Skip to content
This repository has been archived by the owner on Jul 31, 2024. It is now read-only.

2.3.0
Compare
Choose a tag to compare
@leastprivilege leastprivilege released this 17 Nov 08:03
2.3.0
63a50d7

As part of this release we had 71 issues closed.
next feature release

note
The EntityFramework library contains schema changes to previous version. You need to run migrations (see here).

bugs

  • #2778 Invalid code on device flow user code page throws
  • #2752 Endpoint returns wrong WwwAuthentication header
  • #2742 Fix a typo in TokenErrorResult.cs
  • #2729 Add null check on Consent page
  • #2658 Corrected internal value for ParsedSecretTypes.JwtBearer
  • #2604 Create jwk document when signing with JsonWebKey
  • #2561 Update path to SQL scripts
  • #2533 DistributedCacheStateDataFormatter should handle failed Unprotect workflows
  • #2523 CorsService doesn't handle null for origin
  • #2504 DistributedCacheStateDataFormatter tries to unprotect null string
  • #2499 fix ??-operator priority
  • #2492 Refresh token is not redacted
  • #2446 ReturnUrl in CustomRedirectResult?
  • #2441 CloneWithScopes in ApiResource does not clone DisplayName
  • #2358 Filter identity scopes and offline_access when no explicit scopes are specificed in client credentials
  • #2336 Fix incorrect log message
  • #2251 IdentityServer might log tokens in case of error

new features

  • #2597 Add strong name
  • #2440 Add built-in support for Confirmation (cnf)

enhancements

  • #2783 Add AddPersistedGrantStore extension method for IIdentityServerBuilder
  • #2780 Document device flow
  • #2779 Document UserSsoLifetime
  • #2745 Enhance object logging
  • #2730 Unify empty string
  • #2695 Changed level from error to warn on refresh token
  • #2661 Be compatible with iOS 12 breaking changes
  • #2646 Emit more logging and errors around authentication scheme at startup
  • #2641 Support idp:local in host
  • #2617 Change: error code in TokenValidator class
  • #2611 Update secrets.rst
  • #2609 Add per-client SSO lifetime
  • #2607 Change: Made DefaultUserSession.AuthenticateAsync overrideable
  • #2593 Switch to new cake build version
  • #2582 redundant one line of code.
  • #2577 Make sure all nugets publish the repo URL
  • #2560 Consider making EndSessionRequestValidator public
  • #2554 Should SessionId Cookies be considered "Essential"
  • #2545 Make some internal types public to facilitate custom service implementations
  • #2540 resolve login/logout url, et al from named options
  • #2532 Consider resolving login url, et al from named options
  • #2525 enable default client validator by default
  • #2518 Add AsNoTracking for readonly queries
  • #2517 Add explicit FK properties in EF entities to allow EF Core DataSeeding
  • #2514 Add more strict cache control headers when softer headers are already added by HttpContext.SignInAsync
  • #2513 Make AddScriptCspHeaders and AddStyleCspHeaders public
  • #2512 Add parameters to IntrospectionRequestValidationResult - #2388
  • #2509 Update all projects
  • #2508 Move all repos to ASP.NET Core 2.1
  • #2506 add invalid uri scheme validation
  • #2489 IdentityServerAuthenticationService doesn't work well with the new dynamic/policy auth schemes in 2.1
  • #2469 EndSession class should be public?
  • #2460 Create abstractions package for Storage models and interfaces
  • #2434 Consider redirect uri scheme blocked list
  • #2402 IdentityServer4.AspNetIdentity's ProfileService readonly filelds should be protected
  • #2393 Add details to logError in TokenRequestValidator
  • #2374 Make client secret optional while parsing basic authentication secret
  • #2359 During the cleanup token process, add support for an event when token is expired.
  • #2357 Dont log SecurityTokenExpiredException as error, since it is not
  • #2353 Sign nuget packages
  • #2300 update the generated EF sql files
  • #2299 Extract JWT payload creation to extension method
  • #2298 Extension Grant flows need all the data of the request at the final build of the claims.
  • #2285 Consider more metadata for clients and resources
  • #2284 Add support for OAuth 2.0 Device Flow [WIP]
  • #2280 Client missing description while EF Client has it.
  • #2271 AdminUI Custom Database Tables
  • #2264 ClientSecret exceeds the MaxLength value
  • #2249 Consider Properties on ApiResource and IdentityResource EF models
  • #2218 GetErrorContextAsync does not always return description.
  • #2055 Consider create datetime on ClientSecret

breaking change

  • #2524 Remove obsolete constructor on DefaultCustomTokenValidator
Assets 2
Loading