(being respectful with occurences that might change the behaviour, i.e. default database prefixes)

Export the new 'hide.from.discovery' option in the PHP metadata array when the "Hide From Discovery" REFEDS Entity Category is defined in the hosted IdP metadata.

Deprecate SimpleSAML_Utilities::getDefaultEndpoint().

Move SimpleSAML_Utilities:: checkURLAllowed() to SimpleSAML\Utils\HTTP:: checkURLAllowed() and deprecate the former.

Move SimpleSAML_Utilities::selfURLNoQuery() to SimpleSAML\Utils\HTTP::getSelfURLNoQuery() and deprecate the former.

Move SimpleSAML_Utilities:::getBaseURL() to SimpleSAML\Utils\HTTP::getBaseURL() and deprecate the former.

Move SimpleSAML_Utilities::requireAdmin() to SimpleSAML_Utils_Auth::requireAdmin(). Deprecate the former and stop using it.

Mark the old ones as deprecated and schedule them for removal in 2.0.

Fail more gracefully when the different endpoints are accessed directly. Instead of displaying an "Unable to find the current binding" error message that creates confusion, tell the user it's his fault.

Migrate hosted IdP metadata to use the new getContact() helper function. Include also the contact information in SSP generated configuration. Honour contact configuration in hosted metadata, the same way as in hosted SP metadata. Solve #101.

Set WantAuthnRequestsSigned in the generated IdP XML metadata if validate.authnrequest or redirect.validate options are set in saml20-idp-hosted metadata (with that order of precedence). Fixes #43.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3339 44740490-163a-0410-bde0-09ae8108e29a

Followup on previous commits. Use redirectUntrustedURL() as a shortcut, and let everything else make use of redirectTrustedURL(). Move the responsibility to check the input out of the library, to the places where URLs are grabbed from input parameters.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3332 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3323 44740490-163a-0410-bde0-09ae8108e29a

Full support for HTTP-POST binding in WebSSO profile. Two new directives in hosted metadata (SingleSignOnServiceBinding and SingleLogoutServiceBinding) to control the bindings published as supported in the metadata.

Bugfix in the logout handler (SOAP binding should be reused when responding a request).

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3257 44740490-163a-0410-bde0-09ae8108e29a

Fixed a bug on ArtifactResolutionService introduced by a previous commit on new SHA signatures support.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3186 44740490-163a-0410-bde0-09ae8108e29a

This patch adds support parsing and generating metadata with the
mdui:UIInfo and mdui:DiscoHints elements.

Support for generating metadata with the extensions is added to the
SAML 2.0 IdP. It should also work through the metadata aggregator.

Thanks to Timothy Ace at Synacor, Inc. for implementing this!

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3088 44740490-163a-0410-bde0-09ae8108e29a

This patch adds support for the holder-of-key profile for both the
SAML 2.0 SP and the SAML 2.0 IdP.

Thanks to Andreas Mayer for implementing this!

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3061 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2895 44740490-163a-0410-bde0-09ae8108e29a

Thanks to Dyonisius Visser for implementing this!

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2858 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2817 44740490-163a-0410-bde0-09ae8108e29a

Thanks to Andjelko Horvat for providing this patch!

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2683 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2617 44740490-163a-0410-bde0-09ae8108e29a

ArtifactResolutionService: Return empty ArtifactResponse when receiving a duplicate ArtifactResolve.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2534 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2491 44740490-163a-0410-bde0-09ae8108e29a

Also remove those instances of the $session variable that became unused.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2479 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2303 44740490-163a-0410-bde0-09ae8108e29a

htmlentities uses the ISO-8859-1 charset by default, which breaks when
we are using UTF-8 data. It also emits entities that are invalid in XML.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2302 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2285 44740490-163a-0410-bde0-09ae8108e29a

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2284 44740490-163a-0410-bde0-09ae8108e29a