The old privatekey_pass was (wrongly) expected to be reused for the new
privatekey_pass. That prevented my SP from loading the new_privatekey.
Users could not log in from entities using the new key.

Clarify that the new key needs a new_privatekey_pass entry.

Closes: #1430

* Configurable ProviderName

Co-authored-by: Tim van Dijen <tvdijen@gmail.com>

Closes #1346

* Remove deprecated classes

* Remove support for certificate fingerprints

* Remove many deprecated methods and pieces of code

* Remove SAML1.1/Shib1.3 support

* Remove many superfluous annotations

* Update unit test to work with new PHPunit

Closes #1268 
Closes #1020 
Closes #431 
Closes #167 
Closes #151 

add store option to SQLPersistentNameID

This commit adds the ability to override the defaults in the generated SP metadata for SLO Location and ACS endpoints. This is necessary for my use case as I have additional ACS endpoints to publish in my metadata beyond the generated ones as well as a custom SLO handler that I need to direct my users to. If unset in the config, it uses the defaults as before.

Change documentation from recommending 2048 bit keys to using 3072 bit
keys.

Given that we're recommending people generate ten-year keys, 2048 bit
keys are probably a bit short. Almost all commercial certificate
authorities now recommend 4096 bit keys, and eduGAIN requires 3072 bit
keys for new federations.

This change aligns the SimpleSAMLphp documentation with the lower
eduGAIN requirement, since that still meets most standards bodies
recommendations for 2028 (ten years from now). cf
https://www.keylength.com/

SHA-1 is still supported but needs to be configured explicitly if you need it.

It can now be used with \SimpleSAML\Auth\Simple, although the old name still works too.

Added configuration support for index and isDefault on the generated md:AttributeConsumingService element

Added two metadata configuration options attributes.index and attributes.isDefault to the Service Provider section that outputs to the md:AttributeConsumingService element.
attributes.index overrides the index attribute value with another integer value specified.
attributes.isDefault adds the isDefault attribute with the given boolean value, if the configuration option is specified.

This enables too the implementation of additional contact attributes, as requested in #509 to support the SIRTFI framework.

Even though the default "exact" is used by most people, and few products support anything else, there's people asking for this.

Since we have updated the version of the SAML2 library in use, we should use SAML2\Constants now.

The new saml:FilterScopes allows a SAML Service Provider to remove the values from a scoped attribute whose scope is not declared in the IdP metadata and/or does not match with the domain in use by the IdP itself.

This closes #22.

Now we are finally using the 2.x branch of the SAML2 library, which was also migrated to use namespaces. Even though the library provides an autoloader that allows loading the classes with the old names using class aliasing, we need to do the migration in one commit (at least for most part of it). This is due to the way SimpleSAMLphp checks data types, using inheritance to check objects agains abstract or more general classes. Even though class aliasing works, there's no way to replicate those relationships, and type checks that use the old class names will fail because the aliases are virtually new classes that don't inherit from others.

Change the extension of the documentation files from .txt to .md so that they can processed as markdown and displayed in github.

(being respectful with occurences that might change the behaviour, i.e. default database prefixes)

This reverts commit 09c5a23f.

SHA-1 is still supported but needs to be configured explicitly if you need it.

Provide config options to allow SQLPersistentNameID to be less conservative about creating entries in the SQL datastore, whilst preserving default behaviour

Support for WantAssertionsSigned and AuthnRequestsSigned in SAML 2.0 SP metadata. New hosted SP configuration option WantAssertionsSigned to control this attribute in exported metadata.

Document the new feature implemented by Andrea Biancini to add friendly names to attributes in the SP's metadata. Solves issue #60.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3346 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3341 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3333 44740490-163a-0410-bde0-09ae8108e29a