• Allow a SSO request without any attributes besides the NameID info. Backwards-incompatible changes to allow easier behaviour differentiation, two methods now receive the idp identifier (+ **kwargs were added to introduce possible similar changes in the future with less breaking effect):
  • Method signature changed on Saml2Backend.clean_attributes: from clean_attributes(self, attributes: dict) to clean_attributes(self, attributes: dict, idp_entityid: str, **kwargs)
  • Methodignature changed on Saml2Backend.is_authorized: from is_authorized(self, attributes: dict, attribute_mapping: dict) to is_authorized(self, attributes: dict, attribute_mapping: dict, idp_entityid: str, **kwargs)
• SAML session refactor and minor changes in README file
• local Logout - indipendent by IdP SLO Response