Merge pull request #4578 from abpframework/maliming/IdentityServer-v4

Upgrade IdentityServer4 to 4.x.

modules/account/src/Volo.Abp.Account.Web.IdentityServer/Pages/Account/IdentityServerSupportedLoginModel.cs

@@ -76,9 +76,9 @@ namespace Volo.Abp.Account.Web.Pages.Account
 
             EnableLocalLogin = await SettingProvider.IsTrueAsync(AccountSettingNames.EnableLocalLogin);
 
-            if (context?.ClientId != null)
+            if (context?.Client?.ClientId != null)
             {
-                var client = await ClientStore.FindEnabledClientByIdAsync(context.ClientId);
+                var client = await ClientStore.FindEnabledClientByIdAsync(context?.Client?.ClientId);
                 if (client != null)
                 {
                     EnableLocalLogin = client.EnableLocalLogin;
@@ -108,7 +108,10 @@ namespace Volo.Abp.Account.Web.Pages.Account
                     return Redirect("~/");
                 }
 
-                await Interaction.GrantConsentAsync(context, ConsentResponse.Denied);
+                await Interaction.GrantConsentAsync(context, new ConsentResponse()
+                {
+                    Error = AuthorizationError.AccessDenied
+                });
 
                 return Redirect(ReturnUrl);
             }

modules/account/src/Volo.Abp.Account.Web.IdentityServer/Pages/Consent.cshtml

@@ -96,8 +96,8 @@
             }
 
             <div>
-                <button name="UserDecision" value="yes" class="btn btn-primary" autofocus>Yes, Allow</button>
-                <button name="UserDecision" value="no" class="btn">No, Do Not Allow</button>
+                <button name="ConsentInput.UserDecision" value="yes" class="btn btn-primary" autofocus>Yes, Allow</button>
+                <button name="ConsentInput.UserDecision" value="no" class="btn">No, Do Not Allow</button>
                 @if (Model.ClientInfo.ClientUrl != null)
                 {
                     <a class="pull-right btn btn-secondary" target="_blank" href="@Model.ClientInfo.ClientUrl">
@@ -110,4 +110,4 @@
 
         </form>
     </abp-card-body>
-</abp-card>
+</abp-card>

modules/account/src/Volo.Abp.Account.Web.IdentityServer/Pages/Consent.cshtml.cs

@@ -6,6 +6,7 @@ using System.Threading.Tasks;
 using IdentityServer4.Models;
 using IdentityServer4.Services;
 using IdentityServer4.Stores;
+using IdentityServer4.Validation;
 using Microsoft.AspNetCore.Mvc;
 using Volo.Abp.AspNetCore.Mvc.UI.RazorPages;
 using Volo.Abp.UI;
@@ -50,16 +51,16 @@ namespace Volo.Abp.Account.Web.Pages
                 throw new ApplicationException($"No consent request matching request: {ReturnUrl}");
             }
 
-            var client = await _clientStore.FindEnabledClientByIdAsync(request.ClientId);
+            var client = await _clientStore.FindEnabledClientByIdAsync(request.Client.ClientId);
             if (client == null)
             {
-                throw new ApplicationException($"Invalid client id: {request.ClientId}");
+                throw new ApplicationException($"Invalid client id: {request.Client.ClientId}");
             }
 
-            var resources = await _resourceStore.FindEnabledResourcesByScopeAsync(request.ScopesRequested);
+            var resources = await _resourceStore.FindEnabledResourcesByScopeAsync(request.ValidatedResources.RawScopeValues);
             if (resources == null || (!resources.IdentityResources.Any() && !resources.ApiResources.Any()))
             {
-                throw new ApplicationException($"No scopes matching: {request.ScopesRequested.Aggregate((x, y) => x + ", " + y)}");
+                throw new ApplicationException($"No scopes matching: {request.ValidatedResources.RawScopeValues.Aggregate((x, y) => x + ", " + y)}");
             }
 
             ClientInfo = new ClientInfoModel(client);
@@ -67,14 +68,26 @@ namespace Volo.Abp.Account.Web.Pages
             {
                 RememberConsent = true,
                 IdentityScopes = resources.IdentityResources.Select(x => CreateScopeViewModel(x, true)).ToList(),
-                ApiScopes = resources.ApiResources.SelectMany(x => x.Scopes).Select(x => CreateScopeViewModel(x, true)).ToList()
             };
 
+            var apiScopes = new List<ScopeViewModel>();
+            foreach(var parsedScope in request.ValidatedResources.ParsedScopes)
+            {
+                var apiScope = request.ValidatedResources.Resources.FindApiScope(parsedScope.ParsedName);
+                if (apiScope != null)
+                {
+                    var scopeVm = CreateScopeViewModel(parsedScope, apiScope, true);
+                    apiScopes.Add(scopeVm);
+                }
+            }
+
             if (resources.OfflineAccess)
             {
-                ConsentInput.ApiScopes.Add(GetOfflineAccessScope(true));
+                apiScopes.Add(GetOfflineAccessScope(true));
             }
 
+            ConsentInput.ApiScopes = apiScopes;
+
             return Page();
         }
 
@@ -104,7 +117,10 @@ namespace Volo.Abp.Account.Web.Pages
 
             if (ConsentInput.UserDecision == "no")
             {
-                grantedConsent = ConsentResponse.Denied;
+                grantedConsent = new ConsentResponse
+                {
+                    Error = AuthorizationError.AccessDenied
+                };
             }
             else
             {
@@ -113,7 +129,7 @@ namespace Volo.Abp.Account.Web.Pages
                     grantedConsent = new ConsentResponse
                     {
                         RememberConsent = ConsentInput.RememberConsent,
-                        ScopesConsented = ConsentInput.GetAllowedScopeNames()
+                        ScopesValuesConsented = ConsentInput.GetAllowedScopeNames()
                     };
                 }
                 else
@@ -151,16 +167,22 @@ namespace Volo.Abp.Account.Web.Pages
             };
         }
 
-        protected virtual ConsentModel.ScopeViewModel CreateScopeViewModel(Scope scope, bool check)
+        protected virtual ConsentModel.ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check)
         {
-            return new ConsentModel.ScopeViewModel
+            var displayName = apiScope.DisplayName ?? apiScope.Name;
+            if (!string.IsNullOrWhiteSpace(parsedScopeValue.ParsedParameter))
+            {
+                displayName += ":" + parsedScopeValue.ParsedParameter;
+            }
+
+            return new ScopeViewModel
             {
-                Name = scope.Name,
-                DisplayName = scope.DisplayName,
-                Description = scope.Description,
-                Emphasize = scope.Emphasize,
-                Required = scope.Required,
-                Checked = check || scope.Required
+                Name = parsedScopeValue.RawValue,
+                DisplayName = displayName,
+                Description = apiScope.Description,
+                Emphasize = apiScope.Emphasize,
+                Required = apiScope.Required,
+                Checked = check || apiScope.Required
             };
         }
 
@@ -241,4 +263,4 @@ namespace Volo.Abp.Account.Web.Pages
             }
         }
     }
-}
+}

modules/cms-kit/host/Volo.CmsKit.IdentityServer/IdentityServer/IdentityServerDataSeedContributor.cs

@@ -142,7 +142,7 @@ namespace Volo.CmsKit.IdentityServer
             string postLogoutRedirectUri = null,
             IEnumerable<string> permissions = null)
         {
-            var client = await _clientRepository.FindByCliendIdAsync(name);
+            var client = await _clientRepository.FindByClientIdAsync(name);
             if (client == null)
             {
                 client = await _clientRepository.InsertAsync(

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/ApiResources/ApiResourceConsts.cs

@@ -2,8 +2,12 @@
 {
     public class ApiResourceConsts
     {
-        public const int NameMaxLength = 200;
-        public const int DisplayNameMaxLength = 200;
-        public const int DescriptionMaxLength = 1000;
+        public static int NameMaxLength { get; set; } = 200;
+
+        public static int DisplayNameMaxLength { get; set; } = 200;
+
+        public static int DescriptionMaxLength { get; set; } = 1000;
+
+        public static int AllowedAccessTokenSigningAlgorithmsMaxLength { get; set; } = 100;
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/ApiResources/ApiResourceEto.cs

@@ -17,4 +17,4 @@ namespace Volo.Abp.IdentityServer.ApiResources
 
         public bool Enabled { get; set; }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/ApiResources/ApiResourcePropertyConsts.cs

@@ -0,0 +1,9 @@
+namespace Volo.Abp.IdentityServer.ApiResources
+{
+    public class ApiResourcePropertyConsts
+    {
+        public static int KeyMaxLength { get; set; } = 250;
+
+        public static int ValueMaxLength { get; set; } = 2000;
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/ApiResources/ApiResourceScopeConsts.cs

@@ -0,0 +1,7 @@
+namespace Volo.Abp.IdentityServer.ApiResources
+{
+    public class ApiResourceScopeConsts
+    {
+        public static int ScopeMaxLength { get; set; } = 200;
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/ApiResources/ApiResourceSecretConsts.cs

@@ -0,0 +1,20 @@
+namespace Volo.Abp.IdentityServer.ApiResources
+{
+    public class ApiResourceSecretConsts
+    {
+        /// <summary>
+        /// Default value: 250
+        /// </summary>
+        public static int TypeMaxLength { get; set; } = 250;
+
+        /// <summary>
+        /// Default value: 4000
+        /// </summary>
+        public static int ValueMaxLength { get; set; } = 4000;
+
+        /// <summary>
+        /// Default value: 1000
+        /// </summary>
+        public static int DescriptionMaxLength { get; set; } = 1000;
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/ApiResources/ApiScopeConsts.cs

@@ -1,9 +0,0 @@
-namespace Volo.Abp.IdentityServer.ApiResources
-{
-    public class ApiScopeConsts
-    {
-        public const int NameMaxLength = 200;
-        public const int DisplayNameMaxLength = 200;
-        public const int DescriptionMaxLength = 1000;
-    }
-}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/ApiScopes/ApiResourceConsts.cs

@@ -0,0 +1,11 @@
+namespace Volo.Abp.IdentityServer.ApiScopes
+{
+    public class ApiScopeConsts
+    {
+        public static int NameMaxLength { get; set; } =  200;
+
+        public static int DisplayNameMaxLength { get; set; } =  200;
+
+        public static int DescriptionMaxLength { get; set; } =  1000;
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/ApiScopes/ApiScopePropertyConsts.cs

@@ -0,0 +1,9 @@
+namespace Volo.Abp.IdentityServer.ApiScopes
+{
+    public class ApiScopePropertyConsts
+    {
+        public static int KeyMaxLength { get; set; } =  250;
+
+        public static int ValueMaxLength { get; set; } = 2000;
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Clients/ClientClaimConsts.cs

@@ -2,7 +2,8 @@
 {
     public class ClientClaimConsts
     {
-        public const int TypeMaxLength = 250;
-        public const int ValueMaxLength = 250;
+        public static int TypeMaxLength { get; set; } =  250;
+
+        public static int ValueMaxLength { get; set; } =  250;
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Clients/ClientConsts.cs

@@ -2,26 +2,28 @@
 {
     public class ClientConsts
     {
-        public const int ClientIdMaxLength = 200;
+        public static int ClientIdMaxLength { get; set; } =  200;
 
-        public const int ProtocolTypeMaxLength = 200;
+        public static int ProtocolTypeMaxLength { get; set; } =  200;
 
-        public const int ClientNameMaxLength = 200;
+        public static int ClientNameMaxLength { get; set; } =  200;
 
-        public const int ClientUriMaxLength = 2000;
+        public static int ClientUriMaxLength { get; set; } =  2000;
 
-        public const int LogoUriMaxLength = 2000;
+        public static int LogoUriMaxLength { get; set; } =  2000;
 
-        public const int DescriptionMaxLength = 1000;
+        public static int DescriptionMaxLength { get; set; } =  1000;
 
-        public const int FrontChannelLogoutUriMaxLength = 2000;
+        public static int FrontChannelLogoutUriMaxLength { get; set; } =  2000;
 
-        public const int BackChannelLogoutUriMaxLength = 2000;
+        public static int BackChannelLogoutUriMaxLength { get; set; } =  2000;
 
-        public const int ClientClaimsPrefixMaxLength = 200;
+        public static int ClientClaimsPrefixMaxLength { get; set; } =  200;
 
-        public const int PairWiseSubjectSaltMaxLength = 200;
+        public static int PairWiseSubjectSaltMaxLength { get; set; } =  200;
 
-        public const int UserCodeTypeMaxLength = 100;
+        public static int UserCodeTypeMaxLength { get; set; } =  100;
+
+        public static int AllowedIdentityTokenSigningAlgorithms { get; set; } =  100;
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Clients/ClientCorsOriginConsts.cs

@@ -2,6 +2,6 @@
 {
     public class ClientCorsOriginConsts
     {
-        public const int OriginMaxLength = 150;
+        public static int OriginMaxLength { get; set; } =  150;
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Clients/ClientGrantTypeConsts.cs

@@ -2,6 +2,6 @@
 {
     public class ClientGrantTypeConsts
     {
-        public const int GrantTypeMaxLength = 250;
+        public static int GrantTypeMaxLength { get; set; } =  250;
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/SecretConsts.cs → modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Clients/ClientSecretConsts.cs

@@ -1,22 +1,20 @@
-namespace Volo.Abp.IdentityServer
+namespace Volo.Abp.IdentityServer.Clients
 {
-    public class SecretConsts
+    public class ClientSecretConsts
     {
         /// <summary>
         /// Default value: 250
         /// </summary>
         public static int TypeMaxLength { get; set; } = 250;
-        
+
         /// <summary>
         /// Default value: 4000
         /// </summary>
         public static int ValueMaxLength { get; set; } = 4000;
-        
-        public static int ValueMaxLengthValue { get; set; } = ValueMaxLength;
-        
+
         /// <summary>
         /// Default value: 2000
         /// </summary>
         public static int DescriptionMaxLength { get; set; } = 2000;
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Devices/DeviceFlowCodesConsts.cs

@@ -0,0 +1,19 @@
+namespace Volo.Abp.IdentityServer.Devices
+{
+    public class DeviceFlowCodesConsts
+    {
+        public static int DeviceCodeMaxLength { get; set; } =  200;
+
+        public static int UserCodeMaxLength { get; set; } =  200;
+
+        public static int SubjectIdMaxLength { get; set; } =  200;
+
+        public static int SessionIdMaxLength { get; set; } = 100;
+
+        public static int DescriptionMaxLength { get; set; } = 200;
+
+        public static int ClientIdMaxLength { get; set; } =  200;
+
+        public static int DataMaxLength { get; set; } =  50000;
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Devices/DeviceFlowCodesEto.cs

@@ -13,10 +13,14 @@ namespace Volo.Abp.IdentityServer.Devices
 
         public string SubjectId { get; set; }
 
+        public string SessionId { get; set; }
+
         public string ClientId { get; set; }
 
+        public string Description { get; set; }
+
         public DateTime? Expiration { get; set; }
 
         public string Data { get; set; }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Grants/PersistedGrantConsts.cs

@@ -6,30 +6,40 @@
         /// Default value: 200
         /// </summary>
         public static int KeyMaxLength { get; set; } = 200;
-        
+
         /// <summary>
         /// Default value: 50
         /// </summary>
         public static int TypeMaxLength { get; set; } = 50;
-        
+
         /// <summary>
         /// Default value: 200
         /// </summary>
         public static int SubjectIdMaxLength { get; set; } = 200;
-        
+
+        /// <summary>
+        /// Default value: 100
+        /// </summary>
+        public static int SessionIdMaxLength { get; set; } = 100;
+
         /// <summary>
         /// Default value: 200
         /// </summary>
         public static int ClientIdMaxLength { get; set; } = 200;
-        
+
+        /// <summary>
+        /// Default value: 200
+        /// </summary>
+        public static int DescriptionMaxLength { get; set; } = 200;
+
         /// <summary>
         /// Default value: 50000
         /// </summary>
         public static int DataMaxLength { get; set; } = 50000;
-        
+
         /// <summary>
         /// Default value: 50000
         /// </summary>
         public static int DataMaxLengthValue { get; set; } = 50000;
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/IdentityResources/IdentityResourceConsts.cs

@@ -6,15 +6,15 @@
         /// Default value: 200
         /// </summary>
         public static int NameMaxLength { get; set; } = 200;
-        
+
         /// <summary>
         /// Default value: 200
         /// </summary>
         public static int DisplayNameMaxLength { get; set; } = 200;
-        
+
         /// <summary>
-        /// Default value: 200
+        /// Default value: 1000
         /// </summary>
         public static int DescriptionMaxLength { get; set; } = 1000;
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/IdentityResources/IdentityResourcePropertyConsts.cs

@@ -0,0 +1,9 @@
+namespace Volo.Abp.IdentityServer.IdentityResources
+{
+    public class IdentityResourcePropertyConsts
+    {
+        public static int KeyMaxLength { get; set; } =  250;
+
+        public static int ValueMaxLength { get; set; } = 2000;
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Localization/Resources/en.json

@@ -3,6 +3,7 @@
   "texts": {
     "Volo.IdentityServer:DuplicateIdentityResourceName": "Identity Resource name already exist: {Name}",
     "Volo.IdentityServer:DuplicateApiResourceName": "Api Resource name already exist: {Name}",
+    "Volo.IdentityServer:DuplicateApiScopeName": "Api Scope name already exist: {Name}",
     "Volo.IdentityServer:DuplicateClientId": "ClientId already exist: {ClientId}",
     "UserLockedOut": "The user account has been locked out due to invalid login attempts. Please wait a while and try again.",
     "InvalidUserNameOrPassword": "Invalid username or password!",

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Localization/Resources/zh-Hans.json

@@ -3,6 +3,7 @@
   "texts": {
     "Volo.IdentityServer:DuplicateIdentityResourceName": "Identity资源名称已存在: {Name}",
     "Volo.IdentityServer:DuplicateApiResourceName": "Api资源名称已存在: {Name}",
+    "Volo.IdentityServer:DuplicateApiScopeName": "Api Scope已存在: {Name}",
     "Volo.IdentityServer:DuplicateClientId": "ClientId已经存在: {ClientId}",
     "UserLockedOut": "登录失败,用户账户已被锁定.请稍后再试.",
     "InvalidUserNameOrPassword": "用户名或密码错误!",

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/ObjectExtending/IdentityServerModuleExtensionConfiguration.cs

@@ -23,6 +23,15 @@ namespace Volo.Abp.ObjectExtending
             );
         }
 
+        public IdentityServerModuleExtensionConfiguration ConfigureApiScope(
+            Action<EntityExtensionConfiguration> configureAction)
+        {
+            return this.ConfigureEntity(
+                IdentityServerModuleExtensionConsts.EntityNames.ApiScope,
+                configureAction
+            );
+        }
+
         public IdentityServerModuleExtensionConfiguration ConfigureIdentityResource(
             Action<EntityExtensionConfiguration> configureAction)
         {

modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/ObjectExtending/IdentityServerModuleExtensionConsts.cs

@@ -11,6 +11,8 @@
             public const string IdentityResource = "IdentityResource";
 
             public const string ApiResource = "ApiResource";
+
+            public const string ApiScope = "ApiScope";
         }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo.Abp.IdentityServer.Domain.csproj

@@ -25,8 +25,8 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="IdentityServer4" Version="3.1.3" />
-    <PackageReference Include="IdentityServer4.AspNetIdentity" Version="3.1.3" />
+    <PackageReference Include="IdentityServer4" Version="4.1.1" />
+    <PackageReference Include="IdentityServer4.AspNetIdentity" Version="4.1.1" />
   </ItemGroup>
 
 </Project>

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpIdentityServerBuilderExtensions.cs

@@ -55,7 +55,9 @@ namespace Volo.Abp.IdentityServer
             return builder;
         }
 
-        public static IIdentityServerBuilder AddAbpDeveloperSigningCredential(
+        //TODO: Use the latest Identity server code to optimize performance.
+        // https://github.com/IdentityServer/IdentityServer4/blob/main/src/IdentityServer4/src/Configuration/DependencyInjection/BuilderExtensions/Crypto.cs
+        private static IIdentityServerBuilder AddAbpDeveloperSigningCredential(
             this IIdentityServerBuilder builder,
             bool persistKey = true,
             string filename = null,

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpIdentityServerDomainModule.cs

@@ -10,6 +10,7 @@ using Volo.Abp.Domain.Entities.Events.Distributed;
 using Volo.Abp.Identity;
 using Volo.Abp.IdentityServer.ApiResources;
 using Volo.Abp.IdentityServer.AspNetIdentity;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Devices;
 using Volo.Abp.IdentityServer.IdentityResources;
@@ -68,7 +69,7 @@ namespace Volo.Abp.IdentityServer
 
             if (builderOptions.AddDeveloperSigningCredential)
             {
-                identityServerBuilder = identityServerBuilder.AddAbpDeveloperSigningCredential();
+                identityServerBuilder = identityServerBuilder.AddDeveloperSigningCredential();
             }
 
             identityServerBuilder.AddAbpIdentityServer(builderOptions);

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AllowedSigningAlgorithmsConverter.cs

@@ -0,0 +1,37 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using AutoMapper;
+
+namespace Volo.Abp.IdentityServer
+{
+    public class AllowedSigningAlgorithmsConverter :
+        IValueConverter<ICollection<string>, string>,
+        IValueConverter<string, ICollection<string>>
+    {
+        public static AllowedSigningAlgorithmsConverter Converter = new AllowedSigningAlgorithmsConverter();
+
+        public string Convert(ICollection<string> sourceMember, ResolutionContext context)
+        {
+            if (sourceMember == null || !sourceMember.Any())
+            {
+                return null;
+            }
+            return sourceMember.Aggregate((x, y) => $"{x},{y}");
+        }
+
+        public ICollection<string> Convert(string sourceMember, ResolutionContext context)
+        {
+            var list = new HashSet<string>();
+            if (!String.IsNullOrWhiteSpace(sourceMember))
+            {
+                sourceMember = sourceMember.Trim();
+                foreach (var item in sourceMember.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries).Distinct())
+                {
+                    list.Add(item);
+                }
+            }
+            return list;
+        }
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiResources/ApiResource.cs

@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using IdentityServer4;
@@ -18,13 +18,17 @@ namespace Volo.Abp.IdentityServer.ApiResources
 
         public virtual bool Enabled { get; set; }
 
-        public virtual List<ApiSecret> Secrets { get; protected set; }
+        public virtual string AllowedAccessTokenSigningAlgorithms { get; set; }
 
