Changes

Revision history for Perl extension Net::SAML2.

{{$NEXT}}

0.81 -- Fri Aug 30 15:16:41 ADT 2024

     This release is dedicated to the memory of Abe Timmerman (ABELTJE)

     [Compatibility Deprecation Warning]
     As of Release 0.79 the following have been changed and the old version may be
     removed in an upcoming release.

     - Net::SAML2::Protocol::Artifact
         - response_to changed to in_response_to
     - Net::SAML2::Protocol::LogoutResponse
         - response_to changed to in_response_to

    [Significant Changes]
    - Reverts "Fix #123 Useless cert_text" as the cert_text is not so useless...
    - Note that the latest versions of libxml2 may have made some incompatable
    changes.  These changes do not seem to impact this module and will be reviewed
    closer in a future version.

    [Detailed Change Log]
    - ad9c30f Fix pod issues
    - 2e0028b Disable author testing update to libxml2 or catalog required
    - 7ba6750 Revert f3e8e5f4fbfa70c79b1ee4a8850be8a6ba4ede27 Fixes #123 Useless cert_text
    - 049ba76 Disable author testing update to libxml2 or catalog required
    - 51ae4c8 Revert #123 Useless cert_text
    - ca65479 Increment repo version
    - b33c185 v0.80

0.80 -- Sat Jun 22 13:13:42 ADT 2024

    [Compatibility Deprecation Warning]
    As of Release 0.79 the following have been changed and the old version may be
    removed in an upcoming release.

    - Net::SAML2::Protocol::Artifact
        - response_to changed to in_response_to
    - Net::SAML2::Protocol::LogoutResponse
        - response_to changed to in_response_to

    [Significant Changes]
    - Minor XML compatibility fixes thanks to Martijn van de Streek (MartijnVdS)

    [Detailed Change Log]
    - c20e976 Updates for next release
    - 931b29f Use "true" and "false" for more boolean values
    - aefae65 Include `xml:lang` attribute in ServiceName and ServiceDescription
    - a19257d Increment repo version after release
    - b4a6c52 v0.79

0.79 -- Sun Apr 21 18:13:48 ADT 2024

    [Compatibility Deprecation Warning]
    Please not that the following have been changed and the old version my be removed in an
    upcoming release.
    - Net::SAML2::Protocol::Artifact
        - response_to changed to in_response_to
    - Net::SAML2::Protocol::LogoutResponse
        - response_to changed to in_response_to

    [Significant Changes]
    - Implement a new Response object that properly deals with Responses that lack Assertions
    - Metadata fixes:
        - Move boolean values to literals
        - Fix KeyDescriptor when only one key exists

    [Detailed Change Log]
    - bbb127d Revert and standardize substatus spelling
    - 2fadb47 Update for in_response_to changes
    - e0efd64 Quiet perlcritic and podcoverage tests
    - 001d34a Update required version URN::OASIS::SAML2
    - ecee0e3 Remove warnings from testsuite
    - 971434a Add Object::Response to Net::SAML2
    - 90d2c80 Add in_response_to to Role::ProtocolMessage
    - fa5a690 Remove NAME sections in modules
    - ca4fcda Add addtional test for NameID formats
    - 67438b5 Correctly test NameID attributes
    - a7dac91 Use method, not Moose interals in tests
    - bcfc4d2 Fix boolean values for integrations with crappy IdP's
    - 70adeb6 Remove code for old builders
    - 3c87e51 Don't mention key usage unless we have both signing and encryption
    - 239d1b4 Increment repo version
    - eff3908 v0.78

0.78 -- Sun Feb 25 21:09:15 AST 2024

    [Compatibility Deprecation Warning]
    - id is renamed to issuer.  Current code simply warns.
    - See 0.77 for other deprecated changes

    [Significant Changes]
    - MockSAML IdP is a tested implementation
    - Signature bug fix
    - Deprecate id - use issuer to instantiate objects
    - testapp changes for deprecation and to support MockSAML

    [Detailed Change Log]
    - 49c8a8a Add missing pod for new function
    - 7a7e167 testapp: use SSL_verify_mode to disable verification via config
    - 35c8b65 s/NET::SAML2/Net::SAML2/
    - 1bd4efe Change $sp->id to $sp->issuer in t/09-authn-request.t
    - f3e3ec4 Add deprecation warning to id() method
    - 99bb04c testapp: add relaystate for a redirect binding
    - 116d948 testapp: id has been deprecated use issuer
    - c53ba9d Rename id to issuer for Net::SAML2::SP
    - b98a763 Fix signature location bug
    - b8a297a Increment Repo Version
    - 9c7d980 v0.77
    - edc6a88 Increment Version for a Release

0.77 -- Fri Feb 02 23:45:43 AST 2024

    [Compatibility Deprecation Warning]
    - The Redirect now uses SHA256 dy default instead of SHA1
    - nameid_format in Protocol::AuthnRequest is Deprecated.  Please update your
    code to use nameidpolicy_format instead.  The current code simply warns but a
    future version will use nameid_format for other purposes see:
    https://github.com/perl-net-saml2/perl-Net-SAML2/issues/195.

    [Detailed Change Log]
    - 70890a1 Add deprecation warning for nameid_format in Protocol::AuthnRequest
    - 4920a03 add and BumpVersionAfterRelease
    - 5ba4c33 Set Default Redirect Signature Algorithm to sha256
    - 12afa9a v0.76

0.76 -- Mon Jan 08 18:31:06 AST 2024

    - 688dc32 Forgot to increment the version for last release
    - 65ba171 v0.75

0.75 -- Mon Jan 01 22:54:10 AST 2024

    [ Significant Changes since 0.74 ]
    - A future release WILL make sha256 the default.  If that is a problem for you please check which year it is.
    - waterkip has added the ability to expose the AttributeConsumingService in metadata generation
    - See the documentation for AttributeConsumingService and RequestedAttribute

    [Detailed Change Log]
    - 18e4cdb Update Copyright year
    - beb32f7 Updates for Release
    - 75f86fe Add attribute_consuming_service to SP for metadata creation
    - 0cc1a28 Add AttributeConsumingService object to Net::SAML2
    - c77250d Add RequestedAttribute object to Net::SAML2
    - 42ef7c0 Fix author tests for Net::SAML2::XML::Sig
    - 80d0b6d Reflect that the default will be sha256
    - 43d1d5c exclusive was an option for XML::CanonicalizeXML
    - f3e8e5f Fixes #123 Useless cert_text
    - 40da745 v0.74

0.74 -- Sun Aug 27 22:04:34 ADT 2023

    [ Significant Changes since 0.73 ]
    - Mostly minor cleanup and a few resolved issues
    - Officially support DigiD, eHerkenning and eIDAS implementations

    [Detailed Change Log]
    - 242b8f4 Update repo version for release
    - 6e63336 Quiet annoying Perl::Critic warning
    - 722d5a6 Add GitHub::CreateRelease to automatically create a GitHub release
    - 789365e verify_xml will die is it does not verify
    - 45b299c Only URI escape if defined value
    - 9154c4d Split Github Actions workflow
    - 924b819 Add more supported implementations in POD
    - 92fb773 Always return a default assertion service
    - 51fde84 Refactor Test::Net::SAML2::Util
    - e60202c Fix dependency things in the dist.ini
    - e689af5 Add Coveralls to CI
    - aeea977 Update pod for Net::SAML2::Binding::POST::handle_response
    - c3863e1 Update pod for Net::SAML2::Binding::Redirect::verify
    - 6cf57eb v0.73

