News:
- SATOSA, through upgraded pysaml2, now supports an MDQ server as metadata source.
- The
publish_metadataSAML plugin configuration parameter has been removed due to incorrect functionality.
Fixes:
OpenIDConnectFrontendnow specifies which attributes it will release for a request. This allows the consent micro service to filter the incoming attributes before displaying only the relevant attributes to the user for approval.- The metadata generation script will not write empty frontend SAML metadata.
SAMLFrontendwill respect the NameID format from the NameID policy in SP's metadata if the authentication request does not contain a NameID policy.
Improvements:
OpenIDConnectFrontendhas been refactored to allow for easier subclassing.- SATOSA will fail on startup if any plugin configuration file can't be loaded.
- Minor updates in the documentation for clarity.