3.0.0-preview.1

This is our first first of a major release that makes significant updates to our dependencies.

What's Changed

• Updated to .NET 8, and dropped support for .NET 6/7
• Updated IdentityModel to version 7.0.0
• Updated Duende.AccessTokenManagement to version 3.0.0

2.2.0

What's Changed

• Upgrade Yarp Reverse proxy by @PascalSenn in #184
• Fall back to bearer token type by @josephdecock in #185
• Support .NET 8 by @josephdecock in #187
• bump nuget for release of Duende.ATM by @brockallen in #191

Full Changelog: 2.1.1...2.2.0

2.2.0 Preview 1

What's Changed

• Upgrade Yarp Reverse proxy by @PascalSenn in #184
• Fall back to bearer token type by @josephdecock in #185
• Support .NET 8 by @josephdecock in #187

Full Changelog: 2.1.1...2.2.0-preview.1

2.1.1

What's Changed

• Joe/optional-yarp-access-tokens by @josephdecock in #180

Full Changelog: 2.1.0...2.1.1

2.1.0

What's Changed

• Fixed typos in comments by @pdekkers in #156
• Improve validation message of logout token by @josephdecock in #157
• Correct spelling of "session" in comment. by @StuFrankish in #159
• Fixed typo in debug messages by @pdekkers in #160
• Spell Antiforgery correctly by @programatt in #158
• Update to YARP 2.0 by @leastprivilege in #161
• log when ajax request made to UI only BFF management endpoint by @brockallen in #166
• nuget update for Duende.AccessTokenManagement by @brockallen in #167
• update NuGet for Duende.AccessTokenManagement by @brockallen in #169
• Joe/remote api token retreival by @josephdecock in #168
• Rework/Reorg license key validation by @brockallen in #171
• Joe/dpop by @josephdecock in #172
• Fix spelling error by @josephdecock in #174
• Remove IAccessTokenRetriever w/resource param by @josephdecock in #175
• add test for dpop workflow by @brockallen in #178

New Contributors

• @pdekkers made their first contribution in #156
• @josephdecock made their first contribution in #157
• @StuFrankish made their first contribution in #159
• @programatt made their first contribution in #158

Full Changelog: 2.0.0...2.1.0

2.0.0

What's Changed

• v2 by @leastprivilege in #105
• Update builds for .NET 6 by @leastprivilege in #106
• Rework how we add metadata to skip antiforgery checks by @brockallen in #107
• Ability to use complex segments for ManagementBasePath by @brockallen in #109
• Add option to disable 401 on ~/bff/user endpoint when user is not logged in by @brockallen in #108
• small sample updates by @brockallen in #110
• Switch to new token management library by @leastprivilege in #116
• update to use IOptions by @brockallen in #120
• updated dependency by @leastprivilege in #121
• Don't throw for absent endpoint in BffAuthorizationMiddlewareResultHandler by @brockallen in #124
• add AllowAnonymous() on the BFF management endpoints by @brockallen in #123
• remove ~/ support from IsLocalUrl by @brockallen in #122
• Update LICENSE by @brockallen in #127
• add warning when session cleanup enabled but no service in DI by @brockallen in #129
• abstract SessionDbContext and allow for custom DbContext registrations by @brockallen in #128
• Add IReturnUrlValidator service by @brockallen in #130
• organize folders/files by @brockallen in #131
• when renewing server-side session, create new entry if current session not found by @brockallen in #132
• add a skip response handling metadata flag by @brockallen in #135
• nuget updates, including Duende ATM by @brockallen in #137
• Add more debug logging where appropriate by @brockallen in #138
• allow for other/many environments for diagnostics by @brockallen in #144
• Improve extensibility of DefaultHttpMessageInvokerFactory by @ArturDorochowicz in #141
• revert reference to EF Core back to 6.0.0 (rather than the latest patch) by @brockallen in #146
• Use CodeQL auto build by @leastprivilege in #148
• Add missing code comment by @leastprivilege in #149
• Add .props file by @leastprivilege in #150
• Move all dependencies to .targets file by @leastprivilege in #151
• update from .NET 7 RC2 to .NET 7 RTM by @brockallen in #154
• Update YARP to 1.1 by @leastprivilege in #155

