python3-saml
Saml Python Toolkit. Add SAML support to your Python software using this library
Description
Saml Python Toolkit. Add SAML support to your Python software using this library
Release History
| Version | Changes | Urgency | Date |
|---|---|---|---|
| 1.16.0 | Imported from PyPI (1.16.0) | Low | 4/21/2026 |
| v1.16.0 | - [#364](https://github.com/SAML-Toolkits/python3-saml/commit/d1bfaeb17a786735827b8252b91deafde29dabd8) Improve get_metadata method from Parser, allowing to set headers - Fix WantAuthnRequestsSigned parser - Fix expired payloads used on tests - Updated content from docs folder | Low | 10/9/2023 |
| v1.15.0 | - [#317](https://github.com/SAML-Toolkits/python3-saml/pull/317) Handle unicode characters gracefully in python 2 - [#338](https://github.com/SAML-Toolkits/python3-saml/pull/338) Fix WantAuthnRequestsSigned parser - [#339](https://github.com/SAML-Toolkits/python3-saml/pull/339) Add Poetry support - Remove version restriction on lxml dependency - Updated Django demo to 4.X (only py3 compatible) - Updated Travis file. Forced lxml to be installed using no-validate_binary - Removed references | Low | 12/27/2022 |
| v1.14.0 | - [#297](https://github.com/onelogin/python3-saml/pull/297) Don't require yanked version of lxml. - [#298](https://github.com/onelogin/python3-saml/pull/298) Add support for python 3.10 and cleanup the GHA. - [#299](https://github.com/onelogin/python3-saml/pull/299) Remove stats from coveralls removed as they are no longer maintained. | Low | 2/18/2022 |
| v1.13.0 | - [#296](https://github.com/onelogin/python3-saml/pull/296) Add rejectDeprecatedAlgorithm settings in order to be able reject messages signed with deprecated algorithms. - Set sha256 and rsa-sha256 as default algorithms - [#288](https://github.com/onelogin/python3-saml/pull/288) Support building a LogoutResponse with non-success status - Added warning about Open Redirect and Reply attacks - [##274](https://github.com/onelogin/python3-saml/pull/274) Replace double-underscored names with singl | Low | 1/28/2022 |
| v1.12.0 | * [#276](https://github.com/onelogin/python3-saml/pull/276) Deprecate server_port from request data dictionary | Low | 8/13/2021 |
| v1.11.0 | * [#261](https://github.com/onelogin/python3-saml/pull/261) Allow duplicate named attributes, controlled by a new setting * [#268](https://github.com/onelogin/python3-saml/pull/268) Make the redirect scheme matcher case-insensitive * [#256](https://github.com/onelogin/python3-saml/pull/256) Improve signature validation process. Add an option to use query string for validation * [#259](https://github.com/onelogin/python3-saml/pull/259) Add get metadata timeout * [#246](https://github.com/onel | Low | 7/23/2021 |
| v1.10.1 | * Fix bug on LogoutRequest class, get_idp_slo_response_url was used instead get_idp_slo_url | Low | 1/27/2021 |
| v1.10.0 | * Added custom lxml parser based on the one defined at xmldefused. Parser will ignore comments and processing instructions and by default have deactivated huge_tree, DTD and access to external documents * Destination URL Comparison is now case-insensitive for netloc * Support single-label-domains as valid. New security parameter allowSingleLabelDomains * Added get_idp_sso_url, get_idp_slo_url and get_idp_slo_response_url methods to the Settings class and use it in the toolkit * [#212](https: | Low | 1/14/2021 |
| v1.9.0 | * Allow any number of decimal places for seconds on SAML datetimes * Fix failOnAuthnContextMismatch code * Improve signature validation when no reference uri * Update demo versions. Improve them and add Tornado demo. | Low | 11/20/2019 |
| v1.8.0 | * Set true as the default value for strict setting * [#152](https://github.com/onelogin/python3-saml/pull/152/files) Don't clean xsd and xsi namespaces * Drop python3.4 support due lxml. See lxml 4.4.0 (2019-07-27) | Low | 9/11/2019 |
| v.1.7.0 | - Adjusted acs endpoint to extract NameQualifier and SPNameQualifier from SAMLResponse. Adjusted single logout service to provide NameQualifier and SPNameQualifier to logout method. Add getNameIdNameQualifier to Auth and SamlResponse. Extend logout method from Auth and LogoutRequest constructor to support. SPNameQualifier parameter. Align LogoutRequest constructor with SAML specs. - Added get_in_response_to method to Response and LogoutResponse classes - Update defusexml dependency | Low | 7/2/2019 |
| v1.6.0 | * Add support for Subjects on AuthNRequests by the new name_id_value_req parameter * [#127](https://github.com/onelogin/python3-saml/pull/127) Fix for SLO when XML specifies encoding * [#126](https://github.com/onelogin/python3-saml/pull/126) Fixed setting NameFormat attribute for AttributeValue tags | Low | 4/9/2019 |
