Skip to content
This repository has been archived by the owner on Sep 18, 2021. It is now read-only.

2.4
Compare
Choose a tag to compare
@leastprivilege leastprivilege released this 02 Feb 08:24
· 169 commits to master since this release
2.4.0
87279f6

As part of this release we had 23 issues closed.

bug fixs

  • #2476 change secret validators and parsers to IList
  • #2473 The redirect after revoking permissions seems not use public origin.
  • #2445 Wrong endpoint name in RevocationEndpointController?
  • #2363 Fix client_assertion_type handling in ClientAssertionSecretParser
  • #2172 Internal CorsPolicyProvider should take publicOrigin in consideration

new features

  • #2504 PKCE for Hybrid Flow
  • #2378 Implement Proof Key for Code Exchange
  • #2071 Always require logout confirmation (even when id token hint was passed)

enhancements

  • #2492 Implement PKCE for Hybrid Flow
  • #2477 Make IdentityServerPrincipal public
  • #2475 PKCE metadata
  • #2474 Allow for response_type values in the authorize request to come in in any order.
  • #2432 Make GetIdentityServerIssuerUri public
  • #2382 Added new service for adding custom entries to a token response
  • #2290 Add hook to allow custom response data for token requests
  • #2234 angular.min.js.map 404 not found
  • #2171 Inject middleware with PluginConfiguration
  • #2166 Add TemplateFolderPath to DefaultViewServiceOptions
  • #2148 Add interface to validate incoming identity
  • #2124 'Submit this form' page customization
  • #2036 How to redirect to login screen with error message from failed two factor authentication
  • #1838 Revalidate client allowed scopes when processing refresh tokens
  • #1145 Add frame-src to CspOptions and include in CSP header
Assets 2
Loading