Migrate to OpenIddict RC3
+Migrate to OpenIddict 1.0/2.0
-What's new in OpenIddict RC3?
-The announcement listing the changes introduced in this milestone can be found here.
+What's new in OpenIddict 1.0/2.0?
+The announcement listing the changes introduced in this milestone can be found here.
Update your packages references
For that, simply update your .csproj file to point to the newest OpenIddict packages:
ASP.NET Core 1.x
+<ItemGroup>
+ <PackageReference Include="OpenIddict" Version="1.0.0" />
+ <PackageReference Include="OpenIddict.EntityFrameworkCore" Version="1.0.0" />
+</ItemGroup>
+ASP.NET Core 2.x
+<ItemGroup>
+ <PackageReference Include="OpenIddict" Version="2.0.0" />
+ <PackageReference Include="OpenIddict.EntityFrameworkCore" Version="2.0.0" />
+</ItemGroup>
+No additional change should be required for basic scenarios.
+Migrate to OpenIddict 1.0/2.0 rc3
+What's new in OpenIddict 1.0/2.0 rc3?
+The announcement listing the changes introduced in this milestone can be found here.
+Update your packages references
+For that, simply update your .csproj file to point to the newest OpenIddict packages:
ASP.NET Core 1.x
<ItemGroup>
<PackageReference Include="OpenIddict" Version="1.0.0-rc3-final" />
<PackageReference Include="OpenIddict.EntityFrameworkCore" Version="1.0.0-rc3-final" />
</ItemGroup>
-ASP.NET Core 2.x
+ASP.NET Core 2.x
<ItemGroup>
<PackageReference Include="OpenIddict" Version="2.0.0-rc3-final" />
<PackageReference Include="OpenIddict.EntityFrameworkCore" Version="2.0.0-rc3-final" />
@@ -85,11 +101,11 @@
Tip
Note: if you have an explicit reference to AspNet.Security.OAuth.Validation or OpenIddict.Mvc,
you can safely remove these dependencies: they are now transitively referenced by the OpenIddict metapackage.
Important
Note: if your application references OpenIddict.Models or OpenIddict.Stores, you MUST remove them as these packages are no longer used in RC3.
Important
Note: if your application references OpenIddict.Models or OpenIddict.Stores, you MUST remove them as these packages are no longer used in rc3.
Use the new OpenIddict services registration APIs
To offer a better user experience, the registrations APIs exposed by OpenIddict have been reworked. Updating your code should be quite straightforward:
-// In OpenIddict RC2, all the options used to be grouped.
+// In OpenIddict rc2, all the options used to be grouped.
services.AddOpenIddict(options =>
{
options.AddEntityFrameworkCoreStores<ApplicationDbContext>();
@@ -117,7 +133,7 @@ services.AddOpenIddict(options =>
options.DisableHttpsRequirement();
});
-
// In OpenIddict RC3, the options are now split into 3 categories:
+
// In OpenIddict rc3, the options are now split into 3 categories:
// the core services, the server services and the validation services.
services.AddOpenIddict()
.AddCore(options =>
@@ -173,7 +189,7 @@ You don't have to explicitly add a new PackageReference in your
If necessary, create new application entries
OpenIddict now rejects unauthenticated token/revocation requests by default.
-If, after migrating to RC3, you see errors similar to this one:
+If, after migrating to rc3, you see errors similar to this one:
invalid_request : The mandatory 'client_id' parameter is missing.
Add an application entry for the client application and send the corresponding client_id as part of the token request:
If necessary, register the scopes used by your clients
-Starting with RC3, OpenIddict will reject unrecognized scopes by default.
-If, after migrating to RC3, you see errors similar to this one:
+Starting with rc3, OpenIddict will reject unrecognized scopes by default.
+If, after migrating to rc3, you see errors similar to this one:
invalid_scope : The specified 'scope' parameter is not valid.
Simply add the scopes you want to use to the list of registered scopes:
@@ -221,7 +237,7 @@ await _applicationManager.CreateAsync(descriptor); options.DisableScopeValidation(); });If necessary, adjust the permissions granted to your clients
-Starting with RC3, permissions are no longer optional nor implicit: +
Starting with rc3, permissions are no longer optional nor implicit: if you don't explicitly grant an application the necessary permissions, it will be blocked by OpenIddict.
To attach permissions to an application, use OpenIddictApplicationManager:
var descriptor = new OpenIddictApplicationDescriptor
@@ -256,18 +272,18 @@ await _applicationManager.CreateAsync(descriptor);
.IgnoreScopePermissions();
});
-
Migrate to OpenIddict RC2
-What's new in OpenIddict RC2?
+Migrate to OpenIddict rc2
+What's new in OpenIddict rc2?
The full list of changes can be found here. It includes bug fixes (including a bug fix in the refresh token handling) and new features like application permissions, that allow limiting the OpenID Connect features (endpoints and flows) an application is able to use.
-Migrating to OpenIddict RC2 (1.0.0-rc2-final and 2.0.0-rc2-final) requires making changes in your database: existing properties have been reworked
+
Migrating to OpenIddict rc2 (1.0.0-rc2-final and 2.0.0-rc2-final) requires making changes in your database: existing properties have been reworked
(e.g to work around a MySQL limitation) and new ones have been added to support the new features.
This procedure is quite easy and only requires a few minutes.
Note: this guide assumes your application uses the OpenIddict Entity Framework Core 2.x stores. If you use a custom store, changes will have to be made manually. A list of added/updated/renamed columns is available at the end of this guide.
Ensure migrations are correctly enabled for your project
-Before migrating to OpenIddict RC2, make sure migrations are already enabled for your application. If you have a Migrations
+
Before migrating to OpenIddict rc2, make sure migrations are already enabled for your application. If you have a Migrations
folder in your application root folder and an __EFMigrationsHistory table in your database, you're good to go.
If you don't have these Entity Framework Core artifacts, migrations are likely not enabled. To fix that, add the following entries in your .csproj:
<ItemGroup>
@@ -280,15 +296,15 @@ folder in your application root folder and an __EFMigrationsHistory
Version="2.0.0" />
</ItemGroup>
Then, open a new command line and add an initial migration using dotnet ef migrations add InitialMigration (but don't apply it!).
Update your packages references
+Update your packages references
For that, simply update your .csproj file to point to the newest OpenIddict packages:
ASP.NET Core 1.x
+ASP.NET Core 1.x
<ItemGroup>
<PackageReference Include="OpenIddict" Version="1.0.0-rc2-final" />
<PackageReference Include="OpenIddict.EntityFrameworkCore" Version="1.0.0-rc2-final" />
<PackageReference Include="OpenIddict.Mvc" Version="1.0.0-rc2-final" />
</ItemGroup>
-ASP.NET Core 2.x
+ASP.NET Core 2.x
<ItemGroup>
<PackageReference Include="OpenIddict" Version="2.0.0-rc2-final" />
<PackageReference Include="OpenIddict.EntityFrameworkCore" Version="2.0.0-rc2-final" />
@@ -380,7 +396,7 @@ For that, call ticket.SetResources() with the list of the client id
ticket.SetResources("tracking_api", "marketing_api");
Optionally, update your code to grant applications the minimum required permissions
-Starting with RC2, OpenIddict includes an optional feature codenamed "app permissions" that allows +
Starting with rc2, OpenIddict includes an optional feature codenamed "app permissions" that allows controlling and limiting the OAuth2/OpenID Connect features a client application is able to use.
To learn more about this feature, read the Application permissions documentation.