Releases: RockSolidKnowledge/Open.IdentityServer
Releases · RockSolidKnowledge/Open.IdentityServer
Release list
Open.IdentityServer v1.0.1
Open.IdentityServer Release Notes
Version 1.0.1 (Nuget)
Bug Fixes
- Fix Null Ref Exception when using
CompatibilityKeyStoreand the underlying storage is empty. (8cc0d4) - Added
MaxLifetimeoption for keys when usingCompatibilityKeyStore. Default is 90 days. Previously it was possible for expired keys to be used if they were set to not be deleted after expiry in Duende IdentityServer. (ba038a) - Fix audience claims not being mapped to token audiences in
IdentityServerTools(90047b)
Open.IdentityServer v1.0.0
Open.IdentityServer Release Notes
Version 1.0.0 (Nuget)
New Features
- Added support for resource indicators RFC 8707 (c613bd)
- Setup persisted grant data protection (85703c)
Fixes
- CVE-2024-39694, open redirect vulnerability fixed (6ccfbd)
- When creating token payload, ignore custom claims used for token validation (e.g. aud, iat, etc) (3ed930)
- Remove Nonce requirement when not asking for an ID tokens from the Auth Endpoint (375570)
- Update custom redirect result to make return url construction similar to that of login and consent (970529)
- Post logout in app auth validator using wrong uri list (678dd2)
- Custom Redirect return URL callback incorrect (cb7027)
- Fix GetAuthorizationContextAsync to return multiple query values from returnUrl (e62a27)
- Access tokens created by during refresh tokens flows do not generate new JTI claims (ef57c3)
- Added authorise response parameter 'iss' (cb3f87)
- Set refresh token usage to reuse by default (00f076)
Dependency changes
- Upgrade to dotnet 10.0 (230c70)
- Remove dependency on AutoMapper (5db532)
- Migrate Newtonsoft.Json To System.Text.Json (49b22d)
- Upgraded xUnit to xUnit.v3, replace FluentAssertions with AwesomeAssertions (f6ffe5)
Compatability changes
- Add Id to persistent grant table and use it as key (81c16d)
- Implement full schema compatibility with Duende (3236f9)
- Added complete set of migration scripts for IDS4 (e48e0f)
- Added support for hex encoded persisted grant handles (46ce7d)
- Upgrade persistent grant token models, and ensure backwards compatibility (5a0f15)
- Added key store for compatibility with existing stores (d52e01)