Introducing the OpenIddict validation handler
See original GitHub issueStarting with RC3 and thanks to a great contribution from @kinosang, OpenIddict now has its dedicated validation handler, based on the aspnet-contrib handler (AspNet.Security.OAuth.Validation
).
This handler supports both the default token format (opaque) and reference tokens. Like the aspnet-contrib handler, you can use it as a standalone handler (i.e without having to register the OpenIddict core or server services):
// Register the OpenIddict validation handler.
services.AddOpenIddict()
.AddValidation();
Resource servers that use reference tokens will have to configure the core services and register the appropriate stores to be able to use it:
// Register the OpenIddict services.
services.AddOpenIddict()
// Register the OpenIddict core services.
.AddCore(options =>
{
// Register the Entity Framework entities and stores.
options.UseEntityFrameworkCore()
.UseDbContext<ApplicationDbContext>();
})
// Register the OpenIddict validation handler.
.AddValidation(options => options.UseReferenceTokens());
The aspnet-contrib handler will continue to be fully supported and will still be usable with OpenIddict so existing and new applications can keep using services.AddAuthentication().AddOAuthValidation()
instead of services.AddOpenIddict().AddValidation()
for opaque token validation.
Note: OpenIddictValidationHandler
lives in the OpenIddict.Validation
package, which is referenced by the OpenIddict
metapackage. You don’t have to add a new PackageReference
to be able to use it.
Issue Analytics
- State:
- Created 5 years ago
- Reactions:1
- Comments:20 (6 by maintainers)
Top GitHub Comments
@codeaid, @PinpointTownes – you guys saved me. Thank you so much!
I was migrating my project to Openiddict-RC3 + reference tokens and the final touch (that I spent almost two days struggling with) was that ‘Default authentication scheme’ thing that I should have put after adding ASP.NET Core Identity & OpenIddict services to my Startup.cs.
@PinpointTownes , do you think it is worth mentioning in some OpenIddict WIKI page, so that those who combine AspNet.Identity and OpenIddict and are new to the ASP.Net Core world could get it solved quickly?
Note: the conditions I describe in my post are absolutely not specific to our validation handlers. All the authentication handlers in ASP.NET Core 2.0 work the same way.