Maintenance

• Updated project to exclude content from NuGet package by using a .nuspec file
• Properly exclude packages and node_modules

Bug Fixes

• Fix stack overflow exception

New Features

• #91 - Added switch to determine whether to use custom parameters for MS Graph API calls or not

Enhancements

• #96 - Improved token validation

Bug Fixes

• #95 - Fixed inconsistent prefix for Azure AD users

New Features

• Added separate tenant id option in sync settings to allow role syncing when using multi-tenant apps

Bug Fixes

• Fixed an issue preventing the persona bar loading on child portals

Bug fixes

• #84 - Fix issue that prevented the Extensibility implementation from building

Minor changes

• #83 - If a display name is not provided, it will be generated from the first and last names
• #85 - Copyright update and other minor corrections

Release notes

New features

• Extensibility implementation allowing to extend the login validation
• New AuthorizationCodePrompt setting to allow customize the login behavior
• New option to allow scheduled user sync (in the same way that groups are synced in background). Be aware that this option can be resource intensive and should be used with caution.
• Implementation of AutoMatchExistingUsers: if a user is found in the local database with the same email address as the one in Azure AD, the user will be automatically matched with the Azure AD user. This option is disabled by default.

Enhacements

• Update to use the package Dnn.React.Common 9.11
• Changes on the settings UI to accomodate new settings
• Graph API calls now have the user agent header set to identify the module on Azure AD logs
• Updated installation documentation

Bug fixes

• Fix issue with the redirect Uri validation
• Fix to remove a line that overwrote AzureDisplayName and adds @miguelvaz78 's contribution.
• Fixed the issue with the roles not being deleted correctly

Special thanks to @alendv for all the contributions made.

Release notes

Bug fixes

• Fix for correctly expiring the AzureToken when exchanging the code
• Fix retrieval of custom user attrbiutes
• Fix for user role pagination

Release Notes

Enhancements

• Removed Azure AD Graph dependency. Now all working with Microsoft Graph.

Bug fixes

• Removed default user profile property mappings from installation

List of contributors

• @vanesagc Vanesa Garcia
• @davidjrh David Rodriguez

Upgrading instructions

Since the Azure AD Graph API is no longer used, the API permissions for your app must be reviewed to ensure that the appropiate permissions are set for Microsoft Graph: Delegated permissions (for login process):

• email: View users' email address
• openid: Sign users in
• profile: View users' basic profile
• User.Read: Sign in and read user profile

Application permissions (for background role/profile sync processes):

• Directory.Read.All: Read directory data
• User.Read.All: Read all users' full profiles

Sreenshot below:

Bug fixes

• Fixed error on AuthorizationEndpoint redirect when autoredirect is not enabled (solves #45)

Enhancements

• Added debugging log details for profile picture sync
• Target OAuth2 v2.0 endpoints
• Added setting to enable/disable automatic authorization after login
• Added option to redirect to a generic error page on Azure AD auth error

Bug fixes

• Fixed default redirection to the page initially requested before login

New features

• Changed default claim mapping from "unique_name" to "upn" since on v2.0 tokens the claim "unique_name" no longer exists

Bug fixes

• Fix to obtain optional claims in the access token by specifying the app id as resource
• Fix role assignments when using customMappings
• Fix on role mappings management and scheduled task