Releases · DuendeSoftware/IdentityServer

#235 delay filesystem access until needed for automatic key management
#220 Always allow explicit error responses from authorize request
#200 move consent message store loading to after request validation
#194 use SetClient rather than setting Client property directly in end session validator

enhancements

#209 Allow full host name to be included in OidcReturnUrlParser's IsValidReturnUrl
#197 add support for user tenant check in authorize interaction response generator against acr tenant value
#193 Prefer explicitly registered signing keys over automatic key management keys
#192 Open up DefaultCache for derived implementations
#188 Support for dynamic OIDC authentication schemes

internals

#236 log issuers and client ids when license validation fails
#223 Allow identity providers table to store additional data
#167 Set license defaults for business and enterprise ISV editions

Assets 2

06 May 15:53

leastprivilege

5.2.0-preview.2

74be692

5.2 Preview 2 Pre-release

Pre-release

As part of this release we had 14 issues closed.

bugs

#220 Always allow explicit error responses from authorize request
#200 move consent message store loading to after request validation
#194 use SetClient rather than setting Client property directly in end session validator

enhancements

#209 Allow full host name to be included in OidcReturnUrlParser's IsValidReturnUrl
#197 add support for user tenant check in authorize interaction response generator against acr tenant value
#193 Prefer explicitly registered signing keys over automatic key management keys
#192 Open up DefaultCache for derived implementations
#188 Support for dynamic OIDC authentication schemes
#164 Open up DefaultCache for derived implementations

internals

#223 Allow identity providers table to store additional data
#167 Set license defaults for business and enterprise ISV editions

Assets 2

05 May 11:26

leastprivilege

5.2.0-preview.1

6a86b06

5.2.0 Preview 1 Pre-release

Pre-release

As part of this release we had 12 issues closed.

bugs

#200 move consent message store loading to after request validation
#194 use SetClient rather than setting Client property directly in end session validator

enhancements

#209 Allow full host name to be included in OidcReturnUrlParser's IsValidReturnUrl
#197 add support for user tenant check in authorize interaction response generator against acr tenant value
#193 Prefer explicitly registered signing keys over automatic key management keys
#192 Open up DefaultCache for derived implementations
#188 Support for dynamic OIDC authentication schemes
#164 Open up DefaultCache for derived implementations

internal

#167 Set license defaults for business and enterprise ISV editions

Assets 2

19 Apr 14:02

leastprivilege

5.1.1

0ab6a2f

5.1.1

As part of this release we had 1 issue closed.

bug

#201 move consent message store loading to after request validation

Assets 2

25 Mar 09:31

leastprivilege

5.1.0

5f94a2a

5.1

As part of this release we had 8 issues closed.

bugs

#142 Fix GetAuthorizationContextAsync to return multiple query values from returnUrl
#140 Fix CustomRedirectResult to use IAuthorizationParametersMessageStore if registered

enhancements

#159 HtmlEncode iframe URLs in EndSessionCallbackResult
#143 Add ISV flag and update license key validation
#136 optimize URLs for JWT request/request URI scenarios
#135 Preserve user session when same user re-authenticating
#95 add ApiResources to consent screen
#84 add feature to cleanup consumed tokens

Assets 2

02 Mar 18:30

leastprivilege

5.0.5

20210c5

5.0.5

As part of this release we had 2 issues closed.

enhancements

#127 Preserve request objects based on request objects URI
#118 Replace JwtSecurityTokenHandler with JsonWebTokenHandler
- this introduces a small breaking change. The RequestObjectValues collection on ValidatedAuthorizeRequest and AuthorizeContext is now a List<Claim>