...
Once that work is done, it will be time to actually implement the current SP’s handler model within the hub in Java, which includes the support for issuing SAML requests and consuming responses, i.e., the real work the SP does. Once this is fleshed out a little, I believe that will be the point at which it will be time to start building the first “agent”, by branching the cpp-sp repository and stripping out code so that the core functionality is left behind to mediate between Apache and the hub. It would be reasonable I think to hope we can reach some kind of pre-alpha prototype stage this year that will be able to illustrate what the new SP will actually look like. It is my hope that we can get there fast enough so that people can get a decent sense of whether this is something they really would use or if they need to look at alternatives. The sooner we get there, the more time people have to plan.
On the non-SP front, about all I have to report is that work is continuing on the refactoring of the OIDC OP and the unreleased RP plugins to allow both to co-exist in the IdP by moving shared configuration into a new plugin they both will depend on. This isn’t anybody’s preferred choice, but to allow them to co-exist but be updated independently, it’s the only practical option. In the longer term, improving the plugin installation process to perhaps automate some of the issues around dependent plugins is a possibility, but we do want to be careful about over-complicating that work. The plugin model is working really well right now precisely because it’s simple and limited in scope.
The next major bit of IdP V5 work is applying an update to the latest Apache HttpClient, as we’ve been on 4.x for a long while and need to move to the later version. Impact on deployer configuration is not known yet, hopefully it will not be too extensive. That work should be landing on the main branches soon.
Notably, as a couple of people have inquired, while the main branches are generally stable, they should be viewed as early alpha at this stage and by no means a finished product. We also have not yet updated any of the plugins, so they remain pinned to the V4 branches and have not yet been branched themselves for the V5 work. Most of them will be re-released with new major versions along with V5.
In terms of schedule, I think it’s safe to say that IdP V5 is probably a fall release at the earliest, and V4 will be supported almost certainly throughout 2024, though no more feature releases are expected.