Auth0.AuthenticationApi 7.0.0-beta2

• .NETFramework 4.5.2

  • Auth0.Core (>= 7.0.0-beta2)
  • Microsoft.IdentityModel.Protocols.OpenIdConnect (>= 5.6.0)
  • System.IdentityModel.Tokens.Jwt (>= 5.6.0)

• .NETStandard 2.0

  • Auth0.Core (>= 7.0.0-beta2)
  • Microsoft.IdentityModel.Protocols.OpenIdConnect (>= 5.6.0)
  • System.IdentityModel.Tokens.Jwt (>= 5.6.0)

Version 7.0.0 beta 2
   - No longer ensures that IAT (issued at) claims in ID Tokens are in the future to better deal with
     the local clock being slow.
     
   Version 7.0.0 beta 1
   **Many breaking changes**

   A migration guide will be produced while the beta runs and made available before GA.  The summary is:

   - Authentication SDK includes all-new ID Token Validation which will now validate H256.
     - If your app is configured for HS256 and is confidential such as a web server then you will need to
       set SigningAlgorithm to `SigningAlgorithm.HS256` on your `AuthenticationApiClient` requests.
     - If your app is configured for HS256 and is NOT confidential such as a native client you should
       reconfigure your app for RS256 as soon as possible.
     - If your app is configured for RS256 no changes are required.  JWKS caches are now only valid for
       10 minutes and will not cache the JWKS keys indefinitely.

   - Improved testing and mocking support. You can now mock `IAuthenticationConnection` /
     `IManagementConnection` classes to provide local unit-testing functionality for
     `AuthenticationApiClient` and `ManagementApiClient` respectively.  Each has just two methods that
     can be mocked - one for `GET` and one for other HTTP verbs.

   - Many classes moved namespace especially ones that were in `Core` as part of the long-term plan to
     only have AuthenticationApi and ManagementApi packages.  Visual Studio should be able to suggest
     where classes you were using now reside.

   - Disposal is now more consistent. If `AuthenticationApiClient` or `ManagementApiClient` create a
     connection for you they will manage its lifecycle. If you pass in a connection then it will be your
     responsibility to manage it. This also applies to how `HttpClientAuthenticationConnection` and
     `HttpClientManagementConnection` will only dispose of a `HttpClient` they create and not ones they
     are given.

   - Rate Limiting information is now only available on the `RateLimitApiException` which is raised when
     the rate limit is exceeded.

   - `ApiException` is now `ErrorApiException`. If you use the status code or error message on exception
     you will need to switch to catching the later. The former is now a base class that does not have
     this information but ensures any old catch `ApiException` will continue to catch rate limit
     exceptions which also now inherit from this class.

   - Microsoft recommends `HttpClient` is reused as much as possible.  Therefore you should use
     dependency injection or inversion of control to ensure that either a single instance of
     `AuthenticationApiClient` / `ManagementApiClient` or its connections `HttpClientXConnection` are
     created to ensure sharing.  These classes are now thread-safe. You can additionally share
     `HttpClient` objects between them if you wish by injecting it into the `HttpClientXConnection`
     constructor.      

     Version 6.5.5
     - Signup API result now handles custom databases returning variations of "id" name
     - Fix EnrollmentAuthMethod.Authenticator enum name
     - ClientBase now has property for `initiate_login_uri`

     Version 6.5.4
     - SECURITY FIX for CVE-2019-16929. See
       https://github.com/auth0/auth0.net/blob/master/SECURITY-NOTICE.md#idtokenvalidator-public for more details.

     Version 6.5.3
     WARNING: If you generate tokens in your project via System.IdentityModel.Tokens.Jwt
     please read the important notice at https://github.com/auth0/auth0.net/issues/300

     - Upgraded System.IdentityModel.Tokens.Jwt to 5.5 to fix incompatible kid
     - Upgraded Microsoft.IdentityModel.Protocols.OpenIdConnect to 5.5
     - Add ClientId to VerifyEmailJobRequest
     - Updated all test dependencies (xunit, FluentAssertions, .NET Test SDK)
     - Removed unused Console Workbench project

     Version 6.5.2
     - UserClient.GetEnrollments now correctly passes user id.

     Version 6.5.1
     - User and role permissions endpoints in UsersClient and RolesClient paging fix.

     Version 6.5.0
     - Assembly is now strong-name-signed so it can be used by other strong-name-signed packages.
     - NOTE: This is code signing only using a non-secret key. It is not authenticode or tamper protection.
     - User and role permissions endpoints in UsersClient and RolesClient now correctly honoring paging.
     - User model optional fields (CreatedAt, UpdatedAt, LastLogin) are now nullable.

     Version 6.4.0
     - TenantSettings lifetimes are now double not integer.
     - Added various Guardian-related endpoints on UserClient.

     Version 6.3.0
     - Missing Tenant settings now available (device flow, Guardian MFA, Change Password, flags etc.

     Version 6.2.0
     - Added client_id to GetDeviceCredentials response
     - Added various user properties to UserUpdateRequest

     Version 6.1.0
     - New user permission endpoints added to UsersClient
     - New role permission endpoints added to RolesClient
     - AuthenticationApiClient now implements IDisposable to dispose ApiConnection and HttpClient
     - Added various new and missing properties to Resource Servers (ResourceServerBase)

     Version 6.0.0
     - New GuardianClient for managing /guardian endpoints
     - New RolesClient for managing /roles endpoints
     - PasswordChangeTicket now has IncludeEmailInRedirect and MailEmailAsVerified
     - ApiConnection now has Dispose to dispose the HttpClient it creates
     - ManagementApiClient now has Dispose to dispose the ApiConnection it creates
     - XML documentation tweaks
     - Dependencies updated

     BREAKING CHANGES
     See our migration guide at https://github.com/auth0/auth0.net/blob/prepare-6.0.0/docs-source/migrating.md

     - All I*Client interfaces have been removed so adding endpoints is no longer breaking
     - IManagementApi interface was removed so adding new clients is no longer breaking
     - All non-paging GetAll methods have been removed
     - DiagnosticsHeader/DiagnosticsComponent are no longer available