[Announcement] Newtonsoft.Json types replaced in Microsoft.AspNetCore.Authentication APIs #7289
Labels
area-auth
Includes: Authn, Authz, OAuth, OIDC, Bearer
breaking-change
This issue / pr will introduce a breaking change, when resolved / merged.
Milestone
As part of the ongoing effort to remove Newtonsoft.Json from the shared framework these types have now been replaced on the Authentication APIs.
Basic usage of these Authentication packages should be unaffected. Only users who have derived from the OAuth package or that had implemented advanced claim manipulation should be affected. A detailed list of affected APIs is given below.
Affected packages:
Also, all derived implementations of OAuth such as those from aspnet-contrib.
For derived OAuth implementations the most common change is to replace JObject.Parse with JsonDocument.Parse in the CreateTicketAsync override as shown here. Note JsonDocument is IDisposable.
Affected APIs:
ClaimAction.Run(JObject userData, ClaimsIdentity identity, string issuer)
becomesClaimAction.Run(JsonElement userData, ClaimsIdentity identity, string issuer)
. All derived implementations of ClaimAction are similarly affected.MapCustomJson(this ClaimActionCollection collection, string claimType, Func<JObject, string> resolver)
becomesMapCustomJson(this ClaimActionCollection collection, string claimType, Func<JsonElement, string> resolver)
MapCustomJson(this ClaimActionCollection collection, string claimType, string valueType, Func<JObject, string> resolver)
becomesMapCustomJson(this ClaimActionCollection collection, string claimType, string valueType, Func<JsonElement, string> resolver)
See #7105 for details of the change.
The text was updated successfully, but these errors were encountered: