Changelog
All notable changes to Dangl.Identity.Client are documented here.
v6.0.0:
- The
DanglIdentityAppTokenHandler
class is now available in the Dangl.Identity.Client.App package - The
DanglIdentityServerTokenHandler
class is now available in the Dangl.Identity.Client package - Fixed a bug where the provided
IAccoundDelegatedClient
in the Dangl.Identity.Client.Mvc package did not correctly use authentication when interacting with Dangl.Identity - The Dangl.Identity packages were updated to version 6
v5.0.1:
- The Dangl.Identity.Client libraries are now all published to public NuGet and MyGet feeds
v5.0.0
- Update to .NET 7 & latest Dangl.Identity dependencies
v4.1.3:
- The lifecycle management in the Angular client was updated to correctly complete and unsubscribe from all subscriptions
- Fixed a bug in the
DanglIdentityUserInfoUpdater
that caused exceptions when new users were created from JWT tokens concurrently
v4.1.2:
- The Angular client was updated to use any Angular version at v14 or upwards
v4.1.1:
- The Angular client was updated to Angular v14
v4.1.0:
- The client libraries and tests were updated to .NET 6 and Dangl.Identity dependencies were updated to v4.2
v4.0.1:
- Updated the frontend dependency to Angular v13
v4.0.0:
- All packages were updated to Dangl.Identity v4 and to .NET 5
- Support for fallback uris for Dangl.Identity has been removed. This was rarely used in practice, and makes integrations in clients easier
v3.4.0:
- The Angular package was upgraded to Angular v12
- The
DanglIdentityServerConfiguration.HttpMessageHandlerFactory
will now no longer default to anAction
that returnsnull
but will itself be set tonull
for new instances - The .NET client now uses
System.Text.Json
internally instead ofNewtonsoft.Json
for Json serialization - Added
IDanglIdentityRequestValidator
to Angular client to allow developers to control for which requests authorization tokens are included
v3.3.0:
DanglIdentityAuthenticationExtensions.UseDanglIdentityJwtTokenAuthentication
now optionally supports to accept access tokens via query parameters, e.g. for usage in SignalRDanglIdentityServerConfiguration.JwtBearerOptionsConfig
was added as a way to customize theAddJwtBearer
configuration
v3.2.5
- Bugfix in the Angular library where a subscription to the token refresh event did not end after the first event
v3.2.4:
- The
DanglIdentityAuthenticationExtensions
will now log the id of the client used for JWT logins - The
DanglIdentityServerConfiguration
class now has theAllowInsecureJwtIssuers
property that allows to disable the Https requirement for token issuers
v3.2.3:
- Fixed a bug in the Angular library where refresh token requests were cancelled when a dependency requested a refresh token but then cancelled the request. This led to the refresh token becoming invalid, thus requiring a reauthentication from the user
v3.2.2:
- The Angular library was updated to Angular v10
v3.2.1:
- The
UseDanglIdentityJwtTokenAuthentication
extension will now also work when the configured base urls have a trailing slash/
v3.2.0:
- Added the
ClaimsUtilities
class for helping with managing claims from Jwt tokens - When performing a non-OpenID Cookie login, all user claims except some ignored ones will now be put on the user principal
- Fixed an error where the
IUserInfoService.GetCurrentUserIdAsync()
method could throw an exception when the user id was only present in thesub
claim and not in the ASP.NET Core defaultnameidentifier
v3.1.0:
- The OpenID Extensions now remove the default claim type mapping and directly use the claim types from the JWT token, e.g.
