github openiddict/openiddict-core 4.3.0
on GitHub

latest releases: 6.0.0-preview1, 5.8.0, 5.7.1...
17 months ago

This release introduces the following changes:

  • Preview support for the device authorization grant was added to the OpenIddict client stack, whose OpenIddictClientService now offers dedicated ChallengeUsingDeviceAsync()/AuthenticateWithDeviceAsync() APIs: 
// Ask OpenIddict to send a device authorization request and write
// the complete verification endpoint URI to the console output.
var response = await _service.ChallengeUsingDeviceAsync("Local", cancellationToken: stoppingToken);
if (response.VerificationUriComplete is not null)
{
    AnsiConsole.MarkupLineInterpolated(
        $"[yellow]Please visit [link]{response.VerificationUriComplete}[/] and confirm the displayed code is '{response.UserCode}' to complete the authentication demand.[/]");
}

else
{
    AnsiConsole.MarkupLineInterpolated(
        $"[yellow]Please visit [link]{response.VerificationUri}[/] and enter '{response.UserCode}' to complete the authentication demand.[/]");
}

using var cancellationTokenSource = CancellationTokenSource.CreateLinkedTokenSource(stoppingToken);
cancellationTokenSource.CancelAfter(response.ExpiresIn < TimeSpan.FromMinutes(5) ?
    response.ExpiresIn : TimeSpan.FromMinutes(5));

// Wait for the user to complete the demand on the other device.
(_, var principal) = await _service.AuthenticateWithDeviceAsync("Local",
    response.DeviceCode, cancellationToken: cancellationTokenSource.Token);

  • The GitHub and Google integrations were updated to allow using the device authorization grant with these providers.

  • PingOne was added to the list of supported providers.

  • New ConfigureHttpClient() and ConfigureHttpClientHandler() APIs have been added to the System.Net.Http integration packages to allow customizing the HTTP clients and HTTP client handlers used by the OpenIddict client and validation services: 

options.UseSystemNetHttp()
       .ConfigureHttpClient(client => client.DefaultRequestHeaders.Add("Custom-Header", "Custom-Value"))
       .ConfigureHttpClientHandler(handler =>
       {
           handler.ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
       });

  • The validation stack was optimized to avoid resolving the server configuration when no access token was sent (thanks @2d1a0ec3! ❤️).

  • To improve the developer experience, exceptions thrown while trying to retrieve the server configuration are now caught by the OpenIddict validation handler and surfaced by the ASP.NET Core and OWIN hosts as WWW-Authenticate: Bearer error="server_error", error_description="The remote authorization server is currently unavailable or returned an invalid configuration.", error_uri="https://documentation.openiddict.com/errors/ID2170 errors.

  • DbContextOptionsBuilder<TContext> helpers have been added to the EF Core stores (thanks @verdie-g! ❤️)

Check out latest releases or
releases around openiddict/openiddict-core 4.3.0

Don't miss a new openiddict-core release

NewReleases is sending notifications on new releases.

Get notifications