Skip to content

6.0.0-preview4

Pre-release
Pre-release
Compare
Choose a tag to compare
@kevinchalet kevinchalet released this 13 Nov 10:28

This release introduces the following changes:

  • OpenIddict 6.0 preview 4 was updated to reference the .NET 9.0 RTM packages on .NET 9.0.

  • The ASP.NET Core and OWIN integrations now include the authentication properties attached to ProcessAuthenticationContext.Properties in errored authentication results, which can be used with the client stack to retrieve custom and non-custom properties attached to the state token when using the "error pass-through mode".

Important

As part of this change, the OWIN hosts now return an AuthenticateResult instance containing an empty ClaimsIdentity with its IsAuthenticated property set to false (instead of a null identity) to represent errored authentication demands.

If you're using the error pass-through mode and are calling await AuthenticateAsync(OpenIddict*OwinDefaults.AuthenticationType), consider updating your if checks to ensure unauthenticated identities are correctly identified.

For instance, with the client stack:

var result = await context.Authentication.AuthenticateAsync(OpenIddictClientOwinDefaults.AuthenticationType);
if (result is { Identity.IsAuthenticated: true })
{
    // The authentication result represents an authenticated user.
}
  • Introspection and revocation requests started via OpenIddictClientService.IntrospectTokenAsync() and OpenIddictClientService.RevokeTokenAsync() are now eagerly aborted if the token to introspect or revoke is missing.