OpenIddict Blazor-Server UI Migration Guide

Blazor Project (Non-Tiered Solution)

  • In the MyApplication.Blazor.csproj replace project references:

    <PackageReference Include="Volo.Abp.Account.Pro.Public.Web.IdentityServer" Version="6.0.*" />
    <PackageReference Include="Volo.Abp.IdentityServer.Blazor.Server" Version="6.0.*" />
    

    with

    <PackageReference Include="Volo.Abp.Account.Pro.Public.Web.OpenIddict" Version="6.0.*" />
    <PackageReference Include="Volo.Abp.OpenIddict.Pro.Blazor.Server" Version="6.0.*" />    
    
  • In the MyApplicationBlazorModule.cs replace usings and module dependencies:

    using Volo.Abp.AspNetCore.Authentication.JwtBearer;
    using Volo.Abp.IdentityServer.Blazor.Server;
    ...
    typeof(AbpAccountPublicWebIdentityServerModule),
    typeof(AbpIdentityServerBlazorServerModule),
    

    with

    using OpenIddict.Validation.AspNetCore;
    using Volo.Abp.OpenIddict.Pro.Blazor.Server;
    ...
    typeof(AbpAccountPublicWebOpenIddictModule),
    typeof(AbpOpenIddictProBlazorServerModule),
    
  • In the MyApplicationBlazorModule.cs add PreConfigureServices like below with your application name as the audience:

    public override void PreConfigureServices(ServiceConfigurationContext context)
    {
        PreConfigure<OpenIddictBuilder>(builder =>
        {
            builder.AddValidation(options =>
            {
                options.AddAudiences("MyApplication"); // Replace with your application name
                options.UseLocalServer();
                options.UseAspNetCore();
            });
        });
    }
    
  • In the MyApplicationBlazorModule.cs ConfigureServices method, replace the method call:

    From ConfigureAuthentication(context, configuration); to ConfigureAuthentication(context); and update the method as:

    private void ConfigureAuthentication(ServiceConfigurationContext context)
    {
        context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
    }
    
  • In the MyApplicationBlazorModule.cs OnApplicationInitialization method, replace the midware:

    app.UseJwtTokenMiddleware();
    app.UseIdentityServer();
    

    with

    app.UseAbpOpenIddictValidation();
    
  • In the MyApplicationMenuContributor.cs under Menus folder, replace the using and menu name under ConfigureMainMenuAsync:

    using Volo.Abp.IdentityServer.Blazor.Navigation;
    ...
    //Administration->Identity Server
    administration.SetSubItemOrder(AbpIdentityServerMenuNames.GroupName, 2);
    

    with

    using Volo.Abp.OpenIddict.Pro.Blazor.Menus;
    ...
    //Administration->OpenIddict
    administration.SetSubItemOrder(OpenIddictProMenus.GroupName, 2);
    

Blazor Project (Tiered Solution)

  • In the MyApplicationWebModule.cs update the AddAbpOpenIdConnect configurations:

    .AddAbpOpenIdConnect("oidc", options =>
    {
      options.Authority = configuration["AuthServer:Authority"];
        options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
        options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
    
        options.ClientId = configuration["AuthServer:ClientId"];
        options.ClientSecret = configuration["AuthServer:ClientSecret"];
    
        options.SaveTokens = true;
        options.GetClaimsFromUserInfoEndpoint = true;
    
        options.Scope.Add("roles"); // Replace "role" with "roles"
        options.Scope.Add("email");
        options.Scope.Add("phone");
        options.Scope.Add("MyApplication");
    });
    

    Replace role scope with roles.

Http.Api.Host

  • In the MyApplicationHttpApiHostModule.cs OnApplicationInitialization method, delete c.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]); in app.UseAbpSwaggerUI options configurations which is no longer needed.

  • In appsettings.json delete SwaggerClientSecret from the AuthServer section like below:

    "AuthServer": {
        "Authority": "https://localhost:44345",
        "RequireHttpsMetadata": "false",
        "SwaggerClientId": "MyApplication_Swagger"
    },
    

IdentityServer

This project is renamed to AuthServer after v6.0.0. You can also refactor and rename your project to AuthServer for easier updates in the future.

  • In MyApplication.IdentityServer.csproj replace project references:

    <PackageReference Include="Volo.Abp.Account.Pro.Public.Web.IdentityServer" Version="6.0.*" />
    

    with

    <PackageReference Include="Volo.Abp.Account.Pro.Public.Web.OpenIddict" Version="6.0.*" />
    
  • In MyApplicationIdentityServerModule.cs replace usings and module dependencies:

    using IdentityServer4.Configuration;
    using Volo.Abp.AspNetCore.Authentication.JwtBearer;
    ...
    typeof(AbpAccountPublicWebIdentityServerModule),
    

    with

    using OpenIddict.Validation.AspNetCore;
    ...
    typeof(AbpAccountPublicWebOpenIddictModule),
    
  • In the MyApplicationIdentityServerModule.cs add PreConfigureServices like below with your application name as the audience:

    public override void PreConfigureServices(ServiceConfigurationContext context)
    {
        PreConfigure<OpenIddictBuilder>(builder =>
        {
            builder.AddValidation(options =>
            {
                options.AddAudiences("MyApplication"); // Replace with your application name
                options.UseLocalServer();
                options.UseAspNetCore();
            });
        });
    }
    
  • In the MyApplicationIdentityServerModule.cs replace ForwardIdentityAuthenticationForBearer under ConfigureServices method:

    context.Services.ForwardIdentityAuthenticationForBearer();
    

    with

    context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
    
  • In the MyApplicationIdentityServerModule.cs, remove IdentityServerOptions configuration and JwtBearer options under ConfigureServices method:

    if (Convert.ToBoolean(configuration["AuthServer:SetSelfAsIssuer"])) // Remove
    {
        Configure<IdentityServerOptions>(options => { options.IssuerUri = configuration["App:SelfUrl"]; });
    }
    ...
    context.Services.AddAuthentication() // Remove
        .AddJwtBearer(options =>
        {
           options.Authority = configuration["AuthServer:Authority"];
           options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
           options.Audience = "MyApplication";
        })
    
  • In the MyApplicationIdentityServerModule.cs OnApplicationInitialization method, replace the midware:

    app.UseJwtTokenMiddleware();
    app.UseIdentityServer();
    

    with

    app.UseAbpOpenIddictValidation();
    
  • To use the new AuthServer page, replace Index.cshtml.cs with AuthServer Index.cshtml.cs and Index.cshtml file with AuthServer Index.cshtml.

    Note: It can be found under the Pages folder.

See Also

Contributors


Last updated: January 11, 2023 Edit this page on GitHub

Was this page helpful?

Please make a selection.

To help us improve, please share your reason for the negative feedback in the field below.

Please enter a note.

Thank you for your valuable feedback!

Please note that although we cannot respond to feedback, our team will use your comments to improve the experience.

In this document
Community Talks

Building Modular Monolith Applications Using .Net and ABP Framework

17 Oct, 20:00
Online
Register Now
Mastering ABP Framework Book
Mastering ABP Framework

This book will help you gain a complete understanding of the framework and modern web application development techniques.

Learn More