Releases: AzureAD/microsoft-authentication-library-for-dotnet
4.28
4.28.0
New Features:
Updated token cache related telemetry. See issue #2406 for details.
Added support for WebView2. See issue #1398 and WebView2 wiki for details.
Added the ability to set a window title of a WebView2 window. See issue #2397 for details.
Added support for specifying a custom fixed version of WebView2 runtime. See issue #2446 for details.
Added helper methods for desktop apps. See issue #2459 for details.
Added refresh_in logic to On-Behalf-Of flows as was the other flows, to improve resilence. See issue #2389 for details.
Stopped using reflection to deserialize JSON to improve Unity apps built for UWP. See issue #2343 and Troubleshooting Unity for details.
Enhancements:
Added additional logging when the cache is not serialized in confidential client apps to help choosing the right token cache serialization. See issue #2461 and Token cache serialization for details.
GetAccountsAsync() is now obsolete in confidential client apps as confidential client applications need to have one cache per account. Use GetAccountAsync(string). See issue #1967 for details.
Bug Fixes:
Fixed System.InvalidOperationException when calling GetAccountAsync in a Xamarin Android app. See issue #2434 for details.
Fixed a bug when a WAM account picker window was not correctly parented to windows. See issue #2469 for details.
Fixed the behavior of WithAuthority(string) to correctly parse an authority string. See #2412 for details.
Improved .NET 5 support for older versions of Windows. See issue #2445 for details.
Added MSAL.NET assembly to rd.xml to enable MSAL.NET to work in optimized UWP apps. See issue #1617 for details.
Fundamentals:
Added additional code analyzers. See issue #2419 for details.
Improved documentation to support Android 11. See Xamarin Android 11 docs.
4.27.0
4.26.0
4.26.0
New Features:
MSAL.NET now has support for MSA-passthrough with WAM, See issue #2126.
MSAL.NET now logs telemetry for the cache refresh status, See issue #2356.
MSAL.NET now uses ClientID+tenantID instead of just ClientId in the computation of the SuggestedCacheKey for AcquireTokenForClient (client credentials). This helps keeping the cache smaller in multi-tenant confidential client applications., See issue#2381.
Bug Fixes:
Fixed ArgumentNullException and improved resiliency when using RSACryptoServiceProvider on NetCore and NetStandard See issues #2342.
Removed "Unresolved P/Invoke" warning from UWP, See issue #2367.
Fixed issue where PKEY auth would fail if WithExtraQueryParams were used, See issue #2359.
4.25.0
4.25.0
New Features:
MSAL.NET now advertises PKAuth support only on supported platforms. See issues #1849, #2302 for details.
Added support for embedded view for .NET 5.0 projects. See issue #2310 for details.
Improved handling of broker's power optimization exception in Xamarin Android. See issue #2144 for details.
Added an ability to disable legacy ADAL cache with WithLegacyCacheCompatibility(false). See issue #1770 for details.
WithClientAssertion allows specifying a delegate to set the assertions. See issue #2184 for details.
Bug Fixes:
Account is not longer deleted from the MSAL cache when a bad_token response is received from the authentication server. See issue #2294 for details.
Minimum UWP target supported is now 10.0.0.0. See issue #2330 for details.
Fixed ArgumentNullException and improved resiliency when using RSACryptoServiceProvider. See issue #2189 for details.
Honoring a provided localhost redirect URI in WithRedirectUri. See issue #2167 for details.
Experimental Features:
WithPreferredAzureRegion allows specifying an option to fallback to global endpoint if the region lookup fails. See issue #2287 for details.
WithPreferredAzureRegion allows specifying a region to use. See issue #2259 for details.
Optimized IMDS calling logic during regional lookup. See issue #2177 for details.
WAM is enabled on net5.0-windows10.0.17763.0. See issue #2274 for details.
Experimental Features (Bug Fixes):
Regional lookup now correctly uses a global endpoint when WithPreferredAzureRegion is set to false after the initial lookup was done with a regional endpoint. See issue #2260 for details.
WAM can now be used in console apps. See issue #2196 for details.
WAM support is moved to a separate package, Microsoft.Identity.Client.Desktop, which fixes dependency issues during build. See issues #2299, #2300, #2247 for details.
In WAM, account picker is now correctly not used when AcquireTokenInteractive is called with the default OS account. See issue #2246 for details.