0.73 -- Sat Jul 08 07:35:12 ADT 2023

  - Release of 0.72 as production release

  [ Significant Changes since 0.69 ]
  - Quite a few changes and improvements including
  - Support to obtain information about the AuthnStatement from the Assertion
  - Function to obtain key_name added to the SP
  - Verification of artifact responses based on an attribute ID ( via XML::Sig 0.64)
  - Improve Decryption of EncryptedData nodes for Assertions (via XML::Enc 0.12 and up)
  - Bumps the requirements new versions of:
  - XML::Enc => "0.12",
  - XML::Sig => "0.64",
  - XML::Generator => "1.13"

  - Miscelaneous:
  - testapp bug fixes and improvements
  - Github action improvements
  - Tested ADFS IdP again
  - Fixed issue DAKKAR reported to LWP::UserAgent Environment Variables

  [ Change Log ]

  - 8115398 Update version for release
  - d460fb9 v0.72
  - e04cc05 Fix typo for AuthnRequest Assertion namespace
  - ebef6bc Increment version for a release
  - 2d815e0 Add scoping to Net::SAML2::Protocol::AuthnRequest
  - af3b271 Update test for Net::SAML2::Protocol::AuthnRequest
  - ed64638 Fix NAME segment of POD for modules.
  - c83527e v0.71
  - 914aafb Forgot to increment main module version
  - 1292296 Increment version and update LICENSE file
  - dd2c070 v0.70
  - 79f1a38 Bump XML::Enc version
  - faecd40 Fix decrypt for encrypted assertions
  - 9d389f1 Decrypt an assertion with EncryptedData nodes
  - ae3888a Fix YAML syntax for linux workflow
  - 4d73198 Add verification for artifact responses on an attribute ID
  - 7869a2f Add tests for part encrypted/part decrypted assertions
  - 466e870 Add key_name function to SP
  - b4c70d8 testapp: option for acs_url_post in authnRequest
  - fa6c350 testapp: SingleLogoutService is not indexed
  - d2cf58a install Module::Pluggable
  - 2dfb0c1 Remove Pari Install from github action
  - 8932955 Bump requirement for XML::Generator
  - 11ba40d Create AuthnStatement object
  - 488a234 ADFS fully tested again and update repo version
  - 9dbd114 Fixes #169 tests fail when PERL_LWP_SSL_CA_* or HTTPS_CA_* env vars are set
  - a9aca61 Add XML declartion to generate_metadata
  - 7cfe56a Configure SP without Single Logout Service
  - ef16349 Fix version for release
  - accfc66 v0.69

0.72 -- Fri Jul 07 22:33:42 ADT 2023

  [ Significant Changes since 0.69 ]

  - All changes from 0.71 plus:
  - e04cc05 Fix typo for AuthnRequest Assertion namespace
  - ebef6bc Increment version for a release
  - 2d815e0 Add scoping to Net::SAML2::Protocol::AuthnRequest
  - af3b271 Update test for Net::SAML2::Protocol::AuthnRequest
  - ed64638 Fix NAME segment of POD for modules.

0.71 -- Tue Jul 04 23:14:07 ADT 2023

  [ Significant Changes since 0.69 ]
  - Re-release 0.70 to ensure all commits were included
  - Quite a few changes and improvements including
  - Support to obtain information about the AuthnStatement from the Assertion
  - Function to obtain key_name added to the SP
  - Verification of artifact responses based on an attribute ID ( via XML::Sig 0.64)
  - Improve Decryption of EncryptedData nodes for Assertions (via XML::Enc 0.12 and up)
  - Bumps the requirements new versions of:
  - XML::Enc => "0.12",
  - XML::Sig => "0.64",
  - XML::Generator => "1.13"

  - Miscelaneous:
  - testapp bug fixes and improvements
  - Github action improvements
  - Tested ADFS IdP again
  - Fixed issue DAKKAR reported to LWP::UserAgent Environment Variables

  [ Change Log ]
  - 914aafb Forgot to increment main module version
  - 1292296 Increment version and update LICENSE file
  - dd2c070 v0.70
  - 79f1a38 Bump XML::Enc version
  - faecd40 Fix decrypt for encrypted assertions
  - 9d389f1 Decrypt an assertion with EncryptedData nodes
  - ae3888a Fix YAML syntax for linux workflow
  - 4d73198 Add verification for artifact responses on an attribute ID
  - 7869a2f Add tests for part encrypted/part decrypted assertions
  - 466e870 Add key_name function to SP
  - b4c70d8 testapp: option for acs_url_post in authnRequest
  - fa6c350 testapp: SingleLogoutService is not indexed
  - d2cf58a install Module::Pluggable
  - 2dfb0c1 Remove Pari Install from github action
  - 8932955 Bump requirement for XML::Generator
  - 11ba40d Create AuthnStatement object
  - 488a234 ADFS fully tested again and update repo version
  - 9dbd114 Fixes #169 tests fail when PERL_LWP_SSL_CA_* or HTTPS_CA_* env vars are set
  - a9aca61 Add XML declartion to generate_metadata
  - 7cfe56a Configure SP without Single Logout Service
  - ef16349 Fix version for release
  - accfc66 (timlegge/master) v0.69

0.70 -- Tue Jul 04 22:12:49 ADT 2023

  [ Significant Changes since 0.69 ]

  - Quite a few changes and improvements including
  - Support to obtain information about the AuthnStatement from the Assertion
  - Function to obtain key_name added to the SP
  - Verification of artifact responses based on an attribute ID ( via XML::Sig 0.64)
  - Improve Decryption of EncryptedData nodes for Assertions (via XML::Enc 0.12 and up)
  - Bumps the requirements new versions of:
  - XML::Enc => "0.12",
  - XML::Sig => "0.64",
  - XML::Generator => "1.13"

  - Miscelaneous:
  - testapp bug fixes and improvements
  - Github action improvements
  - Tested ADFS IdP again
  - Fixed issue DAKKAR reported to LWP::UserAgent Environment Variables

  [ Change Log ]
  - 9d389f1 Decrypt an assertion with EncryptedData nodes
  - ae3888a Fix YAML syntax for linux workflow
  - 4d73198 Add verification for artifact responses on an attribute ID
  - 7869a2f Add tests for part encrypted/part decrypted assertions
  - 466e870 Add key_name function to SP
  - b4c70d8 testapp: option for acs_url_post in authnRequest
  - fa6c350 testapp: SingleLogoutService is not indexed
  - d2cf58a install Module::Pluggable
  - 2dfb0c1 Remove Pari Install from github action
  - 8932955 Bump requirement for XML::Generator
  - 11ba40d Create AuthnStatement object
  - 488a234 ADFS fully tested again and update repo version
  - 9dbd114 Fixes #169 tests fail when PERL_LWP_SSL_CA_* or HTTPS_CA_* env vars are set
  - a9aca61 Add XML declartion to generate_metadata
  - 7cfe56a Configure SP without Single Logout Service
  - ef16349 Fix version for release
  - accfc66 (timlegge/master) v0.69

0.69 -- Tue Apr 04 20:20:22 ADT 2023

  [ Significant Changes since 0.67 ]

