Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 00:03
    PinpointTownes commented #864
  • 00:01
    kkagill commented #864
  • Dec 10 23:23
    PinpointTownes commented #864
  • Dec 10 23:17
    kkagill commented #864
  • Dec 10 23:11
    PinpointTownes commented #864
  • Dec 10 23:09
    kkagill commented #864
  • Dec 10 22:48
    PinpointTownes labeled #864
  • Dec 10 22:48
    PinpointTownes labeled #864
  • Dec 10 22:48
    PinpointTownes commented #864
  • Dec 10 22:46
    PinpointTownes commented #862
  • Dec 10 22:31
    kkagill opened #864
  • Dec 10 21:58
    ianpowell2017 commented #862
  • Dec 10 21:28
    PinpointTownes commented #862
  • Dec 10 20:36
    ianpowell2017 commented #862
  • Dec 10 17:28
    rynowak commented #859
  • Dec 10 17:26
    PinpointTownes commented #859
  • Dec 10 17:23
    rynowak commented #859
  • Dec 10 17:15
    PinpointTownes commented #863
  • Dec 10 17:01
    PinpointTownes labeled #863
  • Dec 10 17:00
    PinpointTownes commented #863
James
@Jimud1
Thanks so much for the help! Absolute legend
Kévin Chalet
@PinpointTownes
lol, you're welcome :sweat_smile:
BTW, if you're interested in contributing or sponsoring the project, please don't hesitate!
bviale
@bviale
Hey, I had to go back using the 3.x version because I absolutely need the new EnableDegradedMode(); feature, my new requirement is to have my server working without any DB (I didn't find an easy way to use the 2.0.1 without database). Using the degraded mode, what is the way to sign in in a controller ? I'm having issues injecting the SignInManager<ApplicationUser> . Should I use services.AddIdentity<ApplicationUser, IdentityRole>() , without the AddEntityFrameworkStores part ?
Kévin Chalet
@PinpointTownes
It's up to you. Identity itself won't work without a DB, so you may want to use something else.
bviale
@bviale
Ok I see. If I don't use Identity, the HandleTokenRequestContext event will never be triggered right ? Should I move all the user/password check and grant the claims in the controller then ?
Kévin Chalet
@PinpointTownes
No, it's completely unrelated.
You can use either the events model (with HandleTokenRequestContext) or enable the pass-through mode and handle token requests in a MVC controller.
(well, I said a MVC controller but it could be a middleware or even a Carter module)
bviale
@bviale
My goal is to add a login page in the server itself , just like the AuthorizationServer in the CodeFlow sample
Kévin Chalet
@PinpointTownes
What's preventing you from doing that?
bviale
@bviale
So I think I'll need to do my magic in the POST Account/Login and I'll don't need the HandleTokenRequestContext right ?
I'm trying to figure how I can actually log the user here without using _signInManager.PasswordSignInAsync()
Kévin Chalet
@PinpointTownes
You can use the core authentication APIs provided by ASP.NET Core to create authentication cookies.
bviale
@bviale
Ok thanks, I'm going to try it

One last thing, I think it's a stupid one, I'm not able to simply use [Authorize] on my controllers.
InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found. The default schemes can be set using either AddAuthentication(string defaultScheme) or AddAuthentication(Action<AuthenticationOptions> configureOptions).