-        public virtual List<ApiScope> Scopes { get; protected set; }
+        public virtual bool ShowInDiscoveryDocument { get; set; } = true;
+
+        public virtual List<ApiResourceSecret> Secrets { get; protected set; }
+
+        public virtual List<ApiResourceScope> Scopes { get; protected set; }
 
         public virtual List<ApiResourceClaim> UserClaims { get; protected set; }
 
-        public virtual Dictionary<string, string> Properties { get; protected set; }
+        public virtual List<ApiResourceProperty> Properties { get; protected set; }
 
         protected ApiResource()
         {
@@ -44,21 +48,21 @@ namespace Volo.Abp.IdentityServer.ApiResources
 
             Enabled = true;
 
-            Secrets = new List<ApiSecret>();
-            Scopes = new List<ApiScope>();
+            Secrets = new List<ApiResourceSecret>();
+            Scopes = new List<ApiResourceScope>();
             UserClaims = new List<ApiResourceClaim>();
-            Properties = new Dictionary<string, string>();
+            Properties = new List<ApiResourceProperty>();
 
-            Scopes.Add(new ApiScope(id, name, displayName, description));
+            Scopes.Add(new ApiResourceScope(id, name));
         }
 
         public virtual void AddSecret(
-            [NotNull] string value, 
+            [NotNull] string value,
             DateTime? expiration = null,
             string type = IdentityServerConstants.SecretTypes.SharedSecret,
             string description = null)
         {
-            Secrets.Add(new ApiSecret(Id, value, expiration, type, description));
+            Secrets.Add(new ApiResourceSecret(Id, value, expiration, type, description));
         }
 
         public virtual void RemoveSecret([NotNull] string value, string type = IdentityServerConstants.SecretTypes.SharedSecret)
@@ -66,22 +70,16 @@ namespace Volo.Abp.IdentityServer.ApiResources
             Secrets.RemoveAll(s => s.Value == value && s.Type == type);
         }
 
-        public virtual ApiSecret FindSecret([NotNull] string value, string type = IdentityServerConstants.SecretTypes.SharedSecret)
+        public virtual ApiResourceSecret FindSecret([NotNull] string value, string type = IdentityServerConstants.SecretTypes.SharedSecret)
         {
             return Secrets.FirstOrDefault(s => s.Type == type && s.Value == value);
         }
 
-        public virtual ApiScope AddScope(
-            [NotNull] string name,
-            string displayName = null,
-            string description = null,
-            bool required = false,
-            bool emphasize = false,
-            bool showInDiscoveryDocument = true)
+        public virtual ApiResourceScope AddScope([NotNull] string scope)
         {
-            var scope = new ApiScope(Id, name, displayName, description, required, emphasize, showInDiscoveryDocument);
-            Scopes.Add(scope);
-            return scope;
+            var apiResourceScope = new ApiResourceScope(Id, scope);
+            Scopes.Add(apiResourceScope);
+            return apiResourceScope;
         }
 
         public virtual void AddUserClaim([NotNull] string type)
@@ -111,21 +109,37 @@ namespace Volo.Abp.IdentityServer.ApiResources
 
         public virtual void RemoveAllScopes()
         {
-            foreach (var scope in Scopes)
-            {
-                scope.RemoveAllUserClaims();
-            }
             Scopes.Clear();
         }
 
-        public virtual void RemoveScope(string name)
+        public virtual void RemoveScope(string scope)
+        {
+            Scopes.RemoveAll(r => r.Scope == scope);
+        }
+
+        public virtual ApiResourceScope FindScope(string scope)
+        {
+            return Scopes.FirstOrDefault(r => r.Scope == scope);
+        }
+
+        public virtual void AddProperty([NotNull] string key, string value)
+        {
+            Properties.Add(new ApiResourceProperty(Id, key, value));
+        }
+
+        public virtual void RemoveAllProperties()
+        {
+            Properties.Clear();
+        }
+
+        public virtual void RemoveProperty(string key)
         {
-            Scopes.RemoveAll(r => r.Name == name);
+            Properties.RemoveAll(r => r.Key == key);
         }
 
-        public virtual ApiScope FindScope(string name)
+        public virtual ApiResourceProperty FindProperty(string key)
         {
-            return Scopes.FirstOrDefault(r => r.Name == name);
+            return Properties.FirstOrDefault(r => r.Key == key);
         }
     }
 }

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiResources/ApiResourceClaim.cs

@@ -28,4 +28,4 @@ namespace Volo.Abp.IdentityServer.ApiResources
             return new object[] {ApiResourceId, Type};
         }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiResources/ApiResourceProperty.cs

@@ -0,0 +1,39 @@
+using System;
+using JetBrains.Annotations;
+using Volo.Abp.Domain.Entities;
+
+namespace Volo.Abp.IdentityServer.ApiResources
+{
+    public class ApiResourceProperty : Entity
+    {
+        public virtual Guid ApiResourceId { get; protected set; }
+
+        public virtual string Key { get; set; }
+
+        public virtual string Value { get; set; }
+
+        protected ApiResourceProperty()
+        {
+
+        }
+
+        public virtual bool Equals(Guid aiResourceId, [NotNull] string key, string value)
+        {
+            return ApiResourceId == aiResourceId && Key == key && Value == value;
+        }
+
+        protected internal ApiResourceProperty(Guid aiResourceId, [NotNull] string key, [NotNull] string value)
+        {
+            Check.NotNull(key, nameof(key));
+
+            ApiResourceId = aiResourceId;
+            Key = key;
+            Value = value;
+        }
+
+        public override object[] GetKeys()
+        {
+            return new object[] { ApiResourceId, Key };
+        }
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiResources/ApiResourceScope.cs

@@ -0,0 +1,38 @@
+using System;
+using JetBrains.Annotations;
+using Volo.Abp.Domain.Entities;
+
+namespace Volo.Abp.IdentityServer.ApiResources
+{
+    public class ApiResourceScope : Entity
+    {
+        public virtual Guid ApiResourceId { get; protected set; }
+
+        public virtual string Scope { get; set; }
+
+        protected ApiResourceScope()
+        {
+
+        }
+
+        public virtual bool Equals(Guid apiResourceId, [NotNull] string scope)
+        {
+            return ApiResourceId == apiResourceId && Scope == scope;
+        }
+
+        protected internal ApiResourceScope(
+            Guid apiResourceId,
+            [NotNull] string scope)
+        {
+            Check.NotNull(scope, nameof(scope));
+
+            ApiResourceId = apiResourceId;
+            Scope = scope;
+        }
+
+        public override object[] GetKeys()
+        {
+            return new object[] { ApiResourceId, Scope };
+        }
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiResources/ApiSecret.cs → modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiResources/ApiResourceSecret.cs

@@ -4,11 +4,11 @@ using JetBrains.Annotations;
 
 namespace Volo.Abp.IdentityServer.ApiResources
 {
-    public class ApiSecret : Secret
+    public class ApiResourceSecret : Secret
     {
         public virtual Guid ApiResourceId { get; protected set; }
 
-        protected ApiSecret()
+        protected ApiResourceSecret()
         {
 
         }
@@ -18,16 +18,16 @@ namespace Volo.Abp.IdentityServer.ApiResources
             return ApiResourceId == apiResourceId && Value == value && Type == type;
         }
 
-        protected internal ApiSecret(
+        protected internal ApiResourceSecret(
             Guid apiResourceId,
-            [NotNull] string value, 
-            DateTime? expiration = null, 
-            string type = IdentityServerConstants.SecretTypes.SharedSecret, 
+            [NotNull] string value,
+            DateTime? expiration = null,
+            string type = IdentityServerConstants.SecretTypes.SharedSecret,
             string description = null
             ) : base(
-                value, 
-                expiration, 
-                type, 
+                value,
+                expiration,
+                type,
                 description)
         {
             ApiResourceId = apiResourceId;
@@ -38,4 +38,4 @@ namespace Volo.Abp.IdentityServer.ApiResources
             return new object[] { ApiResourceId, Type, Value };
         }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiResources/ApiScopeClaim.cs

@@ -1,37 +0,0 @@
-using System;
-using JetBrains.Annotations;
-
-namespace Volo.Abp.IdentityServer.ApiResources
-{
-    public class ApiScopeClaim : UserClaim
-    {
-        public Guid ApiResourceId { get; protected set; }
-
-        [NotNull]
-        public string Name { get; protected set; }
-
-        protected ApiScopeClaim()
-        {
-
-        }
-
-        public virtual bool Equals(Guid apiResourceId, [NotNull] string name, [NotNull] string type)
-        {
-            return ApiResourceId == apiResourceId && Name == name && Type == type;
-        }
-
-        protected internal ApiScopeClaim(Guid apiResourceId, [NotNull] string name, [NotNull] string type)
-            : base(type)
-        {
-            Check.NotNull(name, nameof(name));
-
-            ApiResourceId = apiResourceId;
-            Name = name;
-        }
-
-        public override object[] GetKeys()
-        {
-            return new object[] { ApiResourceId, Name, Type };
-        }
-    }
-}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiResources/IApiResourceRepository.cs

@@ -9,7 +9,13 @@ namespace Volo.Abp.IdentityServer.ApiResources
     public interface IApiResourceRepository : IBasicRepository<ApiResource, Guid>
     {
         Task<ApiResource> FindByNameAsync(
-            string name,
+            string apiResourceName,
+            bool includeDetails = true,
+            CancellationToken cancellationToken = default
+        );
+
+        Task<List<ApiResource>> FindByNameAsync(
+            string[] apiResourceNames,
             bool includeDetails = true,
             CancellationToken cancellationToken = default
         );
@@ -29,15 +35,10 @@ namespace Volo.Abp.IdentityServer.ApiResources
             CancellationToken cancellationToken = default
         );
 
-        Task<List<ApiResource>> GetListAsync(
-            bool includeDetails = false,
-            CancellationToken cancellationToken = default
-        );
-
         Task<bool> CheckNameExistAsync(
             string name,
             Guid? expectedId = null,
             CancellationToken cancellationToken = default
         );
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiResources/ApiScope.cs → modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiScopes/ApiScope.cs

@@ -1,14 +1,14 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using JetBrains.Annotations;
-using Volo.Abp.Domain.Entities;
+using Volo.Abp.Domain.Entities.Auditing;
 
-namespace Volo.Abp.IdentityServer.ApiResources
+namespace Volo.Abp.IdentityServer.ApiScopes
 {
-    public class ApiScope : Entity
+    public class ApiScope :  FullAuditedAggregateRoot<Guid>
     {
-        public virtual Guid ApiResourceId { get; protected set; }
+        public virtual bool Enabled { get; set; }
 
         [NotNull]
         public virtual string Name { get; protected set; }
@@ -25,41 +25,41 @@ namespace Volo.Abp.IdentityServer.ApiResources
 
         public virtual List<ApiScopeClaim> UserClaims { get; protected set; }
 
+        public virtual List<ApiScopeProperty> Properties { get; protected set; }
+
         protected ApiScope()
         {
 
         }
 
-        public virtual bool Equals(Guid apiResourceId, [NotNull] string name)
-        {
-            return ApiResourceId == apiResourceId && Name == name;
-        }
-
-        protected internal ApiScope(
-            Guid apiResourceId, 
-            [NotNull] string name, 
-            string displayName = null, 
-            string description = null, 
-            bool required = false, 
-            bool emphasize = false, 
-            bool showInDiscoveryDocument = true)
+        public ApiScope(
+            Guid id,
+            [NotNull] string name,
+            string displayName = null,
+            string description = null,
+            bool required = false,
+            bool emphasize = false,
+            bool showInDiscoveryDocument = true,
+            bool enabled = true)
         {
             Check.NotNull(name, nameof(name));
 
-            ApiResourceId = apiResourceId;
+            Id = id;
             Name = name;
             DisplayName = displayName ?? name;
             Description = description;
             Required = required;
             Emphasize = emphasize;
             ShowInDiscoveryDocument = showInDiscoveryDocument;
+            Enabled = enabled;
 
             UserClaims = new List<ApiScopeClaim>();
+            Properties = new List<ApiScopeProperty>();
         }
 
         public virtual void AddUserClaim([NotNull] string type)
         {
-            UserClaims.Add(new ApiScopeClaim(ApiResourceId, Name, type));
+            UserClaims.Add(new ApiScopeClaim(Id, type));
         }
 
         public virtual void RemoveAllUserClaims()
@@ -74,12 +74,27 @@ namespace Volo.Abp.IdentityServer.ApiResources
 
         public virtual ApiScopeClaim FindClaim(string type)
         {
-            return UserClaims.FirstOrDefault(r => r.Name == Name && r.Type == type);
+            return UserClaims.FirstOrDefault(r => r.Type == type);
+        }
+
+        public virtual void AddProperty([NotNull] string key, string value)
+        {
+            Properties.Add(new ApiScopeProperty(Id, key, value));
+        }
+
+        public virtual void RemoveAllProperties()
+        {
+            Properties.Clear();
+        }
+
+        public virtual void RemoveProperty(string key)
+        {
+            Properties.RemoveAll(r => r.Key == key);
         }
 
-        public override object[] GetKeys()
+        public virtual ApiScopeProperty FindProperty(string key)
         {
-            return new object[] { ApiResourceId, Name };
+            return Properties.FirstOrDefault(r => r.Key == key);
         }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiScopes/ApiScopeClaim.cs

@@ -0,0 +1,31 @@
+using System;
+using JetBrains.Annotations;
+
+namespace Volo.Abp.IdentityServer.ApiScopes
+{
+    public class ApiScopeClaim : UserClaim
+    {
+        public Guid ApiScopeId { get; protected set; }
+
+        protected ApiScopeClaim()
+        {
+
+        }
+
+        public virtual bool Equals(Guid apiScopeId, [NotNull] string type)
+        {
+            return ApiScopeId == apiScopeId && Type == type;
+        }
+
+        protected internal ApiScopeClaim(Guid apiScopeId, [NotNull] string type)
+            : base(type)
+        {
+            ApiScopeId = apiScopeId;
+        }
+
+        public override object[] GetKeys()
+        {
+            return new object[] { ApiScopeId, Type };
+        }
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiScopes/ApiScopeProperty.cs

@@ -0,0 +1,39 @@
+using System;
+using JetBrains.Annotations;
+using Volo.Abp.Domain.Entities;
+
+namespace Volo.Abp.IdentityServer.ApiScopes
+{
+    public class ApiScopeProperty : Entity
+    {
+        public virtual Guid ApiScopeId { get; set; }
+
+        public virtual string Key { get; set; }
+
+        public virtual string Value { get; set; }
+
+        protected ApiScopeProperty()
+        {
+
+        }
+
+        public virtual bool Equals(Guid apiScopeId, [NotNull] string key, string value)
+        {
+            return ApiScopeId == apiScopeId && Key == key && Value == value;
+        }
+
+        protected internal ApiScopeProperty(Guid apiScopeId, [NotNull] string key, [NotNull] string value)
+        {
+            Check.NotNull(key, nameof(key));
+
+            ApiScopeId = apiScopeId;
+            Key = key;
+            Value = value;
+        }
+
+        public override object[] GetKeys()
+        {
+            return new object[] { ApiScopeId, Key };
+        }
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ApiScopes/IApiScopeeRepository.cs

@@ -0,0 +1,38 @@
+using System;
+using System.Collections.Generic;
+using System.Threading;
+using System.Threading.Tasks;
+using Volo.Abp.Domain.Repositories;
+
+namespace Volo.Abp.IdentityServer.ApiScopes
+{
+    public interface IApiScopeRepository : IBasicRepository<ApiScope, Guid>
+    {
+        Task<ApiScope> GetByNameAsync(
+            string scopeName,
+            bool includeDetails = true,
+            CancellationToken cancellationToken = default
+        );
+
+        Task<List<ApiScope>> GetListByNameAsync(
+            string[] scopeNames,
+            bool includeDetails = false,
+            CancellationToken cancellationToken = default
+        );
+
+        Task<List<ApiScope>> GetListAsync(
+            string sorting,
+            int skipCount,
+            int maxResultCount,
+            string filter = null,
+            bool includeDetails = false,
+            CancellationToken cancellationToken = default
+        );
+
+        Task<bool> CheckNameExistAsync(
+            string name,
+            Guid? expectedId = null,
+            CancellationToken cancellationToken = default
+        );
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs

@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Security.Claims;
@@ -27,7 +27,6 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
     public class AbpResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
     {
         protected SignInManager<IdentityUser> SignInManager { get; }
-        protected IEventService Events { get; }
         protected UserManager<IdentityUser> UserManager { get; }
         protected IdentitySecurityLogManager IdentitySecurityLogManager { get; }
         protected ILogger<ResourceOwnerPasswordValidator<IdentityUser>> Logger { get; }
@@ -39,7 +38,6 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
             UserManager<IdentityUser> userManager,
             SignInManager<IdentityUser> signInManager,
             IdentitySecurityLogManager identitySecurityLogManager,
-            IEventService events,
             ILogger<ResourceOwnerPasswordValidator<IdentityUser>> logger,
             IStringLocalizer<AbpIdentityServerResource> localizer,
             IOptions<AbpIdentityOptions> abpIdentityOptions,
@@ -48,7 +46,6 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
             UserManager = userManager;
             SignInManager = signInManager;
             IdentitySecurityLogManager = identitySecurityLogManager;
-            Events = events;
             Logger = logger;
             Localizer = localizer;
             ServiceScopeFactory = serviceScopeFactory;
@@ -75,7 +72,6 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
                 var sub = await UserManager.GetUserIdAsync(user);
 
                 Logger.LogInformation("Credentials validated for username: {username}", context.UserName);
-                await Events.RaiseAsync(new UserLoginSuccessEvent(context.UserName, sub, context.UserName, interactive: false));
 
                 var additionalClaims = new List<Claim>();
 
@@ -136,19 +132,16 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
                 else if (result.IsLockedOut)
                 {
                     Logger.LogInformation("Authentication failed for username: {username}, reason: locked out", context.UserName);
-                    await Events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "locked out", interactive: false));
                     errorDescription = Localizer["UserLockedOut"];
                 }
                 else if (result.IsNotAllowed)
                 {
                     Logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", context.UserName);
-                    await Events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "not allowed", interactive: false));
                     errorDescription = Localizer["LoginIsNotAllowed"];
                 }
                 else
                 {
                     Logger.LogInformation("Authentication failed for username: {username}, reason: invalid credentials", context.UserName);
-                    await Events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "invalid credentials", interactive: false));
                     errorDescription = Localizer["InvalidUserNameOrPassword"];
                 }
 
@@ -163,7 +156,6 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
             else
             {
                 Logger.LogInformation("No user found matching username: {username}", context.UserName);
-                await Events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "invalid username", interactive: false));
                 errorDescription = Localizer["InvalidUsername"];
 
                 await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/Client.cs

@@ -36,6 +36,8 @@ namespace Volo.Abp.IdentityServer.Clients
 
         public virtual bool AllowPlainTextPkce { get; set; }
 
+        public virtual bool RequireRequestObject { get; set; }
+
         public virtual bool AllowAccessTokensViaBrowser { get; set; }
 
         public virtual string FrontChannelLogoutUri { get; set; }
@@ -50,6 +52,8 @@ namespace Volo.Abp.IdentityServer.Clients
 
         public virtual int IdentityTokenLifetime { get; set; }
 
+        public virtual string AllowedIdentityTokenSigningAlgorithms { get; set; }
+
         public virtual int AccessTokenLifetime { get; set; }
 
         public virtual int AuthorizationCodeLifetime { get; set; }
@@ -118,8 +122,9 @@ namespace Volo.Abp.IdentityServer.Clients
 
             ProtocolType = IdentityServerConstants.ProtocolTypes.OpenIdConnect;
             RequireClientSecret = true;
-            RequireConsent = true;
+            RequireConsent = false;
             AllowRememberConsent = true;
+            RequirePkce = true;
             FrontChannelLogoutSessionRequired = true;
             BackChannelLogoutSessionRequired = true;
             IdentityTokenLifetime = 300;
@@ -319,4 +324,4 @@ namespace Volo.Abp.IdentityServer.Clients
             return IdentityProviderRestrictions.FirstOrDefault(r => r.Provider == provider);
         }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/ClientProperty.cs

@@ -17,7 +17,7 @@ namespace Volo.Abp.IdentityServer.Clients
 
         }
 
-        public virtual bool Equals(Guid clientId, [NotNull] string key, string value)
+        public virtual bool Equals(Guid clientId, [NotNull] string key, [NotNull] string value)
         {
             return ClientId == clientId && Key == key && Value == value;
         }
@@ -36,4 +36,4 @@ namespace Volo.Abp.IdentityServer.Clients
             return new object[] { ClientId, Key };
         }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/ClientStore.cs

@@ -17,7 +17,7 @@ namespace Volo.Abp.IdentityServer.Clients
 
         public virtual async Task<IdentityServer4.Models.Client> FindClientByIdAsync(string clientId)
         {
-            var client = await ClientRepository.FindByCliendIdAsync(clientId);
+            var client = await ClientRepository.FindByClientIdAsync(clientId);
             return ObjectMapper.Map<Client, IdentityServer4.Models.Client>(client);
         }
     }

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/IClientRepository.cs

@@ -9,7 +9,7 @@ namespace Volo.Abp.IdentityServer.Clients
 {
     public interface IClientRepository : IBasicRepository<Client, Guid>
     {
-        Task<Client> FindByCliendIdAsync(
+        Task<Client> FindByClientIdAsync(
             [NotNull] string clientId,
             bool includeDetails = true,
             CancellationToken cancellationToken = default
@@ -32,4 +32,4 @@ namespace Volo.Abp.IdentityServer.Clients
             CancellationToken cancellationToken = default
         );
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Devices/DeviceFlowCodes.cs

@@ -11,8 +11,12 @@ namespace Volo.Abp.IdentityServer.Devices
 
         public virtual string SubjectId { get; set; }
 
+        public virtual string SessionId { get; set; }
+
         public virtual string ClientId { get; set; }
 
+        public virtual string Description { get; set; }
+
         public virtual DateTime? Expiration { get; set; }
 
         public virtual string Data { get; set; }
@@ -28,4 +32,4 @@ namespace Volo.Abp.IdentityServer.Devices
 
         }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Grants/IPersistentGrantRepository.cs

@@ -8,6 +8,12 @@ namespace Volo.Abp.IdentityServer.Grants
 {
     public interface IPersistentGrantRepository : IBasicRepository<PersistedGrant, Guid>
     {
+        Task<List<PersistedGrant>> GetListAsync(
+            string subjectId,
+            string sessionId,
+            string clientId,
+            string type, bool includeDetails = false, CancellationToken cancellationToken = default);
+
         Task<PersistedGrant> FindByKeyAsync(
             string key,
             CancellationToken cancellationToken = default
@@ -25,16 +31,11 @@ namespace Volo.Abp.IdentityServer.Grants
         );
 