  - Simply 0.67 issued as a production release
  - Couple of small by fixes Wesley Schwengle (waterkip)

  - 4953468 Increment version for production release
  - b44d100 v0.68
  - c296c49 Update Changes for release

0.68 -- Mon Apr 03 19:17:59 ADT 2023

  [ Significant Changes since 0.67 ]

  - Couple of small by fixes Wesley Schwengle (waterkip)

  [ Change Log ]
  - 4f4d6d4 Increment version for next release
  - 8e993b2 Fix artifact response status codes from assertions
  - d7dbf62 Refactor key selection for metadata generation
  - 4fa07de Fix version after release
  - 52870d2 v0.67

0.67 -- Sun Mar 19 10:03:23 ADT 2023

  [ Significant Changes since 0.64 ]

  This version supports sending request the the IdP as HTTP-POST requests.
  SimpleSAMLphp is added as a tested/supported IdP
  Numerous improvements to the testapp (see git repo) to improve testing
  testapp can now be fully tested against any configured IdPs using Selenium

  - 6c9cd5e Increment version for official release
  - a0d4001 v0.66

0.66 -- Sat Mar 18 20:49:26 ADT 2023

  - 930f4af Increment version for another TRIAL release
  - 63db958 v0.65
  - 5023eda Update Changes for a TRIAL release

0.65 -- Sun Mar 12 22:41:33 ADT 2023

  [ Significant Changes since 0.64 ]

  This version supports sending request the the IdP as HTTP-POST requests.
  SimpleSAMLphp is added as a tested/supported IdP
  Numerous improvements to the testapp (see git repo) to improve testing
  testapp can now be fully tested against any configured IdPs using Selenium

  - 8b902c4 Add SimpleSAMLphp to the list of tested IdPs
  - 5fb1f81 testapp: Add tests to confirm the configuration of the IdPs
  - 033d2e9 testapp: add id to links and buttons to help automate testing
  - cf0b39b Create Author Tests to validate Schema of Generated XML
  - c815c58 testapp: Don't show POST button for login if IdP does not support
  - c093420 testapp: move slo to new format and fix wrong acs url
  - 946c2fc testapp: Support HTTP-POST logout
  - c5b0a2c testapp: Implement AuthnRequest via POST
  - 41b7d12 Add Support for sending requests to IDP via HTTP-POST
  - 0b378cb Update version in repo for next release
  - fac9f54 testapp: move loading of configuration
  - 7d4e50c v0.64

0.64 -- Sun Feb 05 18:21:41 AST 2023

  Release 0.63-TRIAL as production release

  [ Significant Changes since 0.62 ]

  Maintenance release that has a number of fixes for small issues.  This is
  the first release in some time that has been tested for SOAP connections and
  SOAP Artifacts.  The testapp has been updated to fix SOAP and the Shibboleth
  and samltest.id IdPs.

  - Minimum Perl version has been bumped to 5.12
  - Contributors and authors set automatically
  - Add Shibboleth and samltest.id as supported IdPs
  - Allow encryption certificate in SP metadata
  - LogoutRequest was missing NameQualifier and SPNameQualifier needed by some IdPs
  - Fix bug in obtaining Assertion dates and message id and improve id validation
  - Fix multiple SOAP issues including support for multiple certs in metadata
  - New Net::SAML2::Protocol::Artifact to access parts of the ArtifactResponse
  - Allow obtaining assertion substatus and allow assertions without NameID
  - testapp:
    - allow untrusted TLS SOAP connections
    - read key and cert from config.yml
    - fix metadata generation issues and make signing optional
    - only enable logout bindings supported by IdP
    - allow for custom attribute mapping by IdP
    - Support for Shibboleth and samltest.id IdPs

  [ Change Log ]
  - 63edefa Increment Version number for release
  - 17674de v0.63

0.63 -- Fri Feb 03 19:18:42 AST 2023

  [ Significant Changes since 0.62 ]

  Maintenance release that has a number of fixes for small issues.  This is
  the first release in some time that has been tested for SOAP connections and
  SOAP Artifacts.  The testapp has been updated to fix SOAP and the Shibboleth
  and samltest.id IdPs.

  - Minimum Perl version has been bumped to 5.12
  - Contributors and authors set automatically
  - Add Shibboleth and samltest.id as supported IdPs
  - Allow encryption certificate in SP metadata
  - LogoutRequest was missing NameQualifier and SPNameQualifier needed by some IdPs
  - Fix bug in obtaining Assertion dates and message id and improve id validation
  - Fix multiple SOAP issues including support for multiple certs in metadata
  - New Net::SAML2::Protocol::Artifact to access parts of the ArtifactResponse
  - Allow obtaining assertion substatus and allow assertions without NameID
  - testapp:
    - allow untrusted TLS SOAP connections
    - read key and cert from config.yml
    - fix metadata generation issues and make signing optional
    - only enable logout bindings supported by IdP
    - allow for custom attribute mapping by IdP
    - Support for Shibboleth and samltest.id IdPs

  [ Change Log ]
  - 8d0b962 use Moose is equivalent to use strict
  - faf3ec7 Update for release 0.63
  - 1688e1c Add XsdID as a type for id attribute type checking
  - fc6a199 Get the substatus of a failed assertion
  - 3c9e4fc Create a Artifact to hold the parts of the Artifact
  - 36652dc Fixes perl-net-saml2#152 - Incorrect id set on messages from XML
  - 33d9985 Allow assertion without a NameID
  - 6a140ca Get the correct dates from the assertions
  - 3d291ff testapp: allow attribute mapping by IdP
  - 60a3592 testapp: only enable supported IdP logout bindings
  - cfc5351 Add Shibboleth and samltest.id as supported IdPs
  - c81e384 Fix LogoutRequest's missing NameQualifier and SPNameQualifier for samletest.id
  - cf8991a remove eol spaces
  - ade3fed testapp: signed metadat messes with testing - make it an option
  - 571f7a9 testapp Fix issue in metadata generation missing fully qualified URI
  - 01424dd testapp: key and cert should be read from config and missed https options
  - 787bd1f Allow encryption key to be specified in the metadata.xml
  - f6740e4 testapp: allow SOAP connections to untrusted SSL servers
  - eb48fa8 SOAP Some IdPs have issues with newlines in SOAP-ENV
  - 83e30e1 SOAP binding should support multiple certs in the IdP Metadata
            Use Try::Tiny to handle exceptions
  - ef2472d Install Sub::Name without running tests
  - dffc8c8 Test::Deep requires perl 5.012 and newer
  - e213bae New Year advance Copyright
  - 9f8b287 Set sane default values for testing testapp
  - bf27ae9 Bump version to .63
  - b782aa7 Set authors and contributors
  - 013a0c6 Update contributors and reorder alphabetically
  - d268c0f Add missing Credit for Gianni in 0.62

0.62 -- Wed Nov 30 21:13:55 AST 2022

  Thanks to Gianni Ceccarelli for providing an "insecure" option
  to allow a Net::SAML2::Binding::Redirect to be unsigned.

