Release Notes – InAcademia

Slide

Release SVS 4.4.0 (10th August 2023)

Introduces support for SATOSA 8.4.0
User consent screen translated to the Finnish language
Minor bug fixes and logging enhancements

Release SVS 4.1.0 (7th March 2023)

Introduces support for SATOSA 8.2.0
Deprecates ‘idp_hint’ parameter (aarc_idp_hint parameter introduced in 2022)
Updates to InAcademia branding at Consent Handler
Additional logging improvements
Introduces the new InAcademia brand

Release SVS 4.0.1 (5th January 2023)

Removes support for sha1-hash based IdP Hinting
Additional minor bug fixes

Release SVS 4.0.0 (22nd August 2022)

Adds support for Authorization Code Grant. Implicit flow will continue to be supported, until end of 2023 or until the IETF OAuth Working Group specifies removal from Best Practice (whichever is sooner). Further information can be found in our Implementation Guidelines. Requires no changes to merchant workflows unless the merchant wishes to use this flow. Please contact us if you would like to update your workflow from Implicit to Authorization Code Grant.
Adds support for SATOSA 8.1.1
Scope now returned in the id_token

Release SVS 3.3.0 (9th May 2022)

Adds support for aarc_idp_hint parameter, requiring expression of IdP Hints using URL-encoded entityIDs. Note that support for the idp_hint claim and idp_hint parameter are now scheduled for deprecation and will be removed from support in August 2022.
IdP Hint of the requested IdP will be returned in the id_token by default when expressed using either the idp_hint or aarc_idp_hint parameter.
Add support for pysaml2 v7.1.1
Further enhancements to internal logging and debugging capabilities.

Release SVS 3.2.0 (31st January 2022)

Support for SATOSA v8.0.0
Language at consent will be pre-set based on the user’s locale.
Further enhancements to internal logging and debugging capabilities.

Release SVS 3.1.2 (17th November 2021)

User consent screen has been re-designed for optimised for mobile device responsiveness:
- Action buttons shuffle above the narrative on mobile screens (e.g. portrait view iPhone X, iPhone 6/7/8 Plus, iPhone 5/SE, Galaxy S5, Galaxy S9)
- Merchant logo is removed on very small mobile screens in portrait view (but remains on landscape view)
- This is designed to ensure that users are presented with the most vital pieces of information and are explicitly aware that action is required to proceed.
Handle users that click ‘OK, accept’ multiple times at consent.
Further logging and debugging enhancements.

Release SVS 3.1.1 (5th November 2021)

User consent screen translated to Turkish
User consent screen translated to Czech

Release SVS 3.1.0 (29th October 2021)

User consent screen re-designed to present high-level description and affiliation to be verified before an expandable detailed information section.
Improved handling of ‘state lost’ at consent: users that click back after indicating deny/accept consent will now be directed to https://inacademia.org/error-transaction-already-completed/ and encouraged to return to the merchant’s website.
Any uncaught exceptions will now be directed to: https://inacademia.org/unknown-error/ which encourages the user to return to the merchant’s website.
Further enhancements to internal logging and debugging capabilities.

Release SVS 3.0.0 (25th August 2021)

Support for SaToSa v7.0.3
User consent screen translated to Italian and Swedish
Adds support for subject_id (refer to reuse_detection feature released in v2.8.0)
Improved handling of ‘state lost’ at consent.
User consent screen now presents only the claims to be validated, not all claims received.
Further enhancements to internal logging and debugging capabilities.

Release SVS 2.8.0 (28th June 2021)

Updates existing error handling in the event
- that an invalid or mismatching redirect_uri is received or if the redirect_uri is missing
- an invalid client_id is received or if the client_id is missing
- an invalid scope is received
- an invalid or unsupported response_type is received or if the response_type is missing
Introduces the new ‘reuse detection’ feature alongside support for pairwise_id
Now supports affiliations returned in uppercase format
Consent screen now supports French language snd presents only the affiliations to be validated for the merchant
Further enhancements to internal logging, monitoring and debugging capabilities

Release SVS 2.7.0 (25th February 2021)

Improves error handling in the event that an unsupported claim is received
Introduces error handling in the event that a claim in an unsupported format is received
Introduces handling for an entityID error.
Further enhancements to internal logging, monitoring and debugging capabilities

IdP_hinting (16th February 2021)

Fixes for UTF-8 encoding in IdP_hinting

Release SVS 2.6.1 (25th January 2021)

Incorporates PySAML2 version 6.5.1

Release SVS 2.6.0 (14th December 2020)

Implemented enhancements to specified error flows
Minor update to consent details
Further enhancements to internal logging, monitoring and debugging capabilities

Release SVS 2.5.0 (30th November 2020)

Implemented new ‘Assert idp_hint’ feature
Enabled new ‘Attribute override’ feature
Implemented enhancements to specified error flows

Release SVS 2.4.0

Fixed issue with alias micro service in case the alias was not directing to a known resource
Improved error message in case a request was made for a claim that is not allowed
Updated consent screen and associated translations
Updated service OIDC metadata .wellknown endpoint to better reflect supported configuration(s)
Improved SAML support by accepting both signed assertions or signed responses
Support for ‘affiliate’ verification removed

Release 2.3.1

Adds dependencies to resolve interoperability with Shibboleth 4.0 IdP providing enhanced support for Shibboleth v4 encryption profiles
Improves logging of user flow
Localizes all js and css dependencies for consent screen.

Release SVS 2.2.0

Resolves XSS vulnerability issue
Resolves CVE-2020-5390 vulnerability in pySAML
Applied fix to id persistence when restarting InAcademia
Various minor changes to fix dependency breakage

Updated dependencies:

Updated pyOP to 2.0.8
Updated pySAML2 to 5.0.0

InAcademia Release 2.0

Based on feedback from our pilot partners we have improved the features of the InAcademia service. In addition some issues were fixed.

We consolidated our SAML backend to one and for better interaction with institutions.
We support discovery hinting
We support redirect to a custom error page when the IdP doesn’t release necessary attributes.
We improved support for affiliation attribute handling.
We have improved support for getting the domain claim.
We have improved support for generating persistent pairwise sub.
We support generating transient pairwise sub even if we don’t get one from the institution.
We support Identity Provider blacklisting.
We support offloading audit logs to a log server for statistics.
We have a new UI for the consent screen.
We have improved error messages and handling.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.