3.0.5-preview

3.0.5-preview

Bug Fixes:

• Exception: Failure to parse missing json on first login [MSAL issue #1052](https://github.com/AzureAD/microsoft-authentication-
  library-for-dotnet/issues/1052)
• B2C ROPC support MSAL issue #926
• FOCI is hiding the true cause of refresh token failures MSAL issue #1067

3.0.4-preview

Bug Fixes:

• AcquireTokenInteractive parent param is not intuitive MSAL issue #918

Breaking Changes in 3.0.4-preview

• AcquireTokenInteractive now takes a single parameter - the scopes. A new builder method WithParentActivityOrWindow was introduced for passing in a reference to the UI object that spawns the UI (Activity, Window etc.).

MSAL.NET Version 3.0.3-preview

3.0.3-preview

New Features:

• MSAL now supports custom B2C domains. MSAL issue #1025
• MSAL now initializes an HttpClient with NSUrlSessionHnadler() for iOS 7+. MSAL issue #1019

Breaking Changes in 3.0.3-preview

• The ClientCredential class is obsolete. There is no longer a need for the ClientCredential class to be public. This class has been marked as obsolete. MSAL issue #1007
• The ApiConfig and AppConfig namespaces have been changed to the Microsoft.Identity.Client namespace for discoverability. This provides a better user experience when updating from MSALv2 to MSALv3.0.3x. MSAL issue #1006]
• Deprecate UIParent and move static classes to a more appropriate class (eg IsSystemWebviewAvailable()). MSAL issue #1005
• Move all error codes to MSAL.Error. MSAL issue #1004
• Deprecate the MSALv2 api. Move v2 api methods/properties to the migration aid and remove functionality. MSAL issue #1001
• The Component property is obsolete. MSAL now transmits client app name and version to authorization and token requests. MSAL issue #978

Bug Fixes:

• Interactive login from multiple clouds was failing due to instance discovery, as was GetAccounts. This is now fixed. MSAL issue 1048 and 1030
• MSAL was calling DefaultRequestHeaders which is not thread safe and could result in AcquireTokenSilent being called from multiple places at the same time. MSAL issue #1014
• SourceLink is available again MSAL issue #953

MSAL.NET Version 3.0.2-preview

3.0.2-preview

bug fixes:
UI can hang due to not having proper SynchronizationContext for UI interaction

MSAL.NET Version 3.0.1-preview

3.0.1-preview

New Features:

• Device Code supports both verification_url and verification_uri
• MsalError contains all the error messages
• MsalException and its derived exception can now be serialized to JSON and deserialized
• MSAL.NET for .NET Core moved to .NET Core 2.1.
• At both the app creation and the token acquisition, you can now pass extra query parameters as a string (in addition to a Dictionary<string,string> introduced in MSAL 3.0.0
• MSAL.NET symbols are now published to enable SourceLink support

Breaking Changes in 3.0.1-preview

• AcquireTokenSilent has two overrides that require you to pass-in the account or the loginHint
• SubError property removed from MsalServiceException
• merge removed from ITokenCache's DeserializeXX methods
• WithClaims removed from app creation. it is now available on the AcquireToken methods
• ICustomWebUi.AcquireAuthorizationCodeAsync now takes a cancellation Token

bug fixes:

• When the client id entered is invalid, the error messages can be better
• PublicClientApplicationBuilder.CreateWithApplicationOptions does not respect the audience
• ASWebAuthenticationSession is skipped due to AppCenter build flags

MSAL.NET Version 3.0.0-preview

• For more info on the release, along with code samples, checkout https://aka.ms/msal-net-3x

Breaking changes in MSAL.NET 3:

• UIBehavior was renamed to Prompt (breaking change)
• TokenCacheNotificationArgs now surfaces an ITokenCache instead of a TokenCache. This will allow MSAL.NET to provide, in the future, various token cache implementations.
• TokenCacheExtensions was removed and its methods moved to ITokenCache (this is a binary breaking change, but not a source level breaking change)
• The Serialize and Deserialize methods on TokenCacheExtention (which were serializing/deserializing the cache to the MSAL v2 format) were moved to ITokenCache and renamed SerializeMsaV2 and `DeserializeV2

Changes related to improving app Creation and configuration MSAL issue

• New class ApplicationOptions helps you build an application, for instance, from a configuration file
• New interface IMsalHttpClientFactory to pass-in the HttpClient to use by MSAL.NET to communicate with the endpoints of Microsoft identity platform for developers.
• New classes PublicClientApplicationBuilder and ConfidentialClientApplicationBuilder propose a fluent API to instantiate respectively classes implementing IPublicClientApplication and IConfidentialClientApplication including from configuration files, setting the targetted cloud and audience, but also setting per application logging and telemetry, and setting the HttpClient.
• New delegates TelemetryCallback and TokenCacheCallback can be set at application construction
• New enumerations AadAuthorityAudience and AzureCloudInstance help you writing applications for sovereign and national clouds, and help you choose the audience for your application.

