From 9cfee81dfc2f310c77f5841cea81e7b4036aa838 Mon Sep 17 00:00:00 2001 From: maliming Date: Wed, 3 May 2023 17:11:06 +0800 Subject: [PATCH 1/4] Add `Configuring-OpenIddict.md` --- docs/en/Deployment/Configuring-OpenIddict.md | 62 ++++++++++++++++++++ docs/en/Deployment/Index.md | 1 + docs/en/docs-nav.json | 4 +- 3 files changed, 65 insertions(+), 2 deletions(-) create mode 100644 docs/en/Deployment/Configuring-OpenIddict.md diff --git a/docs/en/Deployment/Configuring-OpenIddict.md b/docs/en/Deployment/Configuring-OpenIddict.md new file mode 100644 index 0000000000..6a03b8357e --- /dev/null +++ b/docs/en/Deployment/Configuring-OpenIddict.md @@ -0,0 +1,62 @@ +# Configuring OpenIddict + +This document introduces how to configure `OpenIddict` in the `AuthServer` project. + +There are different configurations in the `AuthServer` project for `Development` and `Production` environment. + +````csharp +public override void PreConfigureServices(ServiceConfigurationContext context) +{ + var hostingEnvironment = context.Services.GetHostingEnvironment(); + + // Development environment + if (hostingEnvironment.IsDevelopment()) + { + PreConfigure(options => + { + // This is default value, you can remove this line. + options.AddDevelopmentEncryptionAndSigningCertificate = true; + }); + } + + // Production or Staging environment + if (!hostingEnvironment.IsDevelopment()) + { + PreConfigure(options => + { + options.AddDevelopmentEncryptionAndSigningCertificate = false; + }); + + PreConfigure(builder => + { + builder.AddSigningCertificate(GetSigningCertificate(hostingEnvironment)); + builder.AddEncryptionCertificate(GetSigningCertificate(hostingEnvironment)); + + //... + }); + } +} + +private X509Certificate2 GetSigningCertificate(IWebHostEnvironment hostingEnv) +{ + return new X509Certificate2(Path.Combine(hostingEnv.ContentRootPath, "authserver.pfx"), "00000000-0000-0000-0000-000000000000"); +} +```` + +## Development Environment + +We enabled `AddDevelopmentEncryptionAndSigningCertificate` by default on development environment, It will registers (and generates if necessary) a user-specific development encryption/development signing certificate. This is a certificate used for signing and encrypting the tokens and for **development environment only**. + +`AddDevelopmentEncryptionAndSigningCertificate` cannot be used in applications deployed on IIS or Azure App Service: trying to use them on IIS or Azure App Service will result in an exception being thrown at runtime (unless the application pool is configured to [load a user profile](https://learn.microsoft.com/en-us/iis/manage/configuring-security/application-pool-identities#user-profile)). + +To avoid that, consider creating self-signed certificates and storing them in the X.509 certificates store of the host machine(s). This is the way we use in production environment. + +## Production Environment + +We disabled `AddDevelopmentEncryptionAndSigningCertificate` in production environment and tried to setup signing and encrypting certificates using `authserver.pfx`. + +You can use `dotnet dev-certs https -v -ep authserver.pfx -p 00000000-0000-0000-0000-000000000000` command to generate the `authserver.pfx` certificate. + +> `00000000-0000-0000-0000-000000000000` is the password of the certificate, you can change it to any password you want. + +> Please also remember to copy `authserver.pfx` to the [Content Root Folder](https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.hosting.ihostingenvironment.contentrootpath?view=aspnetcore-7.0) of the `AuthServer` website. diff --git a/docs/en/Deployment/Index.md b/docs/en/Deployment/Index.md index 849d3bd4f3..3eb299b483 100644 --- a/docs/en/Deployment/Index.md +++ b/docs/en/Deployment/Index.md @@ -6,6 +6,7 @@ However, there are some topics that you should care about when you are deploying ## Guides +* [Configuring for OpenIddict](Configuring-OpenIddict.md): Notes for some essential configurations for OpenIddict. * [Configuring for Production](Configuring-Production.md): Notes for some essential configurations for production environments. * [Optimization