Skip to content

Latest commit

 

History

History
524 lines (363 loc) · 30.8 KB

CHANGELOG.md

File metadata and controls

524 lines (363 loc) · 30.8 KB

Change Log

7.26.1 (2024-01-11)

Full Changelog

Fixed

7.26.0 (2023-12-21)

Full Changelog

Changed

Note: This release drops support for .NET Framework 4.5.2, 4.6.0 and 4.6.1, which have no longer been supported by Microsoft since April 2022.

7.25.1 (2023-12-14)

Full Changelog

Added

7.25.0 (2023-11-28)

Full Changelog

Added

Fixed

7.24.0 (2023-11-08)

Full Changelog

Added

7.23.1 (2023-10-25)

Full Changelog

Changed

7.23.0 (2023-10-19)

Full Changelog

Added

Changed

7.22.3 (2023-08-29)

Full Changelog

Changed

7.22.2 (2023-08-14)

Full Changelog

Changed

7.22.1 (2023-07-28)

Full Changelog

Changed

Fixed

7.22.0 (2023-07-19)

Full Changelog

Added

7.21.1 (2023-07-03)

Full Changelog

Fixed

7.21.0 (2023-06-05)

Full Changelog

Added

  • Add support for Client Credentials endpoint support in Management API #607 (frederikprijck)
  • Added cancellation token to device credentials request #619 (msmolka)

7.20.0 (2023-05-16)

Full Changelog

Added

  • Added revoke refresh token endpoint support #617 (msmolka)

7.19.1 (2023-04-25)

Full Changelog

Changed

7.19.0 (2023-03-13)

Full Changelog

Added

7.18.0 (2023-01-18)

Full Changelog

Added

7.17.4 (2022-10-17)

Full Changelog

Changed

7.17.3 (2022-10-03)

Full Changelog

Changed

  • [SDK-3641] Support stage property in Breached Password Detection configuration #591 (ewanharris)

7.17.2 (2022-09-12)

Full Changelog

Changed

  • Support EnabledConnections in OrganizationCreateRequest #585 (ssurowiec)

7.17.1 (2022-09-12)

Full Changelog

Fixed

  • Moving IDisposable on to IManagementApiClient #581 (kevbite)

7.17.0 (2022-07-26)

Full Changelog

Added

7.16.1 (2022-07-12)

Full Changelog

Changed

  • Add display_name to ConnectionCreateRequest and ConnectionUpdateRequest #573 (rinkeb)

release-7.16.0 (2022-05-03)

Full Changelog

Changed

Security

  • [Snyk] Security upgrade Newtonsoft.Json from 12.0.3 to 13.0.1 #560 (crew-security)
  • [Snyk] Security upgrade Microsoft.IdentityModel.Protocols.OpenIdConnect from 5.6.0 to 6.5.0 #559 (snyk-bot)

release-7.15.0 (2022-03-04)

Full Changelog

Added

Changed

Note that with this release, ID Token validation has been added when retrieving a token using any of the Device Code or Passwordless flows. There might be a rare occasion where this could break your application, in the situation where you are using invalid ID Tokens. However, typically this should not cause any issues as ID Tokens are supposed to be valid. If they aren't, you probably want to get notified about it as soon as possible.

Prior to this change, those methods would return the tokens without checking the validaty of your ID Token. However, given the fact that this should realy be an edge case, and we believe it's a good idea to inform you about invalid tokens sooner rather than later, we decided to introduce this change in a minor release.

release-7.14.0 (2022-02-15)

Full Changelog

Added

release-7.13.0 (2022-02-11)

Full Changelog

Added

release-7.12.1 (2022-01-07)

Full Changelog

Changed

Fixed

release-7.12.0 (2021-10-27)

Full Changelog

Added

  • Support setting access token after instantiation of ManagementApiClient #532 (mfolker)
  • Add auth0-forwarded-for header to passwordless sms authentication for… #530 (rhyswilliamszip)

release-7.11.0 (2021-10-01)

Full Changelog

Added

Changed

release-7.10.0 (2021-08-30)

Full Changelog

Added

Fixed

release-7.9.0 (2021-08-24)

