Skip to content

7.1.0

Latest
Latest
Compare
Choose a tag to compare
@kevinchalet kevinchalet released this 10 Sep 18:27
7.1.0
af8f2be

This release introduces the following changes:

  • The GitHub web provider was updated to enforce OAuth 2.0 Proof Key for Code Exchange for all client registrations.

Tip

No change is required to enable PKCE for a specific client application (whether it is a treated as a public or confidential application): updating OpenIddict to 7.1.0 is enough to automatically enforce this security feature.

For more information, read PKCE support for OAuth and GitHub App authentication on the official GitHub blog.

  • The HeyBoxChat service is now supported by the OpenIddict.Client.WebIntegration package (thanks @gehongyan! ❤️)

  • New AddGrantTypePermissions()/RemoveGrantTypePermissions() APIs have been added to OpenIddictApplicationDescriptor to simplify adding and removing grant type permissions for custom grants:

var descriptor = new OpenIddictApplicationDescriptor
{
    ClientId = "console",

    // ...
};

descriptor.AddGrantTypePermissions("custom_grant_type");
descriptor.AddScopePermissions("demo_api");
  • All the .NET and third-party dependencies have been updated to the latest versions.

Contributors

gehongyan
Assets 2
Loading