Skip to content

6.6.0
Compare
Choose a tag to compare
@brentschmaltz brentschmaltz released this 26 May 16:56
· 816 commits to dev since this release
6.6.0
a9a4da0

Features

  • OpenIdConnectConfiguration supports TokenIntrospectionEndpoint information with first class properties (#1411).
  • TokenValidationParameters has user controlled validation of Algorithms and TokenType (#1413, #1385).
    • AlgorithmValidator - delegate allows users to check algorithm at runtime.
    • ValidAlgorithms - a list of algorithms that are allowed, if set will be honored.
    • TypeValidator - delegate allows users to check token type at runtime.
    • ValidTypes - a list of token types that are allowed, if set will be honored.
  • Saml tokens will use SecurityTokenDescriptor.Claims when creating tokens (#1417).
  • User can control if all possible keys should be tried to validate token (#1399.

Bug Fixes

  • All supported asymmetric algorithms are checked for key size (delegates are now called before checking if validation should occur) (#1236).
  • Null reference possible in logging (#1406)
  • JwtSecuritytokenHandler does not set token on failure (#1290)
  • Exceptions serialize data (#1300)

Click here for a full list of issues that were fixed in this release.

Assets 2
Loading