OneLogin's SAML PHP Toolkit v4.2.0

• #586 IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
• #585 Declare conditional return types
• #577 Allow empty NameID value when no strict or wantNameId is false
• #570 Support X509 cert comments
• #569 Add parameter to exclude validUntil on SP Metadata XML
• #551 Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
• LogoutRequest and the LogoutResponse object to separate functions
• Make Saml2\Auth can accept a param $spValidationOnly
• Fix typos on readme.
• #480 Fix typo on SPNameQualifier mismatch error message
• Remove unbound version constraints on xmlseclibs
• Update dependencies
• Fix test payloads
• Remove references to OneLogin.

OneLogin's SAML PHP Toolkit v3.7.0

• #586 IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
• #585 Declare conditional return types
• Make Saml2\Auth can accept a param $spValidationOnly
• #577 Allow empty NameID value when no strict or wantNameId is false
• #570 Support X509 cert comments
• #569 Add parameter to exclude validUntil on SP Metadata XML
• #551 Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
• #487 Enable strict check on in_array method
• Make Saml2\Auth can accept a param $spValidationOnly
• Fix typos on readme.
• Add warning about Open Redirect and Reply attacks
• Add warning about the use of IdpMetadataParser class. If Metadata URLs
  are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF
• Fix test payloads
• Remove references to OneLogin.

OneLogin's SAML PHP Toolkit v2.20.0

• #586 IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
• #585 Declare conditional return types
• Make Saml2\Auth can accept a param $spValidationOnly
• #577 Allow empty NameID value when no strict or wantNameId is false
• #570 Support X509 cert comments
• #569 Add parameter to exclude validUntil on SP Metadata XML
• #551 Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
• #487 Enable strict check on in_array method
• Fix typos on readme.
• #480 Fix typo on SPNameQualifier mismatch error message
• Add $spValidationOnly param to Auth
• Update xmlseclibs (3.1.2 without AES-GCM and OAEP support)
• Add warning about Open Redirect and Reply attacks
• Add warning about the use of IdpMetadataParser class. If Metadata URLs
  are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF
• Update dependencies
• Fix test payloads
• Remove references to OneLogin.

OneLogin's SAML PHP Toolkit v4.1.0

• Add pipe through for the $spValidationOnly setting in the Auth class.

OneLogin's SAML PHP Toolkit v4.0.1

• Add compatibility with PHP 8.1
  • If null param are provided to trim or preg_match, when PHP 8.1 has deprecation errors enabled, php-saml will raise errors.

OneLogin's SAML PHP Toolkit v4.0.0

• Supports PHP 8.X, drop support PHP < 7.3

OneLogin's SAML PHP Toolkit v3.6.1

• #467 Fix bug on getSelfRoutedURLNoQuery method

OneLogin's SAML PHP Toolkit v2.19.1

• #467 Fix bug on getSelfRoutedURLNoQuery method

OneLogin's SAML PHP Toolkit v3.6.0

• Add AES128_GCM encryption on generateNameId method. New setting parameter encryption_algorithm. If you set a encryption method different than AES128_CBC then the algorithm RSA_OAEP_MGF1P will be used as well instead RSA_1_5
• PHP 8.0 support

OneLogin's SAML PHP Toolkit v3.5.1

• 3.5.0 packagist/github release due a confusion were using the master (2.X branch). I'm releasing 3.5.1 to fix this issue and go back to 3.X branch