361 Commits (b2ea303ea9df779a97bfe91eb3bf5cdb52a3cf64)

Author SHA1 Message Date
Kévin Chalet 59a137cd63 Allow using mTLS client authentication with the client credentials grant and support mTLS token binding for anonymous clients 4 months ago
Kévin Chalet 63b56ccc82 Detect and reject reference token payloads directly used as regular tokens 5 months ago
Kévin Chalet 7b9fd7677f Revamp the client authentication method negotiation logic and support mTLS token binding in the client, server and validation stacks 5 months ago
Kévin Chalet 8dbf493469 Add a new OpenIddictMessage constructor accepting non-nullable immutable arrays 5 months ago
Kévin Chalet 5c1cda0ac5 Implement native mTLS client authentication support in the server stack 5 months ago
Kévin Chalet 9797f86194 Replace PolySharp by the Polyfill source package and adopt ArgumentNullException.ThrowIfNull()/ArgumentException.ThrowIfNullOrEmpty() 7 months ago
Kévin Chalet 1ef7be587f Bump .NET Arcade to 10.0.0-beta.25562.108 7 months ago
Kévin Chalet a0f39b4b5c Polyfill ValueTask.CompletedTask and ValueTask<TResult>.CompletedTask 9 months ago
Kévin Chalet 13f352af6d Bump the .NET SDK to 10.0.100-rc.2.25502.107 and add .NET 10 TFMs 9 months ago
Kévin Chalet f5d6a18764 Add new AddGrantTypePermissions()/RemoveGrantTypePermissions() APIs in OpenIddictApplicationDescriptor 10 months ago
Kévin Chalet 7267fa03b6 Introduce new methods in OpenIddictApplicationDescriptor to make working with permissions and settings easier 1 year ago
Kévin Chalet 91a68c161a Implement client authentication support for the PAR endpoint 1 year ago
Kévin Chalet 78ba0a3dec Implement built-in audiences and resources indicators validation 1 year ago
Kévin Chalet 9a74ea5e4f Remove unnecessary view models 1 year ago
Kévin Chalet 8c94cb7c13 Implement OAuth 2.0 Token Exchange support 1 year ago
Kévin Chalet b33dad15f3 Implement new audience and presenter validation logic as part of the ValidateToken event 1 year ago
Kévin Chalet 36424f84b3 Improve the WWW-Authenticate parsing logic 1 year ago
Kévin Chalet bcfe2f05d3 Update OpenIddictParameter to return empty immutable arrays instead of uninitialized instances 1 year ago
Kévin Chalet ff57da7ec0 Add AddClaim(s)/SetClaim(s) extensions accepting JsonNode instances 1 year ago
Kévin Chalet f8553a9ee7 Update the MapNonStandardResponseParameters userinfo handler to avoid using OpenIddictParameter.GetNamedParameters() 1 year ago
Kévin Chalet fab284f5d5 Update GenerateTokenContext to expose SecurityTokenDescriptor and adopt the new URI-style token type identifiers in the client, core, server and validation stacks 1 year ago
Kévin Chalet 1beb7ab4c9 Use Uri.TryCreate() to build the base and request URIs used by OpenIddict 1 year ago
Kévin Chalet 5b56eddc0c Remove all the store resolvers and mark all the assemblies as trimming/Native AOT-compatible 1 year ago
Kévin Chalet 342b7651cf Set NuGetAuditMode to "all" to enable vulnerable transitive dependencies warnings 1 year ago
Kévin Chalet bef75c4f56 Use the CreateAsyncScope() helper to avoid having to manually cast IServiceProvider to IAsyncDisposable 1 year ago
Kévin Chalet 38e84b862d Update OpenIddictParameter to offer ImmutableArray<string> conversions instead of string[] and clone JsonNode objects to guarantee immutability 1 year ago
Kévin Chalet e39c635631 Decorate the claim extensions with [OverloadResolutionPriority] and collection expressions for ImmutableArray<T> 1 year ago
Kévin Chalet b17b3fe235 Update the .NET Framework and .NET Standard TFMs to target ASP.NET Core/Entity Framework Core 2.3 and .NET Extensions 8.0 1 year ago
Kévin Chalet fbad1d0727 Bump .NET Arcade to 9.0.0-beta.25058.5 1 year ago
Kévin Chalet bdf3b56db8 Do not reject end session requests that don't include an explicit client_id when request caching is used 1 year ago
Kévin Chalet feedeacae7 Do not reject end session requests that don't include an explicit client_id when request caching is used 1 year ago
Kévin Chalet 42d6369910 Implement Pushed Authorization Requests (PAR) support and revamp the request caching feature 1 year ago
Kévin Chalet 11666c41bd Update OpenIddictMessage.ToString() to redact custom parameters whose name ends with "_token" 2 years ago
Kévin Chalet 878569cd3f Update the ASP.NET Core/OWIN hosts to support returning authentication properties for errored requests 2 years ago
Kévin Chalet 6c6c9ed1db Bump MongoDB to 3.0.0 and strong-name the MongoDB packages 2 years ago
Kévin Chalet f5721d0c2c Rename the GetPrompts() and HasPrompt() extensions 2 years ago
Kévin Chalet e1f729ba0b Validate prompt values specified in authorization requests and update the configuration endpoint to return "prompt_values_supported" 2 years ago
Kévin Chalet 9f613b1332 Implement a new client authentication method negotiation logic and introduce mTLS support in the client stack 2 years ago
Kévin Chalet ef2e02ee23 Introduce a new .NET 9.0 TFM and use the new X509CertificateLoader API 2 years ago
Kévin Chalet 3662b179dc Rename event handlers and event properties that whose endpoint name has changed 2 years ago
Kévin Chalet d4c05e2e23 Rename the device, cryptography, logout and verification endpoints and the associated events/event handlers 2 years ago
Kévin Chalet f6975e6506 Update OpenIddictParameter to return "true" and "false" for string/string array conversions 2 years ago
Kévin Chalet 02fb4414f7 Allow using response_type=token with PKCE when response type permissions are enforced 2 years ago
Jan Trejbal 2475ed3c1a
Use System.TimeProvider on .NET 8.0+ 2 years ago
Kévin Chalet 38d87b2945 Allow using unique JSON_ARRAY claims to represent arrays of strings 2 years ago
Kévin Chalet b32eb8c0a2 Make user codes fully configurable and remove token length assumptions 2 years ago
Kévin Chalet 7aac102830 Add Dailymotion to the list of supported providers 2 years ago
Kévin Chalet 26fdb68773 Bump the .NET SDK to 8.0.200 and stop using collection expressions with ImmutableArray<T> 2 years ago
Kévin Chalet cf3e960055 Abort sign-in demands whose principal contains a standard claim with an invalid claim value type 3 years ago
Kévin Chalet 05ab8b7428 Update the ClaimsIdentity/ClaimsPrincipal.GetClaim() extension to throw an exception when multiple claims of the same type exist 3 years ago