Full Changelog

Added

  • Add cancellation token support #513 (hawxy)
  • Implement automatic rate-limit handling #512 (frederikprijck)
  • Add connection property to OrganizationConnection #511 (frederikprijck)
  • Update pagination interface to support 'from' and 'take' checkpoint pagination parameters #507 (evansims)

Fixed

Note: In the situation where you are providing your own implementation for IManagementConnection or IAuthenticationConnection, upgrading to 7.9.0 will require changing your implementations to also include the optional CancellationToken parameters.

release-7.8.1 (2021-07-07)

Full Changelog

Fixed

release-7.8.0 (2021-04-02)

Full Changelog

Added

release-7.7.0 (2021-03-23)

Full Changelog

Added

release-7.6.1 (2021-03-12)

Full Changelog

Changed

release-7.6.0 (2021-02-15)

Full Changelog

Added

Changed

release-7.5.1 (2021-02-02)

Full Changelog

Changed

release-7.5.0 (2021-01-21)

Full Changelog

Added

release-7.4.0 (2020-12-11)

Full Changelog

Added

release-7.3.2 (2020-11-13)

Full Changelog

Added

  • Allow creating and updating RefreshToken settings for Clients #451 (SamTheWizard)

release-7.3.1 (2020-11-12)

Full Changelog

Fixed

release-7.3.0 (2020-10-23)

Full Changelog

Added

Full Changelog

  • Support passing the Identity property to the payload sent to JobsClient.SendVerificationEmailAsync and TicketClient.CreateEmailVerificationTicketAsync in Auth0.ManagementApi
  • Fix ConnectionsClient.GetAllAsync when trying to use multiple strategies in Auth0.ManagementApi
  • Add Sources to the User's Permissions when using UserClient.GetPermissionsAsync in Auth0.ManagementApi. The return type of the UserClient.GetPermissionsAsync method has been changed, so there might be use-cases where this is breaking your existing code base. In case you are inheriting the UserClient and overriding the GetPermissionsAsync method, you will need to update your code to ensure the return type matches the return type of the updated UserClient.GetPermissionsAsync method.

Full Changelog

  • Add support for Log Streams API in Auth0.ManagementApi

Full Changelog

  • Fix boolean casing on form post operations such as ImportUsersAsync so that upsert and sendCompletionEmail work.

Full Changelog

  • Add missing "connections" property on UserBlock class

Full Changelog

  • AuthenticationApiClient now respects path portions of the URI passed to the constructor.

Full Changelog

  • Force DateParseHandling of DateTime in JSON.NET serialization to avoid global setting.

Full Changelog

  • Use own JSON.NET serialization settings (avoids conflicts with changes to global)
  • Fix Jobs ImportUsersAsync function, add new SendVerificationEmail setting.
  • Add missing properties to Jobs class.
  • Add client_secret support to passwordless authentication.

Full Changelog

  • Ensure JWKS keys are cached for the correct period.
  • Raise RateLimitApiException on 429/TooManyRequests status code response.

Full Changelog

  • Fixed path encoding allowing ResourceServers.GetAsync to work with HTTP URLs #377
  • Add support for extra error properties to faciliate mfa_required etc. #376

Full Changelog

  • Fixed a concurrency issue - missing ConfigureAwait(false) in HttpClient*Connections.

Full Changelog

  • Fixes request message disposal issue in HttpClient*Connection.GetAsync on .NET Framework 4.x

Full Changelog

There are many breaking changes in this release. Please see our Migration Guide for v7 at https://auth0.github.io/auth0.net/migrating.html

The summary of changes is:

  • Authentication SDK includes new ID Token Validation. If your application uses HS256 signing you should set either SigningAlgorithm to SigningAlgorithm.HS256 on requests you make to AuthenticationApiClient or switch to RS256 if your application is not confidential.

  • Improved testing and mocking support. You can now mock IAuthenticationConnection / IManagementConnection classes to provide local unit-testing functionality for AuthenticationApiClient and ManagementApiClient respectively.

  • Many classes moved namespace and assembly primarily ones in Core that were around paging. Visual Studio should be able to suggest where classes you were using now reside.

