Skip to content

Releases: softawaregmbh/library-authentication

SAS Token Autentication

07 May 08:43
@meinsiedler meinsiedler
6.0.0
4f536bb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
SAS Token Autentication Latest
Latest

This release adds support for SAS (Shared Access Signature) token authentication.

See the README for more details.

Assets 2
Loading

.NET8.0

16 Apr 07:39
@doerrD doerrD
5.0.0
8d416c2
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
.NET8.0

What's Changed

  • Upgrade to .net8.0
  • Upgrade all dependencies (also one security vulnerability)

Breaking Changes

  • Drop netstandard2.0 support
Assets 2
Loading

Support multiple hashing algorithms, drop .NET 4.6.1 support

27 Mar 16:22
@meinsiedler meinsiedler
4.0.0
87cd8e0
This commit was signed with the committer’s verified signature.
meinsiedler Michael Einsiedler
SSH Key Fingerprint: ed42F6x/6ueCAZTnHOraDukC1cQKHwGqN5YYbSMhlr4 Learn about vigilant mode.
Compare
Choose a tag to compare
Support multiple hashing algorithms, drop .NET 4.6.1 support

New Features

  • Hash algorithm in header by @meinsiedler in #17
    • The default request body hashing method is now SHA-256.

Breaking Changes

  • Drop support for .NET 4.6.1 by @meinsiedler in #16
  • ApiKeyDelegatingHandler constructor with inner delegating handler: Order of parameters changed. The inner HttpMessageHandler is now the first constructor parameter.

Upgrade guide

With #17 it is now possible to specify the hashing algorithm to be used. If you have used this library in an older version before, we recommend the following upgrade path:

  1. Update the server's NuGet package softaware.Authentication.Hmac.AspNetCore to latest version. This version is backwards compatible with an older version of the client.
  2. Update the client's NuGet package softaware.Authentication.Hmac.Client to latest version after the server has been deployed with the latest version. This version now uses SHA-256 request body hashing by default.

With this approach, no breaking changes occur at the deployed environment as the backwards compatibility is ensured.

Full Changelog: 3.4.0-hmac...4.0.0

Contributors

meinsiedler
Assets 2
Loading

HMAC 3.4.0: SHA-256 support for request body hashing

23 Mar 14:55
@meinsiedler meinsiedler
3.4.0-hmac
f77aefb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HMAC 3.4.0: SHA-256 support for request body hashing

This release prepares for upgrading the request body hashing from MD5 to SHA-256.

This is an intermediate release for upgrading the library without breaking changes. The new options will be removed again in the next major release and only SHA-256 will be supported in future.

New Features

softaware.Authentication.Hmac.AspNetCore

  • New Option AllowMD5AndSHA256RequestBodyHash in HmacAuthenticationSchemeOptions: If true, the request body hash will be validated with MD5 hash and SHA265 hash. Note that this setting is only relevant when the http request has a body. (Default: true)

softaware.Authentication.Hmac.Client

  • The ApiKeyDelegatingHandler now supports passing a new enum RequestBodyHashingMethod to the constructor to set the hash algorithm to be used for the request body hashing. Possible options are MD5 and SHA256

Upgrade guide

  • Upgrade the softaware.Authentication.Hmac.AspNetCore to support both MD5 and SHA-256.
  • Deploy the server part.
    • The client still sends request with MD5 hash which will be accepted by server.
  • Update the softaware.Authentication.Hmac.Client and set the RequestBodyHashingMethod to SHA256.
    • The server will accept SHA-256 hashes too.

The next major releases will support SHA-256 only.

What's Changed

Full Changelog: 3.3.0-hmac...3.4.0-hmac

Contributors

meinsiedler
Assets 2
Loading

3.3.0 HMAC

28 Mar 09:10
@meinsiedler meinsiedler
3.3.0-hmac
8ff6fdc
Compare
Choose a tag to compare
3.3.0 HMAC

What's Changed

New Contributors

Full Changelog: 3.1.0...3.3.0-hmac

Contributors

rschacherl and funcmike
Assets 2
Loading

3.2.0 HMAC

02 Nov 12:17
@meinsiedler meinsiedler
3.2.0-hmac
fbacdc4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
3.2.0 HMAC

Add IHmacAuthorizationProvider interface to allow custom implementations for getting HMAC apps. (#6)

Assets 2
Loading

3.1.0

18 Dec 17:14
@meinsiedler meinsiedler
3.1.0
1f5b039
Compare
Choose a tag to compare
3.1.0

New Features

  • This release adds support for netstandard2.0 for the projects softaware.Authentication.Basic.AspNetCore and softaware.Authentication.Basic.AspNetCore and removes the depdendency to netcoreapp3.1.
  • On successful authentication, the ClaimsIdentity now contains a claim of type NameIdentitifier. For basic authentication, this is the username, for HMAC authentication, this is the AppId.
Assets 8
Loading

3.0.0

09 Dec 10:26
@meinsiedler meinsiedler
3.0.0
37245df
Compare
Choose a tag to compare
3.0.0

This release adds support for .NET Core 3.1 and drops the support for .NET 4.6.2 for the ASP.NET Core packages softaware.Authentication.Hmac.AspNetCore and softaware.Authentication.Basic.AspNetCore.

If you want to support .NET Core 2.2 or .NET 4.6.2 use the previous version of this package.

Assets 8
Loading

1.1.0

13 Dec 15:02
@meinsiedler meinsiedler
1.1.0
dd83d0c
Compare
Choose a tag to compare
1.1.0
  • This release adds support for Source Link.
  • The dependencies and tests are fixed for .NET 4.6.1 target
Assets 8
Loading

1.0.1

24 Sep 07:19
@meinsiedler meinsiedler
1.0.1
fa256b1
Compare
Choose a tag to compare
1.0.1

Updated NuGet package metadata

Assets 5
Loading