-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenIddict v1.0.0-beta1-0481 - No longer supports OpenIddictUser #3
Comments
Hello and thanks for the feedback (and for purchasing the book as well). Regarding your query, you can use OpenIddict with standard tokens without problems, or even ditch OpenIddict completely and implement your own token provider: the OpenGameList client app does not require tokens to be JWTs, nor it does make any attempt to read or decrypt it: as you can easily see, it just stores the token locally and send it back to the server by appending it on the Authorization header. As a matter of fact, they are opaque to the client (just as @PinpointTownes says). Of course migrating from JWTs to standard tokens will require a minor refactor of Chapter 8 and 9, but this is quite easy to do as long as you understand the underlying logic and follow the OpenIddict implementation samples. That said, in case you need help with this, I can gladly help you with the transition from JWT to standard tokens. As for the fact that the OpenIddictUser is not there anymore, I'm glad they now enforce the usage of the standard IdentityUser class, thus enforcing the default .NET Core Identity auth pattern. |
As a side note, I would like to clarify that (from the thread you mentioned) it doesn't look like OpenIddict is departing from using JWTs. Here's what happened there:
To keep it short, all we need to do is to use the given samples (with a grain of salt) and replace OpenIddictUser with IdentityUser, without worrying about JWTs. |
Yup, exactly that 😄 |
Thanks, Darkseal! I would love a link to an updated Chapter 10 project with the changes if that is possible. |
Have you completed the refactoring of Chapter 8 and 9? We would for sure appreciate getting access to the new source code! Thanks |
After hours of effort, here's the working solution you can try if you run into the issue while following along this book: Delete Migrations folder and run: dotnet ef database drop Project.json: { "tools": { "frameworks": { "buildOptions": { "publishOptions": { "scripts": { appsettings.json { Startup.cs using System; namespace OpenGameList
} ApplicationDbContext.cs using Microsoft.AspNetCore.Identity.EntityFrameworkCore; namespace OpenGameListWebApp.Data
} Make sure to have below in DbSeeder.cs
Then add ConnectController.cs using System.Collections.Generic; namespace OpenGameListWebApp.Controllers
} ApplicationUser.cs using System; namespace OpenGameListWebApp.Data.Users
} That should do it. |
@ttchongtc , kudos and many thanks for the great work!!! |
The latest build of OpenIddict does not have an OpenIddictUser object.
Reading up on this, it looks like it departs from the use of JWT.
See: capesean/openiddict-test#25
Especially this comment from one of the contributors:
"That said, the access token format is supposed to be completely opaque to clients, so if your JS library relies on the fact your access tokens are JWTs, then it's doing it completely wrong and you should consider using another one 😄"
Looks like we need a refactor of much of the authentication section in Chapters 8 & 9.
I bought this book to get an end-to-end sample project I can use a base of a new product. This OpenIddict issue is bit over my head right now.
The text was updated successfully, but these errors were encountered: