This release introduces the following changes:
-
OpenIddict 6.0 preview 4 was updated to reference the .NET 9.0 RTM packages on .NET 9.0.
-
The ASP.NET Core and OWIN integrations now include the authentication properties attached to
ProcessAuthenticationContext.Properties
in errored authentication results, which can be used with the client stack to retrieve custom and non-custom properties attached to thestate
token when using the "error pass-through mode".
Important
As part of this change, the OWIN hosts now return an AuthenticateResult
instance containing an empty ClaimsIdentity
with its IsAuthenticated
property set to false
(instead of a null
identity) to represent errored authentication demands.
If you're using the error pass-through mode and are calling await AuthenticateAsync(OpenIddict*OwinDefaults.AuthenticationType)
, consider updating your if
checks to ensure unauthenticated identities are correctly identified.
For instance, with the client stack:
var result = await context.Authentication.AuthenticateAsync(OpenIddictClientOwinDefaults.AuthenticationType);
if (result is { Identity.IsAuthenticated: true })
{
// The authentication result represents an authenticated user.
}
- Introspection and revocation requests started via
OpenIddictClientService.IntrospectTokenAsync()
andOpenIddictClientService.RevokeTokenAsync()
are now eagerly aborted if the token to introspect or revoke is missing.