passport-saml - npm Package Compare versions

Comparing version 0.32.1 to 0.33.0

lib/passport-saml/strategy.js

		@@ -15,3 +15,11 @@ var passport = require('passport-strategy');

		this.name = 'saml';
		// Customizing the name can be useful to support multiple SAML configurations at the same time.
		// Unlike other options, this one gets deleted instead of passed along.
		if (options.name) {
		this.name = options.name;
		delete options.name;
		}
		else {
		this.name = 'saml';
		}

		@@ -18,0 +26,0 @@ passport.Strategy.call(this);

package.json

		{
		"name": "passport-saml",
		"version": "0.32.1",
		"version": "0.33.0",
		"license" : "MIT",
		@@ -5,0 +5,0 @@ "keywords": [

README.md

		@@ -66,3 +66,3 @@ Passport-SAML
		* `attributeConsumingServiceIndex`: optional `AttributeConsumingServiceIndex` attribute to add to AuthnRequest to instruct the IDP which attribute set to attach to the response ([link](http://blog.aniljohn.com/2014/01/data-minimization-front-channel-saml-attribute-requests.html))
		* `disableRequestedAuthnContext`: if truthy, do not request a specific auth context
		* `disableRequestedAuthnContext`: if truthy, do not request a specific authentication context. This is [known to help when authenticating against Active Directory](https://github.com/bergie/passport-saml/issues/226) (AD FS) servers.
		* `authnContext`: if truthy, name identifier format to request auth context (default: `urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport`)
		@@ -79,2 +79,5 @@ * `forceAuthn`: if set to true, the initial SAML request from the service provider specifies that the IdP should force re-authentication of the user, even if they possess a valid session.
		* `passReqToCallback`: if truthy, `req` will be passed as the first argument to the verify callback (default: `false`)
		* `name`: Optionally, provide a custom name. (default: `saml`). Useful If you want to instantiate the strategy multiple times with different configurations,
		allowing users to authenticate against multiple different SAML targets from the same site. You'll need to use a unique set of URLs
		for each target, and use this custom name when calling `passport.authenticate()` as well.
		* Logout
		@@ -133,3 +136,3 @@ * `logoutUrl`: base address to call with logout requests (default: `entryPoint`)

		It is a good idea to validate the incoming SAML Responses. For this, you can provide the Identity Provider's public PEM-encoded X.509 certificate using the `cert` confguration key. The "BEGIN CERTIFICATE" and "END CERTIFICATE" lines should be stripped out and the certificate should be provided on a single line.
		It is a good idea to validate the signatures of the incoming SAML Responses. For this, you can provide the Identity Provider's public PEM-encoded X.509 signing certificate using the `cert` confguration key. The "BEGIN CERTIFICATE" and "END CERTIFICATE" lines should be stripped out and the certificate should be provided on a single line.

		@@ -136,0 +139,0 @@ ```javascript

passport-saml - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics