As part of this release we had 13 issues closed.
We didn't plan to make fundamental changes for this release - but since we had the opportunity, we added some important features and made some minor breaking changes to make IdentityServer more future proof.
Updates for ASP.NET Core 3
- #3512 Drop netstandard2.0 and switch to netcoreapp3.0
Before this release, we only supported RS256 as the signing algorithm for tokens. This release adds support for RS384, RS512, PS256, PS384, PS512, ES256, ES384 and ES512. We also added support for
- #3534 Ecdsa curve handling
- #3527 Add support for ECDsa keys to discovery document
- #3435 c_hash generated using wrong hashing algorithm acording to spec
- #3511 Add support for additional signing algorithms
- #3561 Support specific signing algorithms per validation key
- #3584 Re-factor logic to turn Secrets into SecurityKeys
We removed the old legacy
~/resources audience from access tokens and use a
typ header instead. This might cause problems with some legacy JWT validation libraries and needs some testing.
- #1961 Consider removing ~/resources audience from access tokens
- #3513 Set typ header for access tokens