a filter for adding attributes from LDAP has problem with empty attributes

## [10.5.1](https://github.com/CESNET/simplesamlphp-module-authswitcher/compare/v10.5.0...v10.5.1) (2022-06-22)

### Bug Fixes

* prevent undefined offset warning ([851c636c](https://github.com/CESNET/simplesamlphp-module-authswitcher/commit/851c636cbfb8795e0a0f9196b3ab48d6061621c3))

chore(deps): update dependency symplify/easy-coding-standard to v11

chore(deps): lock file maintenance

chore: update ecs.php

chore(deps): update dependency prettier to v2.7.1

chore(deps): update dependency semantic-release to 19.0.3 [security]

chore(deps): update dependency npm to 8.11.0 [security]

# [10.5.0](https://github.com/CESNET/simplesamlphp-module-authswitcher/compare/v10.4.0...v10.5.0) (2022-06-02)

### Features

* entropy of user password is now checked by attributes passed from authsource ([06028eba](https://github.com/CESNET/simplesamlphp-module-authswitcher/commit/06028ebae52df57401554d62e07b6535cca94bfa))

feat: entropy of user password is now checked by attributes passed from authsource

# [10.4.0](https://github.com/CESNET/simplesamlphp-module-authswitcher/compare/v10.3.0...v10.4.0) (2022-06-01)

### Features

* set AuthnContext in proxy mode, MFA from upstream for maxUserCapability ([b8b574bc](https://github.com/CESNET/simplesamlphp-module-authswitcher/commit/b8b574bc7483f0c048b41e4088f10b73511e0a19))

feat: set AuthnContext in proxy mode, MFA from upstream for maxUserCapability

maxUserCapability is set if MFA was performed at upstream IdP

chore(deps): lock file maintenance

# [10.3.0](https://github.com/CESNET/simplesamlphp-module-authswitcher/compare/v10.2.2...v10.3.0) (2022-04-14)

### Bug Fixes

* correct behavior for mfa_preferred_privacyidea_fail=true ([f52389be](https://github.com/CESNET/simplesamlphp-module-authswitcher/commit/f52389be92983e56445b9d4490b25ff03454fc4b))

### Features

* realm option for GetMfaTokensPrivacyIDEA ([c49bfd80](https://github.com/CESNET/simplesamlphp-module-authswitcher/commit/c49bfd8058cebaf8c9bd1652554d0dc51f65000d))
* timeout and connect_timeout options ([e59d98a4](https://github.com/CESNET/simplesamlphp-module-authswitcher/commit/e59d98a426c9106452f4068cd9985dc82669f3b9))

Improvements for problematic situations

fix typo in GetMfaTokensPrivacyIDEA, fix logic in SwitchAuth

limit requests to privacyIDEA by number of seconds

allows service account in non-default realm

## [10.2.2](https://github.com/CESNET/simplesamlphp-module-authswitcher/compare/v10.2.1...v10.2.2) (2022-04-07)

### Bug Fixes

* read mfaEnforced correctly ([dc5f46a6](https://github.com/CESNET/simplesamlphp-module-authswitcher/commit/dc5f46a6a8187ee3ab4af2c6a6f06c7d8f9d9dd2))

## [10.2.1](https://github.com/CESNET/simplesamlphp-module-authswitcher/compare/v10.2.0...v10.2.1) (2022-04-07)

### Bug Fixes

* allow enforced MFA even when only password is requested ([04095531](https://github.com/CESNET/simplesamlphp-module-authswitcher/commit/0409553188aff05ee8bdcc3afb0a463e4e994a1d))
* do not enforce MFA if already done in proxy mode ([a8c5ad9e](https://github.com/CESNET/simplesamlphp-module-authswitcher/commit/a8c5ad9e133b356bc736e4d74b60b8cbbf109779))

fix enforced MFA

chore(deps): update dependency ansi-regex to 3.0.1 [security]

previously MFA was enforced even if already done

it is expected that password is a part of MFA,
therefore password/SFA may be asserted when doing MFA