6.18.4

Full Changelog: 6.18.3...6.18.4

6.18.1

What's Changed

• Remove confusing key_id from stepup callout logging by @thijskh in #1344
• Bugfix: stricter regex; disallow trailing newline by @tvdijen in #1339
• Bump nanoid from 3.3.6 to 3.3.8 in /theme by @dependabot[bot] in #1779
• Update Devconf installation and docs by @pablothedude in #1781
• Fix composer lockfile by @pablothedude in #1785
• Make content container slightly wider by @johanib in #1784
• Improve handling of PDP timeout error by @johanib in #1787
• Improve IDP debug email by @johanib in #1788
• Add ARP numeric key exception by @pablothedude in #1783
• Use assertion id for session index by @pablothedude in #1794
• Add configurable client timeout by @pablothedude in #1797
• Make Docker logging to stderr the default by @pablothedude in #1792
• Bump elliptic from 6.6.0 to 6.6.1 in /theme by @dependabot[bot] in #1810
• Read & store metadata coin collab_enabled by @johanib in #1818
• Fix: Use correct database engine version by @johanib in #1811
• Feat: Implement Discovery support by @johanib in #1800
• Correct the db server version based on production. by @johanib in #1820
• Add in flight authentication limit by @pablothedude in #1803
• Add explicit IdP signing key feedback by @pablothedude in #1791
• Feat: configurable default RequestedAuthnContext by @tvdijen in #1821
• Bump simplesamlphp/saml2 from 4.16.14 to 4.17.0 by @dependabot[bot] in #1822
• Allow configurable user attributes for Stepup by @pablothedude in #1828
• Update behat & remove abandoned container-interop/container-interop by @tvdijen in #1832
• Remove trailing slash on void elements by @tvdijen in #1837
• Fix bug: remember Choice cookie has double quotes around the entityID by @ArnoutvdKnaap in #1839
• Bump pbkdf2 from 3.1.2 to 3.1.3 in /theme by @dependabot[bot] in #1836
• Prevent Stepup user attributes filtered by ARP by @pablothedude in #1850
• Only use discoveries on Wayf to prevent double entries by @pablothedude in #1853

Full Changelog: 6.15.3.1...6.18.1

6.15.5

Full Changelog: 6.15.4.1...6.15.5

7.0.0-beta1

What's Changed

• PHP 7.4 > 8.2 & Symfony 3.4 > 5.4 by @johanib in #1876
• Fix deprecation: replace apple-specific meta-tag by @tvdijen in #1808
• Improve log: add issuer to debug message by @tvdijen in #1782
• Remove stray throw by @johanib in #1879
• Update release notes to mention PHP 8.2 and SF 5.4 by @johanib in #1882
• Bump sha.js from 2.4.11 to 2.4.12 in /theme by @dependabot[bot] in #1855
• Bump cipher-base from 1.0.4 to 1.0.6 in /theme by @dependabot[bot] in #1854
• Bump tmp from 0.2.1 to 0.2.4 in /tests/e2e by @dependabot[bot] in #1848
• Upgrade dependencies to fix upstream security issues by @baszoetekouw in #1884
• Remove old yarn pin for @cypress/requests. by @baszoetekouw in #1885
• Fix hardcoded parameters being duplicated and not overridable by @johanib in #1886
• Fix release builds by @baszoetekouw in #1887

Full Changelog: 6.18.0...7.0.0-beta1

6.18.0

6.18.0

Dependencies:

• This release requires Manage >= 9.0.1; for the IdP-based PDP calls, Manage 9.4 is required.

Maintenance:

• Replace abandoned container-interop/container-interop
• HTML templates: remove trailing slash on void elements
• Update pbkdf2 from 3.1.2 to 3.1.3 in /theme

New feature:

• Support for adding UserAtributes in the SFO AuthnRequest to the Stepup-Gateway (#1826).
  This is required for GSSP Fallback.
  The feature_stepup_send_user_attributes setting is used to enable this feature;
  if enabled, specify the attributes to add to the AuthnRequest using stepup.callout_user_attributes.
  The default is to send schacHomeOrganization and mail.
• Prevent double entries in the Discovery caused by duplicate name:* and DiscoveryName:*` entries in Manage (#1852)
• Request PDP decision based on IdP-setting (#1857); in Manage (>=9.4) it is possible to set the
  coin:policy_enforcement_decision_required flag for an IdP in addition to for an SP. Also policies no longer require an SP to
  be specified and can be applied to all logins from an IdP.

