3.9.4

3.9.4

Package updates

• Microsoft.IdentityModel updated to version 8.12.1.

Bug fix

• Updates the DefaultAuthorizationHeaderProvider to update the AcquireTokenOptions.LongRunningWebApiSessionKey after the token is acquired so that the key can be used in the next OBO call. See PR #3381 for details.

Fundamentals

• Update .NET SDK version to 9.0.107 used when building or running the code. See #3385 for details.
• Improved test coverage for managed identity flows. See #3350 for details.

What's Changed

• Add Claims and Capability Support to Managed Identity Flows by @gladjohn in #3350
• Adding fix for OBO cache key error in long running OBO with DefaultAuthorizationHeaderProvider by @trwalke in #3381
• Update global.json by @jennyf19 in #3385
• changelog 3.9.4 by @jennyf19 in #3386

Full Changelog: 3.9.3...3.9.4

3.9.3

3.9.3

Package updates

• Microsoft.IdentityModel updated to version 8.12.0.

Fundamentals

• Add .clinerules to help with AI tooling.
• Update PublicApiAnalyzers and BannedApiAnalyzers to 4.14.0 Upgraded analyzer packages for improved diagnostics and code consistency (in particular delegates are added). For details see #3379

What's Changed

• Update M.IM 8.11 by @jennyf19 in #3373
• add ai assist rules by @jennyf19 in #3376
• Update PublicApiAnalyzers and BannedApiAnalyzers to 4.14.0 by @pmaytak in #3379
• changelog 3.9.3 by @jennyf19 in #3380

Full Changelog: 3.9.2...3.9.3

3.9.2

3.9.2

Package updates

• Microsoft.IdentityModel updated to version 8.11.0.
• MSAL.NET updated to version MSAL.NET 4.72.1.

Fundamentals:

• Fix invalid comparisons in prop and csproj files. For details see #3297.

What's Changed

• Release notes and cleanup by @jmprieur in #3367
• Remove invalid comparisons by @keegan-caruso in #3368
• update to MSAL 4.72.1 by @jennyf19 in #3369
• update 3.9.2 by @jennyf19 in #3372

Full Changelog: 3.9.1...3.9.2

3.9.1

3.9.1

Package updates

• Microsoft.Identity.Abstractions updated to version 9.1.0.

Fundamentals

• Fix AoT warnings. For details see #3366.

What's Changed

• Fix AoT warnings (and update to Abstractions 9.1.0) by @jmprieur in #3366

Full Changelog: 3.9.0...3.9.1

3.9.0

3.9.0

Package updates

• Microsoft.IdentityModel updated to version 8.10.0.
• MSAL.NET updated to version MSAL.NET 4.72.0.

Bug fixes

• Fixed issue where RequiredScopeOrAppPermission extension method didn’t work with Minimal APIs. See #3323.
• Resolved IL warnings from AddDownstreamApis in NativeAOT projects. See #3355.
• Ensured AcquireTokenForConfidentialClient correctly passes MSAL exceptions. See #3345.
• Prevented null reference when accessing MergedOptions instance. See #3337.

New feature

• Added optional login_hint and domain_hint support to AccountController.SignIn endpoint. See #3244 and #3348.

Fundamentals

• Introduced Long-Term Support (LTS) policy. See #3357.
• Added tests to validate xms_cc (client capability) forwarding in CCA flows. See #3349.

External contributions

Thank you @evan-buss for your contribution and fixing the issue where RequiredScopeOrAppPermission extension method didn’t work with Minimal APIs. See #3323.
Thank you @neha-bhargava for your contribution and ensuring AcquireTokenForConfidentialClient correctly passes MSAL exceptions. See #3345.

3.8.4

3.8.4

Package updates

• Microsoft.IdentityModel updated to version 8.8.0.
• MSAL.NET updated to version MSAL.NET 4.71.0.

Bug fixes

• Fixed the issue where FmiPath was not persisted when copying/reinitializing AcquireTokenOptions. See #3336.

