Skip to content
This repository has been archived by the owner on Jul 31, 2024. It is now read-only.

4.0 Preview 5

Pre-release
Pre-release
Compare
Choose a tag to compare
@leastprivilege leastprivilege released this 18 May 12:58
4.0.0-preview.5
919c2a2
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

As part of this release we had 44 issues closed.
Next big release - after ASP.NET Core 3.1

bugs

  • #4290 Fix cnf format for MTLS
  • #4268 AddOidcStateDataFormatterCache broken with new JSON serializer
  • #4145 Error Response with invalid redirection URI on authorize endpoint
  • #4129 Fix logger category name for BackChannelLogoutHttpClient
  • #4095 Return invalid_grant when redirect_uri is invalid on token endpoint
  • #4075 Error Response with invalid redirection URI
  • #4037 Bug Fix #4036 - missing crv value when passing JsonWebKey to AddSigni…

enhancements

  • #4390 enhancements to add logout notification service as first class service
  • #4376 Features/grants enhancements
  • #4361 Extend JWT token validation to accept space separated scopes
  • #4360 Adapt JWT request validation to latest JAR spec
  • #4357 Add iat to access tokens
  • #4352 Emit jti by default
  • #4343 Add option to set SameSite mode for internal cookies
  • #4342 Add option to emit scopes as space separated string in JWT (as opposed to array)
  • #4245 Strict redirect uri validator app auth with path
  • #4237 Make aspid profile service more extensible
  • #4235 end session changes: IsActive no longer called and no longer default to a single redirect uri
  • #4234 Use non-case sensitive string for any ids
  • #4227 switch to named HTTP clients from factory (instead of typed)
  • #4226 Reduce usage of Newtonsoft.Json
  • #4210 add sid and device description to grants table
  • #4208 add support for handling multiple prompt values
  • #4204 Add API to interaction service to return error to client
  • #4203 Improve query on cors origins. #3395
  • #4202 include sid (if present) in access tokens #3955
  • #4153 private_key_jwt updates
  • #4026 Added AddUserSession extension method
  • #4024 Add JAR support
  • #4019 Add client setting to require request object
  • #3979 Added notification for device code removal
  • #3969 Make cnf part of Token model
  • #3962 MTLS Update
  • #3892 V4: Multiple signing keys
  • #3761 Add a client setting to require request objects
  • #3732 Remove unused SaveChanges APIs in EF DbContext Interfaces
  • #3692 Removed obsolete code
  • #3413 IUserSession.CreateSessionIdAsync should return sid
  • #3395 Improve query on cors origins.

breaking changes

  • #4335 Remove public origin setting
  • #4199 scope validation refactor
  • #3939 Update PKCE and Consent default settings on Client
  • #3888 Cleanup SignInAsync extension methods
  • #3887 V4: Make client claims serialization friendly
Assets 2
Loading