Back to releases


Main changes since 2.0.0:

  • Add etcd data storage driver
  • Database handling improvements
  • Lots of bugfixes

Detailed Changelog

Florian Apolloner (2):

  • Fix frame-options in CSP
  • Format code according to PEP8.

Howard Johnson (2):

  • Force newer jinja2 in ipsilon-server-install and -upgrade-database
  • Make the SAML2 post response button readable

Patrick Uiterwijk (65):

  • Make SAML2SessionStore depend on table creation by schema system
  • Implement an auto cleanup mechanism in the data layer
  • Use the new autocleanup system for SAML2 sessions
  • Use the new autocleanup system for OpenID store
  • Use the new autocleanup system for transactions
  • Add test for cleanup code
  • Fix SAML2 multi-session vulnerability
  • Use the config table as the options table it actually is
  • Add session_timeout variable to
  • Abort OpenId responses with headers over 8kb
  • Use the correct attribute for username in case of no email
  • Fix requesting unsigned responses
  • Move the Fedora Proxy Client to on_enable
  • Actually check requires_valid_token in API calls
  • Add UserInfo test
  • Add container tests
  • Add IP.1 altname to generated certificates
  • Add textual certificate representation to generated certificates
  • Strip out textual representation of certificates on import
  • Add dependency on python-setuptools
  • Add test to check explicit mapping
  • Add implicit _ -> _ mapping
  • Fix version bumps post-2.0.2
  • Allow tests to indicate they don't support the current platform
  • Add containertest-lint
  • Allow tests to indicate they don't play well with wrappers
  • Implement Etcd-based data store
  • Implement Etcd-based session store
  • Add tests for Etcd data and session stores
  • Allow provider to act on revoking consent
  • Make OpenID Connect revoke active tokens when consent is revoked
  • Allow tests to specify a page where to stop requesting
  • Allow clients without secret to be used for authorization flow
  • Add quickrun container
  • Remove other sudo commands
  • util: data: Rename get_connection to get_instance
  • util: data: Make *Query classes behave like a context manager
  • Remove not needed close statements
  • util: data: Make internal functions use Query context managers
  • util: session: Use query context manager
  • tests: Fix openid error printing
  • Add test for upgrading readonly plugin database
  • Skip database upgrades for readonly databases
  • Fix handling unicode in infosssd
  • Make automake slightly quieter when running containertests
  • Add optional CentOS6 container test
  • Migrate all except statements to new syntax
  • Migrate all print statements to print functions
  • Correctly process missing refreshable_until token info
  • Allow passing stdout and stderr to tests
  • Rework test framework
  • Update tests to use new test framework
  • Use automated test detection in Makefile
  • Make the containertests print test results
  • Replace mutable default arguments
  • tests.helpers: Allow limiting redirects and posting forms
  • tests.test1: Add test case for no RelayState
  • saml2: Do not send a RelayState with POST binding if not requested
  • Do not send SAML attributes we have no value for
  • Allow running the test suite with python test
  • Fix python3 incompatible syntax
  • Update Makefile for Fedora 26/27
  • Use python2-pylint explicitly
  • Add python2 deps for Fedora
  • Update version numbers to 2.1.0

Sam Thursfield (2):

  • Document the script in the README
  • Set the default provider URLs to match default URL

avij (1):

  • Fix typo realying -> relying