9.0.4 (2022-09-15)
- htmlspecialchars in AUP template (2581915)
9.0.3 (2022-08-11)
- do not use object as array in getResourceCapabilities (4075137)
9.0.2 (2022-07-22)
- 🐛 Fix EntitlementUtils calling capabilities in LDAP (e3aedd2)
9.0.1 (2022-07-22)
- 🐛 Fix and refactor generating capabilities (resource and facility) (009160a)
9.0.0 (2022-07-20)
- use types array and dictionary instead of map (d1d19f1)
- remove deprecated mode values from ProxyFilter (f2ec1fc)
- use authswitcher in Disco to handle MFA (244ae9e)
- replace "map" in attribute config with either "array" (ArrayList) or "dictionary" (LinkedHashMap)
- dropped filter MultifactorAcrs
- removed support for deprecated values blacklist and whitelist
8.2.1 (2022-07-19)
- typo in ProxyFilter (e4036a9)
8.2.0 (2022-07-19)
- inclusive language in ProxyFilter (b959c1d)
8.1.1 (2022-07-18)
- 🐛 Fix fetching capabilities with no facility provided (0469f41)
8.1.0 (2022-07-08)
- 🎸 IsEligible authProc filter (61dc7ce)
8.0.4 (2022-07-07)
- add debug log to ForceAup (413dac0)
8.0.3 (2022-06-20)
- It is possible to rewrite default value for entityIdAttr (1e8b21d)
8.0.2 (2022-06-07)
- input type number for OTP (b1d7037)
8.0.1 (2022-05-20)
- perunaup: fix btn size and color (bdaaa5a)
8.0.0 (2022-05-19)
- new privacyIDEA template (8bb43bc)
- requires cesnet/simplesamlphp-module-privacyidea v5
7.11.2 (2022-05-19)
- 🐛 Fix templates perun-aup and perun-user, update dicts (49d8ee0)
7.11.1 (2022-05-18)
- 🐛 Fix using approvalUrl where perunApprovalUrl should be u (66e13ee)
7.11.0 (2022-04-29)
- 🎸 Possibility to hide authN protocol, small fixes (635ea64)
7.10.1 (2022-04-22)
- 🐛 Fixed PrivacyIDEA template (66b6656)
7.10.0 (2022-04-22)
- 🎸 Additional identifiers lookup (36f7f7c)
7.9.0 (2022-04-14)
- forceaup: new option entityID, fix required checks (e2ec315)
7.8.2 (2022-04-14)
- Swaps getUsersGroupsOnSp and getUsersGroupsOnFacility methods (660ba85)
7.8.1 (2022-04-13)
- 🐛 Fix direct registration in SpAuthorization (1e52a49)
7.8.0 (2022-04-13)
- Code checks (fca9739)
- Minor fixes in AuthProc filters (48c6949)
- PerunEnsureMember sends users which are not in vo to regitration (524c6ed)
- Removes redundant log in updateUes script (232d3b8)
- Rewrites aarc_idp_hint (9657f72)
- SpAuthorization - unouthorized when user is not in the request (f201a15)
- store a full attribute object from RPC (efc0f8f)
- Updates processFilterConfigurations-example (760b6bd)
- updateUes - attr initialization from null to [] (294f7c4)
- Adapter - getUsersGroupsOnSp, getGroupsWhereMemberIsActive (18b6aed)
- PerunConstants (520bbb7)
- PerunEnsureMember (373d3a3)
- PerunUserGroups (48fd82c)
- SpAuthorization - adds handle_unsatisfied_membership option (13ca45e)
- UpdateUserExtSource - introduces appendOnlyAttrs, fixes the way how attrsToUpdate are created (b241135)
7.7.0 (2022-04-11)
- ContactsToArray transformer (015fb7f)
7.6.4 (2022-04-06)
- Filters (96a75de)
7.6.3 (2022-04-06)
- 🐛 Fix reading configurati novalues in ExtractRequestAttrib (60d2ffb)
- 🐛 Small fix in redirects in the PerunUser filter (e0166f6)
7.6.2 (2022-04-05)
- 🐛 Fix JSON in perun dictionary (41bf728)
7.6.1 (2022-04-04)
- 🐛 Fix default value in ForceAup due to strictypes (eb75544)
