CHANGELOG.md
<a name="v2.1.0"></a>
### v2.1.0 (2022-03-01)
#### Refactor
* Rename usage of deprecated SAML options ([74ed8df](/../../commit/74ed8df))
#### Chores
* bump ruby-saml to 1.12 ([15c156a](/../../commit/15c156a))
<a name="v2.0.0"></a>
### v2.0.0 (2021-01-13)
#### Chores
* Allow OmniAuth 2.0.0 ([f7ec7ee](/../../commit/f7ec7ee))
<a name="v1.10.3"></a>
### v1.10.3 (2020-10-06)
#### Bug Fixes
* add options to logout_request initialization ([c271a37](/../../commit/c271a37))
<a name="v1.10.2"></a>
### v1.10.2 (2018-05-23)
#### Features
* **saml**
* inherits allows response options from ruby-saml instead of whitelist ([a0eedd6](/../../commit/a0eedd6))
<a name="v1.10.1"></a>
### v1.10.1 (2018-06-07)
#### Features
* **saml-response**
* whitelist more response options ([575198d](/../../commit/575198d))
<a name="v1.10.0"></a>
### v1.10.0 (2018-02-19)
#### Bug Fixes
* ambiguous path match in other phase ([1b465b9](/../../commit/1b465b9))
* Update ruby-saml gem to 1.7 or later to fix CVE-2017-11430 ([6bc28ad](/../../commit/6bc28ad))
<a name="v1.9.0"></a>
### v1.9.0 (2018-01-29)
#### Bug Fixes
* Update omniauth gem to 1.3.2 or later 1.3.x ([b6bb425](/../../commit/b6bb425))
<a name="v1.8.1"></a>
### v1.8.1 (2017-06-22)
#### Bug Fixes
* default assertion_consumer_service_url not set during callback ([4a2a5ef](/../../commit/4a2a5ef))
<a name="v1.8.0"></a>
### v1.8.0 (2017-06-07)
#### Features
* include SessionIndex in logout requests ([fb6ad86](/../../commit/fb6ad86))
* Support for configurable IdP SLO session destruction ([586bf89](/../../commit/586bf89))
* Add `uid_attribute` option to control the attribute used for the user id. ([eacc536](/../../commit/eacc536))
<a name="v1.7.0"></a>
### v1.7.0 (2016-10-19)
#### Features
* Support for Single Logout ([cd3fc43](/../../commit/cd3fc43))
* Add issuer information to the metadata endpoint, to allow IdPs to properly configure themselves. ([7bbbb67](/../../commit/7bbbb67))
* Added the response object to the extra['response_object'], so we can use the raw response object if we want to. ([76ed3d6](/../../commit/76ed3d6))
#### Chores
* Update `ruby-saml` to 1.4.0 to address security fixes. ([638212](/../../commit/638212))
<a name="v1.6.0"></a>
### v1.6.0 (2016-06-27)
* Ensure that subclasses of `OmniAuth::Stategies::SAML` are registered with OmniAuth as strategies (https://github.com/omniauth/omniauth-saml/pull/95)
* Update ruby-saml to 1.3 to address [CVE-2016-5697](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5697) (Signature wrapping attacks)
<a name="v1.5.0"></a>
### v1.5.0 (2016-02-25)
* Initialize OneLogin::RubySaml::Response instance with settings
* Adding "settings" to Response Class at initialization to handle signing verification
* Support custom attributes
* change URL from PracticallyGreen to omniauth
* Add specs for ACS fallback URL behavior
* Call validation earlier to get real error instead of 'response missing name_id'
* Avoid mutation of the options hash during requests and callbacks
<a name="v1.4.2"></a>
### v1.4.2 (2016-02-09)
* update ruby-saml to 1.1
<a name="v1.4.1"></a>
### v1.4.1 (2015-08-09)
* Configurable attribute_consuming_service
<a name="v1.4.0"></a>
### v1.4.0 (2015-07-23)
* update ruby-saml to 1.0.0
<a name="v1.3.1"></a>
### v1.3.1 (2015-02-26)
* Added missing fingerprint key check
* Expose fingerprint on the auth_hash
<a name="v1.3.0"></a>
### v1.3.0 (2015-01-23)
* add `idp_cert_fingerprint_validator` option
<a name="v1.2.0"></a>
### v1.2.0 (2014-03-19)
* provide SP metadata at `/auth/saml/metadata`
<a name="v1.1.0"></a>
### v1.1.0 (2013-11-07)
* no longer set a default `name_identifier_format`
* pass strategy options to the underlying ruby-saml library
* fallback to omniauth callback url if `assertion_consumer_service_url` is not set
* add `idp_sso_target_url_runtime_params` option
<a name="v1.0.0"></a>
### v1.0.0 (2012-11-12)
* remove SAML code and port to ruby-saml gem
* fix incompatibility with OmniAuth 1.1
<a name="v0.9.2"></a>
### v0.9.2 (2012-03-30)
* validate the SAML response
* 100% test coverage
* now requires ruby 1.9.2+
<a name="v0.9.1"></a>
### v0.9.1 (2012-02-23)
* return first and last name in the info hash
* no longer use LDAP OIDs for name and email selection
* return SAML attributes as the omniauth raw_info hash
<a name="v0.9.0"></a>
### v0.9.0 (2012-02-14)
* initial release
* extracts commits from omniauth 0-3-stable branch
* port to omniauth 1.0 strategy format
* update README with more documentation and license
* package as the `omniauth-saml` gem