Skip to content

Releases: RockSolidKnowledge/Open.IdentityServer

Open.IdentityServer v1.0.1

Choose a tag to compare

@patchandthat patchandthat released this 25 Jun 12:59

Open.IdentityServer Release Notes

Version 1.0.1 (Nuget)

Bug Fixes

  • Fix Null Ref Exception when using CompatibilityKeyStore and the underlying storage is empty. (8cc0d4)
  • Added MaxLifetime option for keys when using CompatibilityKeyStore. Default is 90 days. Previously it was possible for expired keys to be used if they were set to not be deleted after expiry in Duende IdentityServer. (ba038a)
  • Fix audience claims not being mapped to token audiences in IdentityServerTools (90047b)

Open.IdentityServer v1.0.0

Choose a tag to compare

@patchandthat patchandthat released this 01 Jun 13:48

Open.IdentityServer Release Notes

Version 1.0.0 (Nuget)

New Features

  • Added support for resource indicators RFC 8707 (c613bd)
  • Setup persisted grant data protection (85703c)

Fixes

  • CVE-2024-39694, open redirect vulnerability fixed (6ccfbd)
  • When creating token payload, ignore custom claims used for token validation (e.g. aud, iat, etc) (3ed930)
  • Remove Nonce requirement when not asking for an ID tokens from the Auth Endpoint (375570)
  • Update custom redirect result to make return url construction similar to that of login and consent (970529)
  • Post logout in app auth validator using wrong uri list (678dd2)
  • Custom Redirect return URL callback incorrect (cb7027)
  • Fix GetAuthorizationContextAsync to return multiple query values from returnUrl (e62a27)
  • Access tokens created by during refresh tokens flows do not generate new JTI claims (ef57c3)
  • Added authorise response parameter 'iss' (cb3f87)
  • Set refresh token usage to reuse by default (00f076)

Dependency changes

  • Upgrade to dotnet 10.0 (230c70)
  • Remove dependency on AutoMapper (5db532)
  • Migrate Newtonsoft.Json To System.Text.Json (49b22d)
  • Upgraded xUnit to xUnit.v3, replace FluentAssertions with AwesomeAssertions (f6ffe5)

Compatability changes

  • Add Id to persistent grant table and use it as key (81c16d)
  • Implement full schema compatibility with Duende (3236f9)
  • Added complete set of migration scripts for IDS4 (e48e0f)
  • Added support for hex encoded persisted grant handles (46ce7d)
  • Upgrade persistent grant token models, and ensure backwards compatibility (5a0f15)
  • Added key store for compatibility with existing stores (d52e01)