This is the first preview of IdentityServer 7.2. Highlights include:
- Optional strict validation of private_key_jwt audiences
- Error events are no longer raised for the use_dpop_nonce response from the token endpoint
- Bug fixes and optimizations
Upgrading
There are no breaking changes or schema updates required to upgrade from IdentityServer 7.1 to 7.2.
What's Changed
- Fix incorrect 'for' attribute in userCode inputs by @khalidabuhakmeh in #1712
- Fix two potential NREs by @maartenba in #1731
- Use query-safe url fragment when returning an error by @bhazen in #1733 (including community contributions from @aomader in #1670)
- Use AsyncServiceScope in Background Services by @bhazen in #1736
- Add option for strict validation of assertion audiences by @josephdecock in #1737
- Fix XML documentation syntax errors by @maartenba in #1730
- Do not issue TokenIssuedFailureEvent for use_dpop_nonce error by @bhazen in #1739
- Avoid a string allocation in IsUri by @SimonCropp in #1680
- Enable nullable in StringsExtensions by @SimonCropp in #1679
- ThrowIfNullOrWhiteSpace for type in IdentityProvider by @SimonCropp in #1675
- Optimize Resource constructors by @SimonCropp in #1674
New Contributors
- @maartenba made their first contribution in #1731
- @bhazen made their first contribution in #1733
- @aomader made their first contribution in #1670
Full Changelog: is-7.1.0...is-7.2.0-preview.1