7.6.0 (2022-04-04)
- 🐛 Fix code style (77729ea)
- 🎸 AuthProcFilter GenerateIdPAttributes (a2ca6ea)
- 🎸 AuthProcFilter PerunUser - identify user from Perun (b31976a)
- 🎸 AuthProcFilter QualifyNameID (1f8bd75)
- 🎸 DropUserAttributes authProcFilter (c763ad9)
- 🎸 New filter for extracting attribute from request var (6c6110f)
- 🎸 PerunAup authProcFilter (301139a)
- 🎸 SpAuthorization authproc filter (5771a1b)
- Consolidator app (e7bbde9)
7.5.1 (2022-04-01)
- getPerunUser name construction (ec7150a)
7.5.0 (2022-03-30)
- updateUes - configurable identifiers (2a3d052)
7.4.0 (2022-03-29)
- Do not show previous selection for SPs listed in config (dda8140)
7.3.0 (2022-03-18)
- Custom AttributeMap filter (903bd6f)
7.2.1 (2022-03-11)
- 🐛 Fix privacyIDEA form for new version of PI module (9a67d39)
7.2.0 (2022-03-09)
- Custom privacyIDEA login template (15359e0)
7.1.1 (2022-03-07)
- Fixed AUP filter (9ecf4c0)
7.1.0 (2022-01-13)
- 🎸 Added RestoreAcrs authproc filter, modify ACRs when MFA (ebafb05)
7.0.3 (2022-01-11)
7.0.2 (2022-01-11)
7.0.1 (2022-01-05)
7.0.0 (2022-01-05)
- add missing dependencies, PHP >= 7.1, SSP 1.19, add package-lock (6c873af)
- PHP 7.1 or higher is required, SSP 1.19 is required
6.4.3 (2021-12-13)
- typo in RpcConnector (4e15e8b)
6.4.2 (2021-11-25)
- make database required for challenges, skip challenge cleanup without database (c42c3fa), closes #182
6.4.1 (2021-11-24)
- 🐛 Fix wrong variable names in getFacilityByXY methods (986a7d8)
6.4.0 (2021-11-24)
- Added possibility to add a service name on WAYF (1c84441)
6.3.3 (2021-11-16)
- 🐛 Remove fixed footer for warning_test_sp (540afac)
6.3.2 (2021-11-15)
- prevent type errors in RPC connector (5152cbe)
6.3.1 (2021-11-03)
- 🐛 Added missing ext-intl to the composer.json (e79bd2a)
6.3.0 (2021-10-12)
- 🐛 Add check of key existence in template - unauth-acc-reg (34c10d5)
- Turn off addInstitution when whitelisting is disabled (91990b5)
6.2.0 (2021-10-12)
- Added support for old browsers (4d62561)
6.1.1 (2021-09-29)
- Changed text labels on consent (1764572)
6.1.0 (2021-09-21)
- Fixed ECS bugs (0ac5a9f)
- Added metadata expiration page (e1ad062)
6.0.7 (2021-09-10)
- bugfixes in list of SPs (1cd84a8)
6.0.6 (2021-08-19)
- fix bad import of Exceptions (bdd51b4)
6.0.5 (2021-08-18)
- 🐛 fix not checking for key existence in aups (00cf0f0)
- 🐛 refactored AUPs DateTime treatment in ForceAup (5130dfc)
6.0.4 (2021-08-18)
- fix bad return type in DatabaseCommand (95328ba)
6.0.3 (2021-08-18)
- fix duplicate lines in challenges (360db1a)
6.0.2 (2021-08-18)
- Refactor ForcAup filter (7ef157e)
6.0.1 (2021-08-10)
- fix processing attr val of map type in LDAP (d892ca9)
- Improve WAYF searching by localized name and domain
- Implemented filter EnsureVoMember
- Security improvements in script calls
- Detailed endpoint format when spaced in EndpointMapToArray
- Revert change to INDEX_MIN in EndpointMapToArray
- Rename the hook correctly to naming convention
- Each log has just one line output
- Added possibility to use a callable for entityID parameter in PerunEntitlement(Extended)
- Fixed removal of filtered authnContextClassRefs in disco
- Added possibility to add custom texts to the TEST_SP warning page.
