You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
New features
Implement IAuthorizationHeaderProvider2 (from Microsoft.Identity.Abstractions 12.3.0) on DefaultAuthorizationHeaderProvider and the public BaseAuthorizationHeaderProvider, exposing the metadata-rich CreateAuthorizationHeaderInformation* surface (returning OperationResult<AuthorizationHeaderInformation, AuthorizationHeaderError>) with binding-certificate propagation. DownstreamApi and MicrosoftIdentityMessageHandler now prefer IAuthorizationHeaderProvider2 for mTLS PoP and soft-deprecate the bound-only IBoundAuthorizationHeaderProvider path (kept as a fallback for source/binary compatibility). See #3899.
Populate TokenAcquisitionMetadata.ExpiresOn on AcquireTokenResult from the MSAL AuthenticationResult.ExpiresOn value. See #3905.
Bug fixes
Finalize the DownstreamApi request (headers, query parameters, content, and customizations) before creating the authorization header, adding Authorization only after signing so request-binding providers do not include it in their signed material. See #3902.
Dependencies updates
Update Microsoft.Identity.Abstractions to 12.4.0. See #3899, #3905.
Update MSAL.NET (Microsoft.Identity.Client / Microsoft.Identity.Client.KeyAttestation) to 4.85.2. See #3896.
Update Microsoft.IdentityModel.Protocols.WsFederation (Microsoft.Identity.Web.OWIN) to 5.7.1. See #3900.