This repository was archived by the owner on Dec 13, 2018. It is now read-only.
1.0.0-rc1
Pre-release
Pre-release
Features
- Need a nicer error when no authentication middleware is registered but you try to authorize (#511)
- Add Logging to Authn and Authz (#491)
- Improve error message for when AuthenticationScheme is not recognized (#466)
- When an external login (e.g. Google) is denied, how do I recognize this? (#451)
- Cookie sharing between applications (#387)
- [Cookies] Consume ITlsTokenBindingFeature (#263)
Bugs Fixed
- [Authorization] Evaluating a non-existent policy returns "false" (#514)
- Cookies: HTTP 401 always turns into 302 (#508)
- Fix OpenIdConnectTokenEndpointResponse to return the actual OpenIdConnectMessage (#501)
- resource-based AuthorizationHandler is invoked for other resource types. (#494)
- Add a RequireHttps property when migrating to Wilson beta8 (#485)
- Authorization API cleanup (#480)
- Remove Twitter.Serializers type (#479)
- OpenIdConnectOptions API cleanup (#478)
- Make OpenIdConnectBearerHandler (nee JwtBearerHandler) internal (#475)
- Rename cookie IAuthenticationSessionStore to ITicketStore (#472)
- Remove unused SubjectPublicKeyInfoAlgorithm type (#471)
- Clean up Authentication namespace's encoder/serializer types/APIs (#469)
- Change all the XyzOptions.SystemClock properties to be EditorBrowsable(Never) (#460)
- Make CookieAuthenticationDefaults and FacebookDefaults fields static readonly (#457)
- Consider requiring callback path (#455)
- Change log messages to use string literals instead of resources (#418)
- Remove log codes from log messages (#414)
- OpenIdConnectHandler.AuthenticateAsync should not throw SecurityTokenException (#351)
- Multiple OIDC handlers will get in each others way. (#348)
- Rationalize error handling (#55)