diff --git a/docs/en/Migration-Guides/IdentityServer_To_OpenIddict.md b/docs/en/Migration-Guides/IdentityServer_To_OpenIddict.md new file mode 100644 index 0000000000..f6b70286f4 --- /dev/null +++ b/docs/en/Migration-Guides/IdentityServer_To_OpenIddict.md @@ -0,0 +1,76 @@ +# Migration Identity Server to OpenIddict Guides + +The startup template will use `OpenIddict` as the auth server by default since version 6.x. + +We are not removing IDS packages and will continue to release new versions of IDS related Nuget/NPM packages. That means you won't have an issue while upgrading to v6.0 (when it is released). We will continue to fix bugs in our packages for a while. ABP 7.0 will be based on .NET 7. If IDS continue to work with .NET 7, we will continue to ship nuget packages for our IDS integration. + +BTW, IDS itself is canceling support for the open source IDS in the end of this year. They are moved to Duende IDS you know. We won't migrate to Duende IDS. + +## Steps + +* Update all `Volo's` packages to `6.x`. +* Replace all `Volo's` `IdentityServer.*` packages with corresponding `OpenIddict.*` packages. eg `Volo.Abp.IdentityServer.Domain` to `Volo.Abp.OpenIddict.Domain`, `Volo.Abp.Account.Web.IdentityServer` to `Volo.Abp.Account.Web.OpenIddict`. +* Replace all `IdentityServer` modules with corresponding `OpenIddict` modules. eg `AbpIdentityServerDomainModule` to `AbpOpenIddictDomainModule`, `AbpAccountWebIdentityServerModule` to `AbpAccountWebOpenIddictModule`. +* Rename the `ConfigureIdentityServer` to `ConfigureOpenIddict` in your `ProjectNameDbContext` class. +* Remove the `UseIdentityServer` and add `UseAbpOpenIddictValidation` after `UseAuthentication`. +* Add follow code to your startup module. +```cs +public override void PreConfigureServices(ServiceConfigurationContext context) +{ + PreConfigure(builder => + { + builder.AddValidation(options => + { + options.AddAudiences("ProjectName"); // Change ProjectName to your project name. + options.UseLocalServer(); + options.UseAspNetCore(); + }); + }); +} +``` +* If your project is not separate AuthServer please also add `ForwardIdentityAuthenticationForBearer` +```cs +private void ConfigureAuthentication(ServiceConfigurationContext context) +{ + context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme); +} +``` +* Remove the `IdentityServerDataSeedContributor` from the `Domain` project. +* Create a new version of the project, with the same name as your existing project. +* Copy the `ProjectName.Domain\OpenIddict\OpenIddictDataSeedContributor.cs` of new project into your project and update `appsettings.json` base on `ProjectName.DbMigrator\appsettings.json`, Be careful to change the port number. +* Copy the `Index.cshtml.cs` and `Index.cs` of new project to your project if you're using `IClientRepository` in `IndexModel`. +* Update the scope name from `role` to `roles` in `AddAbpOpenIdConnect` method. +* Remove `options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);` from `HttpApi.Host` project. +* AuthServer no longer requires `JWT bearer authentication`. Please remove it. eg `AddJwtBearer` and `UseJwtTokenMiddleware`. +* Try compiling the project in the IDE and following the errors to remove and reference the code and namespaces. +* Add migrations and update the database if you are using EF Core as the database provider. + +## Module packages +### Open source side +* Volo.Abp.OpenIddict.Domain (`AbpOpenIddictDomainModule`) +* Volo.Abp.OpenIddict.Domain.Shared (`AbpOpenIddictDomainSharedModule`) +* Volo.Abp.OpenIddict.EntityFrameworkCore (`AbpOpenIddictEntityFrameworkCoreModule`) +* Volo.Abp.OpenIddict.AspNetCore (`AbpOpenIddictAspNetCoreModule`) +* Volo.Abp.OpenIddict.MongoDB (`AbpOpenIddictMongoDbModule`) +* Volo.Abp.Account.Web.OpenIddict (`AbpAccountWebOpenIddictModule`) +* Volo.Abp.PermissionManagement.Domain.OpenIddict (`AbpPermissionManagementDomainOpenIddictModule`) + +### Commercial side +* Volo.Abp.OpenIddict.Pro.Application.Contracts (`AbpOpenIddictProApplicationContractsModule`) +* Volo.Abp.OpenIddict.Pro.Application (`AbpOpenIddictProApplicationModule`) +* Volo.Abp.OpenIddict.Pro.HttpApi.Client (`AbpOpenIddictProHttpApiClientModule`) +* Volo.Abp.OpenIddict.Pro.HttpApi (`AbpOpenIddictProHttpApiModule`) +* Volo.Abp.OpenIddict.Pro.Blazor(`AbpOpenIddictProBlazorModule`) +* Volo.Abp.OpenIddict.Pro.Blazor.Server (`AbpOpenIddictProBlazorServerModule`) +* Volo.Abp.OpenIddict.Pro.Blazor.WebAssembly (`AbpOpenIddictProBlazorWebAssemblyModule`) +* Volo.Abp.OpenIddict.Pro.Web (`AbpOpenIddictProWebModule`) + +## Source code of samples and module + +[Open source tiered & separate auth server application migrate Identity Server to OpenIddct](https://github.com/abpframework/abp-samples/tree/master/Ids2OpenId) + +[Commercial tiered & separate auth server application migrate Identity Server to OpenIddct](https://abp.io/Account/Login?returnUrl=/api/download/samples/Ids2OpenId) + +[OpenIddict module document](https://docs.abp.io/en/abp/6.0/Modules/OpenIddict) + +[OpenIddict module source code](https://github.com/abpframework/abp/tree/rel-6.0/modules/openiddict) diff --git a/docs/en/Modules/OpenIddict.md b/docs/en/Modules/OpenIddict.md index ed25147be2..9e603f76a8 100644 --- a/docs/en/Modules/OpenIddict.md +++ b/docs/en/Modules/OpenIddict.md @@ -1,9 +1,5 @@ ## ABP OpenIddict Modules -## How to Install - -TODO: - ## User Interface This module implements the domain logic and database integrations, but not provides any UI. Management UI is useful if you need to add applications and scopes on the fly. In this case, you may build the management UI yourself or consider to purchase the [ABP Commercial](https://commercial.abp.io/) which provides the management UI for this module.