tsai
/
abp
mirror of https://github.com/abpframework/abp.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Open Source Web Application Framework for ASP.NET Core
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
25067 Commits
250 Branches
285 Tags
2.0 GiB
 
 
 
 
 
 
Tree: 8b0fcb072f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8b0fcb072f'
${ noResults }
abp/docs/en/Migration-Guides/IdentityServer_To_OpenIddic...

4.8 KiB
Raw Blame History

Migration Identity Server to OpenIddict Guides

The startup template will use OpenIddict as the auth server by default since version 6.x.

We are not removing IDS packages and will continue to release new versions of IDS related Nuget/NPM packages. That means you won't have an issue while upgrading to v6.0 (when it is released). We will continue to fix bugs in our packages for a while. ABP 7.0 will be based on .NET 7. If IDS continue to work with .NET 7, we will continue to ship nuget packages for our IDS integration.

BTW, IDS itself is canceling support for the open source IDS in the end of this year. They are moved to Duende IDS you know. We won't migrate to Duende IDS.

Steps

  • Update all Volo's packages to 6.x.
  • Replace all Volo's IdentityServer.* packages with corresponding OpenIddict.* packages. eg Volo.Abp.IdentityServer.Domain to Volo.Abp.OpenIddict.Domain, Volo.Abp.Account.Web.IdentityServer to Volo.Abp.Account.Web.OpenIddict.
  • Replace all IdentityServer modules with corresponding OpenIddict modules. eg AbpIdentityServerDomainModule to AbpOpenIddictDomainModule, AbpAccountWebIdentityServerModule to AbpAccountWebOpenIddictModule.
  • Rename the ConfigureIdentityServer to ConfigureOpenIddict in your ProjectNameDbContext class.
  • Remove the UseIdentityServer and add UseAbpOpenIddictValidation after UseAuthentication.
  • Add follow code to your startup module.
public override void PreConfigureServices(ServiceConfigurationContext context)
{
    PreConfigure<OpenIddictBuilder>(builder =>
    {
        builder.AddValidation(options =>
        {
            options.AddAudiences("ProjectName"); // Change ProjectName to your project name.
            options.UseLocalServer();
            options.UseAspNetCore();
        });
    });
}
  • If your project is not separate AuthServer please also add ForwardIdentityAuthenticationForBearer
private void ConfigureAuthentication(ServiceConfigurationContext context)
{
    context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
}
  • Remove the IdentityServerDataSeedContributor from the Domain project.
  • Create a new version of the project, with the same name as your existing project.
  • Copy the ProjectName.Domain\OpenIddict\OpenIddictDataSeedContributor.cs of new project into your project and update appsettings.json base on ProjectName.DbMigrator\appsettings.json, Be careful to change the port number.
  • Copy the Index.cshtml.cs and Index.cs of new project to your project if you're using IClientRepository in IndexModel.
  • Update the scope name from role to roles in AddAbpOpenIdConnect method.
  • Remove options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]); from HttpApi.Host project.
  • AuthServer no longer requires JWT bearer authentication. Please remove it. eg AddJwtBearer and UseJwtTokenMiddleware.
  • Try compiling the project in the IDE and following the errors to remove and reference the code and namespaces.
  • Add migrations and update the database if you are using EF Core as the database provider.

Module packages

Open source side

  • Volo.Abp.OpenIddict.Domain (AbpOpenIddictDomainModule)
  • Volo.Abp.OpenIddict.Domain.Shared (AbpOpenIddictDomainSharedModule)
  • Volo.Abp.OpenIddict.EntityFrameworkCore (AbpOpenIddictEntityFrameworkCoreModule)
  • Volo.Abp.OpenIddict.AspNetCore (AbpOpenIddictAspNetCoreModule)
  • Volo.Abp.OpenIddict.MongoDB (AbpOpenIddictMongoDbModule)
  • Volo.Abp.Account.Web.OpenIddict (AbpAccountWebOpenIddictModule)
  • Volo.Abp.PermissionManagement.Domain.OpenIddict (AbpPermissionManagementDomainOpenIddictModule)

Commercial side

  • Volo.Abp.OpenIddict.Pro.Application.Contracts (AbpOpenIddictProApplicationContractsModule)
  • Volo.Abp.OpenIddict.Pro.Application (AbpOpenIddictProApplicationModule)
  • Volo.Abp.OpenIddict.Pro.HttpApi.Client (AbpOpenIddictProHttpApiClientModule)
  • Volo.Abp.OpenIddict.Pro.HttpApi (AbpOpenIddictProHttpApiModule)
  • Volo.Abp.OpenIddict.Pro.Blazor(AbpOpenIddictProBlazorModule)
  • Volo.Abp.OpenIddict.Pro.Blazor.Server (AbpOpenIddictProBlazorServerModule)
  • Volo.Abp.OpenIddict.Pro.Blazor.WebAssembly (AbpOpenIddictProBlazorWebAssemblyModule)
  • Volo.Abp.OpenIddict.Pro.Web (AbpOpenIddictProWebModule)

Source code of samples and module

Open source tiered & separate auth server application migrate Identity Server to OpenIddct

Commercial tiered & separate auth server application migrate Identity Server to OpenIddct

OpenIddict module document

OpenIddict module source code