  - e59ce1b Increment Version in Git Repo
  - 165661e testapp allow the metadata or authnreq to be unsigned
  - 9f41ae3 Fix testapp metadata generation
  - 303a8a2 Fixes: #128 Support ForceAuthn and IsPassive in AuthnRequest
  - 29b45e4 Minor pod updates
  - 17772d7 Update version number for release
  - 1a5796b Add support to SP for SSO redirect binding without signed auth request
  - 736bf78 Merge pull request #119 from dakkar/optional-sp-key
  - 2de5268 fix POD typo
  - 80658ae Redirect::key still optional, but more explicitly so
  - bf7f771 make Redirect::key optional

0.61 -- Tue Oct 04 23:37:21 ADT 2022

  [ Significant Changes since 0.59 ]

  There are multiple potentially BREAKING CHANGES depending on how you
  have written your application.  Your application may need updates for
  this version.

  Same a version 0.60-TRIAL

0.60 -- Mon Sep 19 10:53:23 ADT 2022

  [ Significant Changes since 0.59 ]

  There are multiple potentially BREAKING CHANGES depending on how you
  have written your application.  Your application may need updates for
  this version.

  [BREAKING CHANGES]

  - Support multiple signing keys in the metadata.  This version attempts
  to ensure compatibility but the call to Net::SAML2::IdP->cert will return
  an array of certs for each 'use'.  It is, however, likely that there will
  only be one cert in the array.

  - Net::SAML2::Binding::SOAP was improved.  The call to
  Net::SAML2::Binding::SOAP->handle_request() now returns the XML whereas in
  the past it returned the certificate's subject and the xml as an array.
  This make it consistent with the Redirect and POST Bindings.

  - Net::SAML2::Binding::POST was also improved.  Previously the call to
  Net::SAML2::Binding::POST->handle_response() returned inconsistent results
  depending on whether a cacert was provided.  This version returns the XML
  of the decoded request.

  - The testapp required only changes related to the call to
  Net::SAML2::IdP->cert($use) that now returns an ARRAY.

  [Changes of note:]

  - Support multiple signing keys in the metadata.  This version attempts to
    ensure compatability but the call to Net::SAML2::IdP->cert will return an
    array of certs for each $use.  It is, however, likely that there will only
    be one cert in the array.

  - Redirects now validate the raw URI that is passed to the call.  It is
    assumed that the URI that your application has sent is unmodified from the
    response that the web server received.  lighttpd in particular normalizes
    the response and will break Redirects from Microsoft Azure
    (see lighttpd.conf in xt/testapp for a working configuration)

  - Net::SAML2::Binding::SOAP and Net::SAML2::Binding::POST were improved.

  - SAML trust anchors were implemented and the verification of the SAML
    response was improved.  It is possible to validate the response with
    subject, issuer or issuer_hash as anchors in addition to the cacert.
    Neither cacert nor anchors are required as long as the signature of
    the response is valid.  The cacert has not been required for the
    Redirect or SOAP binding so this treats SOAP the same.

  [Required Application Updates]

  - There were several changed to the test suite that will likely need to be
    made in your application:

  - To support metadata.xml containing multiple KeyDescriptors the call to
    Net::SAML2::IdP->cert($use) now returns an ARRAY.  As this is an helper
    function that is meant to allow you to pass the cert to another Net::SAML2
    call it was deemed low risk.  Your code may be unaffected.

  - The call to Net::SAML2::Binding::SOAP->handle_request() needs to be updated
    to reflect that it returns only the decoded XML not an array of the
    Certificate Subject and XML.  Depending how your application uses the
    response will determine whether changes are required.

  - The call to Net::SAML2::Binding::POST->handle_response() returned
    inconsistent results depending on whether a cacert was provided.  This
    version returns the XML of the decoded request.  Previously it returned
    either 1 for success or if a cacert was used, either "(verified) and the
    certificate Subject" or 0 if the certificate verification failed.

  - The lighttpd.conf for the testapp did require a change to prevent it from
    "normalizing" a SAML Logout Redirect.  There are contradictory RFCs
    concerning SAML and the "normalising" URIs.  If you use lighttpd in a SAML
    application with AZURE as your SAML IdP see
    [lighttpd.conf](https://github.com/perl-net-saml2/perl-Net-SAML2/commit/3855393eb454097e1e326a516a573f37ce3456a3#diff-8fd15aaa870fd2b9cda596bf3bb870ce2723ae412e55f0b653124b45d87e1bea)

  [Possible Impacts]

  - It is worth noting that the testapp (that implements a rudimentary Service
    Provider) included in the git repo did not require any changes to the
    application for this version.

  - While my setup tests against multiple IdPs I do not have a working SOAP
    IdP at present.

  [ Full Change Log ]

  - e95e7c2 Fix bug where two keys with different usage fails
  - 33092f1 Add isDefault when isDefault is missing in assertion_consumer_service
  - 66a4146 Bump version to .60
  - 812ea36 0.59 updates
  - f589dd0 v0.59
  - c1b25f9 Sync changes with the wiki page and clean up indents
  - 2c432f2 Remove unnecessary parameters
  - 3855393 Allow URIs that do not include scheme and host in redirect
  - e1774b6 Update docs for Net::SAML2::Protocol::LogoutRequest
  - fdcfbeb Fix docs for Net::SAML2::Binding::Redirect
  - 8d24c89 Update docs for Net::SAML2::Protocol::ArtifactResolve
  - 27f6508 Update docs for Net::SAML::SP
  - 4a89679 Fix docs for Net::SAML2::Binding::SOAP
  - f43727d Verify the SAMLResponse based on the raw query string
  - 50f5c8a Fixes #12 - multiple signing keys in metadata
  - 4902c89 Make SAML trust anchors work on verification of the SAML request
  - af68b68 SOAP binding does not require a cacert anymore
  - 1854e35 Implement verify_xml() call which only verifies the XML

0.59 -- Wed Aug 24 22:23:53 ADT 2022

  There were no changes other than incrementing the version number
  from 0.58-TRIAL.

  - 564fa93 (tag: 0.59) Update Changes for .58 release
  - 2a43f4e v0.58

0.58 -- Fri Aug 12 16:25:59 ADT 2022

  [ Significant Changes since 0.57 ]

  You will want to test this release.  There are numerous changes and
  improvements but nothing that obviously breaks functionality.

  - Fix bug where NameID Format was an empty string and broke the
    constructor for the LogoutRequest in Net::SAML::SP logout_request.
  - Add tests for lowercase URL encoded data
    A potential change is upcoming, so we want to have tests to ack/nack
    the claims of that new change.
  - Enclose SOAP action in double quotes
  - Allow error URI to be a full fledged URI in Net::SAML::SP
  - The generated id is now 32 bytes of randomness instead of 16 bytes
    previously
  - SAML2 constants moved to URN::OASIS::SAML2
  - Make cacert optional in Net::SAML2::SP as it is only needed for the
    SOAP request call
  - Add Indexes to the assertion_consumer_service in Net::SAML::SP
    This allows you to later on ask for the default assertion service by
    using get_default_assertion_service().
  - Allow injecting own LWP::UserAgent to IdP new_from_url
  - When reading metadata we previously always provided a default NameID
    Format. We no longer do this, we only return the NameID format if it
    was provided by the metadata.
  - Make provider optional in Protocol::ArtifactResolve
    Previous versions supplied a default when as_xml was called, this
    default has been removed.
  - Optional parameters in Binding::Redirect
    You now need to supply less parameters when verifying the redirect
    request (SAMLResponse).
  - Optional attributes for NameID in LogoutRequest
    In order to respect the SAML specifications the NameQualifier and
    SPNameQualifier are omitted from the LogoutRequest. In case you need
    the NameQualifier and the SPNameQualifier you'll now need
    include_name_qualifier to be set in the constructor. When the NameID
    Format is urn:oasis:names:tc:SAML:2.0:nameidformat:persistent, both
    become mandatory. For those who need to set the SPNameQualifier to
    be the Affiliation Group ID we have affiliation_group_id for you in
    the constructor.