  • Disposal is now consistent. If AuthenticationApiClient or ManagementApiClient create a connection for you they will manage its lifecycle. If you pass in a connection then it will be your responsibility to manage it. This also applies to how HttpClientAuthenticationConnection and HttpClientManagementConnection will only dispose of a HttpClient they create and not ones they are given.

  • Rate Limiting information is now only available on the RateLimitApiException which is raised when the rate limit is exceeded.

  • ApiException is now ErrorApiException. If you use the status code or error message on exception you will need to switch to catching the later. The former is now a base class that does not have this information but ensures any old catch ApiException will continue to catch rate limit exceptions which also now inherit from this class.

  • Microsoft recommends HttpClient is reused as much as possible. Therefore you should use dependency injection or inversion of control to ensure that either a single instance of AuthenticationApiClient / ManagementApiClient or its connections HttpClientXConnection are created to ensure sharing. These classes are now thread-safe. You can additionally share HttpClient objects between them if you wish by injecting it into the HttpClientXConnection constructor.

  • Connections now have DisplayName, Realms and IsDomainConnection properties.

Full Changelog

  • Fix sharing of ApiConnection objects (would keep expanding default Auth0-Client header)

Full Changelog

  • Signup API result now handles custom databases returning variations of "id" name
  • Fix EnrollmentAuthMethod.Authenticator enum name
  • ClientBase now has property for initiate_login_uri

Full Changelog

SECURITY FIX for CVE-2019-16929. See https://github.com/auth0/auth0.net/blob/master/SECURITY-NOTICE.md#idtokenvalidator-public for more details.

Full Changelog

WARNING: If you generate tokens in your project via System.IdentityModel.Tokens.Jwt please read the important notice at auth0#300

  • Upgraded System.IdentityModel.Tokens.Jwt to 5.5 to fix incompatible kid
  • Upgraded Microsoft.IdentityModel.Protocols.OpenIdConnect to 5.5
  • Add ClientId to VerifyEmailJobRequest
  • Updated all test dependencies (xunit, FluentAssertions, .NET Test SDK)
  • Removed unused Console Workbench project

Full Changelog

  • UserClient.GetEnrollments now correctly passes user id.

Full Changelog

  • User and role permissions endpoints in UsersClient and RolesClient paging fix.

Full Changelog

  • Assembly is now strong-name-signed so it can be used by other strong-name-signed packages.
  • NOTE: This is code signing only using a non-secret key. It is not authenticode or tamper protection.
  • User and role permissions endpoints in UsersClient and RolesClient now correctly honoring paging.
  • User model optional fields (CreatedAt, UpdatedAt, LastLogin) are now nullable.

Full Changelog

  • TenantSettings lifetimes are now double not integer.
  • Added various Guardian-related endpoints on UserClient.

Full Changelog

  • Missing Tenant settings now available (device flow, Guardian MFA, Change Password, flags etc.

Full Changelog

  • Added client_id to GetDeviceCredentials response
  • Added various user properties to UserUpdateRequest

Full Changelog

  • New user permission endpoints added to UsersClient
  • New role permission endpoints added to RolesClient
  • AuthenticationApiClient now implements IDisposable to dispose ApiConnection and HttpClient
  • Added various new and missing properties to Resource Servers (ResourceServerBase)

Full Changelog

  • New GuardianClient for managing /guardian endpoints
  • New RolesClient for managing /roles endpoints
  • PasswordChangeTicket now has IncludeEmailInRedirect and MailEmailAsVerified
  • ApiConnection now has Dispose to dispose the HttpClient it creates
  • ManagementApiClient now has Dispose to dispose the ApiConnection it creates
  • XML documentation tweaks
  • Dependencies updated

BREAKING CHANGES See our migration guide at https://github.com/auth0/auth0.net/blob/master/docs-source/migrating-to-v6.md

  • All I*Client interfaces have been removed so adding endpoints is no longer breaking
  • IManagementApi interface was removed so adding new clients is no longer breaking
  • All non-paging GetAll methods have been removed
  • DiagnosticsHeader/DiagnosticsComponent are no longer available