         Task DeleteAsync(
-            string subjectId,
-            string clientId,
-            CancellationToken cancellationToken = default
-        );
-
-        Task DeleteAsync(
-            string subjectId,
-            string clientId,
-            string type,
+            string subjectId = null,
+            string sessionId = null,
+            string clientId = null,
+            string type = null,
             CancellationToken cancellationToken = default
         );
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Grants/PersistedGrant.cs

@@ -1,4 +1,4 @@
-using System;
+using System;
 using Volo.Abp.Domain.Entities;
 
 namespace Volo.Abp.IdentityServer.Grants
@@ -11,17 +11,23 @@ namespace Volo.Abp.IdentityServer.Grants
 
         public virtual string SubjectId { get; set; }
 
+        public virtual string SessionId { get; set; }
+
         public virtual string ClientId { get; set; }
 
+        public virtual string Description { get; set; }
+
         public virtual DateTime CreationTime { get; set; }
 
         public virtual DateTime? Expiration { get; set; }
 
+        public virtual DateTime? ConsumedTime { get; set; }
+
         public virtual string Data { get; set; }
 
         protected PersistedGrant()
         {
-            
+
         }
 
         public PersistedGrant(Guid id)
@@ -29,4 +35,4 @@ namespace Volo.Abp.IdentityServer.Grants
             Id = id;
         }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Grants/PersistedGrantStore.cs

@@ -44,10 +44,10 @@ namespace Volo.Abp.IdentityServer.Grants
             return ObjectMapper.Map<PersistedGrant, IdentityServer4.Models.PersistedGrant>(persistedGrant);
         }
 
-        public virtual async Task<IEnumerable<IdentityServer4.Models.PersistedGrant>> GetAllAsync(string subjectId)
+        public virtual async Task<IEnumerable<IdentityServer4.Models.PersistedGrant>> GetAllAsync(PersistedGrantFilter filter)
         {
-            var persistedGrants = await PersistentGrantRepository.GetListBySubjectIdAsync(subjectId);
-            return persistedGrants.Select(x => ObjectMapper.Map<PersistedGrant, IdentityServer4.Models.PersistedGrant>(x));
+            var persistedGrants = await PersistentGrantRepository.GetListAsync(filter.SubjectId, filter.SessionId, filter.ClientId, filter.Type);
+            return ObjectMapper.Map<List<PersistedGrant>, List<IdentityServer4.Models.PersistedGrant>>(persistedGrants);
         }
 
         public virtual async Task RemoveAsync(string key)
@@ -61,14 +61,9 @@ namespace Volo.Abp.IdentityServer.Grants
             await PersistentGrantRepository.DeleteAsync(persistedGrant);
         }
 
-        public virtual async Task RemoveAllAsync(string subjectId, string clientId)
+        public virtual async Task RemoveAllAsync(PersistedGrantFilter filter)
         {
-            await PersistentGrantRepository.DeleteAsync(subjectId, clientId);
-        }
-
-        public virtual async Task RemoveAllAsync(string subjectId, string clientId, string type)
-        {
-            await PersistentGrantRepository.DeleteAsync(subjectId, clientId, type);
+            await PersistentGrantRepository.DeleteAsync(filter.SubjectId, filter.SessionId, filter.ClientId, filter.Type);
         }
     }
 }

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/IdentityResources/IIdentityResourceRepository.cs

@@ -8,7 +8,7 @@ namespace Volo.Abp.IdentityServer.IdentityResources
 {
     public interface IIdentityResourceRepository : IBasicRepository<IdentityResource, Guid>
     {
-        Task<List<IdentityResource>> GetListByScopesAsync(
+        Task<List<IdentityResource>> GetListByScopeNameAsync(
             string[] scopeNames,
             bool includeDetails = false,
             CancellationToken cancellationToken = default
@@ -35,4 +35,4 @@ namespace Volo.Abp.IdentityServer.IdentityResources
             CancellationToken cancellationToken = default
          );
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/IdentityResources/IdentityResource.cs

@@ -22,9 +22,9 @@ namespace Volo.Abp.IdentityServer.IdentityResources
 
         public virtual bool ShowInDiscoveryDocument { get; set; }
 
-        public virtual List<IdentityClaim> UserClaims { get; set; }
+        public virtual List<IdentityResourceClaim> UserClaims { get; set; }
 
-        public virtual Dictionary<string, string> Properties { get; set; }
+        public virtual List<IdentityResourceProperty> Properties { get; set; }
 
         protected IdentityResource()
         {
@@ -32,13 +32,13 @@ namespace Volo.Abp.IdentityServer.IdentityResources
         }
 
         public IdentityResource(
-            Guid id, 
-            [NotNull] string name, 
-            string displayName = null, 
-            string description = null, 
-            bool enabled = true, 
-            bool required = false, 
-            bool emphasize = false, 
+            Guid id,
+            [NotNull] string name,
+            string displayName = null,
+            string description = null,
+            bool enabled = true,
+            bool required = false,
+            bool emphasize = false,
             bool showInDiscoveryDocument = true)
         {
             Check.NotNull(name, nameof(name));
@@ -51,9 +51,9 @@ namespace Volo.Abp.IdentityServer.IdentityResources
             Required = required;
             Emphasize = emphasize;
             ShowInDiscoveryDocument = showInDiscoveryDocument;
-            
-            UserClaims = new List<IdentityClaim>();
-            Properties = new Dictionary<string, string>();
+
+            UserClaims = new List<IdentityResourceClaim>();
+            Properties = new List<IdentityResourceProperty>();
         }
 
         public IdentityResource(Guid id, IdentityServer4.Models.IdentityResource resource)
@@ -66,13 +66,13 @@ namespace Volo.Abp.IdentityServer.IdentityResources
             Required = resource.Required;
             Emphasize = resource.Emphasize;
             ShowInDiscoveryDocument = resource.ShowInDiscoveryDocument;
-            UserClaims = resource.UserClaims.Select(claimType => new IdentityClaim(id, claimType)).ToList();
-            Properties = resource.Properties.ToDictionary(x => x.Key, x => x.Value);
+            UserClaims = resource.UserClaims.Select(claimType => new IdentityResourceClaim(id, claimType)).ToList();
+            Properties = resource.Properties.Select(x => new IdentityResourceProperty(Id, x.Key, x.Value)).ToList();
         }
 
         public virtual void AddUserClaim([NotNull] string type)
         {
-            UserClaims.Add(new IdentityClaim(Id, type));
+            UserClaims.Add(new IdentityResourceClaim(Id, type));
         }
 
         public virtual void RemoveAllUserClaims()
@@ -85,9 +85,29 @@ namespace Volo.Abp.IdentityServer.IdentityResources
             UserClaims.RemoveAll(c => c.Type == type);
         }
 
-        public virtual IdentityClaim FindUserClaim(string type)
+        public virtual IdentityResourceClaim FindUserClaim(string type)
         {
             return UserClaims.FirstOrDefault(c => c.Type == type);
         }
+
+        public virtual void AddProperty([NotNull] string key, string value)
+        {
+            Properties.Add(new IdentityResourceProperty(Id, key, value));
+        }
+
+        public virtual void RemoveAllProperties()
+        {
+            Properties.Clear();
+        }
+
+        public virtual void RemoveProperty(string key)
+        {
+            Properties.RemoveAll(r => r.Key == key);
+        }
+
+        public virtual IdentityResourceProperty FindProperty(string key)
+        {
+            return Properties.FirstOrDefault(r => r.Key == key);
+        }
     }
 }

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/IdentityResources/IdentityClaim.cs → modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/IdentityResources/IdentityResourceClaim.cs

@@ -3,11 +3,11 @@ using JetBrains.Annotations;
 
 namespace Volo.Abp.IdentityServer.IdentityResources
 {
-    public class IdentityClaim : UserClaim
+    public class IdentityResourceClaim : UserClaim
     {
         public virtual Guid IdentityResourceId { get; set; }
 
-        protected IdentityClaim()
+        protected IdentityResourceClaim()
         {
 
         }
@@ -17,7 +17,7 @@ namespace Volo.Abp.IdentityServer.IdentityResources
             return IdentityResourceId == identityResourceId && Type == type;
         }
 
-        protected internal IdentityClaim(Guid identityResourceId, [NotNull] string type)
+        protected internal IdentityResourceClaim(Guid identityResourceId, [NotNull] string type)
             : base(type)
         {
             IdentityResourceId = identityResourceId;
@@ -28,4 +28,4 @@ namespace Volo.Abp.IdentityServer.IdentityResources
             return new object[] { IdentityResourceId, Type };
         }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/IdentityResources/IdentityResourceProperty.cs

@@ -0,0 +1,39 @@
+using System;
+using System.Diagnostics.CodeAnalysis;
+using Volo.Abp.Domain.Entities;
+
+namespace Volo.Abp.IdentityServer.IdentityResources
+{
+    public class IdentityResourceProperty : Entity
+    {
+        public virtual Guid IdentityResourceId { get; set; }
+
+        public virtual string Key { get; set; }
+
+        public virtual string Value { get; set; }
+
+        protected IdentityResourceProperty()
+        {
+
+        }
+
+        public virtual bool Equals(Guid identityResourceId, [NotNull] string key, string value)
+        {
+            return IdentityResourceId == identityResourceId && Key == key && Value == value;
+        }
+
+        protected internal IdentityResourceProperty(Guid identityResourceId, [NotNull] string key, [NotNull] string value)
+        {
+            Check.NotNull(key, nameof(key));
+
+            IdentityResourceId = identityResourceId;
+            Key = key;
+            Value = value;
+        }
+
+        public override object[] GetKeys()
+        {
+            return new object[] { IdentityResourceId, Key };
+        }
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/IdentityServerAutoMapperProfile.cs

@@ -2,6 +2,7 @@
 using System.Security.Claims;
 using AutoMapper;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Devices;
 using Volo.Abp.IdentityServer.Grants;
@@ -11,40 +12,39 @@ namespace Volo.Abp.IdentityServer
 {
     public class IdentityServerAutoMapperProfile : Profile
     {
+        /// <summary>
+        /// TODO: Reverse maps will not used probably. Remove those will not used
+        /// </summary>
         public IdentityServerAutoMapperProfile()
         {
-            //TODO: Reverse maps will not used probably. Remove those will not used
-
-            CreateMap<Client, IdentityServer4.Models.Client>();
-
-            CreateMap<ClientCorsOrigin, string>()
-                .ConstructUsing(src => src.Origin)
-                .ReverseMap()
-                .ForMember(dest => dest.Origin, opt => opt.MapFrom(src => src));
-
-            CreateMap<ApiResource, IdentityServer4.Models.ApiResource>()
-                .ForMember(dest => dest.ApiSecrets, opt => opt.MapFrom(src => src.Secrets));
-
-            //TODO: Why PersistedGrant mapping is in this profile?
-            CreateMap<PersistedGrant, IdentityServer4.Models.PersistedGrant>().ReverseMap();
-
-            CreateMap<IdentityResource, IdentityServer4.Models.IdentityResource>();
-
             CreateMap<UserClaim, string>()
                 .ConstructUsing(src => src.Type)
                 .ReverseMap()
                 .ForMember(dest => dest.Type, opt => opt.MapFrom(src => src));
 
-            CreateMap<ApiSecret, IdentityServer4.Models.Secret>();
+            CreateClientMap();
+            CreateApiResourceMap();
+            CreateApiScopeMap();
+            CreateIdentityResourceMap();
+            CreatePersistedGrantMap();
+            CreateDeviceFlowCodesMap();
+        }
 
-            CreateMap<ApiScope, IdentityServer4.Models.Scope>();
+        private void CreateClientMap()
+        {
+            CreateMap<ClientCorsOrigin, string>()
+                .ConstructUsing(src => src.Origin)
+                .ReverseMap()
+                .ForMember(dest => dest.Origin, opt => opt.MapFrom(src => src));
 
-            CreateMap<ClientProperty, KeyValuePair<string, string>>()
+             CreateMap<ClientProperty, KeyValuePair<string, string>>()
               .ReverseMap();
 
             CreateMap<Client, IdentityServer4.Models.Client>()
                 .ForMember(dest => dest.ProtocolType, opt => opt.Condition(srs => srs != null))
-                .ReverseMap();
+                .ForMember(x => x.AllowedIdentityTokenSigningAlgorithms, opts => opts.ConvertUsing(AllowedSigningAlgorithmsConverter.Converter, x => x.AllowedIdentityTokenSigningAlgorithms))
+                .ReverseMap()
+                .ForMember(x => x.AllowedIdentityTokenSigningAlgorithms, opts => opts.ConvertUsing(AllowedSigningAlgorithmsConverter.Converter, x => x.AllowedIdentityTokenSigningAlgorithms));
 
             CreateMap<ClientCorsOrigin, string>()
                 .ConstructUsing(src => src.Origin)
@@ -60,6 +60,10 @@ namespace Volo.Abp.IdentityServer
                 .ConstructUsing(src => new Claim(src.Type, src.Value))
                 .ReverseMap();
 
+            CreateMap<ClientClaim, IdentityServer4.Models.ClientClaim>(MemberList.None)
+                .ConstructUsing(src => new IdentityServer4.Models.ClientClaim(src.Type, src.Value, ClaimValueTypes.String))
+                .ReverseMap();
+
             CreateMap<ClientScope, string>()
                 .ConstructUsing(src => src.Scope)
                 .ReverseMap()
@@ -86,9 +90,64 @@ namespace Volo.Abp.IdentityServer
 
             CreateMap<ApiResource, ApiResourceEto>();
             CreateMap<Client, ClientEto>();
-            CreateMap<DeviceFlowCodes, DeviceFlowCodesEto>();
-            CreateMap<PersistedGrant, PersistedGrantEto>();
+        }
+
+        private void CreateApiResourceMap()
+        {
+            CreateMap<ApiResource, IdentityServer4.Models.ApiResource>()
+                .ForMember(dest => dest.ApiSecrets, opt => opt.MapFrom(src => src.Secrets));
+
+            CreateMap<ApiResourceSecret, IdentityServer4.Models.Secret>();
+
+            CreateMap<ApiResourceScope, string>()
+                .ConstructUsing(x => x.Scope)
+                .ReverseMap()
+                .ForMember(dest => dest.Scope, opt => opt.MapFrom(src => src));
+
+            CreateMap<ApiResource, ApiResourceEto>();
+        }
+
+        private void CreateApiScopeMap()
+        {
+            CreateMap<ApiScopeProperty, KeyValuePair<string, string>>()
+                .ReverseMap();
+
+            CreateMap<ApiScopeClaim, string>()
+                .ConstructUsing(x => x.Type)
+                .ReverseMap()
+                .ForMember(dest => dest.Type, opt => opt.MapFrom(src => src));
+
+            CreateMap<ApiScope,  IdentityServer4.Models.ApiScope>(MemberList.Destination)
+                .ConstructUsing(src => new IdentityServer4.Models.ApiScope())
+                .ReverseMap();
+        }
+
+        private void CreateIdentityResourceMap()
+        {
+            CreateMap<IdentityResource, IdentityServer4.Models.IdentityResource>()
+                .ConstructUsing(src => new IdentityServer4.Models.IdentityResource());
+
+            CreateMap<IdentityResourceClaim, string>()
+                .ConstructUsing(x => x.Type)
+                .ReverseMap()
+                .ForMember(dest => dest.Type, opt => opt.MapFrom(src => src));
+
+            CreateMap<IdentityResourceProperty, KeyValuePair<string, string>>()
+                .ReverseMap();
+
             CreateMap<IdentityResource, IdentityResourceEto>();
         }
+
+        private void CreatePersistedGrantMap()
+        {
+            //TODO: Why PersistedGrant mapping is in this profile?
+            CreateMap<PersistedGrant, IdentityServer4.Models.PersistedGrant>().ReverseMap();
+            CreateMap<PersistedGrant, PersistedGrantEto>();
+        }
+
+        private void CreateDeviceFlowCodesMap()
+        {
+            CreateMap<DeviceFlowCodes, DeviceFlowCodesEto>();
+        }
     }
 }

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ResourceStore.cs

@@ -1,13 +1,12 @@
-using System.Collections.Generic;
+using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
 using IdentityServer4.Models;
 using IdentityServer4.Stores;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.IdentityResources;
 using Volo.Abp.ObjectMapping;
-using ApiResource = IdentityServer4.Models.ApiResource;
-using IdentityResource = Volo.Abp.IdentityServer.IdentityResources.IdentityResource;
 
 namespace Volo.Abp.IdentityServer
 {
@@ -15,45 +14,70 @@ namespace Volo.Abp.IdentityServer
     {
         protected IIdentityResourceRepository IdentityResourceRepository { get; }
         protected IApiResourceRepository ApiResourceRepository { get; }
+        protected IApiScopeRepository ApiScopeRepository { get; }
         protected IObjectMapper<AbpIdentityServerDomainModule> ObjectMapper { get; }
 
         public ResourceStore(
-            IIdentityResourceRepository identityResourceRepository, 
-            IObjectMapper<AbpIdentityServerDomainModule> objectMapper, 
-            IApiResourceRepository apiResourceRepository)
+            IIdentityResourceRepository identityResourceRepository,
+            IObjectMapper<AbpIdentityServerDomainModule> objectMapper,
+            IApiResourceRepository apiResourceRepository,
+            IApiScopeRepository apiScopeRepository)
         {
             IdentityResourceRepository = identityResourceRepository;
             ObjectMapper = objectMapper;
             ApiResourceRepository = apiResourceRepository;
+            ApiScopeRepository = apiScopeRepository;
         }
 
-        public virtual async Task<IEnumerable<IdentityServer4.Models.IdentityResource>> FindIdentityResourcesByScopeAsync(IEnumerable<string> scopeNames)
+        /// <summary>
+        /// Gets identity resources by scope name.
+        /// </summary>
+        public virtual async Task<IEnumerable<IdentityServer4.Models.IdentityResource>> FindIdentityResourcesByScopeNameAsync(IEnumerable<string> scopeNames)
         {
-            var resource = await IdentityResourceRepository.GetListByScopesAsync(scopeNames.ToArray(), includeDetails: true);
-            return ObjectMapper.Map<List<IdentityResource>, List<IdentityServer4.Models.IdentityResource>>(resource);
+            var resource = await IdentityResourceRepository.GetListByScopeNameAsync(scopeNames.ToArray(), includeDetails: true);
+            return ObjectMapper.Map<List<Volo.Abp.IdentityServer.IdentityResources.IdentityResource>, List<IdentityServer4.Models.IdentityResource>>(resource);
         }
 
-        public virtual async Task<IEnumerable<ApiResource>> FindApiResourcesByScopeAsync(IEnumerable<string> scopeNames)
+        /// <summary>
+        /// Gets API scopes by scope name.
+        /// </summary>
+        public virtual async Task<IEnumerable<IdentityServer4.Models.ApiScope>> FindApiScopesByNameAsync(IEnumerable<string> scopeNames)
+        {
+            var scopes = await ApiScopeRepository.GetListByNameAsync(scopeNames.ToArray(), includeDetails: true);
+            return ObjectMapper.Map<List<Volo.Abp.IdentityServer.ApiScopes.ApiScope>, List<IdentityServer4.Models.ApiScope>>(scopes);
+        }
+
+        /// <summary>
+        /// Gets API resources by scope name.
+        /// </summary>
+        public virtual async Task<IEnumerable<IdentityServer4.Models.ApiResource>> FindApiResourcesByScopeNameAsync(IEnumerable<string> scopeNames)
         {
             var resources = await ApiResourceRepository.GetListByScopesAsync(scopeNames.ToArray(), includeDetails: true);
-            return resources.Select(x => ObjectMapper.Map<ApiResources.ApiResource, ApiResource>(x));
+            return ObjectMapper.Map<List<Volo.Abp.IdentityServer.ApiResources.ApiResource>, List<IdentityServer4.Models.ApiResource>>(resources);
         }
 
-        public virtual async Task<ApiResource> FindApiResourceAsync(string name)
+        /// <summary>
+        /// Gets API resources by API resource name.
+        /// </summary>
+        public virtual async Task<IEnumerable<IdentityServer4.Models.ApiResource>> FindApiResourcesByNameAsync(IEnumerable<string> apiResourceNames)
         {
-            var resource = await ApiResourceRepository.FindByNameAsync(name);
-            return ObjectMapper.Map<ApiResources.ApiResource, ApiResource>(resource);
+            var resources = await ApiResourceRepository.FindByNameAsync(apiResourceNames.ToArray(), includeDetails: true);
+            return ObjectMapper.Map<List<Volo.Abp.IdentityServer.ApiResources.ApiResource>, List<IdentityServer4.Models.ApiResource>>(resources);
         }
 
-        public virtual async Task<Resources> GetAllResourcesAsync()
+        /// <summary>
+        /// Gets all resources.
+        /// </summary>
+        public virtual async Task<IdentityServer4.Models.Resources> GetAllResourcesAsync()
         {
             var identityResources = await IdentityResourceRepository.GetListAsync(includeDetails: true);
             var apiResources = await ApiResourceRepository.GetListAsync(includeDetails: true);
+            var apiScopes = await ApiScopeRepository.GetListAsync(includeDetails: true);
 
             return new Resources(
-                ObjectMapper.Map<List<IdentityResource>, IdentityServer4.Models.IdentityResource[]>(identityResources),
-                ObjectMapper.Map<List<ApiResources.ApiResource>, ApiResource[]>(apiResources)
-            );
+                ObjectMapper.Map<List<Volo.Abp.IdentityServer.IdentityResources.IdentityResource>, List<IdentityServer4.Models.IdentityResource>>(identityResources),
+                ObjectMapper.Map<List<Volo.Abp.IdentityServer.ApiResources.ApiResource>, List<IdentityServer4.Models.ApiResource>>(apiResources),
+                ObjectMapper.Map<List<Volo.Abp.IdentityServer.ApiScopes.ApiScope>, List<IdentityServer4.Models.ApiScope>>(apiScopes));
         }
     }
 }

modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/AbpIdentityServerEfCoreQueryableExtensions.cs

@@ -1,6 +1,7 @@
 using System.Linq;
 using Microsoft.EntityFrameworkCore;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.IdentityResources;
 
@@ -20,9 +21,22 @@ namespace Volo.Abp.IdentityServer
                 .Include(x => x.Secrets)
                 .Include(x => x.UserClaims)
                 .Include(x => x.Scopes)
-                .ThenInclude(s => s.UserClaims);
+                .Include(x => x.Properties);
         }
 