Changes related to improving token acquisition, addressing issues 810, 635, 426, 799 :

• ClientApplicationBase now implements IClientApplicationBase and has new members:
  • AppConfig of new type IAppConfig contains the configuration of the application
  • UserTokenCache of new type ITokenCache contains the user token cache (for both public and confidential client applications for all flows, but AcquireTokenForClient)
    • New fluent API AcquireTokenSilent
• PublicClientApplication and IPublicClientApplication have four new fluent APIs: AcquireTokenByIntegratedWindowsAuth, AcquireTokenByUsernamePassword, AcquireTokenInteractive, AcquireTokenWithDeviceCode.
• ConfidentialClientApplication has new members:
  • AppTokenCache used by AcquireTokenForClient
  • Five new fluent APIs: AcquireTokenByAuthorizationCode, AcquireTokenForClient, AcquireTokenOnBehalfOf, GetAuthorizationRequestUrl, IByRefreshToken.AcquireTokenByRefreshToken
• New extensibility mechanism to enable public client applications to provide, in a secure way, their own browsing experience to let the user interact with the Microsoft identity platform endpoint (advanced). For this, applications need to implement the ICustomWebUi interface and throw MsalCustomWebUiFailedException exceptions in case of failure. This can be useful in the case of platforms which don't have yet a Web browser. For instance, the Visual Studio Feedback tool is an Electron application which uses this mechanism. MSAL issue
• MsalServiceException now surfaces two new properties:
  • CorrelationId which can be useful when you interact with Microsoft support.
  • SubError which indicates more details about why the error happened, including hints on how to communicate with the end user. MSAL issue

Changes related to the token cache:

• New interface ITokenCache contains primitives to serialize and deserialize the token cache and set the delegates to react to cache changes
• New methods SerializeMsalV3 and DeserializeMsalV3 on ITokenCache serialize/deserialize the token cache to a new layout format compatible with other MSAL libraries on Windows/Linux/MacOS.

A few bug fixes:

• Update Xamarin dependencies
• Send client headers to the user realm endpoint

MSAL.NET Version 2.7.1

2.7.1

• MSAL now handles B2C domains from sovereign clouds, including US Government, Blackforest, and Mooncake. B2C domains with *.b2clogin.us, *.b2clogin.cn, and *.b2clogin.de are now included in the MSAL allowed domain list for B2C authorities. MSAL issue
• Improved error message handling to detect issues faster and not hit null reference exceptions. Sometimes, for example, when the instance discovery endpoint is not found, the Oauth2Client in MSAL would hit a null reference exception. MSAL now detects such issues faster and returns a more meaningful error message (e.g. the http response code).

MSAL.NET Version 2.7.0

2.7.0

• MSAL integrates SourceLink https://github.com/dotnet/sourcelink. This allows MSAL to embed pdb files and source code in the NuGet package, allowing users to debug into MSAL without replacing their package reference with a project reference. MSAL PR
• MSAL.NET now supports Xamarin.Mac. We now ship another MSAL assembly, that can be used when building apps using Xamarin.Mac. MSAL.NET for Xamarin.Mac supports interactive authentication via an embedded browser, as well as silent authentication. It does not serialize its token cache to the keychain, instead users are asked to provide their own serialization mechanism as they see fit. A keychain based implementation will likely be implemented in a future release. MSAL PR
• Easier migration from ADALv2 to MSALv2 due to a new AcquireTokenFromRefreshToken API. ADAL.NET v2.x exposes the refresh token in the AuthenticationResult, as well as methods to acquire a token from a refresh token in the AuthenticationContext. Through the ConfidentialClientApplication, MSAL now implements an explicit interface to help customers migrate from ADAL v2 to MSAL v2. With this method, developers can provide the previously used refresh token along with any scopes. The refresh token will be exchanged for a new one and cached. Please see https://aka.ms/msal-net-migration-adal2-msal2 for more details. MSAL issue
• Token cache account was not being deleted on Android platform. MSAL PR
• When using ADAL v4.4.2 and MSAL v2.6 in the same Xamarin project, an error would result of Cannot register two managed types due to the iOS view controllers being registered under the same name. Now the MSAL iOS view controllers are prefixed with MSAL so they are distinct from the ones in ADAL. MSAL issue
• When using the KeychainSecurityGroup property to enable application sharing of the token cache, developers were required to include the TeamId. Now, MSAL resolves the TeamId at runtime. A new property iOSKeychainSecurityGroup should be used instead. See https://aka.ms/msal-net-ios-keychain-security-group for details. MSAL issue

MSAL.NET Version 2.6.2

2.6.2

• Move AuthenticationContinuationHelper class back to the Microsoft.Identity.Client namespace to avoid breaking changes to existing Android and iOS apps.
• Fix issue in 2.6.1 where strongnamer package was marked as a nuget package dependency.

MSAL.NET Version 2.6.1

2.6.1

• Setting ForceRefresh = true in AcquireTokenSilent used to skip access token cache lookup MSAL now handles ForceRefresh=true correctly and circumvents looking up an access token in the cache, instead using the refresh token to acquire a new access token. MSAL issue #695
• Ensured cache lookup filters on the specified tenantId, otherwise the cache lookup would always find the token for the home tenant This enables MSAL to acquire tokens for resources outside the home tenant. MSAL issues #694