From af63dc63fbd377b8859abe8a8de35caad7d62d37 Mon Sep 17 00:00:00 2001
From: Timur Zanagar <TimurZanagar@users.noreply.github.com>
Date: Fri, 3 Mar 2023 17:05:43 +0100
Subject: [PATCH] Fix the getting started documentation and update it to
 reference OpenIddict 4.1.0

---
 guides/getting-started.md | 22 ++++++++++++++--------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/guides/getting-started.md b/guides/getting-started.md
index cf8127a..d4effc5 100644
--- a/guides/getting-started.md
+++ b/guides/getting-started.md
@@ -12,8 +12,8 @@ If you don't want to start from one of the recommended samples, you'll need to:
   - **Update your `.csproj` file** to reference the latest `OpenIddict` packages:
 
     ```xml
-    <PackageReference Include="OpenIddict.AspNetCore" Version="4.0.0" />
-    <PackageReference Include="OpenIddict.EntityFrameworkCore" Version="4.0.0" />
+    <PackageReference Include="OpenIddict.AspNetCore" Version="4.1.0" />
+    <PackageReference Include="OpenIddict.EntityFrameworkCore" Version="4.1.0" />
     ```
 
   - **Configure the OpenIddict core, server and validation services** in `Startup.ConfigureServices`.
@@ -149,13 +149,19 @@ If you don't want to start from one of the recommended samples, you'll need to:
             var identity = new ClaimsIdentity(TokenValidationParameters.DefaultAuthenticationType, Claims.Name, Claims.Role);
 
             // Use the client_id as the subject identifier.
-            identity.AddClaim(Claims.Subject,
-                await _applicationManager.GetClientIdAsync(application),
-                Destinations.AccessToken, Destinations.IdentityToken);
+            identity.SetClaim(Claims.Subject, await _applicationManager.GetClientIdAsync(application));
+            identity.SetClaim(Claims.Name, await _applicationManager.GetDisplayNameAsync(application));
 
-            identity.AddClaim(Claims.Name,
-                await _applicationManager.GetDisplayNameAsync(application),
-                Destinations.AccessToken, Destinations.IdentityToken);
+            identity.SetDestinations(static claim => claim.Type switch
+            {
+                // Allow the "name" claim to be stored in both the access and identity tokens
+                // when the "profile" scope was granted (by calling principal.SetScopes(...)).
+                Claims.Name when claim.Subject.HasScope(Scopes.Profile)
+                    => new[] { Destinations.AccessToken, Destinations.IdentityToken },
+
+                // Otherwise, only store the claim in the access tokens.
+                _ => new[] { Destinations.AccessToken }
+            });
 
             return SignIn(new ClaimsPrincipal(identity), OpenIddictServerAspNetCoreDefaults.AuthenticationScheme);
         }