v3.18.2

What's Changed

• Supporting ForceAuthn SAML request attribute by @MohammedAlmeshal in #357

New Contributors

• @MohammedAlmeshal made their first contribution in #357

Full Changelog: v3.18.1...v3.18.2

v3.18.1

What's Changed

• Add clarity on the return object type of TRIGGER.GET_METADATA_AUTO_CONF_URLS by @noppanut15 in #355
• Update deps by @mostafa in #356

New Contributors

• @noppanut15 made their first contribution in #355

Full Changelog: v3.18.0...v3.18.1

v3.18.0

What's Changed

• feat: Separate the Build and Deploy job by @henryh9n in #349
• feat: Trigger to get custom frontend URLs by @henryh9n in #350

Full Changelog: v3.17.0...v3.18.0

v3.17.0

What's Changed

• feat: Allow custom assertion URIs by @henryh9n in #348

Full Changelog: v3.16.0...v3.17.0

v3.16.0

What's Changed

• [feat] Implement a setting to disable the exception handler. by @henryh9n in #345

New Contributors

• @henryh9n made their first contribution in #345

Full Changelog: v3.15.0...v3.16.0

v3.15.0

This release introduces a new feature that allows the extraction of custom attributes from the SAML Response during user identity processing. The new hook function, TRIGGER.EXTRACT_USER_IDENTITY, accepts two parameters:

1. A user dictionary that has been processed by the extract_user_identity function.
2. A decoded but unvalidated AuthnResponse object, provided as a raw XML string.

If this function is implemented, it MUST return the user dictionary or optionally enrich it with additional attributes extracted from the AuthnResponse.

Warning

This hook function receives an unvalidated and unverified raw XML string. Extreme caution is required to validate the attributes before using them. For example, the Issuer and NameID attributes should at minimum be verified to contain a valid URL and URN, respectively. For further details, refer to this discussion.

What's Changed

• Extract user identity hook by @mostafa in #344

Full Changelog: v3.13.0...v3.15.0

v3.14.0

What's Changed

• Update README.md - replaced url() with re_path() by @oussjarrousse in #229
• Update README.md by @tsr10 in #269
• Log exception traceback if DEBUG is enabled by @mostafa in #281
• Revamp tooling by @mostafa in #286
• Bump types-setuptools from 68.0.0.3 to 69.5.0.20240423 by @dependabot in #279
• Bump pysaml2 from 7.4.2 to 7.5.0 by @dependabot in #289
• Bump setuptools from 67.8.0 to 69.5.1 by @dependabot in #287
• Bump interrogate from 1.5.0 to 1.7.0 by @dependabot in #288
• Bump cyclonedx-bom from 3.11.0 to 4.4.3 by @dependabot in #292
• Update README.md by @rrauenza in #296
• Fix NameIdFormat policy naming to comply with PySaml2 by @CodeGuro in #264
• Long awaited refactoring by @mostafa in #339
• Allow claims-like attribute keys by @wrabit in #253
• feat(trigger): add custom get metadata hook by @sgabb in #342

New Contributors

• @oussjarrousse made their first contribution in #229
• @tsr10 made their first contribution in #269
• @rrauenza made their first contribution in #296
• @CodeGuro made their first contribution in #264
• @wrabit made their first contribution in #253

Full Changelog: v3.12.0...v3.14.0

v3.12.0

This release contains version updates, deprecation and fixes to encryption. Support for Python 3.7 and 3.8 are removed, as well as Django 4.0 and 4.1. The encryption in this library was tricky, and with fixes by @gregorywong, it is supposed to work as expected. If you are already using CERT_FILE and KEY_FILE parameters, you don't need to touch anything, as the ENCRYPTION_KEYPAIRS will be automatically populated. Also, pysaml2 is updated to 7.4.2 to add support for xmlsec1 v.1.3.x, thanks to @mvbattista. The other dependencies are updated as well.

What's Changed

• Bump pyjwt from 2.7.0 to 2.8.0 by @dependabot in #193
• Bump responses from 0.23.1 to 0.23.3 by @dependabot in #197
• Add ENCRYPTION_KEYPAIRS to settings by @gregorywong in #216
• Release v3.12.0 by @mostafa in #218

New Contributors

• @gregorywong made their first contribution in #216
• @mvbattista made their first contribution in #218 (#204)

Full Changelog: v3.11.0...v3.12.0

v3.11.0

This release contains 3 important features:

1. Long sought-after debugging. See how to debug.
2. Support for key and certificate files, configurable via KEY_FILE: str and CERT_FILE: str respectively, thanks to @sgabb.
3. Support for creating groups if they don't exist in Django based on incoming IdP group attribute statements, configurable via CREATE_GROUPS: bool, thanks to @santigandolfo.

What's Changed

• Bump coverage from 7.2.6 to 7.2.7 by @dependabot in #171
• feat(settings): add cert and key file by @sgabb in #176
• Add proper debug config by @mostafa in #185
• Add CREATE_GROUPS boolean to Settings by @santigandolfo in #191
• Release v3.11.0 by @mostafa in #186

New Contributors

• @santigandolfo made their first contribution in #191

Full Changelog: v3.10.0...v3.11.0

v3.10.0

What's Changed

• Bump responses from 0.21.0 to 0.22.0 by @dependabot in #98
• Bump types-setuptools from 65.4.0.0 to 65.5.0.1 by @dependabot in #99
• Bump pyjwt from 2.5.0 to 2.6.0 by @dependabot in #100
• [Snyk] Security upgrade setuptools from 39.0.1 to 65.5.1 by @mostafa in #123
• [Snyk] Security upgrade setuptools from 39.0.1 to 65.5.1 by @snyk-bot in #113
• Bump pytest from 7.1.3 to 7.2.0 by @dependabot in #102
• Bump django-stubs from 1.12.0 to 1.13.1 by @dependabot in #118
• Bump types-setuptools from 65.5.0.1 to 65.6.0.3 by @dependabot in #126
• Bump cyclonedx-bom from 3.6.3 to 3.10.1 by @dependabot in #122
• login page redirect url passed as RelayState instead of "login_next_url" by @gnuman in #164
• Update dependencies by @mostafa in #170

New Contributors

• @snyk-bot made their first contribution in #113
• @gnuman made their first contribution in #164

Full Changelog: v3.9.0...v3.10.0