TokenValidationParameters.ValidIssuers property is ignored in WindowsAzureActiveDirectoryBearerAuthenticationOptions

WindowsAzureActiveDirectoryBearerAuthenticationOptions has a TokenValidationParameters property where one can specify Audience, ValidIssuer, ValidIssuers etc. There are a couple of issues here : ...

Id #251 | Release: None | Updated: Thu at 7:27 PM by srii | Created: Thu at 7:27 PM by srii

WindowsAzureActiveDirectoryBearerAuthentication middleware doesn't work with AAD PPE.

WindowsAzureActiveDirectoryBearerAuthentication middleware just takes in the tenant in the options and constructs the federation metadata document as "https://login.windows.net/{0}/Federationmetada...

Id #250 | Release: None | Updated: Thu at 7:16 PM by srii | Created: Thu at 7:16 PM by srii

AppBuilder.Use method doesn't allow delegate version (2 or more args).

If you look at the Use method definition of IAppBuilder interface, It says following. //----- Quote from IAppBuilder.cs on GitHub If the middleware given to Use is a Delegate, then it will be in...

Id #249 | Release: 3.0.0 | Updated: Thu at 5:36 PM by Tratcher | Created: Wed at 4:40 PM by xin9le

AdditionalResponseParameters for AuthorizeEndpoint in OAuthAuthorizationServerMiddleware

The OAuthAuthorizationServerMiddleware should give us the possibility, to define some additional response-parameter that are sent together with the auth-code to the client, so that one can implemen...

Id #248 | Release: None | Updated: Apr 14 at 8:10 PM by Manfred_Steyer | Created: Apr 14 at 8:10 PM by Manfred_Steyer

Support Authorization Code Flow and more response_modes in OpenIdConnectAuthenticationMiddleware

Support Authorization Code Flow and the traditional response_modes in OpenIdConnectAuthenticationMiddleware, so that interoperability is increased. Comment: The current preview of OpenIdConnectAu...

Id #247 | Release: None | Updated: Tue at 12:59 PM by willdean | Created: Apr 14 at 8:00 PM by Manfred_Steyer

Unit tests for OpenIdConnectAuthentication middleware are missing from CodePlex

The unit tests for the OpenIdConnectAuthentication middleware have not been added to Codeplex.

Id #246 | Release: None | Updated: Apr 8 at 10:47 PM by willdean | Created: Apr 8 at 10:47 PM by willdean

WsFed and OIDC can call SignIn with a null identity

When OIDC reads a POST that does not belong to it, it may manage to create a AuthTicket with no identity and then call SignIn. This causes the CookieMiddleware to null ref later. WsFed may have th...

Id #245 | Release: 3.0.0 | Updated: Apr 10 at 6:45 PM by Tratcher | Created: Apr 8 at 7:18 PM by Tratcher

WsFederation middleware LoginProvider name populated with a url

Web app templates in VS 2013 tries to derive the LoginProvider out of the Issuer property value of ClaimTypes.NameIdentifier claim from the ClaimsIdentity. The value of this property looks somethin...

Id #244 | Release: 3.0.0 | Updated: Apr 7 at 7:37 PM by Tratcher | Created: Apr 4 at 6:05 PM by praburaj

[Discussion]: Wreply absolute URI will be troublesome on deploying to different environments

Wreply is an absolute URL. This is a pain when the user wants to deploy the app to different environments. For example: If I set the Wreply to http://localhost:5000/signin-wsfed while doing local t...

Id #243 | Release: 3.0.0 | Updated: Apr 4 at 9:49 PM by howarddierking | Created: Apr 4 at 5:32 PM by praburaj

Remove underscores from the WsFed and OIDC middleware options.

The WsFed and OIDC middleware options classes are very faithful to the spec for parameter names, right down to the underscores. However, .NET design guidelines highly discourage the use of undersc...

Id #240 | Release: 3.0.0 | Updated: Apr 4 at 9:58 PM by howarddierking | Created: Apr 2 at 11:11 PM by Tratcher