Changelog for wai-saml2

Unreleased changes

0.5

• Support GHC 9.6 (#53 by @mbg)
• Fixed a bug in XML canonicalisation causing a digest mismatch on Okta when assertion attributes are present (special thanks to @hiroqn) (#51 by @fumieval)
• Added authnRequestDestination field to AuthnRequest (#47 by @Philonous)

0.4

• Split validateResponse into decodeResponse and validateSAMLResponse (#31 by @fumieval)
• Exported NameID (formerly NameId), and renamed subjectNameId to subjectNameID
• Support GHC 9.4 (#36 by @mbg)
• Add new module Network.Wai.SAML2.Request with AuthnRequest generation for SP-initiated login flow (#19 by @fumieval)
• Changed the saml2PrivateKey field to be optional and added saml2ConfigNoEncryption which takes a PublicKey only (#37 by @fumieval)
• Added showUTCTime to Network.Wai.SAML2.XML
• Added a new module Network.Wai.SAML2.NameIDFormat (#21 by @fumieval)
• Added new field response to Result which contains the full, decoded SAML response (#33 by @Philonous)
• Validate audience restrictions (#35 by @Philonous)
• Handle status codes according to the SAML2 specification (#42) by @mbg

0.3

• Improve parse error handling and make encryptedKeyData optional (#11 by @Philonous)
• Add subjectNameId to Subject type (#13 by @kdxu)
• Support the response format used by Okta, in which the EncryptedAssertion element is structured differently (#12 by @fumieval)

0.2.1.3

• Metadata updates.

0.2.1.2

No changes.

0.2.1.1

• Export Result type from Network.Wai.SAML2 module.

0.2.1

• Fix missing export of relayStateKey and change its type.

0.2.0

• Added parsing for RelayState from form data, as sent by e.g. Shibboleth when a target query string parameter is passed to the unsolicited SSO endpoint.

0.1.0

• Initial release