| v1.5.0 | * Security improvements. Use of tagid to prevent XPath injection. Disable DTD on fromstring defusedxml method * [#97](https://github.com/onelogin/python3-saml/pull/97) Check that the response has all of the AuthnContexts that we provided * Adapt renders from Django demo for Django 1.11 version * Update pylint dependency to 1.9.1 * If debug enable, print reason for the SAMLResponse invalidation * Fix DSA constant * [#106](https://github.com/onelogin/python3-saml/pull/106) Support NameID chi | Low | 1/29/2019 |
| v1.4.1 | Changelog: * Add ID to EntityDescriptor before sign it on add_sign method. * Update defusedxml, coveralls and coverage dependencies * Update copyright and license reference | Low | 4/25/2018 |
| v1.4.0 | Changelog: * Fix vulnerability [CVE-2017-11427](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11427). Process text of nodes properly, ignoring comments * Improve how fingerprint is calcultated * Fix issue with LogoutRequest rejected by ADFS due NameID with unspecified format instead no format attribute * Fix signature position in the SP metadata * [#80](https://github.com/onelogin/python3-saml/pull/80) Preserve xmlns:xs namespace when signing and serializing responses * Redefine | Low | 2/27/2018 |
| v1.3.0 | * Improve decrypt method, Add an option to decrypt an element in place or copy it before decryption. * [#63](https://github.com/onelogin/python3-saml/pull/63) Be able to get at the auth object the last processed ID (response/assertion) and the last generated ID, as well as the NotOnOrAfter value of the valid SubjectConfirmationData in the processed SAMLResponse * On a LogoutRequest if the NameIdFormat is entity, NameQualifier and SPNameQualifier will be ommited. If the NameIdFormat is not enti | Low | 9/16/2017 |
| v1.2.6 | * Use defusedxml that will prevent XEE and other attacks based on the abuse on XMLs. (CVE-2017-9672) | Low | 6/15/2017 |
| v1.2.5 | Changelog: * Fix issue related with multicers (multicerts were not used on response validation) | Low | 6/2/2017 |
| v1.2.4 | Changelog: * Publish KeyDescriptor[use=encryption] only when required * [#57](https://github.com/onelogin/python3-saml/pull/57) Be able to register future SP x509cert on the settings and publish it on SP metadata * [#57](https://github.com/onelogin/python3-saml/pull/57) Be able to register more than 1 Identity Provider x509cert, linked with an specific use (signing or encryption * [#57](https://github.com/onelogin/python3-saml/pull/57) Allow metadata to be retrieved from source containing da | Low | 5/18/2017 |
| v1.2.3 | - Fix p3 compatibility. | Low | 1/15/2017 |
| v1.2.2 | This version includes improvements oriented to help the developer to debug. Changelog: - [#37](https://github.com/onelogin/python3-saml/pull/37) Add option to raise response validation exceptions - [#42](https://github.com/onelogin/python3-saml/pull/42) Optionally raise detailed exceptions vs. returning False. Implement a more specific exception class for handling some validation errors. Improve/Fix tests. Add support for retrieving the last ID of the generated AuthNRequest / LogoutRequest. Add | Low | 1/11/2017 |
| v1.2.1 | - [#30](https://github.com/onelogin/python3-saml/pull/30) Fix a bug on signature checks | Low | 10/18/2016 |
| v1.2.0 | This version includes a security patch that contains extra validations that will prevent signature wrapping attacks. Changelog: - Several security improvements: - Conditions element required and unique. - AuthnStatement element required and unique. - SPNameQualifier must math the SP EntityID - Reject saml:Attribute element with same βNameβ attribute - Reject empty nameID - Require Issuer element. (Must match IdP EntityID). - Destination value can't be blank (if present must match | Low | 10/14/2016 |
| v1.1.4 | Changelog: - Change the decrypt assertion process. - Add 2 extra validations to prevent Signature wrapping attacks. | Low | 6/27/2016 |
| v1.1.3 | Changelog: - Fix Metadata XML (RequestedAttribute) - Fix Windows specific Unix date formatting bug. - Fix SHA384 Constant URI - Refactor of settings.py to make it a little more readable. - Bugfix for ADFS lowercase signatures - READMEs suggested wrong cert name | Low | 6/3/2016 |
| v1.1.2 | Changelog: - Allow AuthnRequest with no NameIDPolicy. - Remove NameId requirement on SAMLResponse, now requirement depends on setting - Use python-xmlsec 0.6.0 - Make idp settings optional - Fix Organization element on SP metadata. Minor style code fix - Add debug parameter to decrypt method - Support AttributeConsumingService - Improve AuthNRequest format - Fix unspecified NameID - Make deflate process when retrieving built SAML messages optional - Not compare Assertion InResponseTo if not foun | Low | 5/14/2016 |
| v1.1.1 | Changelog: - Make AttributeStatements requirement optional | Low | 4/1/2016 |
Dependencies & License Audit
Loading dependencies...
Similar Packages
azure-monitor-opentelemetry-exporterMicrosoft Azure Monitor Opentelemetry Exporter Client Library for Pythonazure-template_0.1.0b6187637
azure-monitor-opentelemetryMicrosoft Azure Monitor Opentelemetry Distro Client Library for Pythonazure-template_0.1.0b6187637