to IdP new_from_url
- 2abeb49 Add license to distro
- 3f7c673 Install deps manually
- 7f400a0 Install deps manually
- 14c075c Fix documentation and general code cleanup
- ca9fce1 Small refactor on Protocol::AuthnRequest
- 14fb479 Add builder to Binding::SOAP for LWP::UA
- 70ac5d0 Refactor Binding::SOAP::request
- 830275f Add nameid as a node so we can get the value and/or the format
- 066100f Really make provider optional in Protocol::ArtifactResolve
- 5673bb5 v0.56
- 3c7f390 Set version in main module for downstream developers
- 22dbf06 Remove Dockerfile, we have github actions now
- 18fa0ed Add defaults to Net::SAML2::Binding::Redirect
- 6fe4bdc Fix contributers automaticly from git
- 1348af5 Add the index in the assertion_consumer_service
- 02ab7be Make cacert optional in Net::SAML2::SP
- 858dc57 Remove setting default format when not present in metadata
- 9e7c88a Introduce URN_XXX constants in NET::SAML2::SP
- b2e3020 Change from 16 to 32 bytes of randomness
- 42159bc Allow error URI to be a full fledged URI
0.57 -- Fri Aug 05 23:34:05 ADT 2022
[ Release 0.56-TRIAL as 0.57 ]
[ Significant Changes since 0.55 ]
- Numerous fixes and cleanups thanks to Wesley Schwengle (waterkip)
- Functionality changes mostly limited to Net::SAML2::SP
- metadata signing has been improved
- updates to github actions
- new API for ACS/SLO data in metadata
0.56 -- Sun Jul 24 23:52:56 ADT 2022
[ Significant Changes since 0.55 ]
- Numerous fixes and cleanups thanks to Wesley Schwengle (waterkip)
- Functionality changes mostly limited to Net::SAML2::SP
- metadata signing has been improved
- updates to github actions
- new API for ACS/SLO data in metadata
[ Change Log ]
- signing metadata is now optional
- 8ee4f57 Merge pull request #69 from waterkip/GH-46_acs_and_slo_injections
- 027d300 fixup! Implement new API for ACS/SLO data in metadata
- d81549a Implement new API for ACS/SLO data in metadata
- 01d5fb7 Merge pull request #67 from waterkip/testsuite-defaults
- 7c51e1b Merge pull request #68 from waterkip/GH-actions
- 10b9ab0 Only use defaults/required attrs in net_saml2_sp() test method
- 55d6e5e Install Moose in a seperate action
- f4d0718 Run Github actions on pull requests
- 7eb44fe Make Math::Pari installable
- 1fe7b8b cpanm is provided by the perl images
- 7f0c885 Update perl images in the matrix
- 915adaa Merge pull request #65 from waterkip/GH-cleanup-dist.ini
- f754ad7 Merge pull request #66 from waterkip/GH-46-optional_URIs
- b25642f Make some URI's optional in the constructor
- f01ef30 Remove dependencies from dist.ini
- 57142a1 Merge pull request #64 from waterkip/bug-61
- 5e6c0f0 Add ds:KeyName to md:KeyDescriptor/ds:Keyinfo
- c6b9dfb Fix SAML metadata signing
- b18d316 Add missing pod from PR #62
- 9f8cd26 Merge pull request #62 from waterkip/sign-metadata_optional
- 7e637b7 Make signing metadata optional
- beba53f Merge pull request #63 from waterkip/cert-text_builder
- 493af8c Merge pull request #60 from waterkip/sp-defaults
- 29503c9 Use builder for _cert_text
- 5e94d9c Add defaults to authnreq_signed and want_assertions_signed
- c2e49e4 v0.55
- 159332d (tag: 0.55) Bump version for 0.55 release
0.55 -- Fri Apr 15 21:06:36 ADT 2022
[ Significant Changes since 0.53 ]
Support for EncryptedAssertions is automatic if one is received but the
call to Net::SAML2::Protocol::Assertion must provide a key and cacert to
decrypt the EncryptedAssertion and Verify the Signature on the decrypted
Assertion if it is Signed. No changes are required for existing applications
that do not use EncryptedAssertions.