+        public static IQueryable<ApiScope> IncludeDetails(this IQueryable<ApiScope> queryable, bool include = true)
+        {
+            if (!include)
+            {
+                return queryable;
+            }
+
+            return queryable
+                .Include(x => x.UserClaims)
+                .Include(x => x.Properties);
+        }
+
+
         public static IQueryable<IdentityResource> IncludeDetails(this IQueryable<IdentityResource> queryable, bool include = true)
         {
             if (!include)
@@ -31,7 +45,8 @@ namespace Volo.Abp.IdentityServer
             }
 
             return queryable
-                .Include(x => x.UserClaims);
+                .Include(x => x.UserClaims)
+                .Include(x => x.Properties);
         }
 
         public static IQueryable<Client> IncludeDetails(this IQueryable<Client> queryable, bool include = true)

modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/ApiResources/ApiResourceRepository.cs

@@ -1,14 +1,13 @@
 using System;
 using System.Collections.Generic;
 using System.Linq;
+using System.Linq.Dynamic.Core;
 using System.Threading;
 using System.Threading.Tasks;
 using Microsoft.EntityFrameworkCore;
 using Volo.Abp.Domain.Repositories.EntityFrameworkCore;
 using Volo.Abp.EntityFrameworkCore;
 using Volo.Abp.IdentityServer.EntityFrameworkCore;
-using System.Linq.Dynamic.Core;
-using System.Runtime.InteropServices.ComTypes;
 
 namespace Volo.Abp.IdentityServer.ApiResources
 {
@@ -19,18 +18,24 @@ namespace Volo.Abp.IdentityServer.ApiResources
 
         }
 
-        public virtual async Task<ApiResource> FindByNameAsync(
-            string name,
-            bool includeDetails = true,
+        public async Task<ApiResource> FindByNameAsync(string apiResourceName, bool includeDetails = true, CancellationToken cancellationToken = default)
+        {
+            var query = from apiResource in DbSet.IncludeDetails(includeDetails)
+                where apiResource.Name == apiResourceName
+                select apiResource;
+
+            return await query.FirstOrDefaultAsync(GetCancellationToken(cancellationToken));
+        }
+
+        public async Task<List<ApiResource>> FindByNameAsync(string[] apiResourceNames, bool includeDetails = true,
             CancellationToken cancellationToken = default)
         {
             var query = from apiResource in DbSet.IncludeDetails(includeDetails)
-                        where apiResource.Name == name
-                        orderby apiResource.Name
-                        select apiResource;
+                where apiResourceNames.Contains(apiResource.Name)
+                orderby apiResource.Name
+                select apiResource;
 
-            return await query
-                .FirstOrDefaultAsync(GetCancellationToken(cancellationToken));
+            return await query.ToListAsync(GetCancellationToken(cancellationToken));
         }
 
         public virtual async Task<List<ApiResource>> GetListByScopesAsync(
@@ -39,14 +44,17 @@ namespace Volo.Abp.IdentityServer.ApiResources
             CancellationToken cancellationToken = default)
         {
             var query = from api in DbSet.IncludeDetails(includeDetails)
-                        where api.Scopes.Any(x => scopeNames.Contains(x.Name))
+                        where api.Scopes.Any(x => scopeNames.Contains(x.Scope))
                         select api;
 
             return await query.ToListAsync(GetCancellationToken(cancellationToken));
         }
 
         public virtual async Task<List<ApiResource>> GetListAsync(
-            string sorting, int skipCount, int maxResultCount, string filter, bool includeDetails = false,
+            string sorting, int skipCount,
+            int maxResultCount,
+            string filter,
+            bool includeDetails = false,
             CancellationToken cancellationToken = default)
         {
             return await DbSet
@@ -59,34 +67,35 @@ namespace Volo.Abp.IdentityServer.ApiResources
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public virtual async Task<List<ApiResource>> GetListAsync(
-            bool includeDetails = false,
-            CancellationToken cancellationToken = default)
-        {
-            return await DbSet
-                .IncludeDetails(includeDetails)
-                .ToListAsync(GetCancellationToken(cancellationToken));
-        }
-
         public virtual async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
         {
-            return await DbSet.AnyAsync(ar => ar.Id != expectedId && ar.Name == name, cancellationToken: cancellationToken);
+            return await DbSet.AnyAsync(ar => ar.Id != expectedId && ar.Name == name, GetCancellationToken(cancellationToken));
         }
 
         public override async Task DeleteAsync(Guid id, bool autoSave = false, CancellationToken cancellationToken = default)
         {
-            var scopeClaims = DbContext.Set<ApiScopeClaim>().Where(sc => sc.ApiResourceId == id);
+            var resourceClaims = DbContext.Set<ApiResourceClaim>().Where(sc => sc.ApiResourceId == id);
+            foreach (var scopeClaim in resourceClaims)
+            {
+                DbContext.Set<ApiResourceClaim>().Remove(scopeClaim);
+            }
 
-            foreach (var scopeClaim in scopeClaims)
+            var resourceScopes = DbContext.Set<ApiResourceScope>().Where(s => s.ApiResourceId == id);
+            foreach (var scope in resourceScopes)
             {
-                DbContext.Set<ApiScopeClaim>().Remove(scopeClaim);
+                DbContext.Set<ApiResourceScope>().Remove(scope);
             }
 
-            var scopes = DbContext.Set<ApiScope>().Where(s => s.ApiResourceId == id);
+            var resourceSecrets = DbContext.Set<ApiResourceSecret>().Where(s => s.ApiResourceId == id);
+            foreach (var secret in resourceSecrets)
+            {
+                DbContext.Set<ApiResourceSecret>().Remove(secret);
+            }
 
-            foreach (var scope in scopes)
+            var apiResourceProperties = DbContext.Set<ApiResourceProperty>().Where(s => s.ApiResourceId == id);
+            foreach (var property in apiResourceProperties)
             {
-                DbContext.Set<ApiScope>().Remove(scope);
+                DbContext.Set<ApiResourceProperty>().Remove(property);
             }
 
             await base.DeleteAsync(id, autoSave, cancellationToken);

modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/ApiScopes/ApiScopeRepository.cs

@@ -0,0 +1,75 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Linq.Dynamic.Core;
+using System.Threading;
+using System.Threading.Tasks;
+using Microsoft.EntityFrameworkCore;
+using Volo.Abp.Domain.Repositories.EntityFrameworkCore;
+using Volo.Abp.EntityFrameworkCore;
+using Volo.Abp.IdentityServer.EntityFrameworkCore;
+
+namespace Volo.Abp.IdentityServer.ApiScopes
+{
+    public class ApiScopeRepository : EfCoreRepository<IIdentityServerDbContext, ApiScope, Guid>, IApiScopeRepository
+    {
+        public ApiScopeRepository(IDbContextProvider<IIdentityServerDbContext> dbContextProvider) : base(
+            dbContextProvider)
+        {
+        }
+
+        public async Task<ApiScope> GetByNameAsync(string scopeName, bool includeDetails = true, CancellationToken cancellationToken = default)
+        {
+            return await DbSet.FirstOrDefaultAsync(x => x.Name == scopeName, GetCancellationToken(cancellationToken));
+        }
+
+        public async Task<List<ApiScope>> GetListByNameAsync(string[] scopeNames, bool includeDetails = false,
+            CancellationToken cancellationToken = default)
+        {
+            var query = from scope in DbSet.IncludeDetails(includeDetails)
+                where scopeNames.Contains(scope.Name)
+                select scope;
+
+            return await query.ToListAsync(GetCancellationToken(cancellationToken));
+        }
+
+        public async Task<List<ApiScope>> GetListAsync(string sorting, int skipCount, int maxResultCount, string filter = null, bool includeDetails = false, CancellationToken cancellationToken = default)
+        {
+            return await DbSet
+                .IncludeDetails(includeDetails)
+                .WhereIf(!filter.IsNullOrWhiteSpace(), x => x.Name.Contains(filter) ||
+                                                            x.Description.Contains(filter) ||
+                                                            x.DisplayName.Contains(filter))
+                .OrderBy(sorting ?? "name desc")
+                .PageBy(skipCount, maxResultCount)
+                .ToListAsync(GetCancellationToken(cancellationToken));
+        }
+
+        public async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
+        {
+            return await DbSet.AnyAsync(x => x.Id != expectedId && x.Name == name, GetCancellationToken(cancellationToken));
+        }
+
+        public override async Task DeleteAsync(Guid id, bool autoSave = false, CancellationToken cancellationToken = new CancellationToken())
+        {
+            var scopeClaims = DbContext.Set<ApiScopeClaim>().Where(sc => sc.ApiScopeId == id);
+            foreach (var claim in scopeClaims)
+            {
+                DbContext.Set<ApiScopeClaim>().Remove(claim);
+            }
+
+            var scopeProperties = DbContext.Set<ApiScopeProperty>().Where(s => s.ApiScopeId == id);
+            foreach (var property in scopeProperties)
+            {
+                DbContext.Set<ApiScopeProperty>().Remove(property);
+            }
+
+            await base.DeleteAsync(id, autoSave, cancellationToken);
+        }
+
+        public override IQueryable<ApiScope> WithDetails()
+        {
+            return GetQueryable().IncludeDetails();
+        }
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Clients/ClientRepository.cs

@@ -18,7 +18,7 @@ namespace Volo.Abp.IdentityServer.Clients
 
         }
 
-        public virtual async Task<Client> FindByCliendIdAsync(
+        public virtual async Task<Client> FindByClientIdAsync(
             string clientId,
             bool includeDetails = true,
             CancellationToken cancellationToken = default)

modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/EntityFrameworkCore/AbpIdentityServerEntityFrameworkCoreModule.cs

@@ -1,6 +1,7 @@
 using Microsoft.Extensions.DependencyInjection;
 using Volo.Abp.EntityFrameworkCore;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Devices;
 using Volo.Abp.IdentityServer.Grants;
@@ -33,6 +34,7 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
 
                 options.AddRepository<Client, ClientRepository>();
                 options.AddRepository<ApiResource, ApiResourceRepository>();
+                options.AddRepository<ApiScope, ApiScopeRepository>();
                 options.AddRepository<IdentityResource, IdentityResourceRepository>();
                 options.AddRepository<PersistedGrant, PersistentGrantRepository>();
                 options.AddRepository<DeviceFlowCodes, DeviceFlowCodesRepository>();

modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/EntityFrameworkCore/IIdentityServerDbContext.cs

@@ -2,6 +2,7 @@
 using Volo.Abp.Data;
 using Volo.Abp.EntityFrameworkCore;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Devices;
 using Volo.Abp.IdentityServer.Grants;
@@ -12,19 +13,41 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
     [ConnectionStringName(AbpIdentityServerDbProperties.ConnectionStringName)]
     public interface IIdentityServerDbContext : IEfCoreDbContext
     {
+        #region ApiResource
+
         DbSet<ApiResource> ApiResources { get; set; }
 
-        DbSet<ApiSecret> ApiSecrets { get; set; }
+        DbSet<ApiResourceSecret> ApiResourceSecrets { get; set; }
 
         DbSet<ApiResourceClaim> ApiResourceClaims { get; set; }
 
+        DbSet<ApiResourceScope> ApiResourceScopes { get; set; }
+
+        DbSet<ApiResourceProperty> ApiResourceProperties { get; set; }
+
+        #endregion
+
+        #region ApiScope
+
         DbSet<ApiScope> ApiScopes { get; set; }
 
         DbSet<ApiScopeClaim> ApiScopeClaims { get; set; }
 
+        DbSet<ApiScopeProperty> ApiScopeProperties { get; set; }
+
+        #endregion
+
+        #region IdentityResource
+
         DbSet<IdentityResource> IdentityResources { get; set; }
 
-        DbSet<IdentityClaim> IdentityClaims { get; set; }
+        DbSet<IdentityResourceClaim> IdentityClaims { get; set; }
+
+        DbSet<IdentityResourceProperty> IdentityResourceProperties { get; set; }
+
+        #endregion
+
+        #region Client
 
         DbSet<Client> Clients { get; set; }
 
@@ -46,6 +69,8 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
 
         DbSet<ClientProperty> ClientProperties { get; set; }
 
+            #endregion
+
         DbSet<PersistedGrant> PersistedGrants { get; set; }
 
         DbSet<DeviceFlowCodes> DeviceFlowCodes { get; set; }

modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/EntityFrameworkCore/IdentityServerDbContext.cs

@@ -2,6 +2,7 @@
 using Volo.Abp.Data;
 using Volo.Abp.EntityFrameworkCore;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Devices;
 using Volo.Abp.IdentityServer.Grants;
@@ -12,19 +13,41 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
     [ConnectionStringName(AbpIdentityServerDbProperties.ConnectionStringName)]
     public class IdentityServerDbContext : AbpDbContext<IdentityServerDbContext>, IIdentityServerDbContext
     {
+        #region ApiResource
+
         public DbSet<ApiResource> ApiResources { get; set; }
 
-        public DbSet<ApiSecret> ApiSecrets { get; set; }
+        public DbSet<ApiResourceSecret> ApiResourceSecrets { get; set; }
 
         public DbSet<ApiResourceClaim> ApiResourceClaims { get; set; }
 
+        public DbSet<ApiResourceScope> ApiResourceScopes { get; set; }
+
+        public DbSet<ApiResourceProperty> ApiResourceProperties { get; set; }
+
+        #endregion
+
+        #region ApiScope
+
         public DbSet<ApiScope> ApiScopes { get; set; }
 
         public DbSet<ApiScopeClaim> ApiScopeClaims { get; set; }
 
+        public DbSet<ApiScopeProperty> ApiScopeProperties { get; set; }
+
+        #endregion
+
+        #region IdentityResource
+
         public DbSet<IdentityResource> IdentityResources { get; set; }
 
-        public DbSet<IdentityClaim> IdentityClaims { get; set; }
+        public DbSet<IdentityResourceClaim> IdentityClaims { get; set; }
+
+        public DbSet<IdentityResourceProperty> IdentityResourceProperties { get; set; }
+
+        #endregion
+
+        #region Client
 
         public DbSet<Client> Clients { get; set; }
 
@@ -46,6 +69,8 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
 
         public DbSet<ClientProperty> ClientProperties { get; set; }
 
+        #endregion
+
         public DbSet<PersistedGrant> PersistedGrants { get; set; }
 
         public DbSet<DeviceFlowCodes> DeviceFlowCodes { get; set; }

modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/EntityFrameworkCore/IdentityServerDbContextModelCreatingExtensions.cs

@@ -1,11 +1,9 @@
 using System;
-using System.Collections.Generic;
 using Microsoft.EntityFrameworkCore;
 using Volo.Abp.EntityFrameworkCore;
 using Volo.Abp.EntityFrameworkCore.Modeling;
-using Volo.Abp.EntityFrameworkCore.ValueComparers;
-using Volo.Abp.EntityFrameworkCore.ValueConverters;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Devices;
 using Volo.Abp.IdentityServer.Grants;
@@ -28,6 +26,8 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
 
             optionsAction?.Invoke(options);
 
+            #region Client
+
             builder.Entity<Client>(b =>
             {
                 b.ToTable(options.TablePrefix + "Clients", options.Schema);
@@ -45,6 +45,7 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
                 b.Property(x => x.ClientClaimsPrefix).HasMaxLength(ClientConsts.ClientClaimsPrefixMaxLength);
                 b.Property(x => x.PairWiseSubjectSalt).HasMaxLength(ClientConsts.PairWiseSubjectSaltMaxLength);
                 b.Property(x => x.UserCodeType).HasMaxLength(ClientConsts.UserCodeTypeMaxLength);
+                b.Property(x => x.AllowedIdentityTokenSigningAlgorithms).HasMaxLength(ClientConsts.AllowedIdentityTokenSigningAlgorithms);
 
                 b.HasMany(x => x.AllowedScopes).WithOne().HasForeignKey(x => x.ClientId).IsRequired();
                 b.HasMany(x => x.ClientSecrets).WithOne().HasForeignKey(x => x.ClientId).IsRequired();
@@ -81,8 +82,8 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
                 if (IsDatabaseProvider(builder, options, EfCoreDatabaseProvider.MySql))
                 {
                     ClientRedirectUriConsts.RedirectUriMaxLengthValue = 300;
-                } 
-                
+                }
+
                 b.Property(x => x.RedirectUri).HasMaxLength(ClientRedirectUriConsts.RedirectUriMaxLengthValue).IsRequired();
             });
 
@@ -97,8 +98,8 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
                 if (IsDatabaseProvider(builder, options, EfCoreDatabaseProvider.MySql))
                 {
                     ClientPostLogoutRedirectUriConsts.PostLogoutRedirectUriMaxLengthValue = 300;
-                } 
-                
+                }
+
                 b.Property(x => x.PostLogoutRedirectUri)
                     .HasMaxLength(ClientPostLogoutRedirectUriConsts.PostLogoutRedirectUriMaxLengthValue)
                     .IsRequired();
@@ -123,16 +124,13 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
 
                 b.HasKey(x => new {x.ClientId, x.Type, x.Value});
 
-                b.Property(x => x.Type).HasMaxLength(SecretConsts.TypeMaxLength).IsRequired();
-
+                b.Property(x => x.Type).HasMaxLength(ClientSecretConsts.TypeMaxLength).IsRequired();
                 if (IsDatabaseProvider(builder, options, EfCoreDatabaseProvider.MySql, EfCoreDatabaseProvider.Oracle))
                 {
-                    SecretConsts.ValueMaxLengthValue = 300;
+                    ClientSecretConsts.ValueMaxLength = 300;
                 }
-                
-                b.Property(x => x.Value).HasMaxLength(SecretConsts.ValueMaxLengthValue).IsRequired();
-
-                b.Property(x => x.Description).HasMaxLength(SecretConsts.DescriptionMaxLength);
+                b.Property(x => x.Value).HasMaxLength(ClientSecretConsts.ValueMaxLength).IsRequired();
+                b.Property(x => x.Description).HasMaxLength(ClientSecretConsts.DescriptionMaxLength);
             });
 
             builder.Entity<ClientClaim>(b =>
@@ -175,36 +173,15 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
 
                 b.ConfigureByConvention();
 
-                b.HasKey(x => new {x.ClientId, x.Key});
+                b.HasKey(x => new {x.ClientId, x.Key, x.Value});
 
                 b.Property(x => x.Key).HasMaxLength(ClientPropertyConsts.KeyMaxLength).IsRequired();
                 b.Property(x => x.Value).HasMaxLength(ClientPropertyConsts.ValueMaxLength).IsRequired();
             });
 
-            builder.Entity<PersistedGrant>(b =>
-            {
-                b.ToTable(options.TablePrefix + "PersistedGrants", options.Schema);
-
-                b.ConfigureByConvention();
-
-                b.Property(x => x.Key).HasMaxLength(PersistedGrantConsts.KeyMaxLength).ValueGeneratedNever();
-                b.Property(x => x.Type).HasMaxLength(PersistedGrantConsts.TypeMaxLength).IsRequired();
-                b.Property(x => x.SubjectId).HasMaxLength(PersistedGrantConsts.SubjectIdMaxLength);
-                b.Property(x => x.ClientId).HasMaxLength(PersistedGrantConsts.ClientIdMaxLength).IsRequired();
-                b.Property(x => x.CreationTime).IsRequired();
-
-                if (IsDatabaseProvider(builder, options, EfCoreDatabaseProvider.MySql))
-                {
-                    PersistedGrantConsts.DataMaxLengthValue = 10000; //TODO: MySQL accepts 20.000. We can consider to change in v3.0. 
-                }
-                
-                b.Property(x => x.Data).HasMaxLength(PersistedGrantConsts.DataMaxLengthValue).IsRequired();
-
-                b.HasKey(x => x.Key); //TODO: What about Id!!!
+            #endregion
 
-                b.HasIndex(x => new {x.SubjectId, x.ClientId, x.Type});
-                b.HasIndex(x => x.Expiration);
-            });
+            #region IdentityResource
 
             builder.Entity<IdentityResource>(b =>
             {
@@ -215,16 +192,16 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
                 b.Property(x => x.Name).HasMaxLength(IdentityResourceConsts.NameMaxLength).IsRequired();
                 b.Property(x => x.DisplayName).HasMaxLength(IdentityResourceConsts.DisplayNameMaxLength);
                 b.Property(x => x.Description).HasMaxLength(IdentityResourceConsts.DescriptionMaxLength);
-                b.Property(x => x.Properties)
-                    .HasConversion(new AbpJsonValueConverter<Dictionary<string, string>>())
-                    .Metadata.SetValueComparer(new AbpDictionaryValueComparer<string, string>());
+
+                b.HasIndex(x => x.Name).IsUnique();
 
                 b.HasMany(x => x.UserClaims).WithOne().HasForeignKey(x => x.IdentityResourceId).IsRequired();
+                b.HasMany(x => x.Properties).WithOne().HasForeignKey(x => x.IdentityResourceId).IsRequired();
             });
 
-            builder.Entity<IdentityClaim>(b =>
+            builder.Entity<IdentityResourceClaim>(b =>
             {
-                b.ToTable(options.TablePrefix + "IdentityClaims", options.Schema);
+                b.ToTable(options.TablePrefix + "IdentityResourceClaims", options.Schema);
 
                 b.ConfigureByConvention();
 
@@ -233,46 +210,67 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
                 b.Property(x => x.Type).HasMaxLength(UserClaimConsts.TypeMaxLength).IsRequired();
             });
 
-            builder.Entity<ApiResource>(b =>
+            builder.Entity<IdentityResourceProperty>(b =>
+            {
+                b.ToTable(options.TablePrefix + "IdentityResourceProperties", options.Schema);
+
+                b.ConfigureByConvention();
+
+                b.HasKey(x => new {x.IdentityResourceId, x.Key, x.Value});
+
+                b.Property(x => x.Key).HasMaxLength(IdentityResourcePropertyConsts.KeyMaxLength).IsRequired();
+                if (IsDatabaseProvider(builder, options, EfCoreDatabaseProvider.MySql, EfCoreDatabaseProvider.Oracle))
+                {
+                    IdentityResourcePropertyConsts.ValueMaxLength = 300;
+                }
+                b.Property(x => x.Value).HasMaxLength(IdentityResourcePropertyConsts.ValueMaxLength).IsRequired();
+            });
+
+            #endregion
+
+            #region ApiResource
+
+             builder.Entity<ApiResource>(b =>
             {
                 b.ToTable(options.TablePrefix + "ApiResources", options.Schema);
 
                 b.ConfigureByConvention();
 