for Production](Optimizing-Production.md): Tips and suggestions for optimizing your application on production environments. * [Deploying to a Clustered Environment](Clustered-Environment.md): Explains how to configure your application when you want to run multiple instances of your application concurrently. diff --git a/docs/en/docs-nav.json b/docs/en/docs-nav.json index 17dcec4a47..9b7d5da982 100644 --- a/docs/en/docs-nav.json +++ b/docs/en/docs-nav.json @@ -1397,7 +1397,7 @@ } ] }, - { + { "text": "OpenIddict", "items": [ { @@ -1493,4 +1493,4 @@ "path": "Contribution/Index.md" } ] -} +} \ No newline at end of file From 90973531ba740256d6567ba92397957789694ecb Mon Sep 17 00:00:00 2001 From: Engincan VESKE Date: Thu, 4 May 2023 09:34:06 +0300 Subject: [PATCH 2/4] Update Road-Map.md --- docs/en/Road-Map.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/docs/en/Road-Map.md b/docs/en/Road-Map.md index 7cf8948515..8fa7b9b2e7 100644 --- a/docs/en/Road-Map.md +++ b/docs/en/Road-Map.md @@ -4,11 +4,11 @@ This document provides a road map, release schedule and planned features for the ## Next Versions -### v7.1 +### v7.3 -The next version will be 7.1 and planned to release the stable 7.1 version in February, 2023. In the version 7.1, we will mostly focus on stabilizing and enhancing existing features, improving the developer experience, as well as adding relatively minor new features. +The next version will be 7.3 and planned to release the stable 7.3 version in July, 2023. In the version 7.3, we will mostly focus on stabilizing and enhancing existing features, improving the developer experience, as well as adding relatively minor new features. -See the [7.1 milestone](https://github.com/abpframework/abp/milestone/68) for all the issues we've planned to work on. +See the [7.3 milestone](https://github.com/abpframework/abp/milestone/82) for all the issues we've planned to work on. ## Backlog Items @@ -19,13 +19,15 @@ Here, a list of major items in the backlog we are considering to work on in the * [#6655](https://github.com/abpframework/abp/pull/6655) / Use Typescript for the MVC UI * [#236](https://github.com/abpframework/abp/issues/236) / Resource based authorization system * [#2882](https://github.com/abpframework/abp/issues/2882) / Providing a gRPC integration infrastructure (while it is [already possible](https://github.com/abpframework/abp-samples/tree/master/GrpcDemo) to create or consume gRPC endpoints for your application, we plan to create endpoints for the [standard application modules](https://docs.abp.io/en/abp/latest/Modules/Index)) -* [#1754](https://github.com/abpframework/abp/issues/1754) / Multi-lingual entities * [#57](https://github.com/abpframework/abp/issues/57) / Built-in CQRS infrastructure * [#336](https://github.com/abpframework/abp/issues/336) / Health Check abstractions -* [#2532](https://github.com/abpframework/abp/issues/2532), [#2564](https://github.com/abpframework/abp/issues/2465) / CosmosDB integration with EF Core and MongoDB API +* [#2532](https://github.com/abpframework/abp/issues/2532) / CosmosDB integration with EF Core and MongoDB API * [#4223](https://github.com/abpframework/abp/issues/4223) / WebHook system * [#162](https://github.com/abpframework/abp/issues/162) / Azure ElasticDB Integration for multitenancy * [#2296](https://github.com/abpframework/abp/issues/2296) / Feature toggling infrastructure +* [#16342](https://github.com/abpframework/abp/issues/16342) / CmsKit: Meta information for SEO +* [#16260](https://github.com/abpframework/abp/issues/16260) / GCP Blob Storage Provider +* [#15932](https://github.com/abpframework/abp/issues/15932) / Introduce ABP Diagnostics Module You can always check the milestone planning and the prioritized backlog issues on [the GitHub repository](https://github.com/abpframework/abp/milestones) for a detailed road map. The backlog items are subject to change. We are adding new items and changing priorities based on the community feedbacks and goals of the project. From 1c21374e6b7565c227e13e76b250f4bb01a4e868 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Halil=20=C4=B0brahim=20Kalkan?