New Contributors

• @ArturDorochowicz made their first contribution in #141

Full Changelog: 1.2.3...2.0.0

2.0.0 Preview 5

What's Changed

• allow for other/many environments for diagnostics by @brockallen in #144
• Improve extensibility of DefaultHttpMessageInvokerFactory by @ArturDorochowicz in #141
• revert reference to EF Core back to 6.0.0 (rather than the latest patch) by @brockallen in #146
• Use CodeQL auto build by @leastprivilege in #148
• Add missing code comment by @leastprivilege in #149
• Add .props file by @leastprivilege in #150
• Move all dependencies to .targets file by @leastprivilege in #151

New Contributors

• @ArturDorochowicz made their first contribution in #141

Full Changelog: 2.0.0-preview.4...2.0.0-preview.5

2.0.0-preview.4

What's Changed

• v2 by @leastprivilege in #105
• Update builds for .NET 6 by @leastprivilege in #106
• Rework how we add metadata to skip antiforgery checks by @brockallen in #107
• Ability to use complex segments for ManagementBasePath by @brockallen in #109
• Add option to disable 401 on ~/bff/user endpoint when user is not logged in by @brockallen in #108
• small sample updates by @brockallen in #110
• Switch to new token management library by @leastprivilege in #116
• update to use IOptions by @brockallen in #120
• updated dependency by @leastprivilege in #121
• Don't throw for absent endpoint in BffAuthorizationMiddlewareResultHandler by @brockallen in #124
• add AllowAnonymous() on the BFF management endpoints by @brockallen in #123
• remove ~/ support from IsLocalUrl by @brockallen in #122
• Update LICENSE by @brockallen in #127
• add warning when session cleanup enabled but no service in DI by @brockallen in #129
• abstract SessionDbContext and allow for custom DbContext registrations by @brockallen in #128
• Add IReturnUrlValidator service by @brockallen in #130
• organize folders/files by @brockallen in #131
• when renewing server-side session, create new entry if current session not found by @brockallen in #132
• add a skip response handling metadata flag by @brockallen in #135
• nuget updates, including Duende ATM by @brockallen in #137
• Add more debug logging where appropriate by @brockallen in #138

Full Changelog: 1.2.2...2.0.0-preview.4

1.2.2

What's Changed

• Fix for login/logout redirects when not in hosted in root by @brockallen in #100
• Fix metadata order parsing by @leastprivilege in #102

Full Changelog: 1.2.1...1.2.2

1.2.0

What's Changed

• Explore session change notifications for Blazor by @leastprivilege in #67
• Update BFF middleware marker by @leastprivilege in #76
• Add YARP antiforgery middleware by @leastprivilege in #74
• Add nullable annotations by @leastprivilege in #77
• Update YARP extensions by @leastprivilege in #78
• Remove conditional compilation for JSON serializer by @leastprivilege in #83
• Make default endpoint implementations more derivation friendly by @leastprivilege in #82
• Add silent login feature by @brockallen in #80
• add better comments to store interface by @brockallen in #85
• Add requireAntiforgeryCheck parameter to MapBffReverseProxy() by @andrerav in #84
• Add a cleanup service for server side sessions by @brockallen in #86
• re-set AllowRefresh to prevent AuthTicket from never sliding by @brockallen in #87
• Delete bug_report.md by @leastprivilege in #89
• Update config.yml by @leastprivilege in #90
• Expose IdentityModel.AspNetCore options by @leastprivilege in #91
• Include PathBase on silent redirect uri by @brockallen in #92
• Update Dependencies by @leastprivilege in #93

New Contributors

• @andrerav made their first contribution in #84

Full Changelog: 1.1.3...1.2.0