+                b.HasIndex(x => x.Name).IsUnique();
+
                 b.Property(x => x.Name).HasMaxLength(ApiResourceConsts.NameMaxLength).IsRequired();
                 b.Property(x => x.DisplayName).HasMaxLength(ApiResourceConsts.DisplayNameMaxLength);
                 b.Property(x => x.Description).HasMaxLength(ApiResourceConsts.DescriptionMaxLength);
-                b.Property(x => x.Properties)
-                    .HasConversion(new AbpJsonValueConverter<Dictionary<string, string>>())
-                    .Metadata.SetValueComparer(new AbpDictionaryValueComparer<string, string>());
+                b.Property(x => x.AllowedAccessTokenSigningAlgorithms).HasMaxLength(ApiResourceConsts.AllowedAccessTokenSigningAlgorithmsMaxLength);
 
                 b.HasMany(x => x.Secrets).WithOne().HasForeignKey(x => x.ApiResourceId).IsRequired();
                 b.HasMany(x => x.Scopes).WithOne().HasForeignKey(x => x.ApiResourceId).IsRequired();
                 b.HasMany(x => x.UserClaims).WithOne().HasForeignKey(x => x.ApiResourceId).IsRequired();
+                b.HasMany(x => x.Properties).WithOne().HasForeignKey(x => x.ApiResourceId).IsRequired();
             });
 
-            builder.Entity<ApiSecret>(b =>
+            builder.Entity<ApiResourceSecret>(b =>
             {
-                b.ToTable(options.TablePrefix + "ApiSecrets", options.Schema);
+                b.ToTable(options.TablePrefix + "ApiResourceSecrets", options.Schema);
 
                 b.ConfigureByConvention();
 
                 b.HasKey(x => new {x.ApiResourceId, x.Type, x.Value});
 
-                b.Property(x => x.Type).HasMaxLength(SecretConsts.TypeMaxLength).IsRequired();
-                b.Property(x => x.Description).HasMaxLength(SecretConsts.DescriptionMaxLength);
+                b.Property(x => x.Type).HasMaxLength(ApiResourceSecretConsts.TypeMaxLength).IsRequired();
 
                 if (IsDatabaseProvider(builder, options, EfCoreDatabaseProvider.MySql, EfCoreDatabaseProvider.Oracle))
                 {
-                    SecretConsts.ValueMaxLengthValue = 300;
-                } 
-                
-                b.Property(x => x.Value).HasMaxLength(SecretConsts.ValueMaxLengthValue).IsRequired();
+                    ApiResourceSecretConsts.ValueMaxLength = 300;
+                }
+                b.Property(x => x.Value).HasMaxLength(ApiResourceSecretConsts.ValueMaxLength).IsRequired();
+
+                b.Property(x => x.Description).HasMaxLength(ApiResourceSecretConsts.DescriptionMaxLength);
             });
 
             builder.Entity<ApiResourceClaim>(b =>
             {
-                b.ToTable(options.TablePrefix + "ApiClaims", options.Schema);
+                b.ToTable(options.TablePrefix + "ApiResourceClaims", options.Schema);
 
                 b.ConfigureByConvention();
 
@@ -281,19 +279,51 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
                 b.Property(x => x.Type).HasMaxLength(UserClaimConsts.TypeMaxLength).IsRequired();
             });
 
+            builder.Entity<ApiResourceScope>(b =>
+            {
+                b.ToTable(options.TablePrefix + "ApiResourceScopes", options.Schema);
+
+                b.ConfigureByConvention();
+
+                b.HasKey(x => new {x.ApiResourceId, x.Scope});
+
+                b.Property(x => x.Scope).HasMaxLength(ApiResourceScopeConsts.ScopeMaxLength).IsRequired();
+            });
+
+            builder.Entity<ApiResourceProperty>(b =>
+            {
+                b.ToTable(options.TablePrefix + "ApiResourceProperties", options.Schema);
+
+                b.ConfigureByConvention();
+
+                b.HasKey(x => new {x.ApiResourceId, x.Key, x.Value});
+
+                b.Property(x => x.Key).HasMaxLength(ApiResourcePropertyConsts.KeyMaxLength).IsRequired();
+                if (IsDatabaseProvider(builder, options, EfCoreDatabaseProvider.MySql, EfCoreDatabaseProvider.Oracle))
+                {
+                    ApiResourcePropertyConsts.ValueMaxLength = 300;
+                }
+                b.Property(x => x.Value).HasMaxLength(ApiResourcePropertyConsts.ValueMaxLength).IsRequired();
+            });
+
+            #endregion
+
+            #region ApiScope
+
             builder.Entity<ApiScope>(b =>
             {
                 b.ToTable(options.TablePrefix + "ApiScopes", options.Schema);
 
                 b.ConfigureByConvention();
 
-                b.HasKey(x => new {x.ApiResourceId, x.Name});
-
                 b.Property(x => x.Name).HasMaxLength(ApiScopeConsts.NameMaxLength).IsRequired();
                 b.Property(x => x.DisplayName).HasMaxLength(ApiScopeConsts.DisplayNameMaxLength);
                 b.Property(x => x.Description).HasMaxLength(ApiScopeConsts.DescriptionMaxLength);
 
-                b.HasMany(x => x.UserClaims).WithOne().HasForeignKey(x => new {x.ApiResourceId, x.Name}).IsRequired();
+                b.HasIndex(x => x.Name).IsUnique();
+
+                b.HasMany(x => x.UserClaims).WithOne().HasForeignKey(x => x.ApiScopeId).IsRequired();
+                b.HasMany(x => x.Properties).WithOne().HasForeignKey(x => x.ApiScopeId).IsRequired();
             });
 
             builder.Entity<ApiScopeClaim>(b =>
@@ -302,29 +332,90 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
 
                 b.ConfigureByConvention();
 
-                b.HasKey(x => new {x.ApiResourceId, x.Name, x.Type});
+                b.HasKey(x => new {x.ApiScopeId, x.Type});
 
                 b.Property(x => x.Type).HasMaxLength(UserClaimConsts.TypeMaxLength).IsRequired();
-                b.Property(x => x.Name).HasMaxLength(ApiScopeConsts.NameMaxLength).IsRequired();
             });
 
+            builder.Entity<ApiScopeProperty>(b =>
+            {
+                b.ToTable(options.TablePrefix + "ApiScopeProperties", options.Schema);
+
+                b.ConfigureByConvention();
+
+                b.HasKey(x => new {x.ApiScopeId, x.Key, x.Value});
+
+                b.Property(x => x.Key).HasMaxLength(ApiScopePropertyConsts.KeyMaxLength).IsRequired();
+                if (IsDatabaseProvider(builder, options, EfCoreDatabaseProvider.MySql, EfCoreDatabaseProvider.Oracle))
+                {
+                    ApiScopePropertyConsts.ValueMaxLength = 300;
+                }
+                b.Property(x => x.Value).HasMaxLength(ApiScopePropertyConsts.ValueMaxLength).IsRequired();
+            });
+
+            #endregion
+
+            #region PersistedGrant
+
+            builder.Entity<PersistedGrant>(b =>
+            {
+                b.ToTable(options.TablePrefix + "PersistedGrants", options.Schema);
+
+                b.ConfigureByConvention();
+
+                b.Property(x => x.Key).HasMaxLength(PersistedGrantConsts.KeyMaxLength).ValueGeneratedNever();
+                b.Property(x => x.Type).HasMaxLength(PersistedGrantConsts.TypeMaxLength).IsRequired();
+                b.Property(x => x.SubjectId).HasMaxLength(PersistedGrantConsts.SubjectIdMaxLength);
+                b.Property(x => x.SessionId).HasMaxLength(PersistedGrantConsts.SessionIdMaxLength);
+                b.Property(x => x.ClientId).HasMaxLength(PersistedGrantConsts.ClientIdMaxLength).IsRequired();
+                b.Property(x => x.Description).HasMaxLength(PersistedGrantConsts.DescriptionMaxLength);
+                b.Property(x => x.CreationTime).IsRequired();
+
+                if (IsDatabaseProvider(builder, options, EfCoreDatabaseProvider.MySql))
+                {
+                    PersistedGrantConsts.DataMaxLengthValue = 10000; //TODO: MySQL accepts 20.000. We can consider to change in v3.0.
+                }
+
+                b.Property(x => x.Data).HasMaxLength(PersistedGrantConsts.DataMaxLengthValue).IsRequired();
+
+                b.HasKey(x => x.Key); //TODO: What about Id!!!
+
+                b.HasIndex(x => new {x.SubjectId, x.ClientId, x.Type});
+                b.HasIndex(x => new {x.SubjectId, x.SessionId, x.Type});
+                b.HasIndex(x => x.Expiration);
+            });
+
+            #endregion
+
+            #region DeviceFlowCodes
+
             builder.Entity<DeviceFlowCodes>(b =>
             {
                 b.ToTable(options.TablePrefix + "DeviceFlowCodes", options.Schema);
 
                 b.ConfigureByConvention();
 
-                b.Property(x => x.DeviceCode).HasMaxLength(200).IsRequired();
-                b.Property(x => x.UserCode).HasMaxLength(200).IsRequired();
-                b.Property(x => x.SubjectId).HasMaxLength(200);
-                b.Property(x => x.ClientId).HasMaxLength(200).IsRequired();
+                b.Property(x => x.DeviceCode).HasMaxLength(DeviceFlowCodesConsts.DeviceCodeMaxLength).IsRequired();
+                b.Property(x => x.UserCode).HasMaxLength(DeviceFlowCodesConsts.UserCodeMaxLength).IsRequired();
+                b.Property(x => x.SubjectId).HasMaxLength(DeviceFlowCodesConsts.SubjectIdMaxLength);
+                b.Property(x => x.SessionId).HasMaxLength(DeviceFlowCodesConsts.SessionIdMaxLength);
+                b.Property(x => x.ClientId).HasMaxLength(DeviceFlowCodesConsts.ClientIdMaxLength).IsRequired();
+                b.Property(x => x.Description).HasMaxLength(DeviceFlowCodesConsts.DescriptionMaxLength);
+                b.Property(x => x.CreationTime).IsRequired();
                 b.Property(x => x.Expiration).IsRequired();
-                b.Property(x => x.Data).HasMaxLength(50000).IsRequired();
 
-                b.HasIndex(x => new {x.UserCode}).IsUnique();
+                if (IsDatabaseProvider(builder, options, EfCoreDatabaseProvider.MySql))
+                {
+                    DeviceFlowCodesConsts.DataMaxLength = 10000; //TODO: MySQL accepts 20.000. We can consider to change in v3.0.
+                }
+                b.Property(x => x.Data).HasMaxLength(DeviceFlowCodesConsts.DataMaxLength).IsRequired();
+
+                b.HasIndex(x => new {x.UserCode});
                 b.HasIndex(x => x.DeviceCode).IsUnique();
                 b.HasIndex(x => x.Expiration);
             });
+
+            #endregion
         }
 
         private static bool IsDatabaseProvider(
@@ -344,4 +435,4 @@ namespace Volo.Abp.IdentityServer.EntityFrameworkCore
             return false;
         }
     }
-}
+}

modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Grants/PersistedGrantRepository.cs

@@ -12,19 +12,24 @@ namespace Volo.Abp.IdentityServer.Grants
 {
     public class PersistentGrantRepository : EfCoreRepository<IIdentityServerDbContext, PersistedGrant, Guid>, IPersistentGrantRepository
     {
-        public PersistentGrantRepository(IDbContextProvider<IIdentityServerDbContext> dbContextProvider) 
+        public PersistentGrantRepository(IDbContextProvider<IIdentityServerDbContext> dbContextProvider)
             : base(dbContextProvider)
         {
 
         }
 
+        public async Task<List<PersistedGrant>> GetListAsync(string subjectId, string sessionId, string clientId, string type, bool includeDetails = false,
+            CancellationToken cancellationToken = default)
+        {
+            return await Filter(subjectId, sessionId, clientId, type)
+                .ToListAsync(GetCancellationToken(cancellationToken));
+        }
+
         public virtual async Task<PersistedGrant> FindByKeyAsync(
             string key,
             CancellationToken cancellationToken = default)
         {
-            return await DbSet
-                .FirstOrDefaultAsync(x => x.Key == key, GetCancellationToken(cancellationToken))
-                ;
+            return await DbSet.FirstOrDefaultAsync(x => x.Key == key, GetCancellationToken(cancellationToken));
         }
 
         public virtual async Task<List<PersistedGrant>> GetListBySubjectIdAsync(
@@ -37,7 +42,7 @@ namespace Volo.Abp.IdentityServer.Grants
         }
 
         public virtual async Task<List<PersistedGrant>> GetListByExpirationAsync(
-            DateTime maxExpirationDate, 
+            DateTime maxExpirationDate,
             int maxResultCount,
             CancellationToken cancellationToken = default)
         {
@@ -48,27 +53,32 @@ namespace Volo.Abp.IdentityServer.Grants
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public virtual async Task DeleteAsync(
-            string subjectId, 
-            string clientId,
+        public async Task DeleteAsync(
+            string subjectId = null,
+            string sessionId = null,
+            string clientId = null,
+            string type = null,
             CancellationToken cancellationToken = default)
         {
-            await DeleteAsync(
-                x => x.SubjectId == subjectId && x.ClientId == clientId,
-                cancellationToken: GetCancellationToken(cancellationToken)
-            );
+            var persistedGrants = await Filter(subjectId, sessionId, clientId, type).ToListAsync(GetCancellationToken(cancellationToken));
+
+            foreach (var persistedGrant in persistedGrants)
+            {
+                DbSet.Remove(persistedGrant);
+            }
         }
 
-        public virtual async Task DeleteAsync(
-            string subjectId, 
-            string clientId, 
-            string type,
-            CancellationToken cancellationToken = default)
+        private IQueryable<PersistedGrant> Filter(
+            string subjectId,
+            string sessionId,
+            string clientId,
+            string type)
         {
-            await DeleteAsync(
-                x => x.SubjectId == subjectId && x.ClientId == clientId && x.Type == type,
-                cancellationToken: GetCancellationToken(cancellationToken)
-            );
+            return DbSet
+                .WhereIf(!subjectId.IsNullOrWhiteSpace(), x => x.SubjectId == subjectId)
+                .WhereIf(!sessionId.IsNullOrWhiteSpace(), x => x.SessionId == sessionId)
+                .WhereIf(!clientId.IsNullOrWhiteSpace(), x => x.ClientId == clientId)
+                .WhereIf(!type.IsNullOrWhiteSpace(), x => x.Type == type);
         }
     }
 }

modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/IdentityResources/IdentityResourceRepository.cs

@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
@@ -19,7 +19,7 @@ namespace Volo.Abp.IdentityServer.IdentityResources
 
         }
 
-        public virtual async Task<List<IdentityResource>> GetListByScopesAsync(
+        public virtual async Task<List<IdentityResource>> GetListByScopeNameAsync(
             string[] scopeNames,
             bool includeDetails = false,
             CancellationToken cancellationToken = default)

modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/AbpIdentityServerMongoDbContext.cs

@@ -1,11 +1,12 @@
 using MongoDB.Driver;
 using Volo.Abp.Data;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Devices;
 using Volo.Abp.IdentityServer.Grants;
+using Volo.Abp.IdentityServer.IdentityResources;
 using Volo.Abp.MongoDB;
-using IdentityResource = Volo.Abp.IdentityServer.IdentityResources.IdentityResource;
 
 namespace Volo.Abp.IdentityServer.MongoDB
 {
@@ -14,6 +15,8 @@ namespace Volo.Abp.IdentityServer.MongoDB
     {
         public IMongoCollection<ApiResource> ApiResources => Collection<ApiResource>();
 
+        public IMongoCollection<ApiScope> ApiScopes => Collection<ApiScope>();
+
         public IMongoCollection<Client> Clients => Collection<Client>();
 
         public IMongoCollection<IdentityResource> IdentityResources => Collection<IdentityResource>();

modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/AbpIdentityServerMongoDbContextExtensions.cs

@@ -1,5 +1,6 @@
 using System;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Devices;
 using Volo.Abp.IdentityServer.Grants;
@@ -27,15 +28,21 @@ namespace Volo.Abp.IdentityServer.MongoDB
                 b.CollectionName = options.CollectionPrefix + "ApiResources";
             });
 
-            builder.Entity<Client>(b =>
+            builder.Entity<ApiScope>(b =>
             {
-                b.CollectionName = options.CollectionPrefix + "Clients";
+                b.CollectionName = options.CollectionPrefix + "ApiScopes";
             });
+
             builder.Entity<IdentityResource>(b =>
             {
                 b.CollectionName = options.CollectionPrefix + "IdentityResources";
             });
 
+            builder.Entity<Client>(b =>
+            {
+                b.CollectionName = options.CollectionPrefix + "Clients";
+            });
+
             builder.Entity<PersistedGrant>(b =>
             {
                 b.CollectionName = options.CollectionPrefix + "PersistedGrants";

modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/AbpIdentityServerMongoDbModule.cs

@@ -1,11 +1,12 @@
 using Microsoft.Extensions.DependencyInjection;
+using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
+using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Devices;
 using Volo.Abp.IdentityServer.Grants;
+using Volo.Abp.IdentityServer.IdentityResources;
 using Volo.Abp.Modularity;
 using Volo.Abp.MongoDB;
-using ApiResource = Volo.Abp.IdentityServer.ApiResources.ApiResource;
-using Client = Volo.Abp.IdentityServer.Clients.Client;
-using IdentityResource = Volo.Abp.IdentityServer.IdentityResources.IdentityResource;
 
 namespace Volo.Abp.IdentityServer.MongoDB
 {
@@ -30,6 +31,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
             context.Services.AddMongoDbContext<AbpIdentityServerMongoDbContext>(options =>
             {
                 options.AddRepository<ApiResource, MongoApiResourceRepository>();
+                options.AddRepository<ApiScope, MongoApiScopeRepository>();
                 options.AddRepository<IdentityResource, MongoIdentityResourceRepository>();
                 options.AddRepository<Client, MongoClientRepository>();
                 options.AddRepository<PersistedGrant, MongoPersistentGrantRepository>();

modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/IAbpIdentityServerMongoDbContext.cs

@@ -1,11 +1,12 @@
 using MongoDB.Driver;
 using Volo.Abp.Data;
+using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Devices;
 using Volo.Abp.IdentityServer.Grants;
 using Volo.Abp.IdentityServer.IdentityResources;
 using Volo.Abp.MongoDB;
-using ApiResource = Volo.Abp.IdentityServer.ApiResources.ApiResource;
 
 namespace Volo.Abp.IdentityServer.MongoDB
 {
@@ -14,6 +15,8 @@ namespace Volo.Abp.IdentityServer.MongoDB
     {
         IMongoCollection<ApiResource> ApiResources { get; }
 
+        IMongoCollection<ApiScope> ApiScopes { get; }
+
         IMongoCollection<Client> Clients { get; }
 
         IMongoCollection<IdentityResource> IdentityResources { get; }

modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoApiResourceRepository.cs

@@ -6,8 +6,9 @@ using System.Threading.Tasks;
 using MongoDB.Driver;
 using MongoDB.Driver.Linq;
 using Volo.Abp.Domain.Repositories.MongoDB;
-using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using System.Linq.Dynamic.Core;
+using Volo.Abp.IdentityServer.ApiResources;
 using Volo.Abp.MongoDB;
 
 namespace Volo.Abp.IdentityServer.MongoDB
@@ -18,18 +19,26 @@ namespace Volo.Abp.IdentityServer.MongoDB
         {
         }
 
-        public virtual async Task<ApiResource> FindByNameAsync(string name, bool includeDetails = true, CancellationToken cancellationToken = default)
+        public async Task<ApiResource> FindByNameAsync(string apiResourceName, bool includeDetails = true, CancellationToken cancellationToken = default)
         {
             return await GetMongoQueryable()
-                .Where(ar => ar.Name == name)
+                .Where(ar => ar.Name == apiResourceName)
                 .FirstOrDefaultAsync(GetCancellationToken(cancellationToken));
         }
 
+        public async Task<List<ApiResource>> FindByNameAsync(string[] apiResourceNames, bool includeDetails = true,
+            CancellationToken cancellationToken = default)
+        {
+            return await GetMongoQueryable()
+                .Where(ar => apiResourceNames.Contains(ar.Name))
+                .ToListAsync(GetCancellationToken(cancellationToken));
+        }
+
         public virtual async Task<List<ApiResource>> GetListByScopesAsync(string[] scopeNames, bool includeDetails = false,
             CancellationToken cancellationToken = default)
         {
             return await GetMongoQueryable()
-                .Where(ar => ar.Scopes.Any(x => scopeNames.Contains(x.Name)))
+                .Where(ar => ar.Scopes.Any(x => scopeNames.Contains(x.Scope)))
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
@@ -54,7 +63,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
 
         public virtual async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
         {
-            return await GetMongoQueryable().AnyAsync(ar => ar.Id != expectedId && ar.Name == name, cancellationToken: cancellationToken);
+            return await GetMongoQueryable().AnyAsync(ar => ar.Id != expectedId && ar.Name == name, GetCancellationToken(cancellationToken));
         }
     }
 }

modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoApiScopeRepository.cs

@@ -0,0 +1,57 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading;
+using System.Threading.Tasks;
+using MongoDB.Driver;
+using MongoDB.Driver.Linq;
+using Volo.Abp.Domain.Repositories.MongoDB;
+using Volo.Abp.IdentityServer.ApiScopes;
+using System.Linq.Dynamic.Core;
+using Volo.Abp.MongoDB;
+
+namespace Volo.Abp.IdentityServer.MongoDB
+{
+    public class MongoApiScopeRepository : MongoDbRepository<IAbpIdentityServerMongoDbContext, ApiScope, Guid>,
+        IApiScopeRepository
+    {
+        public MongoApiScopeRepository(IMongoDbContextProvider<IAbpIdentityServerMongoDbContext> dbContextProvider) :
+            base(dbContextProvider)
+        {
+        }
+
+        public async Task<ApiScope> GetByNameAsync(string scopeName, bool includeDetails = true, CancellationToken cancellationToken = default)
+        {
+            return await GetMongoQueryable().FirstOrDefaultAsync(x => x.Name == scopeName, GetCancellationToken(cancellationToken));
+        }
+
+        public async Task<List<ApiScope>> GetListByNameAsync(string[] scopeNames, bool includeDetails = false,
+            CancellationToken cancellationToken = default)
+        {
+            var query = from scope in GetMongoQueryable()
+                where scopeNames.Contains(scope.Name)
+                select scope;
+
+            return await query.ToListAsync(GetCancellationToken(cancellationToken));
+        }
+
+        public async Task<List<ApiScope>> GetListAsync(string sorting, int skipCount, int maxResultCount, string filter = null, bool includeDetails = false,
+            CancellationToken cancellationToken = default)
+        {
+            return await GetMongoQueryable()
+                .WhereIf(!filter.IsNullOrWhiteSpace(),
+                    x => x.Name.Contains(filter) ||
+                         x.Description.Contains(filter) ||
+                         x.DisplayName.Contains(filter))
+                .OrderBy(sorting ?? nameof(ApiScope.Name))
+                .As<IMongoQueryable<ApiScope>>()
+                .PageBy<ApiScope, IMongoQueryable<ApiScope>>(skipCount, maxResultCount)
+                .ToListAsync(GetCancellationToken(cancellationToken));
+        }
+
+        public async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
+        {
+            return await GetMongoQueryable().AnyAsync(x => x.Id != expectedId && x.Name == name, GetCancellationToken(cancellationToken));
+        }
+    }
+}

modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoClientRepository.cs

@@ -21,7 +21,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
         {
         }
 
