ADAL.NET Version 5.1.0

Version 5.1.0

Bug fixes:

• When returning from broker, a null ref is thrown in the token response. ADAL.NET now returns an error message and handles the null ref correctly. ADAL issue 1606
• ADAL.NET will throw a null ref if there is no UserInfo, for example in the AuthCode flow. ADAL.NET now handles a null value in UserInfo and, if no IdToken present, will not attempt to create an MSAL refresh token and account object. ADAL issue 1604
• At times, ADAL.NET would throw a null ref when getting a 504 from Gateway when instance discovery fails. ADAL.NET now has more guards against null checks and more logging in this part of the code. ADAL issue 1610
• Made the class AuthenticationParameters usable again. This utility class will make an un-authenticated request to a protected resource and extract the authority and the resource from the Unauthorized response header ADAL issue 1599

ADAL.NET Version 5.0.5

Version 5.0.5

• Update ADAL.NET documentation on cache to use ADALv3 methods as default. ADAL issue 1593

ADAL.NET Version 5.0.3-preview

Version 5.0.3-preview

• ADAL.NET now creates an HttpClient that uses the AndroidClientHandler for Android 4.1 and higher. See documentation for more information. ADAL issue #1581
• SSO on UWP was not displaying a list of currently logged-in users. ADAL.NET now honors sso on UWP and displays the logged-in user list. Developers will need to follow the guidance in the wiki for setting this up and pass in null in the RedirectUri. See ADAL issue 1580 for more information and code snippets
• Custom HttpClient exceptions were not propagated in 5.0.2-preview. ADAL.NET now returns the custom HttpClient exceptions. ADAL issue 1575

ADAL.NET Version 5.0.2-preview

• TokenCache before/after access notifications need to be within the cachelock boundary [1571]

ADAL.NET Version 5.0.1-preview

Version 5.0.1-preview

• ADAL now guarantees Before/After Access is called in all cases for the TokenCache. Adal issue 1525
• In CustomWebUI flows, it's possible that the process implementing the UI is in another process. ADAL now serializes the exceptions in this case. ADAL issue 1526
• AcquireTokenByDeviceCodeAsync now supports the CancellationToken. CancellationToken support was needed in this API to allow the developer to cancel the operation as needed. ADAL issue 1533
• UI can hang due to not having proper SynchronizationContext for UI interaction. When staring the Windows web authentication dialog, running on an MTA or STA thread, ADAL usually ends up on an MTA thread because of the async await, and then tries to create a new STA thread to run the browser on. This can result in a deadlock. ADAL now captures the synchronization context at AcquireTokenInteractive so the appropriate sync context is used when creating the interactive browser dialog. ADAL issue 1548
• ADAL does not reuse the HttpClient. A New interface is introduced IHttpClientFactory to pass-in the HttpClient to be used by ADAL.NET to communicate with the endpoints of Microsoft identity platform for developers. See https://aka.ms/adal-net-httpclient for details. Adal issue 1488
• ADAL now creates an HttpClient that uses the NSURLSessionHandler for iOS7 and newer ADAL issue 1554
• ADAL now publishes symbols to the Microsoft Symbol Server ADAL issue 1540
• When using the KeychainSecurityGroup property to enable application sharing of the token cache, developers were required to include the TeamId. Now, ADAL resolves the TeamId at runtime. A new property iOSKeychainSecurityGroup should be used instead. See https://aka.ms/adal-net-ios-keychain-access for details. ADAL issue

ADAL.NET Version 5.0.0-preview

Version 5.0.0

• Enhancements include support for MSALv3 Cache (which is also or will soon be supported by other libraries such as Python and Java, more detail here https://aka.ms/msal-net-3x) as well as enabling users to bring their own browser as part of the Auth Code retrieval (#1521).

ADAL.NET Version 4.5.1

Version 4.5.1

Bug fixes:

• ADAL 4.5.0 and lower fails to install due to a version conflict on Android projects targeting Xamarin.Android.Support libraries version 28.x. The ADAL Xamarin.Android.Support libraries have been updated to 27.0.2.1, the maximum version on Android8.1. ADAL issue #1486
• ADAL occasionally threw a NullReferenceException during Http calls when there were network timeouts. Now a relevant timeout AdalServiceException will be thrown. ADAL issue #1489

ADAL.NET Version 4.5.0

Version 4.5.0

New features:

• Developers can inject an HttpClient via a new AuthenticationContext constructor, allowing better control in scenarios such as setting a proxy

Bug fixes:

• When using ADAL v4.4.2 and MSAL v2.6 in the same Xamarin project, a Duplicate Java type error was encountered. The Android AuthenticationActivity defined name has been changed and is now distinct from the one in MSAL. ADAL issue
• When using brokered authentication, if the UID was not present, broker was unable to find the UID in the Android package. Now ADAL sends the UID and package name as part of the broker options so silent authentication with broker works consistently. ADAL PR
• Fix a bug preventing an access token to be returned from the cache in scenarios involving Android Broker and cross resource access (#1463)
• Add more logging to the Android broker flow to help investigate customer issues
• The token cache instance was not available in debug logs. Now the token cache is set from the request object and is available in debug logs. ADAL issue
• Connection pooling appears broken when using AccessTokens with SQL Azure. Modified cloning of the AdalResult object to do a deep copy instead of serialize/de-serialize ADAL Issue

ADAL.NET Version 4.4.2

Version 4.4.2

• Removed MSAL code from this repo

ADAL.NET Version 4.4.1

Version 4.4.1

• Fix default redirect uri for ADAL on UWP. When using a null RedirectURI, you typically got an error. However on UWP, this is an indication that the Windows Auth Broker (WEB) will be used. ADAL issue #1400
• Fix for a race condition and a crash in ADAL when using PromptBehavior = Hidden (which is only available on some windows platforms). ADAL issue
• GetAccountsAsync() can now be called when the device / computer is offline. It was making a network call to the instance discovery endpoint to determine the environments (equivalent clouds base URLs) for caching, which meant GetAccountsAsync() did not work off-line. This has been fixed and GetAccountsAsync() is not dependent on a network call and works off-line. MSAL issue #630