- Use translation for privacy policy document block on consent screen from module Perun
- Connection to the database obtained through the SimpleSAML Database class
- Fixed bad check in NagiosStatusConnector.php
- Added extended PerunEntitlements
- Refactored Disco page. See the config template for example configuration.
- Obtaining the data from Nagios is done through SSH instead of a certificate and calling an API
- Fixed bug in PerunAttributes.php for PARTIAL mode when mapping one Perun attribute to more internal attributes caused getting attributes from Perun every time.
- Fixed bad log message in PerunIdentity in mode USERONLY
- Allow using Perun RPC serializer from the configuration. Default value is 'json'.
- Add new option 'mode' for PerunIdentity process filter:
- mode: 'FULL' - Get the user from Perun and check if user has correct rights to access service
- mode: 'USERONLY' - Get the user from Perun only
- Fixed getting SP name from 'UIInfo>DisplayName'
- Fixed works with internal attr name in MetadataToPerun/MetadataFromPerun
- Fixed getting attributes from Perun in partial mode
- Allow to store one source attribute to more destination attributes
- Fixed getting attributes in class ForceAup
- Added some methods for getting values to Adapter.php
- Added fallback to RPC for methods we're not able to run in LDAP
- Add getFacilityAdmins method to RPC Connector
- Changed the way of getting attribute names for interfaces: through internal attribute names in perun_attributes.php config
- Return sorted eduPersonEntitlement
- Don't show previous selection when user show all entries on the discovery page
- ListOfSps
- Don't show the description by default
- Added required attribute 'listOfSps.serviceNameAttr' !!!
- Add translation for multi-languages attributes
- Fixed Updating UES in Perun
- Added facility capabilities to PerunEntitlement
- Added process filter for logging info about login
- Use object
Configurationfor getting base module configuration - Add possibility to select mode(whitelist/blacklist) in ProxyFilter.php
- The default option is blacklist
- Allow call multiple ProcessFilter in one ProxyFilter module
- Fixed the width of showed tagged idps in case the count of idps is equal to (x * 3) + 1
- Using try{}catch{} to avoid to PerunException in PerunEntitlement.php
- Return [] instead of null in getFacilityCapability via RPC, if facilityCapability is not set
- Releasing forwardedEduPersonEntitlement is now optional (forwardedEduPersonEntitlement are released by default)
- Fixed problem with getting group without description from LDAP
- Before: Exeption
- Now: Description is ''
- Fixed releasing entitlement for Virtual Organization
- Before: einfra:members
- Now: einfra
- Removed deprecated getFacilitiesByEntityId method
- Added logging response time for each request into RPC/LDAP
- If needed to get more facility attributes, method getFacilityAttributesValues() is used instead of several calls of getFacilityAttribute()
- Fix logging request params
- Fixed the bug from bc3ec33 which caused that the updating UES didn't work.
- Use the same prefix for all messages in updateUes.php
- Allow omitted config for nested class in ProxyFilter
- Fixed bad call of function 'showTaggedEntry()'
- Using correct const for EntitlementPrefix in PerunEntitlement.php
- Added missing 'group' between entitlementPrefix and groupName in mapGroupName()
- UserExtSources are now updated asynchronously
- Fix method stringify in StringifyTargetedID.php to be compatible with SimpleSAMLphp 1.18.0+
- Using getters to get private properties
- Added method getFacilityByEntityId
- Added resource capabilities into entitlements
- Slightly modified text displayed on WAYF
- Updated phpcs ruleset to PSR-12
- is_null() changed to === null
- Using identity comparison instead of equality comparison
- Removed checks in ifs that var is (not) null before empty(var) function (empty checks that itself)
- Double quotes changed to single quotes
- getFacilitiesByEntityId marked as deprecated (getFacilityByEntityId should be used instead)
- Using of getFacilityByEntityId instead of getFacilitiesByEntityId
- Filters JoinGroupsAdnEduPersonEntitlement and PerunGroups merged into PerunEntitlement
- Using expression in asserts (String in assert() is DEPRECATED from PHP 7.2)
- Fixed wrong dictionary name in post.php
- Removed unnecessary include
- Resolve problem with Sideeffects (PSR1.Files.SideEffects)
- Fixed the header on consentform
- Fixed bug in filtering IdPs on DS
- Updated consent page
- Consent page is shown as a list instead of a teble
- Changes in dictionary
- Change the width for keys(col-sm-5) and values(col-sm-7)
- Added filterAttributes option to ProxyFilter for filtering out based on user attribute values
- Fixed bugs in disco-tpl.php
- Remove star which was shown on items on Discovery Service. Now the star will be shown only at previously selected IdP.
