Merge pull request #16502 from abpframework/auto-merge/rel-7-2/1932

3 years ago · d1b1915b8c
5 changed files with 73 additions and 8 deletions
--- a/docs/en/Deployment/Configuring-OpenIddict.md
+++ b/docs/en/Deployment/Configuring-OpenIddict.md
@ -0,0 +1,62 @@
+# Configuring OpenIddict
+
+This document introduces how to configure `OpenIddict` in the `AuthServer` project.
+
+There are different configurations in the `AuthServer` project for `Development` and `Production` environment.
+
+````csharp
+public override void PreConfigureServices(ServiceConfigurationContext context)
+{
+    var hostingEnvironment = context.Services.GetHostingEnvironment();
+
+    // Development environment
+    if (hostingEnvironment.IsDevelopment())
+    {
+        PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
+        {
+            // This is default value, you can remove this line.
+            options.AddDevelopmentEncryptionAndSigningCertificate = true;
+        });
+    }
+
+    // Production or Staging environment
+    if (!hostingEnvironment.IsDevelopment())
+    {
+        PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
+        {
+            options.AddDevelopmentEncryptionAndSigningCertificate = false;
+        });
+
+        PreConfigure<OpenIddictServerBuilder>(builder =>
+        {
+            builder.AddSigningCertificate(GetSigningCertificate(hostingEnvironment));
+            builder.AddEncryptionCertificate(GetSigningCertificate(hostingEnvironment));
+
+            //...
+        });
+    }
+}
+
+private X509Certificate2 GetSigningCertificate(IWebHostEnvironment hostingEnv)
+{
+    return new X509Certificate2(Path.Combine(hostingEnv.ContentRootPath, "authserver.pfx"), "00000000-0000-0000-0000-000000000000");
+}
+````
+
+## Development Environment
+
+We've enabled `AddDevelopmentEncryptionAndSigningCertificate` by default on development environment, It registers (and generates if necessary) a user-specific development encryption/development signing certificate. This is a certificate used for signing and encrypting the tokens and for **development environment only**.
+
+`AddDevelopmentEncryptionAndSigningCertificate` cannot be used in applications deployed on IIS or Azure App Service: trying to use them on IIS or Azure App Service will result in an exception being thrown at runtime (unless the application pool is configured to [load a user profile](https://learn.microsoft.com/en-us/iis/manage/configuring-security/application-pool-identities#user-profile)). 
+
+To avoid that, consider creating self-signed certificates and storing them in the X.509 certificates storage of the host machine(s). This is the way we do it in production environment.
+
+## Production Environment
+
+We've disabled `AddDevelopmentEncryptionAndSigningCertificate` in production environment and tried to setup signing and encrypting certificates using `authserver.pfx`.
+
+You can use the `dotnet dev-certs https -v -ep authserver.pfx -p 00000000-0000-0000-0000-000000000000` command to generate the `authserver.pfx` certificate.
+
+> `00000000-0000-0000-0000-000000000000` is the password of the certificate, you can change it to any password you want.
+
+>  Also, please remember to copy `authserver.pfx` to the [Content Root Folder](https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.hosting.ihostingenvironment.contentrootpath?view=aspnetcore-7.0) of the `AuthServer` website.
--- a/docs/en/Deployment/Index.md
+++ b/docs/en/Deployment/Index.md
@ -6,6 +6,7 @@ However, there are some topics that you should care about when you are deploying

 ## Guides

+* [Configuring for OpenIddict](Configuring-OpenIddict.md): Notes for some essential configurations for OpenIddict.
 * [Configuring for Production](Configuring-Production.md): Notes for some essential configurations for production environments.
 * [Optimization for Production](Optimizing-Production.md): Tips and suggestions for optimizing your application on production environments.
 * [Deploying to a Clustered Environment](Clustered-Environment.md): Explains how to configure your application when you want to run multiple instances of your application concurrently.
--- a/docs/en/Road-Map.md
+++ b/docs/en/Road-Map.md
@ -4,11 +4,11 @@ This document provides a road map, release schedule and planned features for the