Changes:

• Set width of the debug page to browser width (#1790)

Bugfixes:

• Correctly json-decode the rememberchoice cookie
• Engine ARP must not apply to user atrributes sent to stepup callout (#1849)
• Make sure the javascript assets are versioned (#1869)

6.17.0 (not released)

Dependencies:

• This release requires Manage >= 9.0.1

Maintenance:

• Update database client version to MariaDB 10.6.0
• Upgrade saml2 library to 4.17.0
• Update nanoid to 3.3.6
• Update elliptic to 6.6.1
• Update Devconf installation and docs
• Fix composer lock file (#1785)

New Features:

• Add configurable default RequestedAuthnContext
  By setting the Manage option metadata:coin:defaultRAC for an IdP, this value will be sent by
  default if no other is set (either in the AuthnRequest or form a fixed MFA rule).
• Support additional WAYF entries per IdP Endpoint with dedicated name, logo, keywords (#1338);
  multiple WAYF-entries per IdP can be specified by filling the DiscoveryName:[0-9]:<lang>,
  keywords:[0-9]:<lang> and logo:[0-9]:<lang> fields.
  See also OpenConext-manage#457
• Add configurable client timeout for AA and PDP (#1777).
  Add the setting http_client.timeout to parameters.yml to set the limit.
• Limited the number of outstanding AuthNRequests per session (#1345).
  Add the setting maximum_authentications_per_session to parameters.yml to set the limit.

Changes:

• Remove confusing key_id from stepup callout logging (#1343)
• Read & store metadata coin:collab_enabled (#1818);
  this setting does nothing for now but prepares for merging of SBS integration
• Make the consent container slightly wider (#1324)
• Improve the formatting and readability of the IdP debug mail (#1330)
• Stricter regex for urn validation (#1339)
• Improve validation of allowed values for eduPersonScopedAffiliation
• Use assertion id for session index (#41)
• Log to stderr by default (#1796)
• Add explicit IdP signing key feedback (#1328)

Bugfixes

• Improve handling of PDP timeout error (#1285)
• Validate numeric key in ARP settings on metadata push (#1336)
• Set the correct database version in doctrine (#1811)

6.15.4.1

Full Changelog: 6.15.4...6.15.4.1

6.18.0-beta3

What's Changed

• Prevent Stepup user attributes filtered by ARP by @pablothedude in #1850
• Only use discoveries on Wayf to prevent double entries by @pablothedude in #1853

Full Changelog: 6.18.0-beta1...6.18.0-beta3

6.18.0-beta2

What's Changed

• Prevent Stepup user attributes filtered by ARP by @pablothedude in #1850

Full Changelog: 6.18.0-beta1...6.18.0-beta2

6.18.0-beta1

What's Changed

• Allow configurable user attributes for Stepup by @pablothedude in #1828
• Update behat & remove abandoned container-interop/container-interop by @tvdijen in #1832
• Remove trailing slash on void elements by @tvdijen in #1837
• Fix bug: remember Choice cookie has double quotes around the entityID by @ArnoutvdKnaap in #1839
• Bump pbkdf2 from 3.1.2 to 3.1.3 in /theme by @dependabot[bot] in #1836

Full Changelog: 6.17.0-beta...6.18.0-beta1

6.17.0-beta

What's Changed

• Make content container slightly wider by @johanib in #1784
• Improve handling of PDP timeout error by @johanib in #1787
• Improve IDP debug email by @johanib in #1788
• Add ARP numeric key exception by @pablothedude in #1783
• Use assertion id for session index by @pablothedude in #1794
• Add configurable client timeout by @pablothedude in #1797
• Make Docker logging to stderr the default by @pablothedude in #1792
• Bump elliptic from 6.6.0 to 6.6.1 in /theme by @dependabot in #1810
• Read & store metadata coin collab_enabled by @johanib in #1818
• Fix: Use correct database engine version by @johanib in #1811
• Feat: Implement Discovery support by @johanib in #1800
• Correct the db server version based on production. by @johanib in #1820
• Add in flight authentication limit by @pablothedude in #1803
• Add explicit IdP signing key feedback by @pablothedude in #1791
• Feat: configurable default RequestedAuthnContext by @tvdijen in #1821
• Bump simplesamlphp/saml2 from 4.16.14 to 4.17.0 by @dependabot in #1822

New Contributors

• @johanib made their first contribution in #1784

Full Changelog: 6.15.4-beta1...6.17.0-beta