Skip to content

Releases: SAML-Toolkits/php-saml

OneLogin's SAML PHP Toolkit v4.3.0

25 May 14:30
@pitbulk pitbulk
4.3.0
bf5efce

Choose a tag to compare

View all tags
OneLogin's SAML PHP Toolkit v4.3.0 Latest
Latest
  • PHP 8.4 Compatibility via #600 and #607.
  • #619 Add Parameter checking on validateBinarySign, inspired on CVE-2025-27773
  • #603 Fix typo in ignoreValidUntil that breaks metadata. Add parameter to exclude validUntil on Settings getSPMetadata
  • #594 Add support for encrypted name id in encrypted assertion
  • Fix buildWithBaseURLPath. See #581
  • Doc fix typo
  • Remove Travis CI references
Assets 2
Loading

OneLogin's SAML PHP Toolkit v3.8.0

25 May 14:29
@pitbulk pitbulk
3.8.0
03bd22f

Choose a tag to compare

View all tags
OneLogin's SAML PHP Toolkit v3.8.0
  • #619 Add Parameter checking on validateBinarySign, inspired on CVE-2025-27773
  • #603 Fix typo in ignoreValidUntil that breaks metadata. Add parameter to exclude validUntil on Settings getSPMetadata
  • #594 Add support for encrypted name id in encrypted assertion
  • Fix buildWithBaseURLPath. See #581
  • Doc fix typo
  • Remove Travis CI references
Loading

OneLogin's SAML PHP Toolkit v2.21.0

25 May 14:19
@pitbulk pitbulk
2.21.0
3678f2c

Choose a tag to compare

View all tags
OneLogin's SAML PHP Toolkit v2.21.0
  • #619 Add Parameter checking on validateBinarySign, inspired on CVE-2025-27773
  • #603 Fix typo in ignoreValidUntil that breaks metadata. Add parameter to exclude validUntil on Settings getSPMetadata
  • #594 Add support for encrypted name id in encrypted assertion
  • Fix buildWithBaseURLPath. See #581
  • Doc fix typo
  • Remove Travis CI references
Loading

OneLogin's SAML PHP Toolkit v4.2.0

30 May 15:24
@pitbulk pitbulk
4.2.0
d3b5172

Choose a tag to compare

View all tags
OneLogin's SAML PHP Toolkit v4.2.0
  • #586 IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
  • #585 Declare conditional return types
  • #577 Allow empty NameID value when no strict or wantNameId is false
  • #570 Support X509 cert comments
  • #569 Add parameter to exclude validUntil on SP Metadata XML
  • #551 Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
  • LogoutRequest and the LogoutResponse object to separate functions
  • Make Saml2\Auth can accept a param $spValidationOnly
  • Fix typos on readme.
  • #480 Fix typo on SPNameQualifier mismatch error message
  • Remove unbound version constraints on xmlseclibs
  • Update dependencies
  • Fix test payloads
  • Remove references to OneLogin.
Loading

OneLogin's SAML PHP Toolkit v3.7.0

30 May 15:23
@pitbulk pitbulk
3.7.0
91c1a3b

Choose a tag to compare

View all tags
OneLogin's SAML PHP Toolkit v3.7.0
  • #586 IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
  • #585 Declare conditional return types
  • Make Saml2\Auth can accept a param $spValidationOnly
  • #577 Allow empty NameID value when no strict or wantNameId is false
  • #570 Support X509 cert comments
  • #569 Add parameter to exclude validUntil on SP Metadata XML
  • #551 Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
  • #487 Enable strict check on in_array method
  • Make Saml2\Auth can accept a param $spValidationOnly
  • Fix typos on readme.
  • Add warning about Open Redirect and Reply attacks
  • Add warning about the use of IdpMetadataParser class. If Metadata URLs
    are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF
  • Fix test payloads
  • Remove references to OneLogin.
Loading

OneLogin's SAML PHP Toolkit v2.20.0

30 May 15:21
@pitbulk pitbulk
2.20.0
17d9a81

Choose a tag to compare

View all tags
OneLogin's SAML PHP Toolkit v2.20.0
  • #586 IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
  • #585 Declare conditional return types
  • Make Saml2\Auth can accept a param $spValidationOnly
  • #577 Allow empty NameID value when no strict or wantNameId is false
  • #570 Support X509 cert comments
  • #569 Add parameter to exclude validUntil on SP Metadata XML
  • #551 Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
  • #487 Enable strict check on in_array method
  • Fix typos on readme.
  • #480 Fix typo on SPNameQualifier mismatch error message
  • Add $spValidationOnly param to Auth
  • Update xmlseclibs (3.1.2 without AES-GCM and OAEP support)
  • Add warning about Open Redirect and Reply attacks
  • Add warning about the use of IdpMetadataParser class. If Metadata URLs
    are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF
  • Update dependencies
  • Fix test payloads
  • Remove references to OneLogin.
Loading

OneLogin's SAML PHP Toolkit v4.1.0

15 Jul 20:45
@bzvestey bzvestey
4.1.0
b22a57e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
OneLogin's SAML PHP Toolkit v4.1.0
  • Add pipe through for the $spValidationOnly setting in the Auth class.
Loading

OneLogin's SAML PHP Toolkit v4.0.1

27 Jun 16:17
@bzvestey bzvestey
4.0.1
bc0eda0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
OneLogin's SAML PHP Toolkit v4.0.1
  • Add compatibility with PHP 8.1
    • If null param are provided to trim or preg_match, when PHP 8.1 has deprecation errors enabled, php-saml will raise errors.
Loading

OneLogin's SAML PHP Toolkit v4.0.0

02 Mar 11:07
@pitbulk pitbulk
4.0.0
f30f506

Choose a tag to compare

View all tags
OneLogin's SAML PHP Toolkit v4.0.0
  • Supports PHP 8.X, drop support PHP < 7.3
Loading

OneLogin's SAML PHP Toolkit v3.6.1

02 Mar 10:14
@pitbulk pitbulk
3.6.1
a7328b1

Choose a tag to compare

View all tags
OneLogin's SAML PHP Toolkit v3.6.1
  • #467 Fix bug on getSelfRoutedURLNoQuery method
Loading