[ Commits ]
- 159332d Bump version for 0.55 release
- 92a1eb5 Support Unsigned encrypted Assertions
- 39016c6 v0.54
0.54 -- Sat Apr 09 18:13:04 ADT 2022
[ Significant Changes since 0.53 ]
Support for EncryptedAssertion
[ Commits ]
- b166c3e Updates for new Version
- ab8c986 Move to OurPkgVersion and remove VERSION from repo
- 6d1b058 Merge pull request #57 from timlegge/encrypted-assertions
- bff02f7 Minor lighttpd config update for testapp
- 94e42b0 Support EncryptedAssertions
- 34a432c v0.53
0.53 -- Thu Feb 03 21:02:47 AST 2022
[Significant Changes since 0.52]
- Fix bug with Saml LogoutResponse on HTTP-Redirect Binding introduced in 0.52
- testapp: simplify testing by allowing easier testing against multiple IdPs
- 22d2b2a (HEAD -> master) Update version information
- 13c18ee Merge pull request #56 from timlegge/testapp-multiple-idp-support
- a2ff662 Allow custom config.yml file per Identity Provider
- 4bf230a Add support for multiple IdPs to the SamlTest testapp Makes
testing against Multiple IdPs much simpler to setup and configure
- 905f78a SP initiated SAMLLogout has SAMLResponse on redirect
- 378ea9b v0.52
0.52 -- Sun Jan 30 23:17:19 AST 2022
[Significant Changes since 0.49]
- Document IdP and SP initiated LogoutRequest handling
- Fix issue if multiple X509Certificate tags are found in metadata
- 5d70bac Update for official release
- b753644 Update Makefile.PL and README
0.51 -- Sun Jan 30 14:15:43 AST 2022
- d4153b5 v0.51
- a9f5ca5 Fix the Commit ids - forgot to rebase before push
0.50 -- Sun Jan 30 13:59:48 AST 2022
- 8cc6d8e v0.50
- af1deee Add additional deveeloper files to .gitignore
- 8223e85 Remove eol spaces
- 3eb54d3 Create a pid file for lighttpd
- 89393ab Merge pull request #55 from timlegge/master
- 237ef74 NameId Format is optional in the LogoutRequest
- a8ee006 Fix an un reported issue validating URL with extra parameters
- b096862 Fixes issue in Discusion #54 when there are multiple
X509Certificate tags in the metadata
- 11ba7f4 Add information related to the LogoutRequest and
LogoutResponse that can be either SP of IdP initiated
- 5780c6c Move from File::Slurp to File::Slurper
0.49 -- Tue Dec 07 21:22:58 AST 2021
[Significant Changes since 0.46]
- Net::SAML2::XML::Sig is now a subclass of XML::Sig
- XML::Sig 0.52 is now a dependency
- 064f718 v0.49
- 6e76482 Simplify dist.ini and add SignReleaseNotes
- e96982c Bump Version
- 3fc63f5 v0.48
0.48 -- Mon Dec 06 16:53:49 AST 2021
- 8589b4a Update Version
- 9c73463 Missing VERSION and Abstract
- 586fd5b v0.47
0.47 -- Sun Dec 05 15:07:51 AST 2021
- e580299 Update version number
- 837aa20 add strict and warnings to quiet author critic
- 2ff8aeb Merge pull request #51 from timlegge/move-to-xml-sig
- 3634910 test of properly handling comments in nameid and email
- 4c20821 Moving to XML::Sig - keeping them in sync is a pain
0.46 -- Thu Nov 25 21:53:52 AST 2021
- dd9776e Merge pull request #50 from timlegge/issue-38
- 54cf599 Testapp should display unicode
- ac74ac4 Fixes Issue #49 - Issue verifying XML that includes wide characters
- 5afc7dd Add strict and warnings to tests
- c20ed8c Add strict and warnings and move existing to the stop
- 26c53c1 v0.45
- 5397713 (tag: 0.45) Update for new version
0.45 -- Wed Nov 17 17:33:34 AST 2021
- 594d135 add missing use statement (ziali088)
0.44 -- Sun Oct 31 14:33:03 ADT 2021
- Packaging issue reissuing 0.43 without changes
0.43 -- Sat Oct 30 23:09:24 ADT 2021
[Release Version of 0.42]
- No changes
