What difference between AddIdentityServerAuthentication and AddJwtBearer #777
Comments
|
https://leastprivilege.com/2020/07/06/flexible-access-token-validation-in-asp-net-core/ |
brockallen
added
question
i have read this uri ,but didn't find the reason about this issue, even so, now i know that AddJwtBearer is correct. |
I believe this means that Identity Server and Duende Software are deprecated. It's pretty stupid and lame to request a payment for building a "store" for "Microsoft.IdentityModel.Tokens", called IS4, that doesn't work out of the box for .net 6/7/8. The GetSchemeAndCredential method doesn't exist in the example, @leastprivilege, I don't give a f, about "Introspection", I don't want to mess up with all my Blazor applications and MAUI apps to change the authentication header to "token" instead of "Bearer". The apps where working very well in MAUI for Windows, Blazor Server, Blazor WebAssembly, because I use two authentication mechanisms, to overcome this, since the application needed to keep development, and not stop because of IS4 crippled functionality, until I wanted to use it in MAUI for Android and iOS, where I built the authentication and everything went right, until calling the APIs with JWT. I don't care if anyone of you "wouldn't want to keep maintaining the code" for validating JWT tokens, you can close the repo here in github, and take vacations for ever. If it doesn't work out of the box for JWT Authentication and I have to build it my self. I won't a pay a dime ever, and find something else to work with in the short time. We are developers, yes, but if a paid product should be "fixed" by my self, it's full of crap. |
Not at all - the only thing that has been deprecated was a small authentication handler for APIs that had some features that were missing from the JwtBearer handler in ASP.NET. As the handlers in ASP.NET have improved, that's become unnecessary. But the core of IdentityServer was always a token server - a framework for building spec-compliant OIDC Providers and OAuth Authorization Servers.
IdentityServer is a framework for building OAuth and OIDC token servers. I think it's a pretty great framework - we implement dozens of specifications while allowing a really high degree of customization - but if its not what you're looking for, that's fine. And Duende IdentityServer absolutely does work with .NET 6 or 7. Our upcoming 7.0 release will add support for .NET 8 shortly after .NET 8 ships.
The JwtBearer handler from ASP.NET core is the right handler for you then.
You don't need to change the header to use the JwtBearer handler.
That's fine - we know there are a lot of options for authentication out there. We provide tools for people who want to build token servers with a high degree of customization. |
Which version of Duende IdentityServer are you using?
IdentityServer4
Which version of .NET are you using?
.Net6
Describe the bug
What difference between AddIdentityServerAuthentication and AddJwtBearer ?
scheme name is same,each one is workly
it is very similar,but I do not sure how to choose,
The text was updated successfully, but these errors were encountered: