• Dependency update dotnet monorepo updated to 9.0.9
• Dependency update CEFSharp updated to 140.1.140
• Set multi-targetting to include .NET Framework Versions for desktop components

Full Changelog: v4.0.3...v4.0.5

What's Changed

• Bump CefSharp from 129.0.110 to 135.0.170 by @concesar12 in #107

Fixes Security Advisory https://github.com/10Duke/10duke-dotnet-client/security/dependabot/94

Components updated

• Tenduke.Client.WinForms
• Tenduke.Client.WPF

Full Changelog: v4.0.2...v4.0.3

What's Changed

• Bump System.Text.Json from 8.0.4 to 8.0.5 by @hamish-smith in #105

Full Changelog: v4.0.1...v4.0.2

Bumps System.Text.Json from 8.0.1 to 8.0.4.

Fixes Security Advisory https://github.com/10Duke/10duke-dotnet-client/security/dependabot/78.

Components updated

• Tenduke.Client
• Tenduke.Client.DefaultBrowser
• Tenduke.Client.Desktop
• Tenduke.Client.WinBase
• Tenduke.Client.WinForms
• Tenduke.Client.WPF

New features

• Support for .NET 8.0 (Windows)

Updates

• Dependency version updates

Breaking changes

Removal of BinaryFormatter serialization from Tenduke.Client.Desktop.Util.EntClientAuthorizationSerializer

BinaryFormatter is no longer supported by .NET due to performance and security concerns.

Please note if your application uses EntClientAuthorizationSerializer to serialize and store authorization information between sessions, the version 4.0.0 cannot deserialize authorization information serialized using earlier versions. Any attempt to do so will generate System.Text.Json.JsonException.

Recommended upgrade procedures would be to either:

• change the file name, registry key or other location of the authorization data in the new version (triggering re-authorization on first use of the new version) or
• clear the old authorization data at installation or startup (as a one time process) or
• handle the exception on deserialization and trigger re-authorization

Tenduke.Client.Authorization.Authorization

Removal of self type reference from generic type parameters

The generic type parameters for Authorization no longer include the implementation type. This was unused in the code. This change will need to be reflected in any types derived from Authorization or its sub-types. The following known sub-types are affected:

• Tenduke.Client.DefaultBrowser.Authorization.AuthorizationCodeGrant
• Tenduke.Client.WinForms.Authorization.BrowserBasedAuthorization
• Tenduke.Client.WPF.Authorization.BrowserBasedAuthorization

ReadAccessTokenResponse protected method now takes RSA key as a parameter

To simplify the sequence of calls required to initialize the access token and id token from the access token response body, the caller must now pass the RSA key to verify the id token to the first call. This was previously included in the call to AccessTokenResponse.FromJsonStringResponse from the implementation of the abstract ReadAccessTokenResponse method.

Removal of abstract method ReadAccessTokenResponse

Changing the JSON serialization from using dynamic to using a typed model for the access token response removed the need for the protected method.

Removal of Serializable attribute

As the BinaryFormatter is no longer used for serialization, the Serializable (and NonSerialized) attributes are no longer required.

Tenduke.Client.Authorization.AccessTokenResponse and Tenduke.Client.Authorization.IDToken

The AccessTokenResponse and IDToken types have been extended to include strongly typed attributes for the expected access token response and id token fields.

The indexer access to the dynamic object has been removed. Usage like: accessTokenResponse.IDToken["name"].ToString() should be replaced with accessTokenResponse.IDTokenObject.Name.

• Dependency updates
• In the DefaultBrowser client, remove the button to close browser window

Tenduke.Client.DefaultBrowser

Enhancements

• Improve ability to use a CancellationToken to stop waiting for authentication started in web browser

Bug fixes

• Cancelled authentication could throw exception later when disposing authentication wait task

• Fix refresh token request parameterization
• Update CefSharp to version 102.0.90
• Update other dependencies to latest versions

• Fix SerializationException when storing authorization
• Fix changed stored id token parsing behavior

• strong naming
• SHA256 computer id hash support
• disable CEF GPU shader disk cache
• add handler for web browser window initialization (allow setting window properties)
• control cef console logging
• set error properties by access token response
• update CefSharp to version 97.1.61