[Significant Changes since 0.40]
- COMPATABILITY WARNING: version 0.44 will likely make sha256 the default
- HTTP-Redirect now supports signing and verifying with more than rsa-sha1
- include HTTP-Post for SingleLogoutService in generated metadata
- Destination missing in LogoutRequest
- Added PingIdentity to the tested IdPs
- Most other changes related to the testapp Saml2Test (in git repo)
- Fix issue with LogoutResponse on HTTP-Redirect for some IdP (Azure, Ping)
- Make SP metadata.xml more configuable and sign
0.42 -- Fri Oct 29 22:35:53 ADT 2021
[Significant Changes since 0.40]
- COMPATABILITY WARNING: version 0.44 will likely make sha256 the default
- HTTP-Redirect now supports signing and verifying with more than rsa-sha1
- include HTTP-Post for SingleLogoutService in generated metadata
- Destination missing in LogoutRequest
- Added PingIdentity to the tested IdPs
- Most other changes related to the testapp Saml2Test (in git repo)
- Fix issue with LogoutResponse on HTTP-Redirect for some IdP (Azure, Ping)
- Make SP metadata.xml more configuable and sign
[Change Log]
- b9d4786 Merge pull request #44 from timlegge/azure-lowercase
- 4f2a40c Update for latest build
- ffd4188 Add issuer to make testing between multiple IdPs clearer
- 1049084 Fix issues with LogoutResponse
- 378c815 Merge pull request #43 from timlegge/metadata
- bfe0966 Sign Metadata
- 1cd0003 Net::SAML2::SP configurable values for metadata
0.41 -- Thu Oct 21 17:59:37 ADT 2021
[Significant Changes since 0.40]
- COMPATABILITY WARNING: version 0.44 will likely make sha256 the default
- HTTP-Redirect now supports signing and verifying with more than rsa-sha1
- include HTTP-Post for SingleLogoutService in generated metadata
- Destination missing in LogoutRequest
- Added PingIdentity to the tested IdPs
- Most other changes related to the testapp Saml2Test (in git repo)
[Change Log]
- 07b68dd v0.41
- c4ec6e2 Merge pull request #38 from timlegge/dist-changes
- 54e612e Improve packaging and update changes
- 1d894a9 testapp: prevent app error if the are no slo_urls
- d6e2ab9 testapp: Change to decoding in sls-redirect-response
- 23240d8 Fixes #30 - Modules withou version and cleanup missing Abstract
- 9c5585b Merge pull request #37 from timlegge/testapp
- c51ba51 Tested compatiblity against PingIdentity
- b4d3fe9 Remove end of line spaces
- 41ef582 testapp: provide documentation on how to use the Saml2Test application
- 5a8ebb7 Fixes #36 testapp: metadata is rendered as text by the browser
- f1e2eca testapp: add .gitignore file testapp
- ca4b8bd Fixes #35: Metadata does not include HTTP-Post for SingleLogoutService
- 64008da testapp: Better org_name
- 22073bb Update certificates with 10 year expiration
- f215c40 testapp: add lightttpd.conf to proxy https traffic to testapp on port 3000
- f92ba77 testapp: provide lighttpd config to deliver a metatdata.xml file
- 2d671a4 Fixes #32: HTTP-Redirect should support more than sha1
- 5e2425a testapp: Make required settings configurable
- f70b0a5 Fixes #34: testapp: Dancer request_uri is not decoded
- 8c0d048 testapp: Fixes #33 Destination is not properly assigned
- 6e0a685 Fixes #31 Destination missing in LogoutRequest
- 652c763 testapp: support post for LogoutResponse
0.40 - 2021-07-26
[Significant Changes since 0.38]
- Add support for Auth0 SAML (bug fix)
- Add options to allow https for metadata urls
[Change Log]
- TDD Update Changes and Increment version