role
is now directly available as a claim
v3.0.0:
- Update to Dangl.Identity v3.0.0 and to .NET Core 3.1
- The OpenID Connect extensions now check the
access_token
expiry and refresh the token if necessary. Additionally, locked out or deleted users are now also removed from client applications - When using the OpenID Connect extensions, it internally now calls
AddIdentityCore
instead ofAddIdentity
and adds some required services. This might break client applications that rely on services now no longer included. Consumers should manually add these to the dependency injection configuration - The
AddMvcWithDanglIdentity
extension was renamed toAddControllersWithDanglIdentity
and the internal call toAddMvc
was replaced withAddControllers
. If required, consumers should manually callAddMvc
in their apps - The Angular library was updated to Angular v9.1.9
v2.6.0:
- Added
UserInfo
andAccessTokenExtensions
in Dangl.Identity.Client
v2.5.2:
- Added checks for the
UserInfoService
in the Dangl.Identity.Client.MVC package to give meaningful error messages in cases of invalid configuration
v2.5.1:
- Dropped dependency
IdentityServer4.AccessTokenValidation
v2.5.0:
- The generated assemblies now have a strong name. This is a breaking change of the binary API and will require recompilation on all systems that consume this package. The strong name of the generated assembly allows compatibility with other, signed tools. Please note that this does not increase security or provide tamper-proof binaries, as the key is available in the source code per Microsoft guidelines
v2.4.3:
- Add
RequiredJwtRoles
andRequiredJwtClaims
toDanglIdentityServerConfiguration
to configure required claims and / or roles when using Jwt authentication
v2.4.2:
- When
UseDanglIdentityJwtAuthentication
is enabled on servers, the integrated endpoints for cookie authentication are disabled - CI tests for the .NET components are now also run on Linux
v2.4.1:
- Include
Id
for current user in Angular clientAuthenticationMessenger
v2.4.0:
- Refactoring of Angular client
v2.3.0:
- Update of Dangl.Identity dependencies
- Breaking Change: If you're using Dangl.Identity Jwt authentication from the Dangl.Identity.Client.Mvc package, you should set the property
UseDanglIdentityJwtAuthentication
in the configuration for Dangl.Identity totrue
and ensure thatapp.UseDanglIdentityJwtTokenAuthentication()
is called early in your request pipeline
v2.2.1:
- Bugfix where the Angular library failed to update the current authentication status after failed token refresh attempts
v2.2.0:
- An Angular front end package is now available at
@dangl/angular-dangl-identity-client
v2.1.0:
- Update internal dependencies to latest Dangl.Identity and to ASP.NET Core 2.2
v2.0.8:
- Update internal dependencies
v2.0.7:
- Fix bug where invalid Jwt tokens led to internal server error responses in
Dangl.Identity.Client.Mvc
v2.0.4:
- Remove
HttpMessageHandler
constructor argument fromUserInformationTransmissionHttpHandler
to be better composable withHttpClientFactory
- Add overload to
UserInformationTransmissionHttpHandler
that allows to supplyIHttpContextAccessor
to be able to resolve dependencies on the fly from theRequestServices
v2.0.3:
- Switch to
HttpClientFactory
- Introduced
DanglIdentityHttpClientAccessor
to abstract accessingHttpClient
in Dangl.Identity.Client.Mvc services
v2.0.0:
- Add support for user identicon id properties
- Update to latest version 2.0.1 of
Dangl.Identity
- Renamed
Dangl.Identity.OAuth
toDangl.Identity.Client.Mvc
v1.2.2:
- Fix deserialization error of Jwt
Bearer
tokens to no longer throw exceptions on invalid input in Dangl.Identity.Client.Mvc
v1.2.1:
Dangl.Identity.Client
is now public
v1.2.0:
- Add support for client-side integration of OpenID with Dangl.Identity as OpenID provider
- Add
UserInformationTransmissionHttpHandler
to share user information for requests contexts across different services IUserService
will now also determine user ids and whether users are authenticated in inter-service calls- See the README for requirements & setup on how to transmit user ids in inter-service requests
- The extensions for OAuth as server-side integration now only support either Cookie auth or Jwt, not both. Specifying one will disable the other
v1.1.1:
- Add
UserInfoService.CLIENT_CLAIM_PREFIX
IUserInfoService.GetCurrentClientIdAsync()
now returns astring
asClientId
to be in sync with Dangl.Identity- Added
ClientCredentialsLoginAsync
toDanglIdentityLoginHandler
v1.1.0
- Update to stay in sync with Dangl.Identity
v1.0.0
- Initial Release