Releases: AzureAD/microsoft-authentication-library-for-dotnet
Releases · AzureAD/microsoft-authentication-library-for-dotnet
4.79.0
What's Changed
- Fix instance discovery bug 5546 by @bgavrilMS in #5549
- Managed Identity IMDSv2 and new support APIs (ResetForTest, GetSourceAsync) by @Robbie-Microsoft in #5501
- Bearer Requests should Fallback to IMDS in Preview by @gladjohn in #5562
- Updating MSAL to send client info = 2 on client credential flow by @trwalke in #5529
- Make
IMsalMtlsHttpClientFactoryinterface public by @cpp11nullptr in #5559 - Mark WithClientAssertion API as experimental by @gladjohn in #5551
- Adjust WithExtraQueryParameters APIs and cache key behavior by @Avery-Dunn in #5536
Full Changelog: 4.78.0...4.79.0
Contributors
bgavrilMS, cpp11nullptr, and 4 other contributors
Assets 2
4.78.0
4.77.1
What's Changed
- Fix prototype code to address CodeQL by @bgavrilMS in #5472
- Update CHANGELOG.md for MSAL 4.77.0 by @gladjohn in #5473
- Mark project as AOT compatible for net 8 by @neha-bhargava in #5458
- Update public api for MSAL Release 4.77.0 by @gladjohn in #5471
- Adjust issuer validation to accept differing paths by @Avery-Dunn in #5466
- Added better error message for OIDC error by @trwalke in #5433
- Remove failing test project from solution to prevent build breaks. by @MZOLN in #5481
- Fix MSB3277 “WindowsBase” conflicts in dev apps by enabling WPF build ref by @gladjohn in #5482
- Remove some flaky tests that were just an overkill by @gladjohn in #5486
- Remove dupe ropc b2c tests by @gladjohn in #5487
- Revert changes made for Http2 by @neha-bhargava in #5462
Full Changelog: 4.77.0...4.77.1
Contributors
bgavrilMS, trwalke, and 4 other contributors
Assets 2
4.77.0
Features
- Added WinUI 3 support for Desktop Broker flows. #5411
- Introduced extensibility API to allow users to add custom HTTP headers to token acquisition requests (under extensibility). #5440
Changes
- Remove passing
x-client-osas a query parameter in the authorization URI. #5456 - Bump
Microsoft.IdentityModel.Abstractionsto a supported version. #5452
Bug fixes
- Remove confusing error text as it only applies to one of many possible causes. #5467
4.76.0
What's Changed
- Removal of
ExperimentalFeaturesflag onWithMtlsProofOfPossessionAPI: by @gladjohn in #5402 - #5400 Fixing issue that leads to multiple active access tokens in the cache for non-tenanted oidc authority by @andkorsh in #5401
- Add Service Fabric token revocation support by @gladjohn in #5421
- Update NativeInterop package version to 0.19.4 by @ashok672 in #5434
- Adding WithExtraBodyParameters api by @trwalke in #5389
- Enable mTLS Proof‑of‑Possession for Client‑Assertion Delegates by @gladjohn in #5409
New Contributors
Full Changelog: 4.74.1...4.76.0
Contributors
andkorsh, trwalke, and 2 other contributors
Assets 2
4.74.1
Bug fixes
-
When you configure MSAL with WithOidcAuthority(), the library now confirms that the issuer returned by the OIDC discovery endpoint matches the expected authority (including CIAM patterns) and throws an exception if it does not. #5358
-
Re-expose public AuthenticationResult constructor. A public, test-friendly constructor of AuthenticationResult was inadvertently hidden behind [Obsolete] and [EditorBrowsable(Never)]. The constructor is now publicly available again. #5392
4.74.0
Features
- Deprecate ROPC flow in Public Client Applications #5355.
- AuthenticationResult exposes a new BindingCertificate property that returns the X.509 certificate bound to the access token in mTLS-PoP scenarios. #5370.
Bug fixes
- MSAL now honors the DEFAULT_IDENTITY_CLIENT_ID environment variable when acquiring tokens from Azure Machine Learning managed-identity endpoint. #5350.
4.73.1
What's Changed
- Deprecate AcquireTokenByIntegratedWindowsAuth API by @ashok672 in #5345
- Update native interop to 0.19.2 by @fengga in #5362
- update the deprecated openURL(:) api to openURL(:options:completionHandler) by @DharshanBJ in #5354
Full Changelog: 4.73.0...4.73.1
Contributors
DharshanBJ, fengga, and ashok672
Assets 2
4.73.0
What's Changed
- Add mac broker console app support by @fengga in #5274
- Use HTTP 2 on .NET where possible by @bgavrilMS in #5314
- Expose access token cache count by @bgavrilMS in #5330
- Add an extensibility API - WithFmiPathForClientAssertion … by @bgavrilMS in #5347
- Hide ListOperatingSystemAccounts in intellisense by @ashok672 in #5304
- Reworked retry policy functionality & Created IMDS retry policy by @Robbie-Microsoft in #5231
Full Changelog: 4.72.1...4.73.0
Contributors
bgavrilMS, fengga, and 2 other contributors
Assets 2
4.72.1
4.72.1
Bug Fixes
- Ensure instance of IMsalHttpClientFactory passed by the user is used for managed identity flows that do not require cert validation. See Issue #5286
- Fix a URL typo in the API comments. See #5277
Full Changelog: 4.72.0...4.72.1