New feature

• Added support for Linux-friendly devcontainers. See #3333 and #3339.

Fundamentals

• Removed System.Text.Json as an explicit dependency for .NET Core targets. See #3331.

3.8.3

3.8.3

Package updates

• Updated to Microsoft.IdentityModel.* 8.8.0
• Updated to MSAL.NET 4.70.1

New feature

• TokenAcquistion.cs adds its service provider to the acquisition options. See issue #3315 for details.

3.8.2

3.8.2

• Updated to Microsoft.Identity.Abstractions 9.0.0

New feature

• An exception is now thrown if MSAL TokenCacheNotificationArgs indicates that distributed cache is configured when it should not have been. See #3304.
• Added support for federated identity credentials with AT_POP. See #3299.

3.8.1

New features

• Updated to Microsoft.IdentityModel.* 8.7.0

Bug fixes

• Pins Microsoft.Extensions.Http dependency version to 3.1.3 for .NET Framework and .NET Standard and uses inbox version for .NET Core. See #3145.

What's Changed

• Post release cleanup by @jmprieur in #3291
• update MIM by @jennyf19 in #3292
• Updates CodeQL.yaml to exclude test files by @sruke in #3294
• Make Microsoft.Extensions.Http dependency framework friendly by @ksaaf in #3296
• Update to IdentityModel 8.7.0 by @pmaytak in #3307

New Contributors

• @ksaaf made their first contribution in #3296

Full Changelog: 3.8.0...3.8.1

3.8.0

3.8.0

New feature

• Updated to Microsoft.IdentityModel.* 8.6.1
• Updated to MSAL.NET 4.69.1
• Updated the Json Schema to include extensiblity for signed assertion providers. See #3235
• Added support for Federation Identity Credential on any OIDC Idp (FIC+OIDC credential provider). See #3255
• Support for acquiring token for Federation Managed Identity (FMI). Supports the FmiPath property of AcquireTokenOptions. See #3247
• Downstream APIs now support Authorization headers with a custom SAML bearer syntax. See #3273

Bug fixes

• TokenAcquirerFactory is now thread safe. See #3274
• Fix a bug in the parsing of the token in the authority. See #3261

Fundamentals

• Removed old Blazorwasm sample, wasm-tools and added new blazor web API: #3259, #3257, #3254
• Modified the build so that, in CI/CD internal builds, the NuGet.olg NuGet source is replaced by a managed Nuget source. More verbose information added. See #3263
• Fixed CS8602 Warnings in Weather.razor (BlazorApp) – Handle Nullable forecasts and user.Identity. See #3266,

What's Changed

• Update changelog.md by @jennyf19 in #3246
• Lozensky/add fmi path by @JoshLozensky in #3247
• Lozensky/perf fix graph service client by @JoshLozensky in #3251
• M.IM 8.6.0 by @jennyf19 in #3252
• Jennyf/blazor prototype by @jennyf19 in #3254
• remove old blazor apps by @jennyf19 in #3257
• Remove step for installing wasm-tools in the build by @gladjohn in #3259
• Fix for Remove NuGet Source steps (now with enhanced logging) by @gladjohn in #3263
• Add CustomSignedAssertion to Credentials.json by @JoshLozensky in #3235
• Fix CS8602 Warnings in Weather.razor (BlazorApp) – Handle Nullable forecasts and user.Identity by @gladjohn in #3266
• Add Support for Custom Saml Bearer in HttpRequest Headers by @sthanu98 in #3273
• comment out the code coverage by @jennyf19 in #3279
• update msal to 4.69.1 by @jennyf19 in #3281
• FIC+OIDC credential provider by @jmprieur in #3255
• Update the IdWeb version number by @jmprieur in #3280
• Locking Down the TokenAcquirerFactory by @JoshLozensky in #3274
• Fix authority parsing logic by @JoshLozensky in #3261
• Update changelog.md for Id.web 3.8.0 by @jmprieur in #3285

New Contributors

• @sthanu98 made their first contribution in #3273

Full Changelog: 3.7.1...3.8.0