- 314df85 Remove Test::TrailingSpace keeps failing on automatic License file
- 9bc0901 Mention TUTORIAL.md in synopsis and README
- 343ae20 Rename Tutorial
- b5591cc Update documentation for ssl_opts for Idp new_from_url
0.39-TRIAL - 2021-07-25
[Change Log]
- b34f4f8 Update Changes and Increment version
- 5921d12 Fixes #28 support https urls for metadata
- 95a2311 Fixes #29 which also supports Auth0 SAML
- 09591b6 Test InResponseTo on Assertions
0.38 - 2021-07-23
[Change Log]
- 88abdeb Update Changes and Increment version
0.37-TRIAL - 2021-07-21
[Change Log]
- cc4e029 Update Changes and Increment version
- f6227a4 Replace remaining XML::XPath with XML::libXML
0.36-TRIAL - 2021-07-15
[Change Log]
- 7bddf72 Update Changes and Increment version
- be1a42f Remove no_comments call from IdP
0.35-TRIAL - 2021-07-14
[Significant Changes]
Replaces XML::XPath with XML::libXML which is better maintained and more
powerful. XML::libXML options are set to disable loading external documents
and expanding entities as well as disabling network access.
[Change Log]
- a071834 Update Changes and Increment version
- 3741d2a Replace XML::XPath with XML::libXML
- f3887f5 Fixup Contributors and cleanup README
- 9d8c3bd Automatically generate README for repo
- 4a1f2ef Update dist.ini to use Pod2Readme
0.34 - 2021-03-30
[Significant Changes since 0.32]
- Mostly an improvement in documentation
- Implement "full client" test that follows TUTORIAL.md
- TUTORIAL.md documents how to add Net::SAML2 to your web application
- Numerous small bug fixes/enhancements
- Improvements in SP Metadata support
- Add response_status to Assertion object
- XML::Sig version 0.47 (improvements in ECDSA and DSA and other fixes)
[Change Log]
- 1ef0848 Update Changes and Increment version
0.33-TRIAL - 2021-03-28
[Significant Changes]
- Mostly an improvement in documentation
- Implement "full client" test that follows TUTORIAL.md
- TUTORIAL.md documents how to add Net::SAML2 to your web application
- Numerous small bug fixes/enhancements
- Improvements in SP Metadata support
- Add response_status to Assertion object
- XML::Sig version 0.47 (improvements in ECDSA and DSA and other fixes)
[Change Log]
- 844d0be Update Changes and Increment version
- 7fabe59 Merge XML::Sig version 0.47
- d62059f Add Keycloak as a tested SAML provider
- f626fc5 Sign releases
- 86eabae Remove space at eol
- 64c8862 Test requires URI::URL
- 664a0da Merge pull request #27 from timlegge/full-client
- ab7e344 Add missing files
- 971a951 Add missing metadat file
- 171fd63 Merge pull request #26 from timlegge/full-client
- cdfe47e Initial full client test
- 1b07070 Add response_status to Assertion object
- bcee1ea Clarify Net::SAML2::Binding::Redirect cert parameter
- fb126f2 Merge pull request #25 from timlegge/tutorial
- db801af Update pod information
- 1887f90 Fix invalid newlines inserted
- 840585a Update TUTORIAL.MD
- 2987c08 TUTORIAL missing closing tag
- c34dead Merge pull request #23 from timlegge/tutorial
- cf1ac4b Fixes #22 New tutorial for integrating Net::SAML2 in your application
- 67b9ab1 Merge pull request #21 from timlegge/issue19
- 5377ecd Merge pull request #20 from timlegge/issue18
- 339d5f9 Fixes #19: SP Metadata AuthnRequestsSigned and WantAssertionsSigned should be configurable
- 9944c41 Fixes #18 - SP metatdata org_url
- 305c587 Fixes #13 - ProviderName should be a variable
- 68629bd Fixes #14 Improve clarity of documentaion for Redirect
- 8c14615 Fixes #15 Documentation IdP Cert
0.32 16-Jan-2022
