Release 5.7.0 · openiddict/openiddict-core

This release introduces the following changes:

To increase interoperability and support advanced scenarios, the OpenIddict server now allows using OAuth 2.0 Proof Key for Code Exchange with response_type combinations containing token when response type permissions are not disabled and the appropriate response type permissions are granted to the client application. See #2088 for more information about this change.
The embedded web server that is part of the OpenIddict client system integration package now natively supports POST callbacks, allowing to use the implicit and hybrid flows - that require response_mode=form_post - in desktop applications.
response_mode=fragment is now fully supported by the system integration package when using protocol activations or the UWP web authentication broker.
The OpenIddict client and its ASP.NET Core/OWIN integrations now support setting a specific code_challenge_method/grant_type/response_mode/response_type for each challenge operation:

// Ask OpenIddict to initiate the authentication flow (typically, by starting the system browser).
var result = await _service.ChallengeInteractivelyAsync(new()
{
    // Note: both the grant type and the response type MUST be set when using a specific flow:
    GrantType = GrantTypes.AuthorizationCode,
    ResponseType = ResponseTypes.Code + ' ' + ResponseTypes.IdToken
});

var properties = new AuthenticationProperties(new Dictionary<string, string>
{
    // Note: both the grant type and the response type MUST be set when using a specific flow:
    [OpenIddictClientAspNetCoreConstants.Properties.GrantType] = GrantTypes.AuthorizationCode,
    [OpenIddictClientAspNetCoreConstants.Properties.ResponseType] = ResponseTypes.Code + ' ' + ResponseTypes.IdToken
})
{
    RedirectUri = Url.IsLocalUrl(returnUrl) ? returnUrl : "/"
};

return Challenge(properties, OpenIddictClientAspNetCoreDefaults.AuthenticationScheme);

The following providers are now supported by the OpenIddict.Client.WebIntegration package:
- Gitee (thanks @gehongyan! ❤️)
- Huawei (thanks @gehongyan! ❤️)
- KOOK (thanks @gehongyan! ❤️)
- Lark/Feishu (thanks @gehongyan! ❤️)
- Weibo (thanks @gehongyan! ❤️)
Behavior change: for boolean values, OpenIddictParameter.ToString() and the string?/string?[]? conversion operators now return true and false instead of True and False.
The OpenIddict client was updated to detect incorrect uses of its system integration package in non-desktop applications and return proper errors.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

5.7.0

Contributors