Earlier today, a patch release for the OpenID Connect server middleware (aka ASOS) was pushed to NuGet.org.
Here's the changelog:
- The
MatchEndpointContext.Optionsproperty that had been accidentally removed in 1.0.0 has been reintroduced in 1.0.1 (f17d9a4). - An exception is now automatically thrown at startup when registering a signing certificate that is no longer or not yet valid (583be00).
- Internal code relying on
JwtSecurityTokenHandler.CreateToken()/WriteToken()has been updated to useJwtSecurityTokenHandler.CreateEncodedJwt()to ensure JWT tokens are not signed twice (a499f11).
To migrate to the 1.0.1 packages, update your project.json/.csproj project file(s) manually or run the following command in the Package Manager Console:
ASP.NET Core 1.x version
1 | Update-Package AspNet.Security.OpenIdConnect.Server -Version 1.0.1 |
OWIN/Katana 3.x version
1 | Update-Package Owin.Security.OpenIdConnect.Server -Version 1.0.1 |