  [ Change Log ]

  - a245b94 Add test for lowercase url escaping
  - ba0a803 Fix author tests with dzil
  - 97898a2 fix pod for Assertion->nameid_format
  - 523ba92 Add missing POD for nameid, nameid_format in Protocol::Assertion
  - fb3085d Update Changes for 0.57
  - 6c63ed1 Make attributes in NameID optional
  - d69b7dd Install sub::name first to prevent pipeline failures
  - 7310b6c Bump version string post .57 release
  - 8b83b3e Make params optional in Binding::Redirect for SAMLResponse
  - 3b2b96b Use cpm instead of cpanminus
  - bc7eb07 nameid_format cannot be a zero length string
  - 1c5af31 Be able to inject own LWP::UserAgent to IdP new_from_url
  - 2abeb49 Add license to distro
  - 3f7c673 Install deps manually
  - 7f400a0 Install deps manually
  - 14c075c Fix documentation and general code cleanup
  - ca9fce1 Small refactor on Protocol::AuthnRequest
  - 14fb479 Add builder to Binding::SOAP for LWP::UA
  - 70ac5d0 Refactor Binding::SOAP::request
  - 830275f Add nameid as a node so we can get the value and/or the format
  - 066100f Really make provider optional in Protocol::ArtifactResolve
  - 5673bb5 v0.56
  - 3c7f390 Set version in main module for downstream developers
  - 22dbf06 Remove Dockerfile, we have github actions now
  - 18fa0ed Add defaults to Net::SAML2::Binding::Redirect
  - 6fe4bdc Fix contributers automaticly from git
  - 1348af5 Add the index in the assertion_consumer_service
  - 02ab7be Make cacert optional in Net::SAML2::SP
  - 858dc57 Remove setting default format when not present in metadata
  - 9e7c88a Introduce URN_XXX constants in NET::SAML2::SP
  - b2e3020 Change from 16 to 32 bytes of randomness
  - 42159bc Allow error URI to be a full fledged URI

0.57 -- Fri Aug 05 23:34:05 ADT 2022

  [ Release 0.56-TRIAL as 0.57 ]

  [ Significant Changes since 0.55 ]

  - Numerous fixes and cleanups thanks to Wesley Schwengle (waterkip)
  - Functionality changes mostly limited to Net::SAML2::SP
  - metadata signing has been improved
  - updates to github actions
  - new API for ACS/SLO data in metadata

0.56 -- Sun Jul 24 23:52:56 ADT 2022

  [ Significant Changes since 0.55 ]

  - Numerous fixes and cleanups thanks to Wesley Schwengle (waterkip)
  - Functionality changes mostly limited to Net::SAML2::SP
  - metadata signing has been improved
  - updates to github actions
  - new API for ACS/SLO data in metadata

  [ Change Log ]

  - signing metadata is now optional
  - 8ee4f57 Merge pull request #69 from waterkip/GH-46_acs_and_slo_injections
  - 027d300 fixup! Implement new API for ACS/SLO data in metadata
  - d81549a Implement new API for ACS/SLO data in metadata
  - 01d5fb7 Merge pull request #67 from waterkip/testsuite-defaults
  - 7c51e1b Merge pull request #68 from waterkip/GH-actions
  - 10b9ab0 Only use defaults/required attrs in net_saml2_sp() test method
  - 55d6e5e Install Moose in a seperate action
  - f4d0718 Run Github actions on pull requests
  - 7eb44fe Make Math::Pari installable
  - 1fe7b8b cpanm is provided by the perl images
  - 7f0c885 Update perl images in the matrix
  - 915adaa Merge pull request #65 from waterkip/GH-cleanup-dist.ini
  - f754ad7 Merge pull request #66 from waterkip/GH-46-optional_URIs
  - b25642f Make some URI's optional in the constructor
  - f01ef30 Remove dependencies from dist.ini
  - 57142a1 Merge pull request #64 from waterkip/bug-61
  - 5e6c0f0 Add ds:KeyName to md:KeyDescriptor/ds:Keyinfo
  - c6b9dfb Fix SAML metadata signing
  - b18d316 Add missing pod from PR #62
  - 9f8cd26 Merge pull request #62 from waterkip/sign-metadata_optional
  - 7e637b7 Make signing metadata optional
  - beba53f Merge pull request #63 from waterkip/cert-text_builder
  - 493af8c Merge pull request #60 from waterkip/sp-defaults
  - 29503c9 Use builder for _cert_text
  - 5e94d9c Add defaults to authnreq_signed and want_assertions_signed
  - c2e49e4 v0.55
  - 159332d (tag: 0.55) Bump version for 0.55 release

0.55 -- Fri Apr 15 21:06:36 ADT 2022

  [ Significant Changes since 0.53 ]

  Support for EncryptedAssertions is automatic if one is received but the
  call to Net::SAML2::Protocol::Assertion must provide a key and cacert to
  decrypt the EncryptedAssertion and Verify the Signature on the decrypted
  Assertion if it is Signed.  No changes are required for existing applications
  that do not use EncryptedAssertions.

  [ Commits ]
  - 159332d Bump version for 0.55 release
  - 92a1eb5 Support Unsigned encrypted Assertions
  - 39016c6 v0.54

0.54 -- Sat Apr 09 18:13:04 ADT 2022

  [ Significant Changes since 0.53 ]

  Support for EncryptedAssertion

  [ Commits ]
  - b166c3e Updates for new Version
  - ab8c986 Move to OurPkgVersion and remove VERSION from repo
  - 6d1b058 Merge pull request #57 from timlegge/encrypted-assertions
  - bff02f7 Minor lighttpd config update for testapp
  - 94e42b0 Support EncryptedAssertions
  - 34a432c v0.53

0.53 -- Thu Feb 03 21:02:47 AST 2022

  [Significant Changes since 0.52]

  - Fix bug with Saml LogoutResponse on HTTP-Redirect Binding introduced in 0.52
  - testapp: simplify testing by allowing easier testing against multiple IdPs

  - 22d2b2a (HEAD -> master) Update version information
  - 13c18ee Merge pull request #56 from timlegge/testapp-multiple-idp-support
  - a2ff662 Allow custom config.yml file per Identity Provider
  - 4bf230a Add support for multiple IdPs to the SamlTest testapp Makes
            testing against Multiple IdPs much simpler to setup and configure
  - 905f78a SP initiated SAMLLogout has SAMLResponse on redirect
  - 378ea9b v0.52

0.52 -- Sun Jan 30 23:17:19 AST 2022

  [Significant Changes since 0.49]

  - Document IdP and SP initiated LogoutRequest handling
  - Fix issue if multiple X509Certificate tags are found in metadata