 ## Next Versions

-### v7.1
+### v7.3

-The next version will be 7.1 and planned to release the stable 7.1 version in February, 2023. In the version 7.1, we will mostly focus on stabilizing and enhancing existing features, improving the developer experience, as well as adding relatively minor new features.
+The next version will be 7.3 and planned to release the stable 7.3 version in July, 2023. In the version 7.3, we will mostly focus on stabilizing and enhancing existing features, improving the developer experience, as well as adding relatively minor new features.

-See the [7.1 milestone](https://github.com/abpframework/abp/milestone/68) for all the issues we've planned to work on.
+See the [7.3 milestone](https://github.com/abpframework/abp/milestone/82) for all the issues we've planned to work on.

 ## Backlog Items

@ -19,13 +19,15 @@ Here, a list of major items in the backlog we are considering to work on in the
 * [#6655](https://github.com/abpframework/abp/pull/6655) / Use Typescript for the MVC UI
 * [#236](https://github.com/abpframework/abp/issues/236) / Resource based authorization system
 * [#2882](https://github.com/abpframework/abp/issues/2882) / Providing a gRPC integration infrastructure (while it is [already possible](https://github.com/abpframework/abp-samples/tree/master/GrpcDemo) to create or consume gRPC endpoints for your application, we plan to create endpoints for the [standard application modules](https://docs.abp.io/en/abp/latest/Modules/Index))
-* [#1754](https://github.com/abpframework/abp/issues/1754) / Multi-lingual entities
 * [#57](https://github.com/abpframework/abp/issues/57) / Built-in CQRS infrastructure
 * [#336](https://github.com/abpframework/abp/issues/336) / Health Check abstractions
-* [#2532](https://github.com/abpframework/abp/issues/2532), [#2564](https://github.com/abpframework/abp/issues/2465) / CosmosDB integration with EF Core and MongoDB API
+* [#2532](https://github.com/abpframework/abp/issues/2532) / CosmosDB integration with EF Core and MongoDB API
 * [#4223](https://github.com/abpframework/abp/issues/4223) / WebHook system
 * [#162](https://github.com/abpframework/abp/issues/162) / Azure ElasticDB Integration for multitenancy
 * [#2296](https://github.com/abpframework/abp/issues/2296) / Feature toggling infrastructure
+* [#16342](https://github.com/abpframework/abp/issues/16342) / CmsKit: Meta information for SEO
+* [#16260](https://github.com/abpframework/abp/issues/16260) / GCP Blob Storage Provider
+* [#15932](https://github.com/abpframework/abp/issues/15932) / Introduce ABP Diagnostics Module

 You can always check the milestone planning and the prioritized backlog issues on [the GitHub repository](https://github.com/abpframework/abp/milestones) for a detailed road map. The backlog items are subject to change. We are adding new items and changing priorities based on the community feedbacks and goals of the project.

--- a/docs/en/Tutorials/Part-9.md
+++ b/docs/en/Tutorials/Part-9.md
@ -90,7 +90,7 @@ Create a new razor page, `Index.cshtml` under the `Pages/Authors` folder of the

 This is a simple page similar to the Books page we had created before. It imports a JavaScript file which will be introduced below.

-### IndexModel.cshtml.cs
+### Index.cshtml.cs

 ````csharp
 using Microsoft.AspNetCore.Mvc.RazorPages;
--- a/docs/en/docs-nav.json
+++ b/docs/en/docs-nav.json
@ -1410,7 +1410,7 @@
            }
          ]
        },
-		{
+        {
          "text": "OpenIddict",
          "items": [
            {
@ -1515,4 +1515,4 @@
      "path": "Contribution/Index.md"
    }
  ]
-}
+}