Django-digid-eherkenning

===================

Very small patch release.

* The default value for DIGID_MOCK_IDP_VALIDATE_CALLBACK_URLS is no longer equal to
settings.DEBUG but to its inverse.

===================

Small patch release.

* Fixed new-migration check because of outdated help text.
* Added the option to validate redirect URIs in the DigiD mock, mostly to avoid
unproductive discussions with auditors.

===================

Added some additional eHerkenning/eIDAS metadata fields.

* Added fields for administrative contact person details.
* Added a field for a separate eIDAS service description.

===================

Metadata-generation tweaks.

It was reported to Open Formulieren that the generated (eHerkenning) metadata is not
according to spec. This has been resolved in this release. No runtime authentication
behaviour should be changed.

* Updated the XSD for service catalog to v1.24.
* Removed the default requested attributes from eHerkenning config model.
* eHerkenning metadata tests now perform SAML v2.0 XSD validation.
* Removed the forbidden NameIDFormat element from the eHerkenning metadata.
* If both eHerkenning and eIDAS assertion consumer services are included, the
eHerkenning service is marked as default.
* Removed the SHA1 signing/digest algorithms from the available options for eHerkenning.
* Removed the ``use`` attribute from the key descriptors in the eHerkenning metadata,
marking each key as used for both encryption and signing.

===================

Bugfix release

* Fixed invalid key/certificate pairs not being skipped in the certificate selection
process.

===================

Small bugfix to make sure ``CertificateProblem`` can be pickled.