Version 0.31-TRIAL with version incremented
Significant Changes since 0.29
1. Replace Crypt::OpenSSL::Verify509
2. Merge latest XML::Sig
780de03 Update Changes and Increment version
0.31-TRIAL 15-Jan-2021
78fe988 Update Changes and Increment version
71d67e5 Merge pull request #11 from timlegge/xml-writer
2c6780a Fixes #10: XML::Writer requires newer version
0.30-TRIAL 13-Jan-2021
Significant Changes
1. Replace Crypt::OpenSSL::Verify509
2. Merge latest XML::Sig
Warning: This release require the installation of Crypt::OpenSSL::Verify.
0d07622 Merge pull request #9 from timlegge/crypt-openssl-verify
929894c Update Changes and Increment version
ccaa892 Remove the installation of Crypt::OpenSSL::VerifyX509 from action
36d0a5c Move to Crypt-OpenSSL-Verify as Crypt-OpenSSL-Verify is not supported
af050d5 Merge pull request #8 from timlegge/merge-xml-sig
91208a2 Update dependencies for Net::SAML2::XML::Sig
359a0bd Merge XML::Sig version 0.39
200c0ae Update some documentation details
ed3c265 Merge XML::Sig version 0.38
dfefef6 Remove XML::Lib added XML Declaration from Signed XML
a39774f Copy updated XML::Sig and update name and version
0.29 12-Jan-2021
Small release to update issues location to be github
6a03758 Update Changes and Increment version
08e1a17 Fixes #7 - Move issues to github
0.28 04-Jul-2020
Increment Version for official release
3cffcc7 Merge pull request #6 from perl-net-saml2/v0.27-prep
9630745 (tag: 0.28, upstream/v0.27-prep) Release Version 0.28
0.27-TRIAL 03-Jul-2020
Some overhaul of the Moose code and a couple of XML::Sig fixes
as well as a fix to work with Perl 5.10 (Upgrade please upgrade)
As a point of interest the external XML::Sig module has been updated
and is now capable of replacing Net::SAML2::XML::Sig
9afd005 Increment version to 0.27
ccba8d8 Update Changes for v0.27
82ed211 Update Changes
5fe44e3 Add contributing info
e9c3fa8 Improve GitHub Action and reduce time required
2ecbc2b Use default Moose types instead of MooseX::Types::Moose
ecee8bf Add predicates to Net::SAML2::Protocol::AuthnRequest
7562ff1 Make use of builders instead of using BUILDARGS
d46073c Specify Canonical exclusive mode for XML::Sig
597d346 RSA|DSAKeyValue have KeyValue element
00f6276 Reverse order of Changes file
6f1ee32 Merge pull request #1 from waterkip/perl-510
ca48803 Fix perl 5.10 issue with `//=` syntax
a31840e Fix github action for newer versions of perl Checkout
patched Crypt::OpenSSL::VerifyX509
6c67af9 Fix perl 5.10 issue with `//=` syntax
739673c Release does not need Docker file
7c346f7 Update README.md
ce250ee Update Makefile Version
3d65d76 Try to fix hard coded directory
13ceb8c Update changes for version 0.26
0.26-TRIAL TBD
Some major changes in the test suite but overall minor changes to
the rest of the module
Thanks to https://github.com/waterkip Wesley Schwengle for the
overhaul of the test suite
15596bb Increment Version
82a8b54 Add pod documentation
62817ca Update changes
c4c7db6 Remove unneeded manual dependency from github workflow
56051db Update testsuite
8c62593 Move testapp to author tests
f4cec75 Remove Data::Dumper
0d1ccd8 Small setup in which Net::SAML2 is build in Docker
4746957 Make it easier to inspect makefile.pl and cpanfile
bae12de Really need to fix this
e399dd2 Missed a hard coded version
09ee6f3 Hard coded directory not ideal
ab5418d (tag: 0.25) Update Changes and increment the version
0.25 Tue, 19 May 2020 23:40:26 GMT
What happened to version v0.21 to v0.24?