-        public virtual async Task<Client> FindByCliendIdAsync(
+        public virtual async Task<Client> FindByClientIdAsync(
             string clientId,
             bool includeDetails = true,
             CancellationToken cancellationToken = default)

modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoIdentityResourceRepository.cs

@@ -40,7 +40,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
                 .FirstOrDefaultAsync(GetCancellationToken(cancellationToken));
         }
 
-        public virtual async Task<List<IdentityResource>> GetListByScopesAsync(string[] scopeNames, bool includeDetails = false,
+        public virtual async Task<List<IdentityResource>> GetListByScopeNameAsync(string[] scopeNames, bool includeDetails = false,
             CancellationToken cancellationToken = default)
         {
             return await GetMongoQueryable()

modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoPersistedGrantRepository.cs

@@ -1,5 +1,6 @@
 using System;
 using System.Collections.Generic;
+using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
 using MongoDB.Driver;
@@ -8,6 +9,7 @@ using Volo.Abp.Domain.Repositories.MongoDB;
 using Volo.Abp.IdentityServer.Grants;
 using Volo.Abp.MongoDB;
 
+
 namespace Volo.Abp.IdentityServer.MongoDB
 {
     public class MongoPersistentGrantRepository : MongoDbRepository<IAbpIdentityServerMongoDbContext, PersistedGrant, Guid>, IPersistentGrantRepository
@@ -16,6 +18,13 @@ namespace Volo.Abp.IdentityServer.MongoDB
         {
         }
 
+        public async Task<List<PersistedGrant>> GetListAsync(string subjectId, string sessionId, string clientId, string type, bool includeDetails = false,
+            CancellationToken cancellationToken = default)
+        {
+            return await Filter(subjectId, sessionId, clientId, type)
+                .ToListAsync(GetCancellationToken(cancellationToken));
+        }
+
         public virtual async Task<PersistedGrant> FindByKeyAsync(string key, CancellationToken cancellationToken = default)
         {
 
@@ -27,8 +36,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
         {
             return await GetMongoQueryable()
                 .Where(x => x.SubjectId == subjectId)
-                .ToListAsync(GetCancellationToken(cancellationToken))
-                ;
+                .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
         public virtual async Task<List<PersistedGrant>> GetListByExpirationAsync(DateTime maxExpirationDate, int maxResultCount,
@@ -41,6 +49,22 @@ namespace Volo.Abp.IdentityServer.MongoDB
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
+        public async Task DeleteAsync(
+            string subjectId = null,
+            string sessionId = null,
+            string clientId = null,
+            string type = null,
+            CancellationToken cancellationToken = default)
+        {
+            var persistedGrants = await Filter(subjectId, sessionId, clientId, type)
+                .ToListAsync(GetCancellationToken(cancellationToken));
+
+            foreach (var persistedGrant in persistedGrants)
+            {
+                await DeleteAsync(persistedGrant, false, GetCancellationToken(cancellationToken));
+            }
+        }
+
         public virtual async Task DeleteAsync(string subjectId, string clientId, CancellationToken cancellationToken = default)
         {
             await DeleteAsync(
@@ -56,5 +80,19 @@ namespace Volo.Abp.IdentityServer.MongoDB
                 cancellationToken: GetCancellationToken(cancellationToken)
             );
         }
+
+        private IMongoQueryable<PersistedGrant> Filter(
+            string subjectId,
+            string sessionId,
+            string clientId,
+            string type)
+        {
+            return GetMongoQueryable()
+                .WhereIf<PersistedGrant, IMongoQueryable<PersistedGrant>>(!subjectId.IsNullOrWhiteSpace(), x => x.SubjectId == subjectId)
+                .WhereIf<PersistedGrant, IMongoQueryable<PersistedGrant>>(!sessionId.IsNullOrWhiteSpace(), x => x.SessionId == sessionId)
+                .WhereIf<PersistedGrant, IMongoQueryable<PersistedGrant>>(!clientId.IsNullOrWhiteSpace(), x => x.ClientId == clientId)
+                .WhereIf<PersistedGrant, IMongoQueryable<PersistedGrant>>(!type.IsNullOrWhiteSpace(), x => x.Type == type)
+                .As<IMongoQueryable<PersistedGrant>>();
+        }
     }
 }

modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/Clients/ClientStore_Tests.cs

@@ -33,7 +33,7 @@ namespace Volo.Abp.IdentityServer.Clients
             client.ClientId.ShouldBe("42");
             client.ProtocolType.ShouldBe("TestProtocol-42");
             client.AllowedCorsOrigins.ShouldContain("Origin1");
-            client.AllowedScopes.ShouldContain("api1");
+            client.AllowedScopes.ShouldContain("Test-ApiScope-Name-1");
         }
     }
 }

modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/Clients/IdentityResourceStore_Tests.cs

@@ -19,20 +19,20 @@ namespace Volo.Abp.IdentityServer.Clients
         }
 
         [Fact]
-        public async Task FindApiResourceAsync_Should_Return_Null_If_Not_Found()
+        public async Task FindApiResourceAsync_Should_Return_Empty_If_Not_Found()
         {
             //Act
-            var resource = await _resourceStore.FindApiResourceAsync("non-existing-name");
+            var resource = await _resourceStore.FindApiResourcesByNameAsync(new []{"non-existing-name"});
 
             //Assert
-            resource.ShouldBeNull();
+            resource.ShouldBeEmpty();
         }
 
         [Fact]
         public async Task FindApiResourceAsync_Should_Return_If_Found()
         {
             //Act
-            var apiResource = await _resourceStore.FindApiResourceAsync("Test-ApiResource-Name-1");
+            var apiResource = (await _resourceStore.FindApiResourcesByNameAsync(new []{"Test-ApiResource-Name-1"})).FirstOrDefault();
 
             //Assert
             apiResource.ShouldNotBe(null);
@@ -45,7 +45,7 @@ namespace Volo.Abp.IdentityServer.Clients
         public async Task FindApiResourcesByScopeAsync_Should_Return_If_Found()
         {
             //Act
-            var apiResources = (await _resourceStore.FindApiResourcesByScopeAsync(new List<string>
+            var apiResources = (await _resourceStore.FindApiResourcesByScopeNameAsync(new List<string>
             {
                 "Test-ApiResource-ApiScope-Name-1"
             })).ToList();
@@ -53,24 +53,23 @@ namespace Volo.Abp.IdentityServer.Clients
             //Assert
             apiResources.ShouldNotBe(null);
 
-            apiResources[0].Scopes.Count.ShouldBe(2);
+            apiResources[0].Scopes.Count.ShouldBe(3);
         }
 
         [Fact]
         public async Task FindIdentityResourcesByScopeAsync_Should_Return_For_Given_Scopes()
         {
             //Act
-            var identityResourcesByScope = await _resourceStore.FindIdentityResourcesByScopeAsync(new List<string>
+            var identityResourcesByScope = (await _resourceStore.FindIdentityResourcesByScopeNameAsync(new List<string>
             {
                 "Test-Identity-Resource-Name-1"
-            });
+            })).ToArray();
 
             //Assert
-            var resourcesByScope = identityResourcesByScope as IdentityResource[] ?? identityResourcesByScope.ToArray();
-            resourcesByScope.Length.ShouldBe(1);
-            resourcesByScope.First().DisplayName.ShouldBe("Test-Identity-Resource-DisplayName-1");
-            resourcesByScope.First().Description.ShouldBe("Test-Identity-Resource-Description-1");
-            resourcesByScope.First().Required.ShouldBe(true);
+            identityResourcesByScope.Length.ShouldBe(1);
+            identityResourcesByScope.First().DisplayName.ShouldBe("Test-Identity-Resource-DisplayName-1");
+            identityResourcesByScope.First().Description.ShouldBe("Test-Identity-Resource-Description-1");
+            identityResourcesByScope.First().Required.ShouldBe(true);
         }
 
         [Fact]

modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/Clients/PersistentGrant_Tests.cs

@@ -122,7 +122,10 @@ namespace Volo.Abp.IdentityServer.Clients
         public async Task GetAllAsync_Should_Get_All_PersistedGrants_For_A_Given_SubjectId()
         {
             //Act
-            var persistentGrants = await _persistedGrantStore.GetAllAsync("TestSubject");
+            var persistentGrants = await _persistedGrantStore.GetAllAsync(new PersistedGrantFilter()
+            {
+                SubjectId = "TestSubject"
+            });
 
             //Assert
             var persistedGrants = persistentGrants as PersistedGrant[] ?? persistentGrants.ToArray();
@@ -156,16 +159,27 @@ namespace Volo.Abp.IdentityServer.Clients
         public async Task RemoveAllAsync_Should_RemoveAll_PeristedGrants_For_A_Given_Subject_And_ClientId()
         {
             //Arrange
-            var persistedGrantsWithTestSubjectX = await _persistedGrantStore.GetAllAsync("TestSubject-X");
+            var persistedGrantsWithTestSubjectX = await _persistedGrantStore.GetAllAsync(new PersistedGrantFilter()
+            {
+                SubjectId = "TestSubject-X"
+            });
             var persistedGrantsWithTestSubjectXBeforeLength = persistedGrantsWithTestSubjectX.ToArray().Length;
 
             //Act
-            await _persistedGrantStore.RemoveAllAsync("TestSubject-X", "TestClientId-X");
+            await _persistedGrantStore.RemoveAllAsync(new PersistedGrantFilter()
+            {
+                SubjectId = "TestSubject-X",
+                ClientId =  "TestClientId-X"
+            });
 
             //Assert
             persistedGrantsWithTestSubjectXBeforeLength.ShouldBe(2);
 
-            var persistedGrants = (await _persistedGrantStore.GetAllAsync("TestClientId-37")).ToArray();
+            var persistedGrants = (await _persistedGrantStore.GetAllAsync(new PersistedGrantFilter()
+            {
+                SubjectId = "TestClientId-37"
+            })).ToArray();
+
             persistedGrants.ShouldNotBe(null);
             persistedGrants.Length.ShouldBe(0);
         }

modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/CorsPolicyService_Tests.cs

@@ -35,7 +35,7 @@ namespace Volo.Abp.IdentityServer
 
             using (var uow = _unitOfWorkManager.Begin())
             {
-                var client1 = await _clientRepository.FindByCliendIdAsync("ClientId1");
+                var client1 = await _clientRepository.FindByClientIdAsync("ClientId1");
                 client1.AddCorsOrigin("https://new-origin.com");
                 await _clientRepository.UpdateAsync(client1);
 

modules/identityserver/test/Volo.Abp.IdentityServer.EntityFrameworkCore.Tests/Volo/Abp/IdentityServer/AbpIdentityServerTestDataBuilder.cs

@@ -3,10 +3,12 @@ using IdentityServer4.Models;
 using Volo.Abp.DependencyInjection;
 using Volo.Abp.Guids;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Grants;
 using Volo.Abp.IdentityServer.IdentityResources;
 using ApiResource = Volo.Abp.IdentityServer.ApiResources.ApiResource;
+using ApiScope = Volo.Abp.IdentityServer.ApiScopes.ApiScope;
 using Client = Volo.Abp.IdentityServer.Clients.Client;
 using IdentityResource = Volo.Abp.IdentityServer.IdentityResources.IdentityResource;
 using PersistedGrant = Volo.Abp.IdentityServer.Grants.PersistedGrant;
@@ -21,28 +23,72 @@ namespace Volo.Abp.IdentityServer
         private readonly IClientRepository _clientRepository;
         private readonly IPersistentGrantRepository _persistentGrantRepository;
         private readonly IApiResourceRepository _apiResourceRepository;
+        private readonly IApiScopeRepository _apiScopeRepository;
         private readonly IIdentityResourceRepository _identityResourceRepository;
 
         public AbpIdentityServerTestDataBuilder(
             IClientRepository clientRepository,
             IGuidGenerator guidGenerator,
             IPersistentGrantRepository persistentGrantRepository,
-            IApiResourceRepository apiResourceRepository, 
-            IIdentityResourceRepository identityResourceRepository)
+            IApiResourceRepository apiResourceRepository,
+            IIdentityResourceRepository identityResourceRepository,
+            IApiScopeRepository apiScopeRepository)
         {
             _clientRepository = clientRepository;
             _guidGenerator = guidGenerator;
             _persistentGrantRepository = persistentGrantRepository;
             _apiResourceRepository = apiResourceRepository;
             _identityResourceRepository = identityResourceRepository;
+            _apiScopeRepository = apiScopeRepository;
         }
 
         public async Task BuildAsync()
         {
-            await AddClients();
-            await AddPersistentGrants();
             await AddApiResources();
+            await AddApiScopes();
             await AddIdentityResources();
+            await AddClients();
+            await AddPersistentGrants();
+        }
+
+        private async Task AddApiResources()
+        {
+            var apiResource = new ApiResource(_guidGenerator.Create(), "Test-ApiResource-Name-1")
+            {
+                Enabled = true,
+                Description = "Test-ApiResource-Description-1",
+                DisplayName = "Test-ApiResource-DisplayName-1"
+            };
+
+            apiResource.AddSecret("secret".Sha256());
+            apiResource.AddScope("Test-ApiResource-ApiScope-Name-1");
+            apiResource.AddScope("Test-ApiResource-ApiScope-DisplayName-1");
+            apiResource.AddUserClaim("Test-ApiResource-Claim-Type-1");
+
+            await _apiResourceRepository.InsertAsync(apiResource);
+        }
+
+        private async Task AddApiScopes()
+        {
+            var apiScope = new ApiScope(_guidGenerator.Create(), "Test-ApiScope-Name-1");
+
+            apiScope.AddUserClaim("Test-ApiScope-Claim-Type-1");
+            await _apiScopeRepository.InsertAsync(apiScope);
+        }
+
+        private async Task AddIdentityResources()
+        {
+            var identityResource = new IdentityResource(_guidGenerator.Create(), "Test-Identity-Resource-Name-1")
+            {
+                Description = "Test-Identity-Resource-Description-1",
+                DisplayName = "Test-Identity-Resource-DisplayName-1",
+                Required = true,
+                Emphasize = true
+            };
+
+            identityResource.AddUserClaim("Test-Identity-Resource-1-IdentityClaim-Type-1");
+
+            await _identityResourceRepository.InsertAsync(identityResource);
         }
 
         private async Task AddClients()
@@ -51,10 +97,10 @@ namespace Volo.Abp.IdentityServer
             {
                 ProtocolType = "TestProtocol-42"
             };
-            
+
             client42.AddCorsOrigin("Origin1");
 
-            client42.AddScope("api1");
+            client42.AddScope("Test-ApiScope-Name-1");
 
             await _clientRepository.InsertAsync(client42);
         }
@@ -98,35 +144,5 @@ namespace Volo.Abp.IdentityServer
             });
         }
 
-        private async Task AddApiResources()
-        {
-            var apiResource = new ApiResource(_guidGenerator.Create(), "Test-ApiResource-Name-1")
-            {
-                Enabled = true,
-                Description = "Test-ApiResource-Description-1",
-                DisplayName = "Test-ApiResource-DisplayName-1"
-            };
-
-            apiResource.AddSecret("secret".Sha256());
-            apiResource.AddScope("Test-ApiResource-ApiScope-Name-1", "Test-ApiResource-ApiScope-DisplayName-1");
-            apiResource.AddUserClaim("Test-ApiResource-Claim-Type-1");
-
-            await _apiResourceRepository.InsertAsync(apiResource);
-        }
-
-        private async Task AddIdentityResources()
-        {
-            var identityResource = new IdentityResource(_guidGenerator.Create(), "Test-Identity-Resource-Name-1")
-            {
-                Description = "Test-Identity-Resource-Description-1",
-                DisplayName = "Test-Identity-Resource-DisplayName-1",
-                Required = true,
-                Emphasize = true
-            };
-
-            identityResource.AddUserClaim("Test-Identity-Resource-1-IdentityClaim-Type-1");
-
-            await _identityResourceRepository.InsertAsync(identityResource);
-        }
     }
 }

modules/identityserver/test/Volo.Abp.IdentityServer.TestBase/Volo/Abp/IdentityServer/AbpIdentityServerTestDataBuilder.cs

@@ -5,6 +5,7 @@ using Volo.Abp.DependencyInjection;
 using Volo.Abp.Guids;
 using Volo.Abp.Identity;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.Devices;
 using Volo.Abp.IdentityServer.Grants;
@@ -91,6 +92,7 @@ namespace Volo.Abp.IdentityServer
             {
                 Key = "PersistedGrantKey1",
                 SubjectId = "PersistedGrantSubjectId1",
+                SessionId = "PersistedGrantSessionId1",
                 ClientId = "PersistedGrantClientId1",
                 Type = "PersistedGrantType1",
                 Data = ""
@@ -147,9 +149,9 @@ namespace Volo.Abp.IdentityServer
             apiResource.Description = nameof(apiResource.Description);
             apiResource.DisplayName = nameof(apiResource.DisplayName);
 
-            apiResource.AddScope(nameof(ApiScope.Name));
+            apiResource.AddScope(nameof(ApiResourceScope.Scope));
             apiResource.AddUserClaim(nameof(ApiResourceClaim.Type));
-            apiResource.AddSecret(nameof(ApiSecret.Value));
+            apiResource.AddSecret(nameof(ApiResourceSecret.Value));
 
             await _apiResourceRepository.InsertAsync(apiResource);
             await _apiResourceRepository.InsertAsync(new ApiResource(_guidGenerator.Create(), "NewApiResource2"));

modules/identityserver/test/Volo.Abp.IdentityServer.TestBase/Volo/Abp/IdentityServer/ApiResourceRepository_Tests.cs

@@ -2,6 +2,7 @@
 using Microsoft.Extensions.DependencyInjection;
 using Shouldly;
 using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.Modularity;
 using Xunit;
 
@@ -20,7 +21,7 @@ namespace Volo.Abp.IdentityServer
         [Fact]
         public async Task FindByNormalizedNameAsync()
         {
-            (await apiResourceRepository.FindByNameAsync("NewApiResource2")).ShouldNotBeNull();
+            (await apiResourceRepository.FindByNameAsync(new []{"NewApiResource2"})).ShouldNotBeNull();
         }
 
         [Fact]

modules/identityserver/test/Volo.Abp.IdentityServer.TestBase/Volo/Abp/IdentityServer/ClientRepository_Tests.cs

@@ -19,9 +19,9 @@ namespace Volo.Abp.IdentityServer
         }
 
         [Fact]
-        public async Task FindByCliendIdAsync()
+        public async Task FindByClientIdAsync()
         {
-            (await clientRepository.FindByCliendIdAsync("ClientId2")).ShouldNotBeNull();
+            (await clientRepository.FindByClientIdAsync("ClientId2")).ShouldNotBeNull();
         }
 
         [Fact]

modules/identityserver/test/Volo.Abp.IdentityServer.TestBase/Volo/Abp/IdentityServer/IdentityResourceRepository_Tests.cs

@@ -23,7 +23,7 @@ namespace Volo.Abp.IdentityServer
         [Fact]
         public async Task GetListByScopesAsync()
         {
-            (await identityResourceRepository.GetListByScopesAsync(new[] { "", "NewIdentityResource2" })).Count.ShouldBe(1);
+            (await identityResourceRepository.GetListByScopeNameAsync(new[] { "", "NewIdentityResource2" })).Count.ShouldBe(1);
         }
     }
 }

modules/identityserver/test/Volo.Abp.IdentityServer.TestBase/Volo/Abp/IdentityServer/PersistentGrantRepository_Tests.cs

@@ -36,7 +36,7 @@ namespace Volo.Abp.IdentityServer
         [Fact]
         public async Task DeleteBySubjectIdAndClientId()
         {
-            await _persistentGrantRepository.DeleteAsync("PersistedGrantSubjectId1", "PersistedGrantClientId1");
+            await _persistentGrantRepository.DeleteAsync("PersistedGrantSubjectId1", "PersistedGrantSessionId1", "PersistedGrantClientId1");
 
             var persistedGrants = await _persistentGrantRepository.GetListAsync();
             persistedGrants.ShouldNotBeEmpty();
@@ -48,7 +48,7 @@ namespace Volo.Abp.IdentityServer
         [Fact]
         public async Task DeleteBySubjectIdAndClientIdAndType()
         {
-            await _persistentGrantRepository.DeleteAsync("PersistedGrantSubjectId1", "PersistedGrantClientId1",
+            await _persistentGrantRepository.DeleteAsync("PersistedGrantSubjectId1", "PersistedGrantSessionId1", "PersistedGrantClientId1",
                 "PersistedGrantClientId1");
 
             var persistedGrants = await _persistentGrantRepository.GetListAsync();

templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/IdentityServer/IdentityServerDataSeedContributor.cs

@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Threading.Tasks;
 using IdentityServer4.Models;
@@ -7,12 +7,14 @@ using Volo.Abp.Authorization.Permissions;
 using Volo.Abp.Data;
 using Volo.Abp.DependencyInjection;
 using Volo.Abp.Guids;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.ApiResources;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.IdentityResources;
 using Volo.Abp.PermissionManagement;
 using Volo.Abp.Uow;
 using ApiResource = Volo.Abp.IdentityServer.ApiResources.ApiResource;
+using ApiScope = Volo.Abp.IdentityServer.ApiScopes.ApiScope;
 using Client = Volo.Abp.IdentityServer.Clients.Client;
 
 namespace MyCompanyName.MyProjectName.IdentityServer
@@ -20,6 +22,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
     public class IdentityServerDataSeedContributor : IDataSeedContributor, ITransientDependency
     {
         private readonly IApiResourceRepository _apiResourceRepository;
+        private readonly IApiScopeRepository _apiScopeRepository;
         private readonly IClientRepository _clientRepository;
         private readonly IIdentityResourceDataSeeder _identityResourceDataSeeder;
         private readonly IGuidGenerator _guidGenerator;
@@ -29,6 +32,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
         public IdentityServerDataSeedContributor(
             IClientRepository clientRepository,
             IApiResourceRepository apiResourceRepository,
+            IApiScopeRepository apiScopeRepository,
             IIdentityResourceDataSeeder identityResourceDataSeeder,
             IGuidGenerator guidGenerator,
             IPermissionDataSeeder permissionDataSeeder,
@@ -36,6 +40,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
         {
             _clientRepository = clientRepository;
             _apiResourceRepository = apiResourceRepository;
+            _apiScopeRepository = apiScopeRepository;
             _identityResourceDataSeeder = identityResourceDataSeeder;
             _guidGenerator = guidGenerator;
             _permissionDataSeeder = permissionDataSeeder;
@@ -47,6 +52,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
         {
             await _identityResourceDataSeeder.CreateStandardResourcesAsync();
             await CreateApiResourcesAsync();
+            await CreateApiScopeAsync();
             await CreateClientsAsync();
         }
 
