1.6.3

Release Notes

Version 1.6.3

• Add refresh_on field to access tokens (#964)
• Improve logging for SSO extension and broker scenarios (#963)
• Enhanced logging in MSIDAccountCredentialCache. (#955)
• fix AT Pop sign request logic
• Throttling feature (#945)

Changes:

• #966: Release 1.6.3
• #956: Remove input param to make the method reusable in CPP, added tests
• #960: Throttling merge to dev
• #968: Update release branch
• #965: Modify init method for keychain token cache so that developers can se…
• #967: Address commits from previous PR

This list of changes was auto generated.

1.6.2

Release Notes

Version 1.6.2

• Mask EUII in logs (#944)
• Added Thumbprint calculator and associated protocol for throttling (#943)

Changes:

• #948: Merge Release/1.6.2 back to Master
• #947: Update change log
• #944: Mask EUII logs
• #942: Revert the cache look up logic if AT is still valid, will return FRT …
• #943: thumbprint calculators
• #941: Merge release 1.6.1 back into dev
• #939: Aherciya/device bound prt fix
• #926: Fix a race condition which could cause a test failure on a slow CI machine
• #931: LRU Cache - Last unit Test Fix

This list of changes was auto generated.

1.6.1

Release Notes

Version 1.6.1

• Extend iOS background tasks to silent and interactive requests (#923)
• Added thread-safe generic MSIDLRUCache (#922)
• Fix possible deadlock caused by thread explosion (#911)
• Revert FRT and ART lookup orders (#884)

Changes:

• #925: [WIP] 1.6.1 release
• #937: fixed a minor bug in MSIDLRUCache last unit test
• #923: Extend backgroud tasks for silent and interactive request
• #922: Generic Thread-safe MSIDLRUCache
• #913: Hieund/at pop automation test
• #916: Hieund/at pop ssoext fix
• #911: Fix Possible Deadlock caused by Thread Explosion
• #901: Removing MSID_BROKER_IS_PERFORMING_CBA
• #910: Merge 1.6.0 release back into dev
• #884: Revert the look up and service call when trying with ART and FRT in s…

See More

• #899: Aherciya/broker cba fix

This list of changes was auto generated.

1.6.0

• Avoid sending RT to wrong cloud (#892)
• Added logic to handle links that should open in new window in embedded webView.
• Fix code in kDF function. Add test cases
• Enabled various warnings (which we were mostly compliant with) (#814)
• Added client-side fix for the known ADFS PKeyAuth issue. (#890)

1.5.9

• Fix for filtering access tokens by claims
• Revert PkeyAuth user-agent change
• Use Xcode 12 for CI checks

1.5.8

• Return private key attributes on key pair generation.
• Update RSA signing code and add conditional check for supported iOS/osx platforms.
• Enabled PKeyAuth via UserAgent String on MacOS
• Added an API for both iOS and MacOS for returning a WKWebView config setting with default recommended settings for developers.
• Add missing functionality to MSIDAssymetricKeyPair to match Djinni Interface
• Update changelogs.txt pipeline check

1.5.7

New Features:

• Add requested_claims to access tokens in cache for MSAL CPP (#840)

1.5.6

New features:

• Support forgetting cached account (#830)
• Indicate whether SSO extension account is available for device wide SSO (#825)

Bug fixes:

• Ignore duplicate certificate authentication challenge in system webview.
• Limit telemetry archive size on disk, and save unserialized telemetry (#837)
• Normalize home account id in cache lookups #839
• Append 'PkeyAuth/1.0' keyword to the User Agent String to reliably advertise PkeyAuth capability to ADFS

Engineering changes:

• Enabling XCODE 11.4 recommended settings by default per customer request.
• Move correlationId to MSIDBaseBrokerOperationRequest
• Support bypassing redirectUri validation also on macOS
• Add swift static lib target to support AES GCM.
• Add a flag to disable logger queue.
• Fix un-reliable test case using swizzle

1.5.5

New features:

• Save last request telemetry to disk (#768)
• Save PRT expiry interval in cache to calculate PRT refresh interval more reliably (#804)
• Mark RSA public key as extractable (#813)

Fixes:

• Fix unused parameter errors for macOS target. (#816)
• Cleanup noisy SSO extension logs (#812)
• Fix a test bug where the MacKeychainTokenCache could fail to initialize (#799)
• Include redirect uri in body when redeeming refresh token at token endpoint (#815)

Engineering changes:

• Refactor crypto code for cpp integration and add api to generate ephemeral asymmetric key pair (#803)
• Add operation factory for broker installation integration with other framework (#779)
• Add logger connector which allows to override logger behaviour. (#796)
• Move openBroswerResponse handling into its operation for CPP integration (#817)
• Move broker redirectUri validation logic into common core from MSAL (#807)
• Fix an incorrectly-cased filename (#808)
• Cleanup main product targets from test files (#811)

1.5.4

• Support for proof of posession for access tokens (#738)
• Allow brokered authentication for /consumers authority (#774)
• Account metadata cleanup on account removal (#791)
• Fix an issue with guest accounts when UPN mismatches across tenants (#797)