Workflow

Python3-saml

Latest version: v1.16.0

Safety actively analyzes 681866 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 2 of 5

1.10.1

Not secure
* Fix bug on LogoutRequest class, get_idp_slo_response_url was used instead get_idp_slo_url

1.10.0

Not secure
* Added custom lxml parser based on the one defined at xmldefused. Parser will ignore comments and processing instructions and by default have deactivated huge_tree, DTD and access to external documents
* Destination URL Comparison is now case-insensitive for netloc
* Support single-label-domains as valid. New security parameter allowSingleLabelDomains
* Added get_idp_sso_url, get_idp_slo_url and get_idp_slo_response_url methods to the Settings class and use it in the toolkit
* [212](https://github.com/onelogin/python3-saml/pull/212) Overridability enhancements. Made classes overridable by subclassing. Use of classmethods instead staticmethods
* Add get_friendlyname_attributes support
* Remove external lib method get_ext_lib_path. Add set_cert_path in order to allow set the cert path in a different folder than the toolkit
* Add sha256 instead sha1 algorithm for sign/digest as recommended value on documentation and settings
* [178](https://github.com/onelogin/python3-saml/pull/178) Support for adding idp.crt from filesystem
* Add samlUserdata to demo-flask session
* Fix autoreloading in demo-tornado

1.9.0

Not secure
* Allow any number of decimal places for seconds on SAML datetimes
* Fix failOnAuthnContextMismatch code
* Improve signature validation when no reference uri
* Update demo versions. Improve them and add Tornado demo.

1.8.0

Not secure
* Set true as the default value for strict setting
* [152](https://github.com/onelogin/python3-saml/pull/152/files) Don't clean xsd and xsi namespaces
* Drop python3.4 support due lxml. See lxml 4.4.0 (2019-07-27)

1.7.0

Not secure
* Adjusted acs endpoint to extract NameQualifier and SPNameQualifier from SAMLResponse. Adjusted single logout service to provide NameQualifier and SPNameQualifier to logout method. Add getNameIdNameQualifier to Auth and SamlResponse. Extend logout method from Auth and LogoutRequest constructor to support SPNameQualifier parameter. Align LogoutRequest constructor with SAML specs
* Added get_in_response_to method to Response and LogoutResponse classes
* Update defusexml dependency

1.6.0

Not secure
* Add support for Subjects on AuthNRequests by the new name_id_value_req parameter
* [127](https://github.com/onelogin/python3-saml/pull/127) Fix for SLO when XML specifies encoding
* [126](https://github.com/onelogin/python3-saml/pull/126) Fixed setting NameFormat attribute for AttributeValue tags

Page 2 of 5

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.