The version of the embeded XML::Sig was higher that that of Net::SAML2
which causes some issues in packaging so this release simply skipped the
versions 0.21 to 0.24. Not much else to say
Minor changes for the most part but a requested release based on the
removal of XML::Cannonical. In fact that could be the only functionality
change present.
80db64d Add provides section of META
8b39923 Add github action to test build
38b05fd Make t/author/podcoverage.t a developer only test
7473f54 XML::Canonical was removed as an option due to its age
50d4314 t/09-authn-request.t: update tests for signed requests
bf07c83 Generate META.json via dist.ini
cac4ad7 Add missing pod info for Protocol/ArtifactResolve.pm
b260946 Update README.md
0.20 Mon 13 Apr 2020 22:25 UTC
First official release since 0.17
See Changes for updates includes in prior unofficial releases
b2af5f7 Ignore Build directories and Build archives
4293ece Delete file added by mistake and increment version number
bcfcc21 Embedded tabs to Space
f792089 Protocol/Assertion.pm: improve documentation and test for in_response_to
f7e3965 Improve Redirect dobumentation
474f1b7 Fix lib/Net/SAML2/IdP.pm docs
3087931 Fix up AuthnRequest docs and improve test
4caff6b Add Contributors to dist.ini
bd665c4 (additional-tests) Improve AuthnReq documentation
a492107 Add link to github repo
6fb076c Create README.md
963d871 (tag: 0.20.03-TRIAL) Add dist.ini
f4232c2 Update changes for 0.20.03 TRIAL
0.20.03 TRIAL
The following people have contributed code and fixed issues since
the last official version 0.17 by Chris Andrews
Alessandro Ranellucci <aar@cpan.org>
dmborque@gmail.com
Jeff Fearn <jfearn@redhat.com>
Mike Wisener <mwisener@secureworks.com>
Mike Wisener <xmikew@cpan.org>
Peter Marschall <peter@adpm.de>
Timothy Legge <timlegge@gmail.com>
xmikew <github@32ths.com>
Based on Github repo https://github.com/timlegge/perl-Net-SAML2
6657a95 Delete dynamic packaging files and update version
225a3b4 Missed a trailing space
12230c8 Fix the end of lines
f353d18 Update changes since 0.17 add repo ref
2b6f908 Update changes since 0.17
34b7ce3 Fix #12 Some tests are always passing
6be1c12 Fix Issue #6 - cert required in Binding/Redirect
772f26f Fix Issue #4 - Missing paramaters in SYNOPSIS
17e5aa4 Add additional pod coverage
7d3a69f Fix pod syntax
0.19.05 Sat 4 May 2019
Unreleased
Github release only https://github.com/timlegge/perl-Net-SAML2/releases
b37bb43 Cleanup whitespace issues
a0d3754 (origin/dev) Cleanup whitespace issues
4cb8313 Bump Version
6177d15 XML::Tidy is now a dependancy
b034e7f Remove comments from XML before processing it
8167478 Initial support to remove comments from XML
894e6f3 Testing changes to remove comments
6ecf28e nameid_format is not required
aae8f3b NameIDFormat is optional in metadata
a606e20 Update ProtocolMessage.pm
xsd:ID cannot start with a numberĀ·
Github fork from https://github.com/alranel/perl-Net-SAML2
9d2bcb5 Added parsing of substatus
3d40cd9 Add validation of InResponseTo and fix a bug in assertion
parsing
8bfc7c2 Have issuer and destination be populated for all messages
