Release-3.0.5.0

#12 Fix: Redirect to page when Keycloak authentication fails during login.

#13 Fix: Option to disable all validation of Refresh Token. (Keycloak server 4.6-4.8 compatibility)

Release-3.0.4.0

Fix for Refresh token signature validation with Keycloak server v4.5.

This fix introduces a configuration option "DisableRefreshTokenSignatureValidation" that can be set to true to disable the signature validation of Refresh tokens. The contents of the Refresh token should not be used/trusted by the application, only sent back to the Keycloak server when required (and the server validates the Refresh token).

By setting option DisableRefreshTokenSignatureValidation to true, this library will still work with Keycloak server 4.5.

Release-3.0.3.0

Fix token expired at login, which resulted in unnecessary requests to Keycloak server.
Includes pull request Feature/fix token expired at login issue #6 from highbyte

Release-3.0.2.0

Resolves issue Question: Should client secret be part of authorization endpoint redirect URL? #3 with commit from highbyte

Release-3.0.1.0

Resolves Issue #2 IsAuthenticated never set with standard authentication flow

release-3.0.0.0

Upgraded System.IdentityModel.Tokens.Jwt to v5.1.4... Tested Bearer authentication with MVC 5.2.3 and Microsoft.Owin 3.1.