= Date: Sun, 7 May 2023 18:28:23 +0300 Subject: [PATCH 3/4] Update Part-9.md Fix typo --- docs/en/Tutorials/Part-9.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/en/Tutorials/Part-9.md b/docs/en/Tutorials/Part-9.md index ba67e2d258..a63a0f5928 100644 --- a/docs/en/Tutorials/Part-9.md +++ b/docs/en/Tutorials/Part-9.md @@ -90,7 +90,7 @@ Create a new razor page, `Index.cshtml` under the `Pages/Authors` folder of the This is a simple page similar to the Books page we had created before. It imports a JavaScript file which will be introduced below. -### IndexModel.cshtml.cs +### Index.cshtml.cs ````csharp using Microsoft.AspNetCore.Mvc.RazorPages; From e502381659716fd987dcd86c7dd6ae6d245e25c2 Mon Sep 17 00:00:00 2001 From: Hamza Albreem <94292623+braim23@users.noreply.github.com> Date: Mon, 8 May 2023 08:42:49 +0300 Subject: [PATCH 4/4] Update Configuring-OpenIddict.md Quick fix for Configuring OpenIddict doc --- docs/en/Deployment/Configuring-OpenIddict.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/en/Deployment/Configuring-OpenIddict.md b/docs/en/Deployment/Configuring-OpenIddict.md index 6a03b8357e..bf7bc9c619 100644 --- a/docs/en/Deployment/Configuring-OpenIddict.md +++ b/docs/en/Deployment/Configuring-OpenIddict.md @@ -45,18 +45,18 @@ private X509Certificate2 GetSigningCertificate(IWebHostEnvironment hostingEnv) ## Development Environment -We enabled `AddDevelopmentEncryptionAndSigningCertificate` by default on development environment, It will registers (and generates if necessary) a user-specific development encryption/development signing certificate. This is a certificate used for signing and encrypting the tokens and for **development environment only**. +We've enabled `AddDevelopmentEncryptionAndSigningCertificate` by default on development environment, It registers (and generates if necessary) a user-specific development encryption/development signing certificate. This is a certificate used for signing and encrypting the tokens and for **development environment only**. `AddDevelopmentEncryptionAndSigningCertificate` cannot be used in applications deployed on IIS or Azure App Service: trying to use them on IIS or Azure App Service will result in an exception being thrown at runtime (unless the application pool is configured to [load a user profile](https://learn.microsoft.com/en-us/iis/manage/configuring-security/application-pool-identities#user-profile)). -To avoid that, consider creating self-signed certificates and storing them in the X.509 certificates store of the host machine(s). This is the way we use in production environment. +To avoid that, consider creating self-signed certificates and storing them in the X.509 certificates storage of the host machine(s). This is the way we do it in production environment. ## Production Environment -We disabled `AddDevelopmentEncryptionAndSigningCertificate` in production environment and tried to setup signing and encrypting certificates using `authserver.pfx`. +We've disabled `AddDevelopmentEncryptionAndSigningCertificate` in production environment and tried to setup signing and encrypting certificates using `authserver.pfx`. -You can use `dotnet dev-certs https -v -ep authserver.pfx -p 00000000-0000-0000-0000-000000000000` command to generate the `authserver.pfx` certificate. +You can use the `dotnet dev-certs https -v -ep authserver.pfx -p 00000000-0000-0000-0000-000000000000` command to generate the `authserver.pfx` certificate. > `00000000-0000-0000-0000-000000000000` is the password of the certificate, you can change it to any password you want. -> Please also remember to copy `authserver.pfx` to the [Content Root Folder](https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.hosting.ihostingenvironment.contentrootpath?view=aspnetcore-7.0) of the `AuthServer` website. +> Also, please remember to copy `authserver.pfx` to the [Content Root Folder](https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.hosting.ihostingenvironment.contentrootpath?view=aspnetcore-7.0) of the `AuthServer` website.