6.10.2

Removed name entry from claim type mapping #1629

6.10.1

Enhancements and Features

#1626 - Change base type of SecurityTokenUnableToValidateException

6.10.0

Enhancements and Features

• #1621 Change default values for DefaultAutomaticRefreshInterval and DefaultRefreshInterval
• #1615 Add SecurityTokenUnableToValidateException
• #1620 Reduce copies in URL encoder

6.9.0

Bug fixes

• Removed calls to overridable methods in constructors (#1549).
• Modified AuthenticationProtocolMessage to use CSP 'unsafe-eval' compliant default value for _script (#1565).
• SecurityTokenNoExpirationException 'IDX10225' is now thrown if a token is missing an 'nbf' or 'exp' claim (#1582).

Enhancements and features

• Made the 'x5c' property available on the JwtHeader (#1543).
• Added ClaimTypeMapping for 'name' claim (#1545).
• Added a net472 desktop target (#1552).
• Added 'phone_number' and 'phone_number_verified' standard claims to JwtRegisteredClaimNames (#1559).
• Added RSACng support for encryption / decryption (#1579).
• Added an EventBasedLRUCache for use by InMemoryCryptoProviderCache on the .NET desktop targets (#1605). See here for more details.

6.8.0

Bug fixes

• Resolve encryption key when Kid is not present in token #1511
• Objects overriding GetHashCode also override Equals #1536

Enhancements and features

• Improve empty audience error message #1488
• Enveloped Signature Writer should be able to determine the Digest algorithm from signing algorithm #1508
• Add Claims and PropertyBag properties to TokenValidationResult #1514
• Throw SecurityTokenSignatureValidationFailedException when none of the provided keys verify the signature #1515
• Add message for all keys were not supported #1520
• Add TokenType to SecurityTokenDescriptor. #1522
• Remove locks in SignatureProviders #1535

6.7.1

Reverted Saml2AuthenticationContext to previous behavior (< v6.7.0) where IsAbsoluteUri check is done only when DeclarationReference is not null (#1480).

6.7.0

Features

• Adjusted SignedHttpRequest logic to control optional validation of claims.
• Added Microsoft.CodeAnaylsis.FxCopAnalyzers to validate code.
• Added SecurityKey.IsSupportedAlgorithm API to check if a SecurityKey / Algorithm is supported.

Bug Fixes

• SamlSerializer fails to validate token using an XmlReader created from a XDocument.
• Null reference possible in logging when using the IDX13300 and IDX13107 log messages.
• When creating a TokenValidationResult and setting the Exception property, ensure IsValid is set to false.
• Use CultureInvariant when parsing double values.

Pull Requests click here.

Bug fixes click here.

6.6.0

Features

• OpenIdConnectConfiguration supports TokenIntrospectionEndpoint information with first class properties (#1411).
• TokenValidationParameters has user controlled validation of Algorithms and TokenType (#1413, #1385).
  • AlgorithmValidator - delegate allows users to check algorithm at runtime.
  • ValidAlgorithms - a list of algorithms that are allowed, if set will be honored.
  • TypeValidator - delegate allows users to check token type at runtime.
  • ValidTypes - a list of token types that are allowed, if set will be honored.
• Saml tokens will use SecurityTokenDescriptor.Claims when creating tokens (#1417).
• User can control if all possible keys should be tried to validate token (#1399.

Bug Fixes

• All supported asymmetric algorithms are checked for key size (delegates are now called before checking if validation should occur) (#1236).
• Null reference possible in logging (#1406)
• JwtSecuritytokenHandler does not set token on failure (#1290)
• Exceptions serialize data (#1300)

Click here for a full list of issues that were fixed in this release.

6.5.1

Simple servicing release with two fixes.
#1379

Turn off JsonHeader caching as there was no upper bound.

6.5.0

Features

• Support for the SignedHttpRequest protocol has been added (#1260). See this wiki page for more information.

Bug Fixes

• Validator delegates are now called before checking if validation should occur (#1272).
• SecurityKey.InternalId and SignatureProvider caching logic has been changed (#1346).
• JWT segment counting bug in the JsonWebToken constructor has been fixed (#1299).
• Various documentation and code improvements have been made (#1186, #1342).

Target Changes

• netstandard1.4 has been removed (#1321).
• net451 desktop target has been removed (#1332).

Breaking changes from 5.6.0:

• The OpenIdConnectMessage(JObject json) constructor was removed and has been replaced with OpenIdConnectMessage(object json).
• TokenValidationResult has been moved from Microsoft.IdentityModel.JsonWebTokens to Microsoft.IdentityModel.Tokens.
• The JsonWebKeySet(string json, JsonSerializerSettings jsonSerializerSettings) constructor has been removed.

Click here for a full list of issues that were fixed in this release.