Fundamentals:
Added cache compatibility tests for MSAL.Node. See issue #2158 for details.
4.24.0
Fundamentals:
AcquireTokenForClient and AcquireTokenSilent have improved performance, especially for large token caches. See issue #2204 for details.
** TokenCache notifications are not fired when the TokenCache is not serialized by developers, improving performance of all APIs utilising the token cache **
MSAL .NET now logs to telemetry if the token cache is serialized. See issue #2185 for details.
Cleaner Intellisense. See issue #2263 for details.
Bug Fixes:
MSAL .NET will not force the user to enter their credentials when logging-in with WAM. See issue #2233 for details.
MSAL .NET now throws an actionable error message when ROPC is attempted with MSA accounts. See issue #2169 for details.
MSAL .NET now supports WithForceRefresh as part of the AcquireTokenOnBehalfOfParameterBuilder. See issue #2232 for details.
Fix PlatformNotSupportedException in MacOS. See issue #2251 for details.
4.23
4.23.0
New Features:
MSAL .NET no longer includes the ref assemblies, which are unsupported by older tools and custom build systems. See issue #2100 for details.
Experimental Features:
https://aka.ms/msal-net-experimental-features
Windows Account Manager (WAM) is now available on .NET classic. See issue #2181 for details and #2182, which includes a new static OperatingSystemAccount property on the PublicClientApplication to use the user signed-in on the Windows machine. More information here: https://aka.ms/msal-net-wam.
Proof of Possession (Signed HTTP Request) for confidential clients now support key management. See issue #2013 and https://aka.ms/msal-net-pop for details.
Proof of Possession (Signed HTTP Request) has been removed for public clients.
MSAL .NET includes a fallback in case calling the local instance metadata service fails due to an unsupported version. See issue #2055 for details.
MSAL .NET now sends the source of region discovery in the telemetry. See issue #2166 for details.
Bug Fixes:
MSAL .NET now sends no prompt value by default when doing interactive login with iOS and Android brokers. See issue #2133 for details.
MSAL .NET now includes more logging around Android broker to assist with troubleshooting. The new log information is available as PII logs. See issue #2151 for details.
Due to changes with the v3 B2C responses, MSAL was crashing due to a new unexpected error code format. MSAL .NET now sanitizes the error codes for HTTP header transport. See issue #1881 for details.
MSAL .NET now throws MsalUiRequiredException for more error codes coming from the Android broker. See issue #2140 for details.
On iOS, the SSO extension makes background requests, and the NSUrlConnection HttpClient cancels requests when the app moves to the background. MSAL .NET now sets the BypassBackgroundSessionCheck to false. See issue #2164 for details.
Fix badly named header on WsTrust. See issue #2193 for details.
4.22.0
New feature
Enable WAM integration on the UWP target, experimentally. To provide feedback, please open an issue. For details see https://aka.ms/msal-net-wam
4.21.1
4.21.1
Bug fixes:
Fix the URI for IMDS call to detect region. This fixes the typo in URI for local IMDS call which is made to detect the region for regional auth.
4.21.0
4.21.0
Bug fixes:
**Add new constructors for AuthenticationResult for backwards compatibility purposes **. This fixes an API breaking change introduced in MSAL 4.17 where a new param was added to the AuthenticationResult constructor without a default value and swapping the last two parameters. This fix ensures compatibility both with MSAL 4.16.x and before, and with MSAL 4.17 until 4.20.1
4.20.0
4.20
New Features
MSAL now expose the configured certificate on Confidential Client Application This helps manage multiple instances of Confidential Client Application.
Experimental WAM intergration on Windows for .NET classic, .NET core and UWP See https://aka.ms/msal-net-wam
Bug Fixes
Fix AcquireTokenByIntegratedWindowsAuthentication on .NET core Reverted the HTTP client used on .NET core as it was not possible to use default authentication which is needed for WS-trust. See issue #1988
MSAL correctly returns errors when using Android broker - see issue #2062
Fix 2 problems with returning the status codes and exceptions when using Android broker .See issues #2062 and #2078
Throw a better error when some Facebook accounts cause MSAL to throw a state mismatch exception See issue 1872 for details
MSAL now migrates the ADAL cache for multi-tenant scenarios See issue #2090