News:
- SATOSA, through upgraded pysaml2, now supports an MDQ server as metadata source.
- The
publish_metadata
SAML plugin configuration parameter has been removed due to incorrect functionality.
Fixes:
OpenIDConnectFrontend
now specifies which attributes it will release for a request. This allows the consent micro service to filter the incoming attributes before displaying only the relevant attributes to the user for approval.- The metadata generation script will not write empty frontend SAML metadata.
SAMLFrontend
will respect the NameID format from the NameID policy in SP's metadata if the authentication request does not contain a NameID policy.
Improvements:
OpenIDConnectFrontend
has been refactored to allow for easier subclassing.- SATOSA will fail on startup if any plugin configuration file can't be loaded.
- Minor updates in the documentation for clarity.