bf6b738ba4
Build: Increment version to v3.0.1.
2014-08-20 08:23:24 -07:00
b85af2f1cf
Update version to RTW. Update IdentityModel dependencies.
2014-08-19 13:39:18 -07:00
a49b7309a8
IdentityModel update: RC3-10814-1517
2014-08-14 15:58:41 -07:00
af7485fe44
HttpListener: #332 - Check the Sec-WebSocket-Version header.
2014-08-07 12:32:28 -07:00
416bf7d961
Security: #329 - Update JSON.Net dependency to 6.0.4.
2014-08-04 09:39:23 -07:00
551ff39007
Sandbox: Seperate out 'deny-anonymous' middleware.
2014-08-04 09:30:23 -07:00
50262e66e1
HttpListener: #328 - Make sure headers can be retrieved un-modified.
2014-08-04 09:30:20 -07:00
2e73b7d5da
IdentityModel update: RC3-10804-0633
2014-08-04 07:16:00 -07:00
70f1c13ef1
Added Subject Key Identifier for new SSL intermediary
...
The SSL certificate for api.twitter.com is currenly signed by Symantec Class 3 Secure Server CA - G4
whose Subject Key Identifier is: 5f 60 cf 61 90 55 df 84 43 14 8a 60 2a b2 f5 7a f4 43 18 ef
so add that to the hard-coded list in source.
2014-07-30 11:39:13 -07:00
386bcacf04
Diagnostics: Remove WelcomePage's embedded font.
2014-07-25 16:17:33 -07:00
c8ab7c5072
Security: #285 - Logging and flow cleanup.
2014-07-25 10:59:04 -07:00
a96ecbaf36
Diagnostics: #321 - Remove JQuery.
2014-07-22 13:54:03 -07:00
60f815e13c
Corrected typos in xml doc comments for OAuthAuthorizationServerProvider
2014-07-22 10:17:30 -07:00
e3dfbad89d
Build update IdentityModel dependencies to RC3-10721-1521 nightlies
2014-07-22 09:54:12 -07:00
91f5b9a4b3
WsFed: Code cleanup.
2014-07-17 11:52:27 -07:00
c703963892
OpenIdConnect: Cleanup authenticate flow.
2014-07-16 11:37:03 -07:00
9bf425b5a0
Clean up project files.
2014-07-15 14:21:57 -07:00
524b0b15b6
Build: Update tools version from 4.0 to 12.0.
2014-07-15 13:54:35 -07:00
8c49637df3
CodeAnalysis cleanup.
2014-07-15 10:44:03 -07:00
85eea4faba
OpenIdConnect: #313 - Remove unsupported ResponseMode option.
2014-07-15 10:43:43 -07:00
a3878c697a
Make CookieAuthenticationMiddleware public.
2014-07-15 10:36:17 -07:00
833fac59e2
Security: #305 - Add RefreshOnIssuerKeyNotFound option, enabled by default.
2014-07-15 10:25:23 -07:00
693edfa8a4
Security: #283 - Allow cookie RedirectUri to be overriden from challenge properties.
2014-07-14 16:02:25 -07:00
9225eeb98c
Servers: #297 - Support new owin.RequestId key.
2014-07-14 14:24:54 -07:00
1e21af1c16
Fix for Issue 304
...
Null ref in OIDC when 'cookie nonce' is not found.
https://katanaproject.codeplex.com/workitem/304
2014-07-14 14:17:46 -07:00
26ed214cae
Build: Increment version to rc3.
2014-07-11 10:07:41 -07:00
516b30e89d
Build: Update IdentityModel dependencies to RC2.
2014-07-10 09:59:10 -07:00
1a82cd734d
Increment build number to v3.0.0-RC2.
2014-07-02 13:36:12 -07:00
7c985219e6
Cookies: Suppress CodeAnalysis issue for build.
2014-07-02 10:22:30 -07:00
0295fb90c1
Update dependencies to RC1.
2014-07-01 18:09:34 -07:00
cd84146461
Update dependencies.
2014-07-01 12:11:54 -07:00
b3e1586dbc
Secure nonce.
2014-06-30 23:17:47 -07:00
a88d6473b2
Build: Update version to rc1.
2014-06-19 10:27:00 -07:00
8877d2d166
Security: Prevent JwtFormat.TokenHandler from being null.
2014-06-17 16:32:17 -07:00
ba21a668b8
Fix WsFed sign-out URL. Fix JwtFormat TokenHandler.
2014-06-17 15:02:00 -07:00
0fd5be9541
Security: #229 - Rework redirect notifications (again).
2014-06-17 12:18:02 -07:00
c43af29f54
shade file fix
2014-06-17 11:30:04 -07:00
e5acb4afd4
update IdentityModel nugets.
...
Add OpenIdConnectSessionProperties to AuthenticationProperties.
2014-06-17 11:03:44 -07:00
26db71c79f
missing else.
2014-06-16 21:12:22 -07:00
59889201ec
only write if bc != null
2014-06-16 20:53:23 -07:00
87f2be297e
serialize bootstrapcontext
2014-06-16 20:16:00 -07:00
dde95335d6
Updated tests to new IM package.
2014-06-16 14:14:18 -07:00
649907ada4
Updated package for IM
2014-06-16 13:57:11 -07:00
a52d817675
Support for controlling OIDC validation parameters.
2014-06-16 13:47:46 -07:00
e9c272fa8d
ErrorPage.css now uses cursor: pointer on tabs
2014-06-16 10:06:33 -07:00
5a03011302
Fixed http-only jquery reference in error view
...
Changes the jquery script reference in ErrorView.cshtml to use
"//ajax.asp..." rather than "http://ajax.asp ...".
This allows the error page to also be used on https endpoints without
attempting to load unsecure content on a secure connection.
2014-06-16 10:06:31 -07:00
2c42288b2d
Updated for new IdentityModel nugets. Moved OpenIdConnectProtocolValidation to IdentityModel.
...
Conflicts:
src/Microsoft.Owin.Security.OpenIdConnect/OpenidConnectAuthenticationHandler.cs
2014-06-16 09:48:31 -07:00
617da19238
Update IdentityModel dependencies.
2014-06-10 14:02:02 -07:00
3f50c4c0d3
Extend OAuthAuthorizeEndpointContext
2014-06-07 16:08:42 +02:00
a0c7557f1f
Security: Update IdentityModel dependencies.
2014-06-06 14:24:51 -07:00
Chris Ross
Brent Schmaltz
Marc Brooks
jamesholwell
Benjamin Fox
Pinpoint