mirror of https://github.com/abpframework/abp
Merge pull request #13403 from abpframework/Migration-Identity-Server-to-OpenIddict-Guides
Migration Identity Server to OpenIddict Guides.pull/13446/head
liangshiwei
3 years ago
committed by
GitHub
commit
8b0fcb072f
@ -0,0 +1,76 @@
|
||||
# Migration Identity Server to OpenIddict Guides
|
||||
|
||||
The startup template will use `OpenIddict` as the auth server by default since version 6.x.
|
||||
|
||||
We are not removing IDS packages and will continue to release new versions of IDS related Nuget/NPM packages. That means you won't have an issue while upgrading to v6.0 (when it is released). We will continue to fix bugs in our packages for a while. ABP 7.0 will be based on .NET 7. If IDS continue to work with .NET 7, we will continue to ship nuget packages for our IDS integration.
|
||||
|
||||
BTW, IDS itself is canceling support for the open source IDS in the end of this year. They are moved to Duende IDS you know. We won't migrate to Duende IDS.
|
||||
|
||||
## Steps
|
||||
|
||||
* Update all `Volo's` packages to `6.x`.
|
||||
* Replace all `Volo's` `IdentityServer.*` packages with corresponding `OpenIddict.*` packages. eg `Volo.Abp.IdentityServer.Domain` to `Volo.Abp.OpenIddict.Domain`, `Volo.Abp.Account.Web.IdentityServer` to `Volo.Abp.Account.Web.OpenIddict`.
|
||||
* Replace all `IdentityServer` modules with corresponding `OpenIddict` modules. eg `AbpIdentityServerDomainModule` to `AbpOpenIddictDomainModule`, `AbpAccountWebIdentityServerModule` to `AbpAccountWebOpenIddictModule`.
|
||||
* Rename the `ConfigureIdentityServer` to `ConfigureOpenIddict` in your `ProjectNameDbContext` class.
|
||||
* Remove the `UseIdentityServer` and add `UseAbpOpenIddictValidation` after `UseAuthentication`.
|
||||
* Add follow code to your startup module.
|
||||
```cs
|
||||
public override void PreConfigureServices(ServiceConfigurationContext context)
|
||||
{
|
||||
PreConfigure<OpenIddictBuilder>(builder =>
|
||||
{
|
||||
builder.AddValidation(options =>
|
||||
{
|
||||
options.AddAudiences("ProjectName"); // Change ProjectName to your project name.
|
||||
options.UseLocalServer();
|
||||
options.UseAspNetCore();
|
||||
});
|
||||
});
|
||||
}
|
||||
```
|
||||
* If your project is not separate AuthServer please also add `ForwardIdentityAuthenticationForBearer`
|
||||
```cs
|
||||
private void ConfigureAuthentication(ServiceConfigurationContext context)
|
||||
{
|
||||
context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
|
||||
}
|
||||
```
|
||||
* Remove the `IdentityServerDataSeedContributor` from the `Domain` project.
|
||||
* Create a new version of the project, with the same name as your existing project.
|
||||
* Copy the `ProjectName.Domain\OpenIddict\OpenIddictDataSeedContributor.cs` of new project into your project and update `appsettings.json` base on `ProjectName.DbMigrator\appsettings.json`, Be careful to change the port number.
|
||||
* Copy the `Index.cshtml.cs` and `Index.cs` of new project to your project if you're using `IClientRepository` in `IndexModel`.
|
||||
* Update the scope name from `role` to `roles` in `AddAbpOpenIdConnect` method.
|
||||
* Remove `options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);` from `HttpApi.Host` project.
|
||||
* AuthServer no longer requires `JWT bearer authentication`. Please remove it. eg `AddJwtBearer` and `UseJwtTokenMiddleware`.
|
||||
* Try compiling the project in the IDE and following the errors to remove and reference the code and namespaces.
|
||||
* Add migrations and update the database if you are using EF Core as the database provider.
|
||||
|
||||
## Module packages
|
||||
### Open source side
|
||||
* Volo.Abp.OpenIddict.Domain (`AbpOpenIddictDomainModule`)
|
||||
* Volo.Abp.OpenIddict.Domain.Shared (`AbpOpenIddictDomainSharedModule`)
|
||||
* Volo.Abp.OpenIddict.EntityFrameworkCore (`AbpOpenIddictEntityFrameworkCoreModule`)
|
||||
* Volo.Abp.OpenIddict.AspNetCore (`AbpOpenIddictAspNetCoreModule`)
|
||||
* Volo.Abp.OpenIddict.MongoDB (`AbpOpenIddictMongoDbModule`)
|
||||
* Volo.Abp.Account.Web.OpenIddict (`AbpAccountWebOpenIddictModule`)
|
||||
* Volo.Abp.PermissionManagement.Domain.OpenIddict (`AbpPermissionManagementDomainOpenIddictModule`)
|
||||
|
||||
### Commercial side
|
||||
* Volo.Abp.OpenIddict.Pro.Application.Contracts (`AbpOpenIddictProApplicationContractsModule`)
|
||||
* Volo.Abp.OpenIddict.Pro.Application (`AbpOpenIddictProApplicationModule`)
|
||||
* Volo.Abp.OpenIddict.Pro.HttpApi.Client (`AbpOpenIddictProHttpApiClientModule`)
|
||||
* Volo.Abp.OpenIddict.Pro.HttpApi (`AbpOpenIddictProHttpApiModule`)
|
||||
* Volo.Abp.OpenIddict.Pro.Blazor(`AbpOpenIddictProBlazorModule`)
|
||||
* Volo.Abp.OpenIddict.Pro.Blazor.Server (`AbpOpenIddictProBlazorServerModule`)
|
||||
* Volo.Abp.OpenIddict.Pro.Blazor.WebAssembly (`AbpOpenIddictProBlazorWebAssemblyModule`)
|
||||
* Volo.Abp.OpenIddict.Pro.Web (`AbpOpenIddictProWebModule`)
|
||||
|
||||
## Source code of samples and module
|
||||
|
||||
[Open source tiered & separate auth server application migrate Identity Server to OpenIddct](https://github.com/abpframework/abp-samples/tree/master/Ids2OpenId)
|
||||
|
||||
[Commercial tiered & separate auth server application migrate Identity Server to OpenIddct](https://abp.io/Account/Login?returnUrl=/api/download/samples/Ids2OpenId)
|
||||
|
||||
[OpenIddict module document](https://docs.abp.io/en/abp/6.0/Modules/OpenIddict)
|
||||
|
||||
[OpenIddict module source code](https://github.com/abpframework/abp/tree/rel-6.0/modules/openiddict)
|
||||
Loading…
Reference in new issue