@@ -91,6 +97,15 @@ namespace MyCompanyName.MyProjectName.IdentityServer
             return await _apiResourceRepository.UpdateAsync(apiResource);
         }
 
+        private async Task CreateApiScopeAsync()
+        {
+            var apiScope = await _apiScopeRepository.GetByNameAsync("MyProjectName");
+            if (apiScope == null)
+            {
+                await _apiScopeRepository.InsertAsync(new ApiScope(_guidGenerator.Create(), "MyProjectName", "MyProjectName API"), autoSave: true);
+            }
+        }
+
         private async Task CreateClientsAsync()
         {
             var commonScopes = new[]
@@ -101,6 +116,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                 "role",
                 "phone",
                 "address",
+
                 "MyProjectName"
             };
 
@@ -174,7 +190,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
             bool requirePkce = false,
             IEnumerable<string> permissions = null)
         {
-            var client = await _clientRepository.FindByCliendIdAsync(name);
+            var client = await _clientRepository.FindByClientIdAsync(name);
             if (client == null)
             {
                 client = await _clientRepository.InsertAsync(

templates/app/aspnet-core/src/MyCompanyName.MyProjectName.IdentityServer/MyProjectNameIdentityServerModule.cs

@@ -87,6 +87,7 @@ namespace MyCompanyName.MyProjectName
                     options.FileSets.ReplaceEmbeddedByPhysical<AbpAspNetCoreMvcUiThemeSharedModule>(Path.Combine(hostingEnvironment.ContentRootPath, string.Format("..{0}..{0}..{0}..{0}..{0}framework{0}src{0}Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared", Path.DirectorySeparatorChar)));
                     options.FileSets.ReplaceEmbeddedByPhysical<AbpAspNetCoreMvcUiBasicThemeModule>(Path.Combine(hostingEnvironment.ContentRootPath, string.Format("..{0}..{0}..{0}..{0}..{0}framework{0}src{0}Volo.Abp.AspNetCore.Mvc.UI.Theme.Basic", Path.DirectorySeparatorChar)));
                     options.FileSets.ReplaceEmbeddedByPhysical<AbpAccountWebModule>(Path.Combine(hostingEnvironment.ContentRootPath, string.Format("..{0}..{0}..{0}..{0}..{0}modules{0}account{0}src{0}Volo.Abp.Account.Web", Path.DirectorySeparatorChar)));
+                    options.FileSets.ReplaceEmbeddedByPhysical<AbpAccountWebIdentityServerModule>(Path.Combine(hostingEnvironment.ContentRootPath, string.Format("..{0}..{0}..{0}..{0}..{0}modules{0}account{0}src{0}Volo.Abp.Account.Web.IdentityServer", Path.DirectorySeparatorChar)));
                     //</TEMPLATE-REMOVE>
                     options.FileSets.ReplaceEmbeddedByPhysical<MyProjectNameDomainSharedModule>(Path.Combine(hostingEnvironment.ContentRootPath, $"..{Path.DirectorySeparatorChar}MyCompanyName.MyProjectName.Domain.Shared"));
                     options.FileSets.ReplaceEmbeddedByPhysical<MyProjectNameDomainModule>(Path.Combine(hostingEnvironment.ContentRootPath, $"..{Path.DirectorySeparatorChar}MyCompanyName.MyProjectName.Domain"));

templates/module/aspnet-core/host/MyCompanyName.MyProjectName.HttpApi.Host/Migrations/20200928072851_Initial.Designer.cs → templates/module/aspnet-core/host/MyCompanyName.MyProjectName.HttpApi.Host/Migrations/20201019021119_Initial.Designer.cs

@@ -11,17 +11,17 @@ using Volo.Abp.EntityFrameworkCore;
 namespace MyCompanyName.MyProjectName.Migrations
 {
     [DbContext(typeof(MyProjectNameHttpApiHostMigrationsDbContext))]
-    [Migration("20200928072851_Initial")]
+    [Migration("20201019021119_Initial")]
     partial class Initial
     {
         protected override void BuildTargetModel(ModelBuilder modelBuilder)
         {
 #pragma warning disable 612, 618
             modelBuilder
+                .UseIdentityColumns()
                 .HasAnnotation("_Abp_DatabaseProvider", EfCoreDatabaseProvider.SqlServer)
-                .HasAnnotation("ProductVersion", "3.1.6")
                 .HasAnnotation("Relational:MaxIdentifierLength", 128)
-                .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn);
+                .HasAnnotation("ProductVersion", "5.0.0-rc.2.20475.6");
 
             modelBuilder.Entity("Volo.Abp.AuditLogging.AuditLog", b =>
                 {
@@ -30,99 +30,99 @@ namespace MyCompanyName.MyProjectName.Migrations
                         .HasColumnType("uniqueidentifier");
 
                     b.Property<string>("ApplicationName")
-                        .HasColumnName("ApplicationName")
+                        .HasMaxLength(96)
                         .HasColumnType("nvarchar(96)")
-                        .HasMaxLength(96);
+                        .HasColumnName("ApplicationName");
 
                     b.Property<string>("BrowserInfo")
-                        .HasColumnName("BrowserInfo")
+                        .HasMaxLength(512)
                         .HasColumnType("nvarchar(512)")
-                        .HasMaxLength(512);
+                        .HasColumnName("BrowserInfo");
 
                     b.Property<string>("ClientId")
-                        .HasColumnName("ClientId")
+                        .HasMaxLength(64)
                         .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasColumnName("ClientId");
 
                     b.Property<string>("ClientIpAddress")
-                        .HasColumnName("ClientIpAddress")
+                        .HasMaxLength(64)
                         .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasColumnName("ClientIpAddress");
 
                     b.Property<string>("ClientName")
-                        .HasColumnName("ClientName")
+                        .HasMaxLength(128)
                         .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasColumnName("ClientName");
 
                     b.Property<string>("Comments")
-                        .HasColumnName("Comments")
+                        .HasMaxLength(256)
                         .HasColumnType("nvarchar(256)")
-                        .HasMaxLength(256);
+                        .HasColumnName("Comments");
 
                     b.Property<string>("ConcurrencyStamp")
                         .IsConcurrencyToken()
-                        .HasColumnName("ConcurrencyStamp")
+                        .HasMaxLength(40)
                         .HasColumnType("nvarchar(40)")
-                        .HasMaxLength(40);
+                        .HasColumnName("ConcurrencyStamp");
 
                     b.Property<string>("CorrelationId")
-                        .HasColumnName("CorrelationId")
+                        .HasMaxLength(64)
                         .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasColumnName("CorrelationId");
 
                     b.Property<string>("Exceptions")
-                        .HasColumnName("Exceptions")
+                        .HasMaxLength(4000)
                         .HasColumnType("nvarchar(4000)")
-                        .HasMaxLength(4000);
+                        .HasColumnName("Exceptions");
 
                     b.Property<int>("ExecutionDuration")
-                        .HasColumnName("ExecutionDuration")
-                        .HasColumnType("int");
+                        .HasColumnType("int")
+                        .HasColumnName("ExecutionDuration");
 
                     b.Property<DateTime>("ExecutionTime")
                         .HasColumnType("datetime2");
 
                     b.Property<string>("ExtraProperties")
-                        .HasColumnName("ExtraProperties")
-                        .HasColumnType("nvarchar(max)");
+                        .HasColumnType("nvarchar(max)")
+                        .HasColumnName("ExtraProperties");
 
                     b.Property<string>("HttpMethod")
-                        .HasColumnName("HttpMethod")
+                        .HasMaxLength(16)
                         .HasColumnType("nvarchar(16)")
-                        .HasMaxLength(16);
+                        .HasColumnName("HttpMethod");
 
                     b.Property<int?>("HttpStatusCode")
-                        .HasColumnName("HttpStatusCode")
-                        .HasColumnType("int");
+                        .HasColumnType("int")
+                        .HasColumnName("HttpStatusCode");
 
                     b.Property<Guid?>("ImpersonatorTenantId")
-                        .HasColumnName("ImpersonatorTenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("ImpersonatorTenantId");
 
                     b.Property<Guid?>("ImpersonatorUserId")
-                        .HasColumnName("ImpersonatorUserId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("ImpersonatorUserId");
 
                     b.Property<Guid?>("TenantId")
-                        .HasColumnName("TenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("TenantId");
 
                     b.Property<string>("TenantName")
                         .HasColumnType("nvarchar(max)");
 
                     b.Property<string>("Url")
-                        .HasColumnName("Url")
+                        .HasMaxLength(256)
                         .HasColumnType("nvarchar(256)")
-                        .HasMaxLength(256);
+                        .HasColumnName("Url");
 
                     b.Property<Guid?>("UserId")
-                        .HasColumnName("UserId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("UserId");
 
                     b.Property<string>("UserName")
-                        .HasColumnName("UserName")
+                        .HasMaxLength(256)
                         .HasColumnType("nvarchar(256)")
-                        .HasMaxLength(256);
+                        .HasColumnName("UserName");
 
                     b.HasKey("Id");
 
@@ -140,39 +140,39 @@ namespace MyCompanyName.MyProjectName.Migrations
                         .HasColumnType("uniqueidentifier");
 
                     b.Property<Guid>("AuditLogId")
-                        .HasColumnName("AuditLogId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("AuditLogId");
 
                     b.Property<int>("ExecutionDuration")
-                        .HasColumnName("ExecutionDuration")
-                        .HasColumnType("int");
+                        .HasColumnType("int")
+                        .HasColumnName("ExecutionDuration");
 
                     b.Property<DateTime>("ExecutionTime")
-                        .HasColumnName("ExecutionTime")
-                        .HasColumnType("datetime2");
+                        .HasColumnType("datetime2")
+                        .HasColumnName("ExecutionTime");
 
                     b.Property<string>("ExtraProperties")
-                        .HasColumnName("ExtraProperties")
-                        .HasColumnType("nvarchar(max)");
+                        .HasColumnType("nvarchar(max)")
+                        .HasColumnName("ExtraProperties");
 
                     b.Property<string>("MethodName")
-                        .HasColumnName("MethodName")
+                        .HasMaxLength(128)
                         .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasColumnName("MethodName");
 
                     b.Property<string>("Parameters")
-                        .HasColumnName("Parameters")
+                        .HasMaxLength(2000)
                         .HasColumnType("nvarchar(2000)")
-                        .HasMaxLength(2000);
+                        .HasColumnName("Parameters");
 
                     b.Property<string>("ServiceName")
-                        .HasColumnName("ServiceName")
+                        .HasMaxLength(256)
                         .HasColumnType("nvarchar(256)")
-                        .HasMaxLength(256);
+                        .HasColumnName("ServiceName");
 
                     b.Property<Guid?>("TenantId")
-                        .HasColumnName("TenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("TenantId");
 
                     b.HasKey("Id");
 
@@ -190,39 +190,39 @@ namespace MyCompanyName.MyProjectName.Migrations
                         .HasColumnType("uniqueidentifier");
 
                     b.Property<Guid>("AuditLogId")
-                        .HasColumnName("AuditLogId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("AuditLogId");
 
                     b.Property<DateTime>("ChangeTime")
-                        .HasColumnName("ChangeTime")
-                        .HasColumnType("datetime2");
+                        .HasColumnType("datetime2")
+                        .HasColumnName("ChangeTime");
 
                     b.Property<byte>("ChangeType")
-                        .HasColumnName("ChangeType")
-                        .HasColumnType("tinyint");
+                        .HasColumnType("tinyint")
+                        .HasColumnName("ChangeType");
 
                     b.Property<string>("EntityId")
                         .IsRequired()
-                        .HasColumnName("EntityId")
+                        .HasMaxLength(128)
                         .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasColumnName("EntityId");
 
                     b.Property<Guid?>("EntityTenantId")
                         .HasColumnType("uniqueidentifier");
 
                     b.Property<string>("EntityTypeFullName")
                         .IsRequired()
-                        .HasColumnName("EntityTypeFullName")
+                        .HasMaxLength(128)
                         .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasColumnName("EntityTypeFullName");
 
                     b.Property<string>("ExtraProperties")
-                        .HasColumnName("ExtraProperties")
-                        .HasColumnType("nvarchar(max)");
+                        .HasColumnType("nvarchar(max)")
+                        .HasColumnName("ExtraProperties");
 
                     b.Property<Guid?>("TenantId")
-                        .HasColumnName("TenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("TenantId");
 
                     b.HasKey("Id");
 
@@ -243,30 +243,30 @@ namespace MyCompanyName.MyProjectName.Migrations
                         .HasColumnType("uniqueidentifier");
 
                     b.Property<string>("NewValue")
-                        .HasColumnName("NewValue")
+                        .HasMaxLength(512)
                         .HasColumnType("nvarchar(512)")
-                        .HasMaxLength(512);
+                        .HasColumnName("NewValue");
 
                     b.Property<string>("OriginalValue")
-                        .HasColumnName("OriginalValue")
+                        .HasMaxLength(512)
                         .HasColumnType("nvarchar(512)")
-                        .HasMaxLength(512);
+                        .HasColumnName("OriginalValue");
 
                     b.Property<string>("PropertyName")
                         .IsRequired()
-                        .HasColumnName("PropertyName")
+                        .HasMaxLength(128)
                         .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasColumnName("PropertyName");
 
                     b.Property<string>("PropertyTypeFullName")
                         .IsRequired()
-                        .HasColumnName("PropertyTypeFullName")
+                        .HasMaxLength(64)
                         .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasColumnName("PropertyTypeFullName");
 
                     b.Property<Guid?>("TenantId")
-                        .HasColumnName("TenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("TenantId");
 
                     b.HasKey("Id");
 
@@ -283,22 +283,22 @@ namespace MyCompanyName.MyProjectName.Migrations
 
                     b.Property<string>("Name")
                         .IsRequired()
-                        .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasMaxLength(128)
+                        .HasColumnType("nvarchar(128)");
 
                     b.Property<string>("ProviderKey")
                         .IsRequired()
-                        .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasMaxLength(64)
+                        .HasColumnType("nvarchar(64)");
 
                     b.Property<string>("ProviderName")
                         .IsRequired()
-                        .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasMaxLength(64)
+                        .HasColumnType("nvarchar(64)");
 
                     b.Property<Guid?>("TenantId")
-                        .HasColumnName("TenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("TenantId");
 
                     b.HasKey("Id");
 
@@ -315,21 +315,21 @@ namespace MyCompanyName.MyProjectName.Migrations
 
                     b.Property<string>("Name")
                         .IsRequired()
-                        .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasMaxLength(128)
+                        .HasColumnType("nvarchar(128)");
 
                     b.Property<string>("ProviderKey")
-                        .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasMaxLength(64)
+                        .HasColumnType("nvarchar(64)");
 
                     b.Property<string>("ProviderName")
-                        .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasMaxLength(64)
+                        .HasColumnType("nvarchar(64)");
 
                     b.Property<string>("Value")
                         .IsRequired()
-                        .HasColumnType("nvarchar(2048)")
-                        .HasMaxLength(2048);
+                        .HasMaxLength(2048)
+                        .HasColumnType("nvarchar(2048)");
 
                     b.HasKey("Id");
 
@@ -364,6 +364,18 @@ namespace MyCompanyName.MyProjectName.Migrations
                         .OnDelete(DeleteBehavior.Cascade)
                         .IsRequired();
                 });
+
+            modelBuilder.Entity("Volo.Abp.AuditLogging.AuditLog", b =>
+                {
+                    b.Navigation("Actions");
+
+                    b.Navigation("EntityChanges");
+                });
+
+            modelBuilder.Entity("Volo.Abp.AuditLogging.EntityChange", b =>
+                {
+                    b.Navigation("PropertyChanges");
+                });
 #pragma warning restore 612, 618
         }
     }

templates/module/aspnet-core/host/MyCompanyName.MyProjectName.HttpApi.Host/Migrations/20200928072851_Initial.cs → templates/module/aspnet-core/host/MyCompanyName.MyProjectName.HttpApi.Host/Migrations/20201019021119_Initial.cs

@@ -11,28 +11,28 @@ namespace MyCompanyName.MyProjectName.Migrations
                 name: "AbpAuditLogs",
                 columns: table => new
                 {
-                    Id = table.Column<Guid>(nullable: false),
-                    ExtraProperties = table.Column<string>(nullable: true),
-                    ConcurrencyStamp = table.Column<string>(maxLength: 40, nullable: true),
-                    ApplicationName = table.Column<string>(maxLength: 96, nullable: true),
-                    UserId = table.Column<Guid>(nullable: true),
-                    UserName = table.Column<string>(maxLength: 256, nullable: true),
-                    TenantId = table.Column<Guid>(nullable: true),
-                    TenantName = table.Column<string>(nullable: true),
-                    ImpersonatorUserId = table.Column<Guid>(nullable: true),
-                    ImpersonatorTenantId = table.Column<Guid>(nullable: true),
-                    ExecutionTime = table.Column<DateTime>(nullable: false),
-                    ExecutionDuration = table.Column<int>(nullable: false),
-                    ClientIpAddress = table.Column<string>(maxLength: 64, nullable: true),
-                    ClientName = table.Column<string>(maxLength: 128, nullable: true),
-                    ClientId = table.Column<string>(maxLength: 64, nullable: true),
-                    CorrelationId = table.Column<string>(maxLength: 64, nullable: true),
-                    BrowserInfo = table.Column<string>(maxLength: 512, nullable: true),
-                    HttpMethod = table.Column<string>(maxLength: 16, nullable: true),
-                    Url = table.Column<string>(maxLength: 256, nullable: true),
-                    Exceptions = table.Column<string>(maxLength: 4000, nullable: true),
-                    Comments = table.Column<string>(maxLength: 256, nullable: true),
-                    HttpStatusCode = table.Column<int>(nullable: true)
+                    Id = table.Column<Guid>(type: "uniqueidentifier", nullable: false),
+                    ApplicationName = table.Column<string>(type: "nvarchar(96)", maxLength: 96, nullable: true),
+                    UserId = table.Column<Guid>(type: "uniqueidentifier", nullable: true),
+                    UserName = table.Column<string>(type: "nvarchar(256)", maxLength: 256, nullable: true),
+                    TenantId = table.Column<Guid>(type: "uniqueidentifier", nullable: true),
+                    TenantName = table.Column<string>(type: "nvarchar(max)", nullable: true),
+                    ImpersonatorUserId = table.Column<Guid>(type: "uniqueidentifier", nullable: true),
+                    ImpersonatorTenantId = table.Column<Guid>(type: "uniqueidentifier", nullable: true),
+                    ExecutionTime = table.Column<DateTime>(type: "datetime2", nullable: false),
+                    ExecutionDuration = table.Column<int>(type: "int", nullable: false),
+                    ClientIpAddress = table.Column<string>(type: "nvarchar(64)", maxLength: 64, nullable: true),
+                    ClientName = table.Column<string>(type: "nvarchar(128)", maxLength: 128, nullable: true),
+                    ClientId = table.Column<string>(type: "nvarchar(64)", maxLength: 64, nullable: true),
+                    CorrelationId = table.Column<string>(type: "nvarchar(64)", maxLength: 64, nullable: true),
+                    BrowserInfo = table.Column<string>(type: "nvarchar(512)", maxLength: 512, nullable: true),
+                    HttpMethod = table.Column<string>(type: "nvarchar(16)", maxLength: 16, nullable: true),
+                    Url = table.Column<string>(type: "nvarchar(256)", maxLength: 256, nullable: true),
+                    Exceptions = table.Column<string>(type: "nvarchar(4000)", maxLength: 4000, nullable: true),
+                    Comments = table.Column<string>(type: "nvarchar(256)", maxLength: 256, nullable: true),
+                    HttpStatusCode = table.Column<int>(type: "int", nullable: true),
+                    ExtraProperties = table.Column<string>(type: "nvarchar(max)", nullable: true),
+                    ConcurrencyStamp = table.Column<string>(type: "nvarchar(40)", maxLength: 40, nullable: true)
                 },
                 constraints: table =>
                 {
@@ -43,11 +43,11 @@ namespace MyCompanyName.MyProjectName.Migrations
                 name: "AbpPermissionGrants",
                 columns: table => new
                 {
-                    Id = table.Column<Guid>(nullable: false),
-                    TenantId = table.Column<Guid>(nullable: true),
-                    Name = table.Column<string>(maxLength: 128, nullable: false),
-                    ProviderName = table.Column<string>(maxLength: 64, nullable: false),
-                    ProviderKey = table.Column<string>(maxLength: 64, nullable: false)
+                    Id = table.Column<Guid>(type: "uniqueidentifier", nullable: false),
+                    TenantId = table.Column<Guid>(type: "uniqueidentifier", nullable: true),
+                    Name = table.Column<string>(type: "nvarchar(128)", maxLength: 128, nullable: false),
+                    ProviderName = table.Column<string>(type: "nvarchar(64)", maxLength: 64, nullable: false),
+                    ProviderKey = table.Column<string>(type: "nvarchar(64)", maxLength: 64, nullable: false)
                 },
                 constraints: table =>
                 {
@@ -58,11 +58,11 @@ namespace MyCompanyName.MyProjectName.Migrations
                 name: "AbpSettings",
                 columns: table => new
                 {
-                    Id = table.Column<Guid>(nullable: false),
-                    Name = table.Column<string>(maxLength: 128, nullable: false),
-                    Value = table.Column<string>(maxLength: 2048, nullable: false),
-                    ProviderName = table.Column<string>(maxLength: 64, nullable: true),
-                    ProviderKey = table.Column<string>(maxLength: 64, nullable: true)
+                    Id = table.Column<Guid>(type: "uniqueidentifier", nullable: false),
+                    Name = table.Column<string>(type: "nvarchar(128)", maxLength: 128, nullable: false),
+                    Value = table.Column<string>(type: "nvarchar(2048)", maxLength: 2048, nullable: false),
+                    ProviderName = table.Column<string>(type: "nvarchar(64)", maxLength: 64, nullable: true),
+                    ProviderKey = table.Column<string>(type: "nvarchar(64)", maxLength: 64, nullable: true)
                 },
                 constraints: table =>
                 {
@@ -73,15 +73,15 @@ namespace MyCompanyName.MyProjectName.Migrations
                 name: "AbpAuditLogActions",
                 columns: table => new
                 {
-                    Id = table.Column<Guid>(nullable: false),
-                    TenantId = table.Column<Guid>(nullable: true),
-                    AuditLogId = table.Column<Guid>(nullable: false),
-                    ServiceName = table.Column<string>(maxLength: 256, nullable: true),
-                    MethodName = table.Column<string>(maxLength: 128, nullable: true),
-                    Parameters = table.Column<string>(maxLength: 2000, nullable: true),
-                    ExecutionTime = table.Column<DateTime>(nullable: false),
-                    ExecutionDuration = table.Column<int>(nullable: false),
-                    ExtraProperties = table.Column<string>(nullable: true)
+                    Id = table.Column<Guid>(type: "uniqueidentifier", nullable: false),
+                    TenantId = table.Column<Guid>(type: "uniqueidentifier", nullable: true),
+                    AuditLogId = table.Column<Guid>(type: "uniqueidentifier", nullable: false),
+                    ServiceName = table.Column<string>(type: "nvarchar(256)", maxLength: 256, nullable: true),
+                    MethodName = table.Column<string>(type: "nvarchar(128)", maxLength: 128, nullable: true),
+                    Parameters = table.Column<string>(type: "nvarchar(2000)", maxLength: 2000, nullable: true),
+                    ExecutionTime = table.Column<DateTime>(type: "datetime2", nullable: false),
+                    ExecutionDuration = table.Column<int>(type: "int", nullable: false),
+                    ExtraProperties = table.Column<string>(type: "nvarchar(max)", nullable: true)
                 },
                 constraints: table =>
                 {
@@ -98,15 +98,15 @@ namespace MyCompanyName.MyProjectName.Migrations
                 name: "AbpEntityChanges",
                 columns: table => new
                 {
-                    Id = table.Column<Guid>(nullable: false),
-                    AuditLogId = table.Column<Guid>(nullable: false),
-                    TenantId = table.Column<Guid>(nullable: true),
-                    ChangeTime = table.Column<DateTime>(nullable: false),
-                    ChangeType = table.Column<byte>(nullable: false),
-                    EntityTenantId = table.Column<Guid>(nullable: true),
-                    EntityId = table.Column<string>(maxLength: 128, nullable: false),
-                    EntityTypeFullName = table.Column<string>(maxLength: 128, nullable: false),
-                    ExtraProperties = table.Column<string>(nullable: true)
+                    Id = table.Column<Guid>(type: "uniqueidentifier", nullable: false),
+                    AuditLogId = table.Column<Guid>(type: "uniqueidentifier", nullable: false),
+                    TenantId = table.Column<Guid>(type: "uniqueidentifier", nullable: true),
+                    ChangeTime = table.Column<DateTime>(type: "datetime2", nullable: false),
+                    ChangeType = table.Column<byte>(type: "tinyint", nullable: false),
+                    EntityTenantId = table.Column<Guid>(type: "uniqueidentifier", nullable: true),
+                    EntityId = table.Column<string>(type: "nvarchar(128)", maxLength: 128, nullable: false),
+                    EntityTypeFullName = table.Column<string>(type: "nvarchar(128)", maxLength: 128, nullable: false),
+                    ExtraProperties = table.Column<string>(type: "nvarchar(max)", nullable: true)
                 },
                 constraints: table =>
                 {
@@ -123,13 +123,13 @@ namespace MyCompanyName.MyProjectName.Migrations
                 name: "AbpEntityPropertyChanges",
                 columns: table => new
                 {
-                    Id = table.Column<Guid>(nullable: false),
-                    TenantId = table.Column<Guid>(nullable: true),
-                    EntityChangeId = table.Column<Guid>(nullable: false),
-                    NewValue = table.Column<string>(maxLength: 512, nullable: true),
-                    OriginalValue = table.Column<string>(maxLength: 512, nullable: true),
-                    PropertyName = table.Column<string>(maxLength: 128, nullable: false),
-                    PropertyTypeFullName = table.Column<string>(maxLength: 64, nullable: false)
+                    Id = table.Column<Guid>(type: "uniqueidentifier", nullable: false),
+                    TenantId = table.Column<Guid>(type: "uniqueidentifier", nullable: true),
+                    EntityChangeId = table.Column<Guid>(type: "uniqueidentifier", nullable: false),
+                    NewValue = table.Column<string>(type: "nvarchar(512)", maxLength: 512, nullable: true),
+                    OriginalValue = table.Column<string>(type: "nvarchar(512)", maxLength: 512, nullable: true),
+                    PropertyName = table.Column<string>(type: "nvarchar(128)", maxLength: 128, nullable: false),
+                    PropertyTypeFullName = table.Column<string>(type: "nvarchar(64)", maxLength: 64, nullable: false)
                 },
                 constraints: table =>
                 {

