appointment-reminders-csharp
appointment-reminders-csharp copied to clipboard
Bump Microsoft.IdentityModel.Tokens from 6.8.0 to 6.32.1 in /AppointmentReminders.Web
Bumps Microsoft.IdentityModel.Tokens from 6.8.0 to 6.32.1.
Release notes
Sourced from Microsoft.IdentityModel.Tokens's releases.
6.32.1
- Fix thread safety for JsonClaimSet Claims and JsonWebToken Audiences. See AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2185 for details.
6.32.0
New features:
- Adding an AAD specific signing key issuer validator. See issue #2134 for details.
- Better support for WsFederation (#2100)
Bug fixes
- Address perf regression introduced in 6.31.0 (#2131)
6.31.0
This release contains work from the following PRs and commits:
- Introduce ConfigurationValidationException(#2076)
- Disarm security artifacts(#2064)
- Throw SecurityTokenMalformedTokenException on malformed tokens(#2080)
- Add ClaimsMapping to JsonWebTokenHandler https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/commit/8e7f07e859629a850e375518fcce2b6057380721
6.30.1
This release contains work from the following PRs:
- Modified token validation to be async throughout the call graph #2075
- Enforce key sizes when creating HMAC #2072
- Fix AotCompatibilityTests #2066
- Use up-to-date "now", in case take long time to get Metadata #2063
This release addresses #1743 and, as such, going forward if the SymmetricKey is smaller than the required size for HMAC IdentityModel will throw an ArgumentOutOfRangeException which is the same exception when the SymmetricKey is smaller than the minimum key size for encryption.
6.30.0
Beginning in release 6.28.0 the library stopped throwing SecurityTokenUnableToValidateException. This version (6.30.0) marks the exception type as obsolete to make this change more discoverable. Not including it in the release notes explicitly for 6.28.0 was a mistake. This exception type will be removed completely in the next few months as the team moves towards a major version bump. More information on how to replace the usage going forward can be found here: https://aka.ms/SecurityTokenUnableToValidateException
Indicate that a SecurityTokenDescriptor can create JWS or JWE AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2055 Specify 'UTC' in log messages https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/commit/ceb10b10ad2edb97217e263915d407da1d957e03 Fix order of log messages https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/commit/05eeeb513e66a4236ae519ef9304bf2b6f26766f
Fixed issues with matching Jwt.Kid with a X509SecurityKey.x5t AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2057 AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2061
Marked Exception that is no longer used as obsolete AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2060
Added support for AesGcm on .NET 6.0 or higher https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/commit/85fa86af743e2b1a0078a9ecd956f34ee703acfc
First round of triming analysis preperation for AOT
... (truncated)
Changelog
Sourced from Microsoft.IdentityModel.Tokens's changelog.
6.32.1
Bug fixes:
- Fix thread safety for
JsonClaimSet
Claims andJsonWebToken
Audiences. See #2185 for details.6.32.0
New features:
- Adding an AAD specific signing key issuer validator. See issue #2134 for details.
- Better support for WsFederation. See PR for details.
Bug fixes
- Address perf regression introduced in 6.31.0. See PR for details.
6.31.0
This release contains work from the following PRs and commits:
- Introduce ConfigurationValidationException(#2076)
- Disarm security artifacts(#2064)
- Throw SecurityTokenMalformedTokenException on malformed tokens(#2080)
- Add ClaimsMapping to JsonWebTokenHandler
6.30.1
This release contains work from the following PRs:
- Modified token validation to be async throughout the call graph #2075
- Enforce key sizes when creating HMAC #2072
- Fix AotCompatibilityTests #2066
- Use up-to-date "now", in case take long time to get Metadata #2063
This release addresses #1743 and, as such, going forward if the SymmetricKey is smaller than the required size for HMAC IdentityModel will throw an ArgumentOutOfRangeException which is the same exception when the SymmetricKey is smaller than the minimum key size for encryption.
6.30.0
Beginning in release 6.28.0 the library stopped throwing SecurityTokenUnableToValidateException. This version (6.30.0) marks the exception type as obsolete to make this change more discoverable. Not including it in the release notes explicitly for 6.28.0 was a mistake. This exception type will be removed completely in the next few months as the team moves towards a major version bump. More information on how to replace the usage going forward can be found here: https://aka.ms/SecurityTokenUnableToValidateException
Indicate that a SecurityTokenDescriptor can create JWS or JWE AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2055 Specify 'UTC' in log messages https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/commit/ceb10b10ad2edb97217e263915d407da1d957e03 Fix order of log messages https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/commit/05eeeb513e66a4236ae519ef9304bf2b6f26766f
Fixed issues with matching Jwt.Kid with a X509SecurityKey.x5t AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2057 AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2061
Marked Exception that is no longer used as obsolete AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2060
... (truncated)
Commits
e1c6c2a
update 6.32.1 changelog (#2187)0e2d8a6
Better thread safety for JsonClaimSet Claims and JsonWebToken Audiences (#2185)286d780
Create codeql-analysis.yml file (#2151)d75574c
Update version after release (#2144)7583c0b
changelog for 6.32 release (#2138)8f00ee2
Introduces AadSigningKeyIssuerValidation check (#2136)2030afc
add changelogs from 6.27 to current release (#2137)f7edc77
Possible fixes to address perf issue in 6.31 (#2131)23808d5
(feature): Add ActiveTokenEndpoint to WsFederationConfiguration (#2100)5068c6e
Fix RFC link (#2114)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)