djangosaml2

• General code refactor based on Django ClassViews
• Better Code Coverage
• Discovery Service support
• HTTP-Redirect with optional signed authn requests

Discovery Service support

Minor release with two bugfixes. The first regards the missing signature in http-redirect sso binding, the second came with the latter changes introduced by SameSite cookie, now fixed.

• Allow a SSO request without any attributes besides the NameID info. Backwards-incompatible changes to allow easier behaviour differentiation, two methods now receive the idp identifier (+ **kwargs were added to introduce possible similar changes in the future with less breaking effect):
  • Method signature changed on Saml2Backend.clean_attributes: from clean_attributes(self, attributes: dict) to clean_attributes(self, attributes: dict, idp_entityid: str, **kwargs)
  • Methodignature changed on Saml2Backend.is_authorized: from is_authorized(self, attributes: dict, attribute_mapping: dict) to is_authorized(self, attributes: dict, attribute_mapping: dict, idp_entityid: str, **kwargs)
• SAML session refactor and minor changes in README file
• local Logout - indipendent by IdP SLO Response

SameSite workaround with a specialized cookie decoupled from django default one

• Bugfix: Always save newly created users when ATTRIBUTE_MAPPING is missing in the config
• pySAML2 v5.3.0

• Fixed creating new user with iexact lookup

• Support several required fields during User creation
• Don't pass sigalg parameter when not signing login request
• ALLOW_SAML_HOSTNAMES validation for redirect
• Custom attribute mapping for Django user model (example)
• Slo absence workaround
• Metadata EntityID exception handling
• Fix unsigned authentication request to POST endpoint
• py38 Test fixes
• CI with Github actions
• Backend restructuring for easier subclassing
• Assertion consumer service now more extensible as a class-based view
  with hooks that can be overridden by subclass implementations.