9818895 Bugfix: due to an upstream bug, attributes parsing did
not work when using custom namespace aliases
4fea809 Make CA validation optional; add assertion_index and
attribute_index
038d418 One more fix for namespace declarations
dd06637 Fix namespace declarations for AuthnRequest
cc77b85 Allow empty AuthnContextClassRef and AuthnContextDeclRef
91509f5 Quotes
29f74d9 Added RequestedAuthnContext to AuthnRequest
7f459c3 Added nameidpolicy_format to AuthnRequest
6ba6096 Added issuer_namequalifier and issuer_format to AuthnRequest
6cc8de3 Bugfix: X509Certificate was not read when input XML didn't use
the 'ds:' alias
1489051 Make the AuthnRequest attributes writeable
f37bdbd Make IdP certificate verification emit a warning instead of
croaking
0.17_06 Tue 2 May 2017
Unreleased
Github Only fork https://github.com/xmikew/perl-Net-SAML2
e6efb23 (tag: v0.17_06) Bump version
211ee5c Bump version
b6abed4 Fix XML::Sig.pm verify function to properly handle nodeset
returns from ->find. ->find always returns something according
to the documentation. Check ->size to determine proper verify
method (cert, rsa, dsa).
f7d26b9 Merge branch 'jfearn-devel'
e5f3140 Clean up add in_response_to to Assertation
5d3256a Added support to Sig.pm for sha's > sha1 Fix Sig.pm to only grap
the root signature, assertating sigs where breaking it Add some
strictures and warnings
b0adf09 Set proper case on XML::XPath attribute
3184145 expose xpath object on the assertion
6f46088 - merge post_with_cert branch > Accept cert_text in POST
constructor and pass along to XML::Sig allows verification
using IDP metadata of POST data.
45ef539 Add XML::Writer
4e3ff81 - AuthnRequest XML generation moved to XML::Writer - Allow
Subject, AssertionConsumerServiceURL and protocol-binding -
Remove requirement of Destination attribute.
a9a7492 (origin/idp_params) Allow slo_urls and art_urls to be undef
- not required by SAMLv2 spec
e3ccd0d Merge branch 'multiple_sig_support'
2596d6a Sig.pm: use Digest::SHA instead of Digest:SHA1
a3e3deb add additional attribute 'key' to Net::SAML2::SP
ebd4c76 IdP.pm: simplify $idp->format() a bit
13bc56d documentation updates
48fc1cb Sig.pm: improve compatibility with simplesamlphp
710d85d tell encode_base64 to not add newlines to returned digest
0.17 Fri 13 Jan 2012 13:41:23 GMT
Handle the InclusiveNamespaces element in XML Signature
Handle embedded certificate data presented without newlines.
0.16 Tue 01 Mar 2011 09:40:13 GMT
Use the IdP's advertised NameID formats.
0.15 Wed 09 Feb 2011 14:55:28 GMT
Handle unwrapped base64 certificate data in IdP metadata.
0.14 Thu 13 Jan 2011 19:26:46 GMT
Add SingleLogout with Redirect binding to SP metadata
Rename local copy of XML::Sig.
0.12 Thu 13 Jan 2011 12:59:02 GMT
PAUSE-hide the local XML::Sig
0.11 Wed 12 Jan 2011 21:07:42 GMT
Test Updates
0.10 Tue 11 Jan 2011 15:11:38 GMT
First usable version.
POD, tests, Moose, etc.
Embeds a local copy of XML::Sig
0.01_01 Mon 4 Oct 2010 12:47:56 BST
Initial version.
This version will correctly perform Web Browser SSO, but
with caveats. See the embedded documentation for details.