  - 5d70bac Update for official release
  - b753644 Update Makefile.PL and README

0.51 -- Sun Jan 30 14:15:43 AST 2022

  - d4153b5 v0.51
  - a9f5ca5 Fix the Commit ids - forgot to rebase before push

0.50 -- Sun Jan 30 13:59:48 AST 2022

  - 8cc6d8e v0.50
  - af1deee Add additional deveeloper files to .gitignore
  - 8223e85 Remove eol spaces
  - 3eb54d3 Create a pid file for lighttpd
  - 89393ab Merge pull request #55 from timlegge/master
  - 237ef74 NameId Format is optional in the LogoutRequest
  - a8ee006 Fix an un reported issue validating URL with extra parameters
  - b096862 Fixes issue in Discusion #54 when there are multiple
        X509Certificate tags in the metadata
  - 11ba7f4 Add information related to the LogoutRequest and
        LogoutResponse that can be either SP of IdP initiated
  - 5780c6c Move from File::Slurp to File::Slurper

0.49 -- Tue Dec 07 21:22:58 AST 2021

  [Significant Changes since 0.46]
  - Net::SAML2::XML::Sig is now a subclass of XML::Sig
  - XML::Sig 0.52 is now a dependency

  - 064f718 v0.49
  - 6e76482 Simplify dist.ini and add SignReleaseNotes
  - e96982c Bump Version
  - 3fc63f5 v0.48

0.48 -- Mon Dec 06 16:53:49 AST 2021

  - 8589b4a Update Version
  - 9c73463 Missing VERSION and Abstract
  - 586fd5b v0.47

0.47 -- Sun Dec 05 15:07:51 AST 2021

  - e580299 Update version number
  - 837aa20 add strict and warnings to quiet author critic
  - 2ff8aeb Merge pull request #51 from timlegge/move-to-xml-sig
  - 3634910 test of properly handling comments in nameid and email
  - 4c20821 Moving to XML::Sig - keeping them in sync is a pain

0.46 -- Thu Nov 25 21:53:52 AST 2021

  - dd9776e Merge pull request #50 from timlegge/issue-38
  - 54cf599 Testapp should display unicode
  - ac74ac4 Fixes Issue #49 - Issue verifying XML that includes wide characters
  - 5afc7dd Add strict and warnings to tests
  - c20ed8c Add strict and warnings and move existing to the stop
  - 26c53c1 v0.45
  - 5397713 (tag: 0.45) Update for new version

0.45 -- Wed Nov 17 17:33:34 AST 2021

  - 594d135 add missing use statement (ziali088)

0.44 -- Sun Oct 31 14:33:03 ADT 2021

  - Packaging issue reissuing 0.43 without changes

0.43 -- Sat Oct 30 23:09:24 ADT 2021

  [Release Version of 0.42]

  - No changes

  [Significant Changes since 0.40]
  - COMPATABILITY WARNING: version 0.44 will likely make sha256 the default
  - HTTP-Redirect now supports signing and verifying with more than rsa-sha1
  - include HTTP-Post for SingleLogoutService in generated metadata
  - Destination missing in LogoutRequest
  - Added PingIdentity to the tested IdPs
  - Most other changes related to the testapp Saml2Test (in git repo)
  - Fix issue with LogoutResponse on HTTP-Redirect for some IdP (Azure, Ping)
  - Make SP metadata.xml more configuable and sign

0.42 -- Fri Oct 29 22:35:53 ADT 2021

  [Significant Changes since 0.40]
  - COMPATABILITY WARNING: version 0.44 will likely make sha256 the default
  - HTTP-Redirect now supports signing and verifying with more than rsa-sha1
  - include HTTP-Post for SingleLogoutService in generated metadata
  - Destination missing in LogoutRequest
  - Added PingIdentity to the tested IdPs
  - Most other changes related to the testapp Saml2Test (in git repo)
  - Fix issue with LogoutResponse on HTTP-Redirect for some IdP (Azure, Ping)
  - Make SP metadata.xml more configuable and sign

  [Change Log]
  - b9d4786 Merge pull request #44 from timlegge/azure-lowercase
  - 4f2a40c Update for latest build
  - ffd4188 Add issuer to make testing between multiple IdPs clearer
  - 1049084 Fix issues with LogoutResponse
  - 378c815 Merge pull request #43 from timlegge/metadata
  - bfe0966 Sign Metadata
  - 1cd0003 Net::SAML2::SP configurable values for metadata

0.41 -- Thu Oct 21 17:59:37 ADT 2021

  [Significant Changes since 0.40]

  - COMPATABILITY WARNING: version 0.44 will likely make sha256 the default
  - HTTP-Redirect now supports signing and verifying with more than rsa-sha1
  - include HTTP-Post for SingleLogoutService in generated metadata
  - Destination missing in LogoutRequest
  - Added PingIdentity to the tested IdPs
  - Most other changes related to the testapp Saml2Test (in git repo)

  [Change Log]
  - 07b68dd v0.41
  - c4ec6e2 Merge pull request #38 from timlegge/dist-changes
  - 54e612e Improve packaging and update changes
  - 1d894a9 testapp: prevent app error if the are no slo_urls
  - d6e2ab9 testapp: Change to decoding in sls-redirect-response
  - 23240d8 Fixes #30 - Modules withou version and cleanup missing Abstract
  - 9c5585b Merge pull request #37 from timlegge/testapp
  - c51ba51 Tested compatiblity against PingIdentity
  - b4d3fe9 Remove end of line spaces
  - 41ef582 testapp: provide documentation on how to use the Saml2Test application
  - 5a8ebb7 Fixes #36 testapp: metadata is rendered as text by the browser
  - f1e2eca testapp: add .gitignore file testapp
  - ca4b8bd Fixes #35: Metadata does not include HTTP-Post for SingleLogoutService
  - 64008da testapp: Better org_name
  - 22073bb Update certificates with 10 year expiration
  - f215c40 testapp: add lightttpd.conf to proxy https traffic to testapp on port 3000
  - f92ba77 testapp: provide lighttpd config to deliver a metatdata.xml file
  - 2d671a4 Fixes #32: HTTP-Redirect should support more than sha1
  - 5e2425a testapp: Make required settings configurable
  - f70b0a5 Fixes #34: testapp: Dancer request_uri is not decoded
  - 8c0d048 testapp: Fixes #33 Destination is not properly assigned
  - 6e0a685 Fixes #31 Destination missing in LogoutRequest
  - 652c763 testapp: support post for LogoutResponse

0.40 - 2021-07-26

  [Significant Changes since 0.38]

  - Add support for Auth0 SAML (bug fix)
  - Add options to allow https for metadata urls

  [Change Log]
  - TDD     Update Changes and Increment version
  - 314df85 Remove Test::TrailingSpace keeps failing on automatic License file
  - 9bc0901 Mention TUTORIAL.md in synopsis and README
  - 343ae20 Rename Tutorial
  - b5591cc Update documentation for ssl_opts for Idp new_from_url

0.39-TRIAL - 2021-07-25

  [Change Log]
  - b34f4f8 Update Changes and Increment version
  - 5921d12 Fixes #28 support https urls for metadata
  - 95a2311 Fixes #29 which also supports Auth0 SAML
  - 09591b6 Test InResponseTo on Assertions

0.38 - 2021-07-23

  [Change Log]

  - 88abdeb Update Changes and Increment version

0.37-TRIAL - 2021-07-21

  [Change Log]

  - cc4e029 Update Changes and Increment version
  - f6227a4 Replace remaining XML::XPath with XML::libXML

0.36-TRIAL - 2021-07-15

  [Change Log]

  - 7bddf72 Update Changes and Increment version
  - be1a42f Remove no_comments call from IdP

0.35-TRIAL - 2021-07-14

  [Significant Changes]

  Replaces XML::XPath with XML::libXML which is better maintained and more
  powerful.  XML::libXML options are set to disable loading external documents
  and expanding entities as well as disabling network access.

