OpenIddict MVC/Razor UI Migration Guide

Web Project (Non-Tiered Solution)

  • In MyApplication.Web.csproj replace project references:

    <PackageReference Include="Volo.Abp.AspNetCore.Authentication.JwtBearer" Version="6.0.*" />
    <PackageReference Include="Volo.Abp.Account.Web.IdentityServer" Version="6.0.*" />
    

    with

    <PackageReference Include="Volo.Abp.Account.Web.OpenIddict" Version="6.0.*" />
    
  • In MyApplicationWebModule.cs replace usings and module dependencies:

    using Volo.Abp.AspNetCore.Authentication.JwtBearer;
    ...
    typeof(AbpAccountWebIdentityServerModule),
    typeof(AbpAspNetCoreAuthenticationJwtBearerModule),
    

    with

    typeof(AbpAccountWebOpenIddictModule),
    
  • In MyApplicationWebModule.cs ConfigureServices method update authentication configuration:

    ConfigureAuthentication(context, configuration);
    

    with

    ConfigureAuthentication(context);
    

    and update the ConfigureAuthentication private method to:

    private void ConfigureAuthentication(ServiceConfigurationContext context)
    {
        context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
    }
    
    • In the MyApplicationWebModule.cs add PreConfigureServices like below with your application name as the audience:
    public override void PreConfigureServices(ServiceConfigurationContext context)
    {
        PreConfigure<OpenIddictBuilder>(builder =>
        {
            builder.AddValidation(options =>
            {
                options.AddAudiences("MyApplication"); // Replace with your application name
                options.UseLocalServer();
                options.UseAspNetCore();
            });
        });
    }
    
  • In MyApplicationWebModule.cs OnApplicationInitialization method replace IdentityServer and JwtToken midwares:

    app.UseJwtTokenMiddleware();
    app.UseIdentityServer();
    

    with

    app.UseAbpOpenIddictValidation();
    

Web Project (Tiered Solution)

  • In the MyApplicationWebModule.cs update the AddAbpOpenIdConnect configurations:

    .AddAbpOpenIdConnect("oidc", options =>
    {
        options.Authority = configuration["AuthServer:Authority"];
        options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
        options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
    
        options.ClientId = configuration["AuthServer:ClientId"];
        options.ClientSecret = configuration["AuthServer:ClientSecret"];
    
        options.UsePkce = true; // Add this line
        options.SaveTokens = true;
        options.GetClaimsFromUserInfoEndpoint = true
    
        options.Scope.Add("roles"); // Replace "role" with "roles"
        options.Scope.Add("email");
        options.Scope.Add("phone");
        options.Scope.Add("MyApplication");
    });
    

Replace role scope to roles and add UsePkce and SignoutScheme options.

IdentityServer

This project is renamed to AuthServer after v6.0.0. You can also refactor and rename your project to AuthServer for easier updates in the future.

  • In MyApplication.IdentityServer.csproj replace project references:

    <PackageReference Include="Volo.Abp.Account.Web.IdentityServer" Version="6.0.*" />
    

    with

    <PackageReference Include="Volo.Abp.Account.Web.OpenIddict" Version="6.0.*" />
    
  • In MyApplicationIdentityServerModule.cs replace usings and module dependencies:

    typeof(AbpAccountWebIdentityServerModule),
    

    with

    typeof(AbpAccountWebOpenIddictModule),
    
  • In the MyApplicationIdentityServerModule.cs add PreConfigureServices like below with your application name as the audience:

    public override void PreConfigureServices(ServiceConfigurationContext context)
    {
        PreConfigure<OpenIddictBuilder>(builder =>
        {
            builder.AddValidation(options =>
            {
                options.AddAudiences("MyApplication"); // Replace with your application name
                options.UseLocalServer();
                options.UseAspNetCore();
            });
        });
    }
    
  • In MyApplicationIdentityServerModule.cs OnApplicationInitialization method remove IdentityServer midware:

    app.UseIdentityServer();
    
  • To use the new AuthServer page, replace Index.cshtml.cs with AuthServer Index.cshtml.cs and Index.cshtml file with AuthServer Index.cshtml and rename Ids2OpenId with your application namespace.

    Note: It can be found under the Pages folder.

Http.Api.Host

  • In the MyApplicationHttpApiHostModule.cs OnApplicationInitialization method, delete c.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]); in app.UseAbpSwaggerUI options configurations which is no longer needed.

  • In appsettings.json delete SwaggerClientSecret from the AuthServer section like below:

    "AuthServer": {
        "Authority": "https://localhost:44345",
        "RequireHttpsMetadata": "false",
        "SwaggerClientId": "MyApplication_Swagger"
    },
    

See Also

Was this page helpful?

Please make a selection.

To help us improve, please share your reason for the negative feedback in the field below.

Please enter a note.

Thank you for your valuable feedback!

Please note that although we cannot respond to feedback, our team will use your comments to improve the experience.

In this document
Community Talks

What’s New with .NET 9 & ABP 9?

21 Nov, 17:00
Online
Watch the Event
Mastering ABP Framework Book
Mastering ABP Framework

This book will help you gain a complete understanding of the framework and modern web application development techniques.

Learn More