-
Notifications
You must be signed in to change notification settings - Fork 148
/
changelog.txt
338 lines (281 loc) · 10.6 KB
/
changelog.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
Version 1.18.0
=============
- Fix WWW-Authenticate formatting in MI scenarios (#885)
- Fix tenant override not being used in OBO and credential flows (#886)
- Bump jackson-databind dependency (#887)
Version 1.17.3
=============
- Correctly set buffer for expired tokens (#875)
- Bump commons-io dependency from 2.7 to 2.14.0 (#871)
Version 1.17.2
=============
- Make ManagedIdentityApplication.getManagedIdentitySource static (#864)
Version 1.17.1
=============
- Fix 'refresh on' value calculation in Managed Identity flows (#858)
- Bump nimbusds-oauth2-oidc-sdk version (#859)
Version 1.17.0
=============
- Add object ID option for Managed Identity (#854)
- Add support for custom authorities (#851)
- Fix bug where claims did not cause cache to be skipped (#811)
Version 1.16.2
=============
- Use SHA256 thumbprints in non-ADFS cert flows (#840)
- Reduce logging level of cache miss messages (#844)
- Make ManagedIdentitySourceType enum public (#845)
Version 1.16.1
=============
- Add missing refreshOn metadata (#838)
Version 1.16.0
=============
- Fix breaking API changes introduced in v1.15.0 (#828)
- Expose refreshOn parameter in AuthenticationResultMetadata (#829)
Version 1.15.1
=============
- Fix to correctly use custom SSLSocketFactory (#821)
- Add public API to determine the Managed Identity environment (#823)
Version 1.15.0
=============
- GA support for Azure managed identity scenarios
- Support managed identities in Azure Functions, App Service, IMDS (#661)
- Support MI in Cloud Shell (#713)
- Support MI in Service Fabric (#729)
- Support MI in Azure Arc (#730)
- Adjust loopback address binding in interactive flow (#797)
Version 1.14.3
=============
- Hotfix to update oauth2-oidc-sdk dependency (#781)
Version 1.14.2
=============
- Correct IMDS endpoint used for region discovery (#762)
- Improve performance of instance/region discovery (#763)
Version 1.14.1
=============
- Remove key size requirements for certificates (#749)
- Improve timeout behavior for futures (#756)
- Reduce verbosity of certain info logs (#756)
Version 1.14.4-beta
=============
- Beta support for MSI in Azure Arc (#730)
- Beta support for MSI in Service Fabric (#729)
- Fix Cloud Shell parsing issue (#750)
Version 1.14.0
=============
- GA release of MSAL Java Brokers package
- Add support for acquiring bearer and proof-of-possession tokens using WAM as the broker (#590)
- Default throttling time for password grant requests lowered to 5 seconds (#721)
- Fix internal docs generation issue (#705)
Version 1.14.2-beta
=============
- Add support for Managed Identity (#712)
Version 1.14.1-beta
=============
- Add proof-of-possession token support
- Add MSALRuntime logging support
Version 1.14.0-beta
=============
- Add IBroker interface
- Add app-level parameter for enabling the use of auth brokers
Version 1.13.10
=============
- Remove default HTTP timeout (#664)
- Add equals/hash logic to Account class based on homeAccountID (#681)
- Fix issue with command to open default browser on Linux (#683)
- Handle null pointer exception in certain ADFS scenarios (#669)
Version 1.13.9
=============
- Update automated tests to use JUnit 5/Mockito instead of TestNG/Powermock
- Fix issue with interactive flow on macOS/Linux/Unix systems
Version 1.13.8
=============
- Added support for CIAM authority
- Added refresh_in logic for managed identity flow
- Better exception handling in interactive flow
- Updated vulnerable dependency versions
Version 1.13.7
=============
- Update json-smart library version to a secured one.
Version 1.13.6
=============
- Added ExtraQueryParameters API.
- added tests for a CIAM user.
- updated condition to throw exception only for an invalid authority while performing instance discovery.
Version 1.13.5
=============
- fixed url for admin consent.
- added 2s timeout to IMDS endpoint call.
- fixed url for regional endpoint calls.
- added support for current and legacy B2c authority formats.
Version 1.13.4
=============
- regional endpoint updates
- fixed manifest
- Expose instance discovery flag to perform instance discovery.