  [Change Log]

  - a071834 Update Changes and Increment version
  - 3741d2a Replace XML::XPath with XML::libXML
  - f3887f5 Fixup Contributors and cleanup README
  - 9d8c3bd Automatically generate README for repo
  - 4a1f2ef Update dist.ini to use Pod2Readme

0.34 - 2021-03-30

  [Significant Changes since 0.32]

  - Mostly an improvement in documentation
  - Implement "full client" test that follows TUTORIAL.md
  - TUTORIAL.md documents how to add Net::SAML2 to your web application
  - Numerous small bug fixes/enhancements
  - Improvements in SP Metadata support
  - Add response_status to Assertion object
  - XML::Sig version 0.47 (improvements in ECDSA and DSA and other fixes)

  [Change Log]

  - 1ef0848 Update Changes and Increment version

0.33-TRIAL - 2021-03-28

  [Significant Changes]

  - Mostly an improvement in documentation
  - Implement "full client" test that follows TUTORIAL.md
  - TUTORIAL.md documents how to add Net::SAML2 to your web application
  - Numerous small bug fixes/enhancements
  - Improvements in SP Metadata support
  - Add response_status to Assertion object
  - XML::Sig version 0.47 (improvements in ECDSA and DSA and other fixes)

  [Change Log]

  - 844d0be Update Changes and Increment version
  - 7fabe59 Merge XML::Sig version 0.47
  - d62059f Add Keycloak as a tested SAML provider
  - f626fc5 Sign releases
  - 86eabae Remove space at eol
  - 64c8862 Test requires URI::URL
  - 664a0da Merge pull request #27 from timlegge/full-client
  - ab7e344 Add missing files
  - 971a951 Add missing metadat file
  - 171fd63 Merge pull request #26 from timlegge/full-client
  - cdfe47e Initial full client test
  - 1b07070 Add response_status to Assertion object
  - bcee1ea Clarify Net::SAML2::Binding::Redirect cert parameter
  - fb126f2 Merge pull request #25 from timlegge/tutorial
  - db801af Update pod information
  - 1887f90 Fix invalid newlines inserted
  - 840585a Update TUTORIAL.MD
  - 2987c08 TUTORIAL missing closing tag
  - c34dead Merge pull request #23 from timlegge/tutorial
  - cf1ac4b Fixes #22 New tutorial for integrating Net::SAML2 in your application
  - 67b9ab1 Merge pull request #21 from timlegge/issue19
  - 5377ecd Merge pull request #20 from timlegge/issue18
  - 339d5f9 Fixes #19: SP Metadata AuthnRequestsSigned and WantAssertionsSigned should be configurable
  - 9944c41 Fixes #18 - SP metatdata org_url
  - 305c587 Fixes #13 - ProviderName should be a variable
  - 68629bd Fixes #14 Improve clarity of documentaion for Redirect
  - 8c14615 Fixes #15 Documentation IdP Cert

0.32         16-Jan-2022

        Version 0.31-TRIAL with version incremented
        Significant Changes since 0.29

            1. Replace Crypt::OpenSSL::Verify509
            2. Merge latest XML::Sig

        780de03 Update Changes and Increment version

0.31-TRIAL   15-Jan-2021

        78fe988 Update Changes and Increment version
        71d67e5 Merge pull request #11 from timlegge/xml-writer
        2c6780a Fixes #10: XML::Writer requires newer version

0.30-TRIAL    13-Jan-2021

        Significant Changes

            1. Replace Crypt::OpenSSL::Verify509
            2. Merge latest XML::Sig

        Warning: This release require the installation of Crypt::OpenSSL::Verify.

        0d07622 Merge pull request #9 from timlegge/crypt-openssl-verify
        929894c Update Changes and Increment version
        ccaa892 Remove the installation of Crypt::OpenSSL::VerifyX509 from action
        36d0a5c Move to Crypt-OpenSSL-Verify as Crypt-OpenSSL-Verify is not supported
        af050d5 Merge pull request #8 from timlegge/merge-xml-sig
        91208a2 Update dependencies for Net::SAML2::XML::Sig
        359a0bd Merge XML::Sig version 0.39
        200c0ae Update some documentation details
        ed3c265 Merge XML::Sig version 0.38
        dfefef6 Remove XML::Lib added XML Declaration from Signed XML
        a39774f Copy updated XML::Sig and update name and version

0.29    12-Jan-2021

        Small release to update issues location to be github

        6a03758 Update Changes and Increment version
        08e1a17 Fixes #7 - Move issues to github

0.28    04-Jul-2020

        Increment Version for official release

        3cffcc7 Merge pull request #6 from perl-net-saml2/v0.27-prep
        9630745 (tag: 0.28, upstream/v0.27-prep) Release Version 0.28

0.27-TRIAL    03-Jul-2020

        Some overhaul of the Moose code and a couple of XML::Sig fixes
        as well as a fix to work with Perl 5.10 (Upgrade please upgrade)

        As a point of interest the external XML::Sig module has been updated
        and is now capable of replacing Net::SAML2::XML::Sig

        9afd005 Increment version to 0.27
        ccba8d8 Update Changes for v0.27
        82ed211 Update Changes
        5fe44e3 Add contributing info
        e9c3fa8 Improve GitHub Action and reduce time required
        2ecbc2b Use default Moose types instead of MooseX::Types::Moose
        ecee8bf Add predicates to Net::SAML2::Protocol::AuthnRequest
        7562ff1 Make use of builders instead of using BUILDARGS
        d46073c Specify Canonical exclusive mode for XML::Sig
        597d346 RSA|DSAKeyValue have KeyValue element
        00f6276 Reverse order of Changes file
        6f1ee32 Merge pull request #1 from waterkip/perl-510
        ca48803 Fix perl 5.10 issue with `//=` syntax
        a31840e Fix github action for newer versions of perl Checkout
                patched Crypt::OpenSSL::VerifyX509
        6c67af9 Fix perl 5.10 issue with `//=` syntax
        739673c Release does not need Docker file
        7c346f7 Update README.md
        ce250ee Update Makefile Version
        3d65d76 Try to fix hard coded directory
        13ceb8c Update changes for version 0.26

0.26-TRIAL TBD
      Some major changes in the test suite but overall minor changes to
      the rest of the module

      Thanks to https://github.com/waterkip Wesley Schwengle for the
      overhaul of the test suite

      15596bb Increment Version
      82a8b54 Add pod documentation
      62817ca Update changes
      c4c7db6 Remove unneeded manual dependency from github workflow
      56051db Update testsuite
      8c62593 Move testapp to author tests
      f4cec75 Remove Data::Dumper
      0d1ccd8 Small setup in which Net::SAML2 is build in Docker
      4746957 Make it easier to inspect makefile.pl and cpanfile
      bae12de Really need to fix this
      e399dd2 Missed a hard coded version
      09ee6f3 Hard coded directory not ideal
      ab5418d (tag: 0.25) Update Changes and increment the version

0.25  Tue, 19 May 2020 23:40:26 GMT

      What happened to version v0.21 to v0.24?

