OpenIddict aims at providing a **simple and easy-to-use solution** to implement an **OpenID Connect server in any ASP.NET Core application**.
OpenIddict aims at providing a **simple and easy-to-use solution** to implement an **OpenID Connect server in any ASP.NET Core 1.x or 2.x application**.
OpenIddict is based on
**[AspNet.Security.OpenIdConnect.Server (codenamed ASOS)](https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server)** to control the OpenID Connect authentication flow and can be used with any membership stack, **including [ASP.NET Core Identity](https://github.com/aspnet/Identity)**.
@ -16,6 +15,9 @@ OpenIddict fully supports the **[code/implicit/hybrid flows](http://openid.net/s
Note: OpenIddict uses **[Entity Framework Core](https://github.com/aspnet/EntityFramework)** by default, but you can also provide your own store.
> Note: **the OpenIddict 2.x packages are only compatible with ASP.NET Core 2.x**.
> If your application targets ASP.NET Core 1.x, use the OpenIddict 1.x packages.
### Why an OpenID Connect server?
Adding an OpenID Connect server to your application **allows you to support token authentication**.
@ -27,11 +29,13 @@ with the power to control who can access your API and the information that is ex
**[Specialized samples can be found in the samples repository](https://github.com/openiddict/openiddict-samples):**
> **Samples for ASP.NET Core 1.x can be found [in the master branch of the samples repository](https://github.com/openiddict/openiddict-samples/tree/master)**.
--------------
@ -39,7 +43,7 @@ with the power to control who can access your API and the information that is ex
To use OpenIddict, you need to:
- **Install the latest [.NET Core tooling](https://www.microsoft.com/net/download) and update your packages to reference the ASP.NET Core RTM packages**.
- **Install the latest [.NET Core 2.x tooling](https://www.microsoft.com/net/download) and update your packages to reference the ASP.NET Core 2.x packages**.
- **Have an existing project or create a new one**: when creating a new project using Visual Studio's default ASP.NET Core template, using **individual user accounts authentication** is strongly recommended. When updating an existing project, you must provide your own `AccountController` to handle the registration process and the authentication flow.
@ -58,10 +62,10 @@ To use OpenIddict, you need to:
- **Update your `.csproj` file** to reference `AspNet.Security.OAuth.Validation` and the `OpenIddict` packages:
- **Configure the OpenIddict services** in `Startup.ConfigureServices`:
@ -87,6 +91,10 @@ public void ConfigureServices(IServiceCollection services)
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
// Register the OAuth2 validation handler.
services.AddAuthentication()
.AddOAuthValidation();
// Register the OpenIddict services.
// Note: use the generic overload if you need
// to replace the default OpenIddict entities.
@ -116,22 +124,17 @@ public void ConfigureServices(IServiceCollection services)
[Configuration and options](https://github.com/openiddict/core/wiki/Configuration-and-options)
in the project wiki.
- **Add OpenIddict and the OAuth2 token validation middleware in your ASP.NET Core pipeline** by calling `app.UseOAuthValidation()` and `app.UseOpenIddict()` after `app.UseIdentity()` and before`app.UseMvc()`:
- **Make sure the authentication middleware is registered before all the other middleware, including`app.UseMvc()`:
```csharp
public void Configure(IApplicationBuilder app) {
app.UseIdentity();
app.UseOAuthValidation();
app.UseOpenIddict();
public void Configure(IApplicationBuilder app)
{
app.UseAuthentication();
app.UseMvc();
}
```
> **Note:**`UseOpenIddict()` must be registered ***after*** `app.UseIdentity()` and the external social providers.
- **Update your Entity Framework context registration to register the OpenIddict entities**:
Kévin Chalet
9 years ago