- Change work with IdP entities with tags 'social' and 'preferred' on DS
- Width of entities is now counted automatically
- Social IdP has 'Sign in with' before name, Preferred IdP hasn't
- Added possibility to change display name in attribute 'fullDisplayName' in metadata
- If user's last selected IdP is known then show only this IdP and button to show all IdPs
- Set autofocus on previously selected IdP if exist
- Removed unused function showIcon() in disco-tpl.php
- Fixed the bug in 'getEntitylesAttribute' function to return correct value of Entityless attribute
- Fixed the bug in getting new aups to sign
- Added endpoint to get filtered list of metadata in format:
[
{
"entityid": "https://entityid1/",
"name": {
"en": "IdP1",
"cs": "IdP1"
}
},
{ ... }
]- Added warning types: INFO, WARNING, ERROR
- RpcConnector now stores cookie into file
- Set CONNECTTIMEOUT and TIMEOUT in RpcConnector
- Use new object perunFacility in LDAP to search information about facility
- Configuration for warning on DS is now in module_perun.php
- Fixed bug in redirect to registration in case only one VO and one group is available
- Added filter JoinGroupsAndEduPersonEntitlement
- Using of short array syntax (from array() to [])
- Added modes into PerunAttribute process filter
- MODE_FULL - Rewrite all attributes specified in config
- MODE_PARTIAL - Rewrite only unset attributes
- Chart.bundle.js is now loaded from SSP module instead of directly from internet
- Fixed the problem that IDP filter on WAYF didn't work correctly
- Fixed bad error message when the process of bind user to LDAP failed
- Fixed style errors
- Added checks into UpdateUserExtSource process filter to prevent undefined index or undefined offset errors
- PerunAttribute process filter - Added support for numeric attributes
- Added missing space before 'addInstitutionButton' or link
- Added missing import
- Fixed the style of changelog
- Fixed the checks in method getMemberStatusByUserAndVo() in AdapterLDAP
- Use ldap base from variable in AdapterLdap::getMemberStatusByUserAndVo() instead of static string
- Fixed error in case of call method getIdps() with unused tag
- Fixed showing entry on wayf with tag 'preferred'
- Added file phpcs.xml
- Added basic versions of template files
- Changed code standard to PSR-2
- Module uses namespaces
- Changed name of the classes below:
- sspmod_perun_Auth_Process_ForceAup to SimpleSAML\Module\perun\Auth\Process\ForceAup
- sspmod_perun_Auth_Process_IdPAttribute to SimpleSAML\Module\perun\Auth\Process\IdpAttribute
- sspmod_perun_Auth_Process_PerunAttributes to SimpleSAML\Module\perun\Auth\Process\PerunAttributes
- sspmod_perun_Auth_Process_PerunGroups to SimpleSAML\Module\perun\Auth\Process\PerunGroups
- sspmod_perun_Auth_Process_PerunIdentity to SimpleSAML\Module\perun\Auth\Process\PerunIdentity
- sspmod_perun_Auth_Process_ProcessTargetedID to SimpleSAML\Module\perun\Auth\Process\ProcessTargetedID
- sspmod_perun_Auth_Process_ProxyFilter to SimpleSAML\Module\perun\Auth\Process\ProxyFilter
- sspmod_perun_Auth_Process_RemoveAllAttributes to SimpleSAML\Module\perun\Auth\Process\RemoveAllAttributes
- sspmod_perun_Auth_Process_RetainIdPEntityID to SimpleSAML\Module\perun\Auth\Process\RetainIdPEntityID
- sspmod_perun_Auth_Process_StringifyTargetedID to SimpleSAML\Module\perun\Auth\Process\StringifyTargetedID
- sspmod_perun_Auth_Process_UpdateUserExtSource to SimpleSAML\Module\perun\Auth\Process\UpdateUserExtSource
- sspmod_perun_Auth_Process_WarningTestSP to SimpleSAML\Module\perun\Auth\Process\WarningTestSP