templates/module/aspnet-core/host/MyCompanyName.MyProjectName.HttpApi.Host/Migrations/MyProjectNameHttpApiHostMigrationsDbContextModelSnapshot.cs

@@ -16,10 +16,10 @@ namespace MyCompanyName.MyProjectName.Migrations
         {
 #pragma warning disable 612, 618
             modelBuilder
+                .UseIdentityColumns()
                 .HasAnnotation("_Abp_DatabaseProvider", EfCoreDatabaseProvider.SqlServer)
-                .HasAnnotation("ProductVersion", "3.1.6")
                 .HasAnnotation("Relational:MaxIdentifierLength", 128)
-                .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn);
+                .HasAnnotation("ProductVersion", "5.0.0-rc.2.20475.6");
 
             modelBuilder.Entity("Volo.Abp.AuditLogging.AuditLog", b =>
                 {
@@ -28,99 +28,99 @@ namespace MyCompanyName.MyProjectName.Migrations
                         .HasColumnType("uniqueidentifier");
 
                     b.Property<string>("ApplicationName")
-                        .HasColumnName("ApplicationName")
+                        .HasMaxLength(96)
                         .HasColumnType("nvarchar(96)")
-                        .HasMaxLength(96);
+                        .HasColumnName("ApplicationName");
 
                     b.Property<string>("BrowserInfo")
-                        .HasColumnName("BrowserInfo")
+                        .HasMaxLength(512)
                         .HasColumnType("nvarchar(512)")
-                        .HasMaxLength(512);
+                        .HasColumnName("BrowserInfo");
 
                     b.Property<string>("ClientId")
-                        .HasColumnName("ClientId")
+                        .HasMaxLength(64)
                         .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasColumnName("ClientId");
 
                     b.Property<string>("ClientIpAddress")
-                        .HasColumnName("ClientIpAddress")
+                        .HasMaxLength(64)
                         .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasColumnName("ClientIpAddress");
 
                     b.Property<string>("ClientName")
-                        .HasColumnName("ClientName")
+                        .HasMaxLength(128)
                         .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasColumnName("ClientName");
 
                     b.Property<string>("Comments")
-                        .HasColumnName("Comments")
+                        .HasMaxLength(256)
                         .HasColumnType("nvarchar(256)")
-                        .HasMaxLength(256);
+                        .HasColumnName("Comments");
 
                     b.Property<string>("ConcurrencyStamp")
                         .IsConcurrencyToken()
-                        .HasColumnName("ConcurrencyStamp")
+                        .HasMaxLength(40)
                         .HasColumnType("nvarchar(40)")
-                        .HasMaxLength(40);
+                        .HasColumnName("ConcurrencyStamp");
 
                     b.Property<string>("CorrelationId")
-                        .HasColumnName("CorrelationId")
+                        .HasMaxLength(64)
                         .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasColumnName("CorrelationId");
 
                     b.Property<string>("Exceptions")
-                        .HasColumnName("Exceptions")
+                        .HasMaxLength(4000)
                         .HasColumnType("nvarchar(4000)")
-                        .HasMaxLength(4000);
+                        .HasColumnName("Exceptions");
 
                     b.Property<int>("ExecutionDuration")
-                        .HasColumnName("ExecutionDuration")
-                        .HasColumnType("int");
+                        .HasColumnType("int")
+                        .HasColumnName("ExecutionDuration");
 
                     b.Property<DateTime>("ExecutionTime")
                         .HasColumnType("datetime2");
 
                     b.Property<string>("ExtraProperties")
-                        .HasColumnName("ExtraProperties")
-                        .HasColumnType("nvarchar(max)");
+                        .HasColumnType("nvarchar(max)")
+                        .HasColumnName("ExtraProperties");
 
                     b.Property<string>("HttpMethod")
-                        .HasColumnName("HttpMethod")
+                        .HasMaxLength(16)
                         .HasColumnType("nvarchar(16)")
-                        .HasMaxLength(16);
+                        .HasColumnName("HttpMethod");
 
                     b.Property<int?>("HttpStatusCode")
-                        .HasColumnName("HttpStatusCode")
-                        .HasColumnType("int");
+                        .HasColumnType("int")
+                        .HasColumnName("HttpStatusCode");
 
                     b.Property<Guid?>("ImpersonatorTenantId")
-                        .HasColumnName("ImpersonatorTenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("ImpersonatorTenantId");
 
                     b.Property<Guid?>("ImpersonatorUserId")
-                        .HasColumnName("ImpersonatorUserId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("ImpersonatorUserId");
 
                     b.Property<Guid?>("TenantId")
-                        .HasColumnName("TenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("TenantId");
 
                     b.Property<string>("TenantName")
                         .HasColumnType("nvarchar(max)");
 
                     b.Property<string>("Url")
-                        .HasColumnName("Url")
+                        .HasMaxLength(256)
                         .HasColumnType("nvarchar(256)")
-                        .HasMaxLength(256);
+                        .HasColumnName("Url");
 
                     b.Property<Guid?>("UserId")
-                        .HasColumnName("UserId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("UserId");
 
                     b.Property<string>("UserName")
-                        .HasColumnName("UserName")
+                        .HasMaxLength(256)
                         .HasColumnType("nvarchar(256)")
-                        .HasMaxLength(256);
+                        .HasColumnName("UserName");
 
                     b.HasKey("Id");
 
@@ -138,39 +138,39 @@ namespace MyCompanyName.MyProjectName.Migrations
                         .HasColumnType("uniqueidentifier");
 
                     b.Property<Guid>("AuditLogId")
-                        .HasColumnName("AuditLogId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("AuditLogId");
 
                     b.Property<int>("ExecutionDuration")
-                        .HasColumnName("ExecutionDuration")
-                        .HasColumnType("int");
+                        .HasColumnType("int")
+                        .HasColumnName("ExecutionDuration");
 
                     b.Property<DateTime>("ExecutionTime")
-                        .HasColumnName("ExecutionTime")
-                        .HasColumnType("datetime2");
+                        .HasColumnType("datetime2")
+                        .HasColumnName("ExecutionTime");
 
                     b.Property<string>("ExtraProperties")
-                        .HasColumnName("ExtraProperties")
-                        .HasColumnType("nvarchar(max)");
+                        .HasColumnType("nvarchar(max)")
+                        .HasColumnName("ExtraProperties");
 
                     b.Property<string>("MethodName")
-                        .HasColumnName("MethodName")
+                        .HasMaxLength(128)
                         .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasColumnName("MethodName");
 
                     b.Property<string>("Parameters")
-                        .HasColumnName("Parameters")
+                        .HasMaxLength(2000)
                         .HasColumnType("nvarchar(2000)")
-                        .HasMaxLength(2000);
+                        .HasColumnName("Parameters");
 
                     b.Property<string>("ServiceName")
-                        .HasColumnName("ServiceName")
+                        .HasMaxLength(256)
                         .HasColumnType("nvarchar(256)")
-                        .HasMaxLength(256);
+                        .HasColumnName("ServiceName");
 
                     b.Property<Guid?>("TenantId")
-                        .HasColumnName("TenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("TenantId");
 
                     b.HasKey("Id");
 
@@ -188,39 +188,39 @@ namespace MyCompanyName.MyProjectName.Migrations
                         .HasColumnType("uniqueidentifier");
 
                     b.Property<Guid>("AuditLogId")
-                        .HasColumnName("AuditLogId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("AuditLogId");
 
                     b.Property<DateTime>("ChangeTime")
-                        .HasColumnName("ChangeTime")
-                        .HasColumnType("datetime2");
+                        .HasColumnType("datetime2")
+                        .HasColumnName("ChangeTime");
 
                     b.Property<byte>("ChangeType")
-                        .HasColumnName("ChangeType")
-                        .HasColumnType("tinyint");
+                        .HasColumnType("tinyint")
+                        .HasColumnName("ChangeType");
 
                     b.Property<string>("EntityId")
                         .IsRequired()
-                        .HasColumnName("EntityId")
+                        .HasMaxLength(128)
                         .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasColumnName("EntityId");
 
                     b.Property<Guid?>("EntityTenantId")
                         .HasColumnType("uniqueidentifier");
 
                     b.Property<string>("EntityTypeFullName")
                         .IsRequired()
-                        .HasColumnName("EntityTypeFullName")
+                        .HasMaxLength(128)
                         .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasColumnName("EntityTypeFullName");
 
                     b.Property<string>("ExtraProperties")
-                        .HasColumnName("ExtraProperties")
-                        .HasColumnType("nvarchar(max)");
+                        .HasColumnType("nvarchar(max)")
+                        .HasColumnName("ExtraProperties");
 
                     b.Property<Guid?>("TenantId")
-                        .HasColumnName("TenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("TenantId");
 
                     b.HasKey("Id");
 
@@ -241,30 +241,30 @@ namespace MyCompanyName.MyProjectName.Migrations
                         .HasColumnType("uniqueidentifier");
 
                     b.Property<string>("NewValue")
-                        .HasColumnName("NewValue")
+                        .HasMaxLength(512)
                         .HasColumnType("nvarchar(512)")
-                        .HasMaxLength(512);
+                        .HasColumnName("NewValue");
 
                     b.Property<string>("OriginalValue")
-                        .HasColumnName("OriginalValue")
+                        .HasMaxLength(512)
                         .HasColumnType("nvarchar(512)")
-                        .HasMaxLength(512);
+                        .HasColumnName("OriginalValue");
 
                     b.Property<string>("PropertyName")
                         .IsRequired()
-                        .HasColumnName("PropertyName")
+                        .HasMaxLength(128)
                         .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasColumnName("PropertyName");
 
                     b.Property<string>("PropertyTypeFullName")
                         .IsRequired()
-                        .HasColumnName("PropertyTypeFullName")
+                        .HasMaxLength(64)
                         .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasColumnName("PropertyTypeFullName");
 
                     b.Property<Guid?>("TenantId")
-                        .HasColumnName("TenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("TenantId");
 
                     b.HasKey("Id");
 
@@ -281,22 +281,22 @@ namespace MyCompanyName.MyProjectName.Migrations
 
                     b.Property<string>("Name")
                         .IsRequired()
-                        .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasMaxLength(128)
+                        .HasColumnType("nvarchar(128)");
 
                     b.Property<string>("ProviderKey")
                         .IsRequired()
-                        .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasMaxLength(64)
+                        .HasColumnType("nvarchar(64)");
 
                     b.Property<string>("ProviderName")
                         .IsRequired()
-                        .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasMaxLength(64)
+                        .HasColumnType("nvarchar(64)");
 
                     b.Property<Guid?>("TenantId")
-                        .HasColumnName("TenantId")
-                        .HasColumnType("uniqueidentifier");
+                        .HasColumnType("uniqueidentifier")
+                        .HasColumnName("TenantId");
 
                     b.HasKey("Id");
 
@@ -313,21 +313,21 @@ namespace MyCompanyName.MyProjectName.Migrations
 
                     b.Property<string>("Name")
                         .IsRequired()
-                        .HasColumnType("nvarchar(128)")
-                        .HasMaxLength(128);
+                        .HasMaxLength(128)
+                        .HasColumnType("nvarchar(128)");
 
                     b.Property<string>("ProviderKey")
-                        .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasMaxLength(64)
+                        .HasColumnType("nvarchar(64)");
 
                     b.Property<string>("ProviderName")
-                        .HasColumnType("nvarchar(64)")
-                        .HasMaxLength(64);
+                        .HasMaxLength(64)
+                        .HasColumnType("nvarchar(64)");
 
                     b.Property<string>("Value")
                         .IsRequired()
-                        .HasColumnType("nvarchar(2048)")
-                        .HasMaxLength(2048);
+                        .HasMaxLength(2048)
+                        .HasColumnType("nvarchar(2048)");
 
                     b.HasKey("Id");
 
@@ -362,6 +362,18 @@ namespace MyCompanyName.MyProjectName.Migrations
                         .OnDelete(DeleteBehavior.Cascade)
                         .IsRequired();
                 });
+
+            modelBuilder.Entity("Volo.Abp.AuditLogging.AuditLog", b =>
+                {
+                    b.Navigation("Actions");
+
+                    b.Navigation("EntityChanges");
+                });
+
+            modelBuilder.Entity("Volo.Abp.AuditLogging.EntityChange", b =>
+                {
+                    b.Navigation("PropertyChanges");
+                });
 #pragma warning restore 612, 618
         }
     }

templates/module/aspnet-core/host/MyCompanyName.MyProjectName.IdentityServer/IdentityServer/IdentityServerDataSeedContributor.cs

@@ -7,12 +7,14 @@ using Volo.Abp.Authorization.Permissions;
 using Volo.Abp.Data;
 using Volo.Abp.DependencyInjection;
 using Volo.Abp.Guids;
+using Volo.Abp.IdentityServer.ApiScopes;
 using Volo.Abp.IdentityServer.ApiResources;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.IdentityResources;
 using Volo.Abp.PermissionManagement;
 using Volo.Abp.Uow;
 using ApiResource = Volo.Abp.IdentityServer.ApiResources.ApiResource;
+using ApiScope = Volo.Abp.IdentityServer.ApiScopes.ApiScope;
 using Client = Volo.Abp.IdentityServer.Clients.Client;
 
 namespace MyCompanyName.MyProjectName.IdentityServer
@@ -20,6 +22,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
     public class IdentityServerDataSeedContributor : IDataSeedContributor, ITransientDependency
     {
         private readonly IApiResourceRepository _apiResourceRepository;
+        private readonly IApiScopeRepository _apiScopeRepository;
         private readonly IClientRepository _clientRepository;
         private readonly IIdentityResourceDataSeeder _identityResourceDataSeeder;
         private readonly IGuidGenerator _guidGenerator;
@@ -29,6 +32,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
         public IdentityServerDataSeedContributor(
             IClientRepository clientRepository,
             IApiResourceRepository apiResourceRepository,
+            IApiScopeRepository apiScopeRepository,
             IIdentityResourceDataSeeder identityResourceDataSeeder,
             IGuidGenerator guidGenerator,
             IPermissionDataSeeder permissionDataSeeder,
@@ -36,6 +40,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
         {
             _clientRepository = clientRepository;
             _apiResourceRepository = apiResourceRepository;
+            _apiScopeRepository = apiScopeRepository;
             _identityResourceDataSeeder = identityResourceDataSeeder;
             _guidGenerator = guidGenerator;
             _permissionDataSeeder = permissionDataSeeder;
@@ -47,6 +52,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
         {
             await _identityResourceDataSeeder.CreateStandardResourcesAsync();
             await CreateApiResourcesAsync();
+            await CreateApiScopeAsync();
             await CreateClientsAsync();
         }
 
@@ -91,10 +97,17 @@ namespace MyCompanyName.MyProjectName.IdentityServer
             return await _apiResourceRepository.UpdateAsync(apiResource);
         }
 
-        private async Task CreateClientsAsync()
+        private async Task CreateApiScopeAsync()
         {
-            const string commonSecret = "E5Xd4yMqjP5kjWFKrYgySBju6JVfCzMyFp7n2QmMrME=";
+            var apiScope = await _apiScopeRepository.GetByNameAsync("MyProjectName");
+            if (apiScope == null)
+            {
+                await _apiScopeRepository.InsertAsync(new ApiScope(_guidGenerator.Create(), "MyProjectName", "MyProjectName API"), autoSave: true);
+            }
+        }
 
+        private async Task CreateClientsAsync()
+        {
             var commonScopes = new[]
             {
                 "email",
@@ -103,6 +116,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
                 "role",
                 "phone",
                 "address",
+
                 "MyProjectName"
             };
 
@@ -113,13 +127,18 @@ namespace MyCompanyName.MyProjectName.IdentityServer
             if (!webClientId.IsNullOrWhiteSpace())
             {
                 var webClientRootUrl = configurationSection["MyProjectName_Web:RootUrl"].EnsureEndsWith('/');
+
+                /* MyProjectName_Web client is only needed if you created a tiered
+                 * solution. Otherwise, you can delete this client. */
+
                 await CreateClientAsync(
-                    webClientId,
-                    commonScopes,
-                    new[] { "hybrid" },
-                    commonSecret,
+                    name: webClientId,
+                    scopes: commonScopes,
+                    grantTypes: new[] {"hybrid"},
+                    secret: (configurationSection["MyProjectName_Web:ClientSecret"] ?? "1q2w3e*").Sha256(),
                     redirectUri: $"{webClientRootUrl}signin-oidc",
-                    postLogoutRedirectUri: $"{webClientRootUrl}signout-callback-oidc"
+                    postLogoutRedirectUri: $"{webClientRootUrl}signout-callback-oidc",
+                    frontChannelLogoutUri: $"{webClientRootUrl}Account/FrontChannelLogout"
                 );
             }
 
@@ -128,10 +147,10 @@ namespace MyCompanyName.MyProjectName.IdentityServer
             if (!consoleClientId.IsNullOrWhiteSpace())
             {
                 await CreateClientAsync(
-                    consoleClientId,
-                    commonScopes,
-                    new[] { "password", "client_credentials" },
-                    commonSecret
+                    name: consoleClientId,
+                    scopes: commonScopes,
+                    grantTypes: new[] {"password", "client_credentials"},
+                    secret: (configurationSection["MyProjectName_ConsoleTestApp:ClientSecret"] ?? "1q2w3e*").Sha256()
                 );
             }
             
@@ -167,7 +186,7 @@ namespace MyCompanyName.MyProjectName.IdentityServer
             bool requirePkce = false,
             IEnumerable<string> permissions = null)
         {
-            var client = await _clientRepository.FindByCliendIdAsync(name);
+            var client = await _clientRepository.FindByClientIdAsync(name);
             if (client == null)
             {
                 client = await _clientRepository.InsertAsync(