The JSON Web Token Handler for .NET 4.5 Reaches GA!

Byvibro on
2 Comments

After just few months in developer preview, I am extremely pleased to report that the v1 or the JSON Web Token (JWT) Handler for .NET is generally available!

Your feedback was super-helpful in shaping the final form of the v1. I am currently at TechEd hence I won’t go in all the details here (will update this post afterwards), however here there are a couple of highlights  from the main changes since the preview:

  • Namespace change. We got consistent feedback that the Microsoft.* namespace is for many associated to WIF 1.0 from .NET 3.5, and the fact that the handler builds on top of .NET 4.5 was source of confusion.
    Hence, we took all the necessary steps to move the assembly under System.IdentityModel, where all the other associated classes live.
    Important: this move changed the ID of the NuGet package, hence in order to pick up the GA version you’ll have to explicitly refer it. We’ll be taking down the preview version shortly.
  • Config integration. The handler is now better integrated with the WIF configuration elements: it plays nice with the ValidatingIssuerNameRegistry, has its own config element for custom settings, and so on
  • Improved mapping for short to long claim types. The handler has a fully revamped claim types mapping engine, reflecting the claim types traded by OpenID Connect, Windows Azure AD and ADFS in Windows Server 2012 R2. Also, you can customize the mapping or turn it off completely! Smile Hopefully this will make Dominick happy
  • Multiple keys in TokenValidationParameters. We now allow you to specify a collection of signing keys, so that you don’t need to cycle thru explicit validation cycles when the issuer you trust features more than one key (e.g. the current key and one about to roll)
  • Consistent behavior in BootstrapContext. In the preview a JWT in the bootstrapcontext would be presented as SecurityToken at first, but moved to a string at the first recycle. The GA version is always a string with the encoded original token.
  • Signature provider factory. In the GA handler you can provide a custom signature algorithm
  • MANY fine grained improvements in the object model, which we will detail shortly (see above)

All the samples (in common with the AAL. NET dev preview, also refreshed today) have been updated to reflect the new object model, I would recommend to check them out to see in detail what changed.

Thank you again for having helped us refine this fundamental building block of our REST development story. Also, keep the feedback coming!

2 Comments

  1. Pingback: Developers’ Update: JWT Handler GA's and AAL. NET Preview Refresh - Active Directory Blog - Site Home - TechNet Blogs
  2. Pingback: Securing a Web API with Windows Azure AD and Katana | CloudIdentity

Leave a Reply

Your email address will not be published. Required fields are marked *