v3.2.0

News:

• Micro services can implement callbacks in the same way as front-/backends. See a demo for a micro service using this new functionality to display a UI for 2-factor authentication here. Note the changed requirements for MicroService.process() (subclasses has to call process() in the super class).
• Account linking and consent are micro services of SATOSA instead of special cases. This will require configuration upgrades, see the examples here and here respectively.
• OpenIDConnectFrontend supports multiple configured backends. It just requires a request micro services to do the custom routing to specific backends based on something in the request (perhaps the OpenID Connect 'scope' parameter?).

Fixes:

• SAMLMirrorFrontend registers a much more restrictive regular expression for matching requests.
• Pass the incoming request to request micro services, instead of clearing it before it's passed on.
• Update the consent micro service to work with the updated API of the external service.
• Include jwks_uri in the provider configuration information published by OpenIDConnectFrontend.

Improvements:

• Added tests for account linking and consent micro services.
• Make --split-{frontend,backend} option of the satosa-saml-metadata script proper flags (so they don't require an extra argument).
• Simplified config for account linking and consent now that they're micro services.
• Upgraded pyop dependency to get a fix for token error at userinfo endpoint in OpenIDConnectFrontend.