Version 1.13.3
=============
- Update jackson-databind version to be in compatible with Azure-SDKs
Version 1.13.2
=============
- Add IBroker interface
- Update AppTokenProvider callback logging to be consistent with Azure SDK logging
- Restructure library and add broker module
- Update version of vulnerable libraries
- Update README for broken links
Version 1.13.1
=============
- Bug fixes and improvements for region API
- Allow configuration of timeouts for interactive requests
- Additional and more informative logging for regional scenarios and token requests in general
Version 1.13.0
=============
- Provide token caching functionality for managed identity tokens
- Updates for obo-for-service-principal scenarios
- version updates for nimbusds-oauth2 library
Version 1.12.0
=============
- Updates several dependencies to avoid security vulnerabilities
- Improves serialization of ID tokens and authentication results
- Various bug fixes related to authority paths, regional endpoints, and unclear logs
Version 1.11.3
=============
- Allow client assertions as callbacks and as per-request parameters
- Adjust scope for azure-security-keyvault-secrets dependency
Version 1.11.2
=============
- Updated oauth2-oidc-sdk version to address security vulnerability
- Fixed a bug where acquire token using client assertion failed
Version 1.11.1
=============
- Updated Azure Key Vault dependencies to fix error in transitive dependency
- Fixed issue where client assertion validation fails due to mismatched subject and issuer
Version 1.11.0
=============
- Adds ability to override authority in AcquireToken calls
- Fixes issue where authority port was being dropped from URLs
Version 1.10.1
=============
- Improved behavior when using regional authorities
- Fix scope override issue in OBO flow
- Update server-side telemetry
- Adjusted logging levels to reduce noise
- Improved HTTP error handling and messaging
- Upgrade oauth2-oidc-sdk dependency 9.4 -> 9.7
- Upgrade httpclient dependency 4.5.9 -> 4.5.13
Version 1.10.0
=============
- Instance aware support for interactive requests
- Default cache lookup for on-behalf-of and client credential flows
- Cross cloud accounts support
- Using default security provider for client certificate creation
- Upgrades the commons-io dependency 2.6 -> 2.7
- Upgrades the oauth2-oidc-sdk dependency 8.23.1 -> 9.4
- Upgrades the guava dependency 26.0 -> 29.0
Version 1.9.1
=============
- Update com.fasterxml.jackson.core.jackson-databind to 2.12.1
Version 1.9.0
=============
- Add support for Azure region discovery to keep token traffic regional when possible
- New helper methods in ClaimsRequest class to convert Strings of claims to ClaimsRequest objects
- Upgrade nimbusds.oauth2-oidc-sdk dependency to better support newer Spring Framework versions
Version 1.8.1
=============
- New ClaimsRequest class to allow ID token claims to be requested as part of any token request
- Remove use of nimbusds.oauth2.sdk CommonContentTypes
Version 1.8.0
=============
- ITenantProfile added to IAuthenticationResult for easier access to ID token claims
- IAccount is now serializable
- Support for refresh_in field in token response
- New utility class, AzureCloudEndpoint, for national cloud endpoint URLs
Version 1.7.1
=============
- sendX5c API added to IConfidentialClientApplication to specify if the x5c claim
(public key of the certificate) should be sent to the STS.
Default value is true.
Version 1.7.0
=============
- Tenant profiles added to IAccount
- Support of certificate chain
- Api to set connect and read timeouts for default http client
Version 1.6.2
=============
- Fix for "NullPointerException during accessing B2C authority aliases"
- Adding extraScopesToConsent parameter to AuthorizationRequestUrlParameters builder.
Can be used to request the end user to consent upfront,
in addition to scopes which the application is requesting access to.
Version 1.6.1
=============
- Compatibility with json-smart [1.3.1 - 2.3]
Version 1.6.0
=============
- Client capabilities support
- Enable device code flow for ADFS2019
- Fix dependency issues with jackson 2.6.7 and json-smart 1.3.1
Version 1.5.0
=============
- Support of server side throttling instructions
- Rebuild client assertion when expired
- Update nimbus SDK version from 6.5 to 7.4
- Validation of Authority path segments
Version 1.4.0
=============
- Added acquire token interactive API, using system default browser
- Added authorization code url builder
- Added OSGi support via bnd-maven-plugin
- Added server-side telemetry support
Version 1.3.0
=============
- Added option to pass in AAD instance discovery data
- Removed runtime dependency on commons-codec.commons-codec, org.apache.commons.commons-text, org.apache.httpcomponents.httpclient, com.google.code.gson
- Added runtime dependency on com.fasterxml.jackson.databind
Version 1.2.0
=============
- Added support for ADFS 2019
- Added option to add application name and version for telemetry
- Bug fix: support for ClientCredential on Windows for JDK12+ #128
Version 1.1.0
=============
- Added support for configuring HTTP client
Version 1.0.0
=============
- API surface is now stable and production ready. No breaking changes will be introduced without incrementing MAJOR version
- No changes from 0.7.0-preview
Version 0.7.0-preview
=============
- Added support for ClientAssertions in ClientCredentialFactory
- Renamed AsymmetricKeyCredential to ClientCertificate
- Made Account, IClientApplicationBase, TelemetryConsumer ClientSecret, ClientCertificate, ClientAssertion package-private
- Added IClientSecret, IClientCertificate, IClientAssertion
Version 0.6.0-preview
=============
- Updated TokenCache to be thread safe
- Removed build warnings
- Added web app, B2C, and OBO samples
- Updated to use delomboked sources
Version 0.5.0-preview
=============
- Refactored AuthenticationException to MsalServiceException, MsalClientException, MsalInteractionRequiredException
- Added cache lookup to acquireToken by client credentials grant
- Updated Javadoc reference
- Updated license headers
Version 0.4.0-preview
=============
- Exposed acquire token by refresh token api
Version 0.3.0-preview
=============
- Added support for FOCI
- Updated public API to return interfaces
- Updated cache to be compatible with MSAL Python and MSAL.NET caches
Version 0.2.0-preview
=============
- Added support for B2C
Version 0.1.0-preview
=============
Public preview of Microsoft Authentication Library for Java
- Feature parity with ADAL Java
- Updated public API to use builder pattern
- Added telemetry callback
- Added support for caching tokens
- Added acquire token with silent parameters API