chore(deps): update dotnet-azure-ad-identitymodel-extensions monorepo to v7.7.1
This MR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| Microsoft.IdentityModel.JsonWebTokens | nuget | minor |
7.5.1 -> 7.7.1
|
| Microsoft.IdentityModel.Tokens | nuget | minor |
7.5.1 -> 7.7.1
|
| System.IdentityModel.Tokens.Jwt | nuget | minor |
7.5.1 -> 7.7.1
|
Release Notes
AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet (Microsoft.IdentityModel.JsonWebTokens)
v7.7.1
7.7.1
Bug Fix
- Re-add
JsonSerializerPrimitives.TryAllStringClaimsAsDateTimewhich was removed as it is in an internal class, but due toInternalsVisibleTocan lead to aMissingMethodExceptionif IdentityModel versions are not aligned. See MR #2734 for details.
v7.7.0
7.7.0
CVE package updates
- A derived
ClaimsIdentitywhere claim retrieval is case-sensitive. The currentClaimsIdentity, in .NET, retrieves claims in a case-insensitive manner which is different than querying the underlyingSecurityToken. The newCaseSensitiveClaimsIdentityclass provides consistent retrieval logic withSecurityToken. Opt in to the new behavior via an AppContext switch. See MR #2715 for details.
Performance improvement
-
AppContext.TryGetSwitchstatically caches internally but takes out a lock. .NET almost always caches these values. They're not expected to change while the process is running unlike normal config. IdentityModel now caches the value. See issue #2722 for details.
v7.6.2
7.6.2
Bug Fix:
- Revert reduced allocations in
AadIssuerValidatorby not usingstring.Replacewhere appropriate due to an index out-of-range error.
v7.6.1
=====
New Features:
- Added an Audiences member to the SecurityTokenDescriptor to make it easier to define multiple audiences in JWT and SAML tokens. Addresses issue #1479 with MR #2575
- Add missing metadata parameters to OpenIdConnectConfiguration. See issue #2498 for details.
Bug Fixes:
- Fix over-reporting of
IDX14100. See issue #2058 and MR #2618 for details. -
JwtRegisteredClaimNamesnow contains previously missing Standard OpenIdConnect claims. See issue #1598 for details.
Performance Improvements:
- No longer for every string claim, calling DateTime.TryParse on each value, whether it is expected to be a DateTime or not. See issue #2615 for details.
v7.6.0
=====
New Features:
- Update
JsonWebToken- extract and expose the method that reads the header/payload property values from the reader so it can be overridden in children classes to add any extra own logic. See issues #2581, #2583, and #2495 for details.
Bug Fixes:
- JWE header algorithm is now compliant to IANA document. See issue #2089 for details.
Performance Improvements:
- Reduce the number of internal array allocations that need to happen for each claim set, see MR #2596.
Fundamentals:
- Add an AOT compatibility check on each MR to ensure only AOT compatible code is checked-in. See MR #2598.
- Update perl scrip for OneBranch build. See MR #2602.
- Add langversion 12 to benchmark tests. See MR #2601.
- Removed unused build.cmd file. See MR #2605.
- Create CodeQL exclusions file. See MR #2609.
- Fix variable usage in AOT script. See MR #2610.
- Move
Microsoft.IdentityModel.Tokensdelegates to a new file. See MR #2606
v7.5.2
=====
Bug Fixes:
- Validate authentication tag length so a JWE with appended characters will not be considered a valid token. See issues #2201, #1641, MR #2569, and IDX10625 Wiki for details.
Fundamentals:
- App Context Switches in Identity Model 7x are now documented here.
Performance Improvements:
- In .NET 6 or greater, use a temporary buffer to reduce intermediate allocation in
VerifyRsa/VerifyECDsa. See MR #2589 for more details. - Reduce allocations in
ValidateSignatureby using a collection expression instead ofnew List<SecurityKey> { key }, to optimize for the single element case. See MR #2586 for more details. - Remove Task allocation in
AadIssuerValidator. See MR #2584 for more details.
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.
Edited by Ghost User