- Support for WsFederation, Saml and Saml2 tokens.
- Support for Enveloped Xml Signatures.
- PII hiding in log files for GDPR concerns
- RegEx expression uses CultureInvariant for servers with large number of locales.
- net45 target
- Support for customers with legacy projects targeting net45.
- Tests are being added to the 5.2.0 release (currently in dev) to coordinate with changes to csproj, msbuild and dotnet 2.0.
- JWE Support: AES and RSA key wrap support
- Fix for breaking change introduced in 5.1.0
- Rebuild: Fix strong name signing issue
- Security Fix: IdentityModel Extensions library Microsoft.IdentityModel.Tokens has a known security vulnerability affecting version 5.1.0. Please update to >= 5.1.1 immediately. An updated package is available on NuGet. For more details, see the security notice.
- JWE Support: Direct encryption supported on tokens
- JsonWebKey: Upgraded to fully support features in http://tools.ietf.org/html/draft-ietf-jose-json-web-key-37
- Logging: Added Event Source based logging in Wilson.
IdentityModelEventSource
is the exposed event source handle. - Cryptography: Added support for Elliptical Curve (ECDsa) algorithm.
- Dropped support for WsFederation and Saml.
SecurityKey
is used for token validation instead ofSecurityToken
.CryptoProviderFactory
provides all the extensibility to control and customize crypto support.- Dropped support for reading and writing JWT tokens embedded in XML.
- Removed dependency on
System.IdentityModel.dll
. - Replaced
JavaScriptSerializer
with Json.Net serializer. Deserializingint
results in anInt64
object by default instead ofInt32
. - Replaced the static ClaimType maps on
JwtSecurityTokenHandler
with instances. - Refactoring
- Microsoft.IdentityModel.Protocol.Extensions is refactored into:
- Microsoft.IdentityModel.Protocols: Includes protocol agnostic classes, e.g.
ConfigurationManager
. - Microsoft.IdentityModel.Protocols.OpenIdConnect: Includes OpenIdConnect specific support e.g.
OpenIdConnectMessage
,OpenIdConnectConfiguration
,OpenIdConnectProtocolValidator
etc.
- Microsoft.IdentityModel.Protocols: Includes protocol agnostic classes, e.g.
- System.IdentityModel.Tokens is refactored into:
- Microsoft.IdentityModel.Tokens: Includes support for crypto operations and other classes that are not token format specific e.g.
CryptoProviderFactory
,TokenValidationParameters
etc. - System.IdentityModel.Tokens.Jwt: Includes classes for handling jwt tokens e.g.
JwtSecurityTokenHandler
.
- Microsoft.IdentityModel.Tokens: Includes support for crypto operations and other classes that are not token format specific e.g.
- Microsoft.IdentityModel.Protocol.Extensions is refactored into:
- Click here for full list of bug fixes in 5.x.