From fde63a2da935f03f7ed2a73bf14d1653c414c4b7 Mon Sep 17 00:00:00 2001 From: Kelly Song Date: Thu, 16 Jan 2025 17:59:19 -0800 Subject: [PATCH 1/4] 3.6.0 changelog --- changelog.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/changelog.md b/changelog.md index 24ab97f1b..bf6303017 100644 --- a/changelog.md +++ b/changelog.md @@ -1,3 +1,16 @@ +3.6.0 +======== +- Updated to Microsoft.IdentityModel.* 8.4.0 +- Updated to [MSAL.NET](https://github.com/AzureAD/microsoft-authentication-library-for-dotnet) 4.67.2 + +## Bug fixes +- Add checks to protect the internal claims used by Identity Web. See https://github.com/AzureAD/microsoft-identity-web/pull/3131 +- + +## Fundamentals +- Fix Null Reference Exception in OwinTokenAcquirerFactory + other OWIN cleanup. See https://github.com/AzureAD/microsoft-identity-web/pull/3183 +- Re-add code coverage comments & scope to src files. See https://github.com/AzureAD/microsoft-identity-web/issues/3177 + 3.5.0 ======== - Updated to Microsoft.IdentityModel.* 8.3.0 From e3b2ead2287faccf5ae88133f7eca8fd626e0261 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kelly=F0=9F=8C=A0?= <69649063+kllysng@users.noreply.github.com> Date: Thu, 16 Jan 2025 18:23:02 -0800 Subject: [PATCH 2/4] Update changelog.md Co-authored-by: Jean-Marc Prieur --- changelog.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelog.md b/changelog.md index bf6303017..26a7d12fa 100644 --- a/changelog.md +++ b/changelog.md @@ -4,7 +4,7 @@ - Updated to [MSAL.NET](https://github.com/AzureAD/microsoft-authentication-library-for-dotnet) 4.67.2 ## Bug fixes -- Add checks to protect the internal claims used by Identity Web. See https://github.com/AzureAD/microsoft-identity-web/pull/3131 +- Checks that B2C tokens don't contain the claims used by Identity Web to represent the home tenant and object ID (obtained from the UserInfo endpoint). See https://github.com/AzureAD/microsoft-identity-web/pull/3131 - ## Fundamentals From a549073422d0417878e81a8d364da91d2db9f3e5 Mon Sep 17 00:00:00 2001 From: jennyf19 Date: Fri, 17 Jan 2025 10:46:45 -0800 Subject: [PATCH 3/4] Update changelog.md --- changelog.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelog.md b/changelog.md index 26a7d12fa..b1e5b2772 100644 --- a/changelog.md +++ b/changelog.md @@ -1,6 +1,6 @@ 3.6.0 ======== -- Updated to Microsoft.IdentityModel.* 8.4.0 +- Updated to Microsoft.IdentityModel.* 8.3.1 - Updated to [MSAL.NET](https://github.com/AzureAD/microsoft-authentication-library-for-dotnet) 4.67.2 ## Bug fixes From 81719a510a1f29a95b928913b020cca4d147f9d9 Mon Sep 17 00:00:00 2001 From: jennyf19 Date: Fri, 17 Jan 2025 11:45:42 -0800 Subject: [PATCH 4/4] Update changelog.md --- changelog.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/changelog.md b/changelog.md index b1e5b2772..d772ff0eb 100644 --- a/changelog.md +++ b/changelog.md @@ -5,7 +5,8 @@ ## Bug fixes - Checks that B2C tokens don't contain the claims used by Identity Web to represent the home tenant and object ID (obtained from the UserInfo endpoint). See https://github.com/AzureAD/microsoft-identity-web/pull/3131 -- +- Remove explicit locking in `OpenIdConnectCachingSecurityTokenProvider`. See Issue [#3078](https://github.com/AzureAD/microsoft-identity-web/issues/3078) + ## Fundamentals - Fix Null Reference Exception in OwinTokenAcquirerFactory + other OWIN cleanup. See https://github.com/AzureAD/microsoft-identity-web/pull/3183