Skip to content

OneLogin's SAML PHP Toolkit v3.7.0

Compare
Choose a tag to compare
@pitbulk pitbulk released this 30 May 15:23
· 7 commits to 3.x-dev since this release
  • #586 IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
  • #585 Declare conditional return types
  • Make Saml2\Auth can accept a param $spValidationOnly
  • #577 Allow empty NameID value when no strict or wantNameId is false
  • #570 Support X509 cert comments
  • #569 Add parameter to exclude validUntil on SP Metadata XML
  • #551 Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
  • #487 Enable strict check on in_array method
  • Make Saml2\Auth can accept a param $spValidationOnly
  • Fix typos on readme.
  • Add warning about Open Redirect and Reply attacks
  • Add warning about the use of IdpMetadataParser class. If Metadata URLs
    are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF
  • Fix test payloads
  • Remove references to OneLogin.