ProAuth 2.1.27

This release focuses on security hardening through internal component updates and significant enhancements to the identity core. It introduces full support for custom URI schemes for native applications and improves the robustness of redirect URI validation logic.

Maintenance Release

This update includes routine maintenance fixes. No customer action is required for the internal component updates.

Core

Core

Universal Redirect URI Enhancements

This update introduces comprehensive support for custom URI schemes and improves the robustness of redirect URI validation for both login and logout flows. (#2861)

• Native Application Support (RFC 8252): ProAuth now fully supports custom URI schemes (e.g., vscode://, myapp://) for both redirect_uri and post_logout_redirect_uri, enabling seamless authentication for native desktop and mobile applications.
• Lenient Trailing Slash Validation: Validation logic is now more resilient to trailing slash variations in registered URIs, preventing "ambiguous match" errors when multiple variants are configured.
• Enhanced Compatibility for Native Apps: Automatic JavaScript-based redirection fallback for form_post response mode ensures reliable hand-off from the browser to native application handlers.
• Improved Logout Reliability: Aligned post_logout_redirect_uri validation with login redirect logic for consistent behavior during session termination.

Security

Security

Internal Component Hardening

Security-focused update of internal NuGet packages, .NET SDK, and runtime base images to the latest patch and minor versions. This routine maintenance reduces security risk by incorporating upstream fixes and ensuring platform stability without functional changes to the product. (#2863)

Platform Stability

• Improved resilience of redirect URI validation logic for high-density configuration scenarios.
• Updated infrastructure base images to address latest security advisories.