8.2.0
8.2.0
Fundamentals
- Update System.Text.Json to 8.0.5 CVE-2024-43485. See 2892.
- Using FixedTimeEquals in NETCore targets. See 2857.
- Updated .NET 9 to RC 2 2898.
- Adds ability to create token without kid 2968
- Enables code coverage in PRs 2946
- Various test improvements:
- #2953
- #2955
- #2951
- #2952
- #2947
Work related to redesign of IdentityModel's token validation logic #2711
- Validates Audience for SAML2TokenHandler with New Model 2863
- Improvements to AudienceValidation 2902
- Added properties to ValidationResult 2923
- Implements Audience and Lifetime validations in SamlSecurityTokenHandler 2925
- Implements Issuer validation in SamlSecurityTokenHandler 2948
What's Changed
- update to next version by @jennyf19 in #2890
- Use FixedTimeEquals in NETCore targets by @westin-m in #2857
- Update System.Text.Json to 8.0.5 CVE-2024-43485 by @msbw2 in #2892
- Update .NET 9 to RC 2 by @msbw2 in #2898
- Validate Audience for SAML2TokenHandler with New Model by @FuPingFranco in #2863
- Regression tests: Issuer by @iNinja in #2868
- Mark Wilson APIs as Shipped by @westin-m in #2903
- Add Tests for Lifetime Validation Using New Validation Model For SAML2 by @FuPingFranco in #2906
- Suggested changes to AudienceValidation by @brentschmaltz in #2902
- Extensibility tests: Audience by @iNinja in #2861
- Added properties to ValidationResult without throwing by @iNinja in #2923
- Extensibility tests: Lifetime by @iNinja in #2867
- Regression tests: Issuer signing key by @iNinja in #2927
- Do not serialize CaseSensitiveClaimsIdentity.SecurityToken. by @pmaytak in #2896
- Fix typo by @westin-m in #2894
- Implement and Test Audience and Lifetime validations in SamlSecurityTokenHandler with New Validation Model by @FuPingFranco in #2925
- Fix Flaky Tests: NameAndRoleClaimDelegates and RoleClaims by @kellyyangsong in #2873
- Regression tests: Signature by @iNinja in #2930
- Validate Issuer Using New Validation Model in Saml2SecurityTokenHandler by @FuPingFranco in #2929
- Fix builds on macOS / Linux using the build.sh script by @filipnavara in #2937
- Regression tests: Algorithm by @iNinja in #2934
- Regression tests: Token Type by @iNinja in #2932
- Regression tests: Token Replay by @iNinja in #2931
- Fix DevEx and IDDP builds such that when building internally, use an internal Nuget feed instead of nuget.org by @kellyyangsong in #2936
- Restore PopKeyResolvingTests.GetPopKeysFromJkuAsync by @kellyyangsong in #2947
- Restore skipped test: ReferenceCountingTest_MultiThreaded by @kellyyangsong in #2952
- Restore EnsureAotCompatibility test by @kellyyangsong in #2951
- Restore CacheOverflowTestSequential - takes 1.5s by @kellyyangsong in #2955
- Restore CacheOverflowTestMultithreaded test by @kellyyangsong in #2953
- Regression tests: JWE Decryption by @iNinja in #2940
- Enable coverage report in PRs by @westin-m in #2946
- SAML new model validation: Issuer by @iNinja in #2948
- Fix flaky EnsureAotCompatibility() test by @iNinja in #2962
- Add ability to create token without kid by @jennyf19 in #2968
- Adds changelog for 8.2.0 by @sruke in #2971
- Add Ask Mode Change Template by @kellyyangsong in #2941
- SAML new model validation: Signature by @iNinja in #2958
New Contributors
- @filipnavara made their first contribution in #2937
Full Changelog: 8.1.2...8.2.0
Contributors
iNinja, filipnavara, and 8 other contributors