In my startup I'm using the snippet you sent me yesterday

I tried to set a scheme as a parameter in services.AddAuthentication(); but it didn't work
Kévin Chalet
@PinpointTownes
The snippet I sent yesterday demonstrated how to use the password flow with the degraded mode. For the code flow - which is an interactive flow - you'll need extra things, like a cookie authentication middleware.
bviale
@bviale
oh ok I see, so both of my my issues will be gone once I'll set up the cookie authentification then, thanks
damccull
@damccull
Howdy. Been a very long time since I looked into openiddict and I've since gained a much better understanding of how the whole OIDC system works, though there's still some pain points and I still have to reference docs...a lot. Anyways, I was wondering what the current status for aspnetcore 3.0 is. I see the repo says the openiddict 3.0 code is still WIP, but can I use the 2.x branch with asp.net 3.0?
I see a post from @PinpointTownes about this very issue...so yes, I would like to try it out :D If it's available.
Man, I should read before I post, lol. Thanks @PinpointTownes I'll just download 2.0.1 and see how it goes :D
Kévin Chalet
@PinpointTownes
@damccull haha, yeah, both 2.0.1 and 3.0 are compatible with ASP.NET Core.
If you need a production-ready stuff, go with 2.0.1. If you prefer the latest and coolest stuff, 3.0 is for you!
damccull
@damccull
@PinpointTownes is 3.0 stable enough to use on a low traffic game guild site without a bunch of crashes?
I think now that i finally understand how the actual flows work I might be able to get openiddict to work this time :D
Kévin Chalet
@PinpointTownes
lol yeah :smile:
Kévin Chalet
@PinpointTownes
FYI: 3.0 supports the device flow, in case you'd want to use it.
damccull
@damccull
Nice, i'll try that one then
though I'm not familiar with device flow yet. I'll check it out on the youtubes
Oh man..that'd be perfect for a discord bot
perhaps
oh yeah, def
that'd be perfect
damccull
@damccull
@PinpointTownes In the Dev branch's readme getting started example (understanding this is dev code) there is a spot in AddServer's options that sets options.UseAspNetCore(), only that doesn't seem to be recognized as a valid method. Neither does .AddValidation() and its children. Did something change I'm not picking up?
Kévin Chalet
@PinpointTownes
@damccull did you forget to include the OpenIddict.AspNetCore package?
damccull
@damccull
@PinpointTownes Apparently I added OpenIddict as a package rather than OpenIddict.AspNetCore. So that's my mistake. Thanks for your help. Any idea why it would have not complained about that package on dotnet restore?
Kévin Chalet
@PinpointTownes
OpenIddict is still a valid package, but it doesn't reference the ASP.NET Core hosts in 3.0, just the "core" core, server and validation stuff :smile:
If you want to integrate with ASP.NET Core, you need OpenIddict.Server.AspNetCore and OpenIddict.Validation.AspNetCore, that are referenced by the OpenIddict.AspNetCore metapackage.
Folks who want to integrate with legacy ASP.NET 4.x/OWIN apps can instead reference OpenIddict.Owin, which works exactly like OpenIddict.AspNetCore.
damccull
@damccull
Oh, ok. Makes sense. Thanks.
damccull
@damccull
So not to compare various kinds of fruit, but IdentityServer4 has a ton of options you have-to/can set on various kinds of registered clients. In openiddict I see only the RedirectUris, the clientsecret, and clientid. I like the simplicity, but is there anything I might need with the more advanced crap? Does openiddict support that extra stuff under the hood and it's just not in the examples?
Kévin Chalet
@PinpointTownes
Keeping it not "too complicated" is 100% deliberate. We do expose a few options already, but if you need more advanced things, the events model will allow you to do whatever you want with a few lines of code.
It's a different approach, but you should be able to achieve whatever you want to do.
If you have a concrete example of an option you miss, I'm all ears :smile:
damccull
@damccull
I don't miss anything yet, lol. I just have been experimenting with identity server 4 and they have pretty darn good docs, but it seems like a lot of extra stuff to set up a specific client. I just wondered if all that extra was gaining me anything... Like security or something.
Kévin Chalet
@PinpointTownes
It gives you... options :smile:
I try to avoid adding client properties because it becomes quickly noisy (even in the DB, as you have to introduce new columns for them)
damccull
@damccull
Cool. I'mma stick with the basics if I can get openiddict running this time :) I feel much more prepared than I did when I tried this a couple years back.
Kévin Chalet
@PinpointTownes
Hahaha :smile: