changelog.txt

Version 1.11.2
=============
- Updated oauth2-oidc-sdk version to address security vulnerability
- Fixed a bug where acquire token using client assertion failed

Version 1.11.1
=============
- Updated Azure Key Vault dependencies to fix error in transitive dependency
- Fixed issue where client assertion validation fails due to mismatched subject and issuer

Version 1.11.0
=============
- Adds ability to override authority in AcquireToken calls
- Fixes issue where authority port was being dropped from URLs

Version 1.10.1
=============
- Improved behavior when using regional authorities
- Fix scope override issue in OBO flow
- Update server-side telemetry
- Adjusted logging levels to reduce noise
- Improved HTTP error handling and messaging
- Upgrade oauth2-oidc-sdk dependency 9.4 -> 9.7
- Upgrade httpclient dependency 4.5.9 -> 4.5.13

Version 1.10.0
=============
- Instance aware support for interactive requests
- Default cache lookup for on-behalf-of and client credential flows
- Cross cloud accounts support
- Using default security provider for client certificate creation
- Upgrades the commons-io dependency 2.6 -> 2.7
- Upgrades the oauth2-oidc-sdk dependency 8.23.1 -> 9.4
- Upgrades the guava dependency 26.0 -> 29.0

Version 1.9.1
=============
- Update com.fasterxml.jackson.core.jackson-databind to 2.12.1

Version 1.9.0
=============
- Add support for Azure region discovery to keep token traffic regional when possible
- New helper methods in ClaimsRequest class to convert Strings of claims to ClaimsRequest objects
- Upgrade nimbusds.oauth2-oidc-sdk dependency to better support newer Spring Framework versions

Version 1.8.1
=============
- New ClaimsRequest class to allow ID token claims to be requested as part of any token request
- Remove use of nimbusds.oauth2.sdk CommonContentTypes

Version 1.8.0
=============
- ITenantProfile added to IAuthenticationResult for easier access to ID token claims
- IAccount is now serializable
- Support for refresh_in field in token response
- New utility class, AzureCloudEndpoint, for national cloud endpoint URLs

Version 1.7.1
=============
- sendX5c API added to IConfidentialClientApplication to specify if the x5c claim
  (public key of the certificate) should be sent to the STS.
  Default value is true.

Version 1.7.0
=============
- Tenant profiles added to IAccount
- Support of certificate chain
- Api to set connect and read timeouts for default http client

Version 1.6.2
=============
- Fix for "NullPointerException during accessing B2C authority aliases"
- Adding extraScopesToConsent parameter to AuthorizationRequestUrlParameters builder.
  Can be used to request the end user to consent upfront,
  in addition to scopes which the application is requesting access to.

Version 1.6.1
=============
- Compatibility with json-smart [1.3.1 - 2.3]

Version 1.6.0
=============
- Client capabilities support
- Enable device code flow for ADFS2019
- Fix dependency issues with jackson 2.6.7 and json-smart 1.3.1

Version 1.5.0
=============
- Support of server side throttling instructions
- Rebuild client assertion when expired
- Update nimbus SDK version from 6.5 to 7.4
- Validation of Authority path segments

Version 1.4.0
=============
- Added acquire token interactive API, using system default browser
- Added authorization code url builder
- Added OSGi support via bnd-maven-plugin
- Added server-side telemetry support

Version 1.3.0
=============
- Added option to pass in AAD instance discovery data
- Removed runtime dependency on commons-codec.commons-codec, org.apache.commons.commons-text, org.apache.httpcomponents.httpclient, com.google.code.gson
- Added runtime dependency on com.fasterxml.jackson.databind

Version 1.2.0
=============
- Added support for ADFS 2019
- Added option to add application name and version for telemetry
- Bug fix: support for ClientCredential on Windows for JDK12+ #128

Version 1.1.0
=============
- Added support for configuring HTTP client

Version 1.0.0
=============
- API surface is now stable and production ready. No breaking changes will be introduced without incrementing MAJOR version
- No changes from 0.7.0-preview

Version 0.7.0-preview
=============
- Added support for ClientAssertions in ClientCredentialFactory
- Renamed AsymmetricKeyCredential to ClientCertificate
- Made Account, IClientApplicationBase, TelemetryConsumer ClientSecret, ClientCertificate, ClientAssertion package-private
- Added IClientSecret, IClientCertificate, IClientAssertion

Version 0.6.0-preview
=============
- Updated TokenCache to be thread safe
- Removed build warnings
- Added web app, B2C, and OBO samples
- Updated to use delomboked sources

Version 0.5.0-preview
=============
- Refactored AuthenticationException to MsalServiceException, MsalClientException, MsalInteractionRequiredException
- Added cache lookup to acquireToken by client credentials grant
- Updated Javadoc reference
- Updated license headers

Version 0.4.0-preview
=============
- Exposed acquire token by refresh token api

Version 0.3.0-preview
=============
- Added support for FOCI
- Updated public API to return interfaces
- Updated cache to be compatible with MSAL Python and MSAL.NET caches

Version 0.2.0-preview
=============
- Added support for B2C

Version 0.1.0-preview
=============
Public preview of Microsoft Authentication Library for Java
- Feature parity with ADAL Java
- Updated public API to use builder pattern
- Added telemetry callback
- Added support for caching tokens
- Added acquire token with silent parameters API