      The version of the embeded XML::Sig was higher that that of Net::SAML2
      which causes some issues in packaging so this release simply skipped the
      versions 0.21 to 0.24.  Not much else to say

      Minor changes for the most part but a requested release based on the
      removal of XML::Cannonical.  In fact that could be the only functionality
      change present.

      80db64d Add provides section of META
      8b39923 Add github action to test build
      38b05fd Make t/author/podcoverage.t a developer only test
      7473f54 XML::Canonical was removed as an option due to its age
      50d4314 t/09-authn-request.t: update tests for signed requests
      bf07c83 Generate META.json via dist.ini
      cac4ad7 Add missing pod info for Protocol/ArtifactResolve.pm
      b260946 Update README.md

0.20     Mon 13 Apr 2020 22:25 UTC

      First official release since 0.17
      See Changes for updates includes in prior unofficial releases

      b2af5f7 Ignore Build directories and Build archives
      4293ece Delete file added by mistake and increment version number
      bcfcc21 Embedded tabs to Space
      f792089 Protocol/Assertion.pm: improve documentation and test for in_response_to
      f7e3965 Improve Redirect dobumentation
      474f1b7 Fix lib/Net/SAML2/IdP.pm docs
      3087931 Fix up AuthnRequest docs and improve test
      4caff6b Add Contributors to dist.ini
      bd665c4 (additional-tests) Improve AuthnReq documentation
      a492107 Add link to github repo
      6fb076c Create README.md
      963d871 (tag: 0.20.03-TRIAL) Add dist.ini
      f4232c2 Update changes for 0.20.03 TRIAL

0.20.03 TRIAL

      The following people have contributed code and fixed issues since
      the last official version 0.17 by Chris Andrews

      Alessandro Ranellucci <aar@cpan.org>
      dmborque@gmail.com
      Jeff Fearn <jfearn@redhat.com>
      Mike Wisener <mwisener@secureworks.com>
      Mike Wisener <xmikew@cpan.org>
      Peter Marschall <peter@adpm.de>
      Timothy Legge <timlegge@gmail.com>
      xmikew <github@32ths.com>

      Based on Github repo https://github.com/timlegge/perl-Net-SAML2

      6657a95 Delete dynamic packaging files and update version
      225a3b4 Missed a trailing space
      12230c8 Fix the end of lines
      f353d18 Update changes since 0.17 add repo ref
      2b6f908 Update changes since 0.17
      34b7ce3 Fix #12 Some tests are always passing
      6be1c12 Fix Issue #6 - cert required in Binding/Redirect
      772f26f Fix Issue #4 - Missing paramaters in SYNOPSIS
      17e5aa4 Add additional pod coverage
      7d3a69f Fix pod syntax

0.19.05  Sat 4 May 2019

      Unreleased

      Github release only https://github.com/timlegge/perl-Net-SAML2/releases

      b37bb43 Cleanup whitespace issues
      a0d3754 (origin/dev) Cleanup whitespace issues
      4cb8313 Bump Version
      6177d15 XML::Tidy is now a dependancy
      b034e7f Remove comments from XML before processing it
      8167478 Initial support to remove comments from XML
      894e6f3 Testing changes to remove comments
      6ecf28e nameid_format is not required
      aae8f3b NameIDFormat is optional in metadata
      a606e20 Update ProtocolMessage.pm
              xsd:ID cannot start with a number·

      Github fork from https://github.com/alranel/perl-Net-SAML2

      9d2bcb5 Added parsing of substatus
      3d40cd9 Add validation of InResponseTo and fix a bug in assertion
              parsing
      8bfc7c2 Have issuer and destination be populated for all messages
      9818895 Bugfix: due to an upstream bug, attributes parsing did
              not work when using custom namespace aliases
      4fea809 Make CA validation optional; add assertion_index and
              attribute_index
      038d418 One more fix for namespace declarations
      dd06637 Fix namespace declarations for AuthnRequest
      cc77b85 Allow empty AuthnContextClassRef and AuthnContextDeclRef
      91509f5 Quotes
      29f74d9 Added RequestedAuthnContext to AuthnRequest
      7f459c3 Added nameidpolicy_format to AuthnRequest
      6ba6096 Added issuer_namequalifier and issuer_format to AuthnRequest
      6cc8de3 Bugfix: X509Certificate was not read when input XML didn't use
              the 'ds:' alias
      1489051 Make the AuthnRequest attributes writeable
      f37bdbd Make IdP certificate verification emit a warning instead of
              croaking

0.17_06  Tue 2 May 2017

      Unreleased

      Github Only fork https://github.com/xmikew/perl-Net-SAML2

      e6efb23 (tag: v0.17_06) Bump version
      211ee5c Bump version
      b6abed4 Fix XML::Sig.pm verify function to properly handle nodeset
              returns from ->find. ->find always returns something according
	      to the documentation. Check ->size to determine proper verify
	      method (cert, rsa, dsa).
      f7d26b9 Merge branch 'jfearn-devel'
      e5f3140 Clean up add in_response_to to  Assertation
      5d3256a Added support to Sig.pm for sha's > sha1 Fix Sig.pm to only grap
              the root signature, assertating sigs where breaking it Add some
	      strictures and warnings
      b0adf09 Set proper case on XML::XPath attribute
      3184145 expose xpath object on the assertion
      6f46088 - merge post_with_cert branch > Accept cert_text in POST
              constructor and pass along to XML::Sig   allows verification
	      using IDP metadata of POST data.
      45ef539 Add XML::Writer
      4e3ff81 - AuthnRequest XML generation moved to XML::Writer - Allow
              Subject, AssertionConsumerServiceURL and protocol-binding -
	      Remove requirement of Destination attribute.
      a9a7492 (origin/idp_params) Allow slo_urls and art_urls to be undef
              - not required by SAMLv2 spec
      e3ccd0d Merge branch 'multiple_sig_support'
      2596d6a Sig.pm: use Digest::SHA instead of Digest:SHA1
      a3e3deb add additional attribute 'key' to Net::SAML2::SP
      ebd4c76 IdP.pm: simplify $idp->format() a bit
      13bc56d documentation updates
      48fc1cb Sig.pm: improve compatibility with simplesamlphp
      710d85d tell encode_base64 to not add newlines to returned digest

0.17     Fri 13 Jan 2012 13:41:23 GMT

      Handle the InclusiveNamespaces element in XML Signature
      Handle embedded certificate data presented without newlines.

0.16     Tue 01 Mar 2011 09:40:13 GMT

      Use the IdP's advertised NameID formats.

0.15     Wed 09 Feb 2011 14:55:28 GMT

      Handle unwrapped base64 certificate data in IdP metadata.

0.14     Thu 13 Jan 2011 19:26:46 GMT

      Add SingleLogout with Redirect binding to SP metadata
      Rename local copy of XML::Sig.

0.12     Thu 13 Jan 2011 12:59:02 GMT

      PAUSE-hide the local XML::Sig

0.11     Wed 12 Jan 2011 21:07:42 GMT

      Test Updates

0.10     Tue 11 Jan 2011 15:11:38 GMT

      First usable version.

      POD, tests, Moose, etc.
      Embeds a local copy of XML::Sig

0.01_01  Mon  4 Oct 2010 12:47:56 BST

      Initial version.

      This version will correctly perform Web Browser SSO, but
      with caveats. See the embedded documentation for details.