- sspmod_perun_model_Facility to SimpleSAML\Module\perun\model\Facility
- sspmod_perun_model_Group to SimpleSAML\Module\perun\model\Group
- sspmod_perun_model_HasId to SimpleSAML\Module\perun\model\HasId
- sspmod_perun_model_Member to SimpleSAML\Module\perun\model\Member
- sspmod_perun_model_Resource to SimpleSAML\Module\perun\model\Resource
- sspmod_perun_model_User to SimpleSAML\Module\perun\model\User
- sspmod_perun_model_Vo to SimpleSAML\Module\perun\model\Vo
- sspmod_perun_Adapter to SimpleSAML\Module\perun\Adapter
- sspmod_perun_AdapterLdap to SimpleSAML\Module\perun\AdapterLdap
- sspmod_perun_AdapterRpc to SimpleSAML\Module\perun\AdapterRpc
- DatabaseCommand to SimpleSAML\Module\perun\DatabaseCommand
- DatabaseConnector to SimpleSAML\Module\perun\DatabaseConnector
- sspmod_perun_Disco to SimpleSAML\Module\perun\Disco
- sspmod_perun_DiscoTemplate to SimpleSAML\Module\perun\DiscoTemplate
- sspmod_perun_Exception to SimpleSAML\Module\perun\Exception
- sspmod_perun_IdpListsService to SimpleSAML\Module\perun\IdpListsService
- sspmod_perun_IdpListsServiceCsv to SimpleSAML\Module\perun\IdpListsServiceCsv
- sspmod_perun_IdpListsServiceDB to SimpleSAML\Module\perun\IdpListsServiceDB
- sspmod_perun_LdapConnector to SimpleSAML\Module\perun\LdapConnector
- sspmod_perun_RpcConnector to SimpleSAML\Module\perun\RpcConnector
- Added disco-tpl template file
- Method getUsersGroupsOnFacility in AdapterRpc was optimized
- Searching of institutions on WAYF is accent-insensitive
- Changed config file for listOfSps
- Fixed the bug generating Array to string conversion Exception in PerunAttributes, when storing one Perun attribute to more SAML attribute
- Removed template config file module_perun_listOfSps.php (Configuration of listOfSps.php page is moved to module_perun.php)
- List of services is displayed as JSON if parameter 'output=json' is set in URL
- Page showing status of selected components
- This page is also available in JSON format if parameter 'output=json' is set in URL
- Updated composer.json dependencies
- Fixed the problem where LDAP calls RPC method in PerunIdentity filter
- Fixed assignation of one Perun attribute to multiple SP attributes
- Added new atribute in PerunIdentity process filter with list of Services identifier's for which we don't want to show page with information, that the user will be redirected to other page
- Changed design of ListOfSps
- Changed the texts and visual form of pages: perun_identity_choose_vo_and_group.php and unauthorized_access_go_to_registration.php
- Fixed resend SPMetadata from request to unauthorized-access-go-to-registration page
- Fixed url encoding in PerunGroups
- Added badges to README
- Added page with configurable table of SPs on Proxy
- Added new model Member
- Added new model Resource
- New methods for getting data from Perun LDAP and Perun RPC
- Added function for generating metadata for SimpleSAMLphp Proxy AAI from Perun
- Added UpdateUserExtSource filter
- Connectors methods are not static for now.
- Added constructors to Adapters, which allows specified config file for each connections.
- New properties voId and uniqueName in Group model
- Function getSpGroup require only one param($spEntityId)
- Function unauthorize in PerunIdentity is now public
- Changed the login and registration process
- Fixed the problem with access to non-secured LDAP
- Fixed the bad call of function 'searchForEntity(...)' in function getVoById() in AdapterLdap.php