v1.1.0

New Features

• Add option to disable SAML spec AuthnRequest optional value AssertionConsumerServiceURL. (Steven Marusa)
• Add SamlResponseXML method to profile object (@josecolella)
• Support InResponseTo validations in MultiSaml (@stavros-wb)
• Create a way to get provider metadata when using MultiSamlStrategy (@mlunoe)
• Add Requested Authn Context Comparison Type parameter: RACComparison (@osan15, @markstos)

Bug Fixes

• Fix error handling bug with MultiSaml code (@cjbarth)

Internals

• Set explicitChar to true when parsing xml. Now character content of an
  element should be accessed only through ._ (@andkrist)
• Add yarn.lock (@markstos)
• Drop support for Node.js 4. It is EOL'ed
• Upgrade xml-crypto
• Fix Node buffer deprecation warning

v1.0.0

Dependencies

• Upgrade xml-crypto to 1.0.2. Thanks to @elahti

Node Release support

• Node 4 is no longer supported due to EOL status. BREAKING CHANGE.

Validation improvements

• Fixes #180: Signature validation will error if empty signature is provided. BREAKING CHANGE. Thanks to @andrsnn
• Validate issuer on logout requests/responses if configured. Thanks to @stavros-wb
• Handle case of missing InResponseTo when validation is on. Thanks to @cjbarth

Features

• Improve Microsoft Outlook compatibility by handling null as well as undefined Thanks to @sibelius
• Support redirect for Logout flows. Thanks to @stavros-wb
• Adding signing key in the metadata service provider generation BREAKING CHANGE. Thanks to @tmoiron.
• Extend and document the profile opbject. Thanks to @cjbarth
• #298 Thanks to @cjbarth
• Support dynamic SAML configuration lookup Thanks to @stavros-wb

Docs

• Fix typo in README.

v0.35.0

Internals

• Add initial support for DEBUG="passport-saml". (@markstos)

v0.34.0

Internals

• Provide unique diagnostic messages for six different cases where "Invalid Signature" was returned beforej (Thanks to @markstos, resolves #146)

v0.33.0

• Add support for setting the strategy name, allowing multiple saml target configurations (Thanks to @markstos)

• document that disableRequestedAuthnContext:true helps with Active Directory (Thanks to @markstos)

• document that cert: refers to the signature certification, not the encryption certificate. (Thanks to @markstos)

v0.32.1

• Add support for Audience validation (Thanks to @beneidel)

• README typo fix (Thanks to @teppeis)

v0.31.0

• Add support for multiple certs (Thanks to @richjharris)

• Add support for fetching certs with async call rather than hardcoding
  them. (Thanks to @richjharris)

• Add troubleshooting section to ADSF docs (Thanks to @cadesalaberry)

v0.30.0

• Dropped support for Node < 4, because our current dependencies require it.
• Improved Security: We now use crypto.randomBytes for ID generation instead Math.random (#235),
  thanks to @autopulated
• BugFix: We now fail gracefully when the SAML response format is invalid (#238, thanks to @markstos)
• Docs: privateKey docs are improved

v0.20.2

• Bump dependencies

v0.20.1

• BugFix: No longer crash when a bad private cert is used.