Release Notes

Visit omniauth-wsfed on RubyGems.org.

Release Notes

v 0.2.3 - 07/25/2014 (Dependency Updates)

• Gem dependency updates.

v 0.2.2 - 08/02/2013 (Refactoring, Dependency Updates)

• Refactor to move ALL auth_request URL generation to AuthRequest class.
• Gem dependency updates.

v 0.2.1 - 05/11/2013 (Validation Fixes)

• Removed AuthN token Created_At validation. Details here.

v 0.2.0 - 02/22/2013 (Validation)

• Implemented WS-Trust and WS* field validation in AuthN token:
  • Audience/Realm - validates the token's intent is specific to the relying party's realm
  • Created - validates token creation date is not a timestamp in the future
  • Expires - validates token has not exceeded its expiration timestamp at the time of validation
• Added additional callback validations:
  • Token Issuer - requires the token issuer matches the configured issuer URI
  • Claims - validates the list of AuthN claims is not empty
  • Name/UID - validates the existence of a valid :id_claim as specified in the config settings
• Added a significant amount of unit tests to validate new functionality as well as existing, untested functionality.
• Factored out the Microsoft Windows Azure ACS JSON IdP feed functionality into a separate gem -- azure-acs.

v 0.1.0 - 09/07/2012 (Initial Release)

• WS-Federation redirect for authentication supporting the following query string parameters:
  • [wa] - wsignin1.0 action
  • [wtrealm] - application/resource security realm
  • [wreply] - application reply-to/callback URL
  • [wtc] - current time of the authentication request
  • [whr] - home realm identifier
• WS-Trust response parsing - SAML token signature and claims validation.
• WS-Federation home realm discovery - using [whr] query string parameter or custom URL.
• Supports SAML 2.0 token format.
• Bonus support for Microsoft Windows Azure ACS IdP JSON feed for custom home realm discovery.