diff --git a/guides/getting-started.html b/guides/getting-started.html index ccaae1a..b8743a3 100644 --- a/guides/getting-started.html +++ b/guides/getting-started.html @@ -102,8 +102,8 @@ using individual user accounts authentication is strongly recommended as it automatically includes the default ASP.NET Core Identity UI, based on Razor Pages.

  • Update your .csproj file to reference the latest OpenIddict packages:

    -
    <PackageReference Include="OpenIddict.AspNetCore" Version="4.0.0" />
-<PackageReference Include="OpenIddict.EntityFrameworkCore" Version="4.0.0" />
+
    <PackageReference Include="OpenIddict.AspNetCore" Version="4.1.0" />
+<PackageReference Include="OpenIddict.EntityFrameworkCore" Version="4.1.0" />

  • Configure the OpenIddict core, server and validation services in Startup.ConfigureServices. Here's an example for the client credentials grant, used in machine-to-machine scenarios:

    @@ -226,13 +226,19 @@ Here's an example for the client credentials grant:

    var identity = new ClaimsIdentity(TokenValidationParameters.DefaultAuthenticationType, Claims.Name, Claims.Role); // Use the client_id as the subject identifier. - identity.AddClaim(Claims.Subject, - await _applicationManager.GetClientIdAsync(application), - Destinations.AccessToken, Destinations.IdentityToken); + identity.SetClaim(Claims.Subject, await _applicationManager.GetClientIdAsync(application)); + identity.SetClaim(Claims.Name, await _applicationManager.GetDisplayNameAsync(application)); - identity.AddClaim(Claims.Name, - await _applicationManager.GetDisplayNameAsync(application), - Destinations.AccessToken, Destinations.IdentityToken); + identity.SetDestinations(static claim => claim.Type switch + { + // Allow the "name" claim to be stored in both the access and identity tokens + // when the "profile" scope was granted (by calling principal.SetScopes(...)). + Claims.Name when claim.Subject.HasScope(Scopes.Profile) + => new[] { Destinations.AccessToken, Destinations.IdentityToken }, + + // Otherwise, only store the claim in the access tokens. + _ => new[] { Destinations.AccessToken } + }); return SignIn(new ClaimsPrincipal(identity), OpenIddictServerAspNetCoreDefaults.AuthenticationScheme); } diff --git a/index.html b/index.html index e17a129..2f65a68 100644 --- a/index.html +++ b/index.html @@ -264,7 +264,7 @@ To reference the OpenIddict MyGet feed, create a NuGet.configOpenIddict is actively maintained by Kévin Chalet. Contributions are welcome and can be submitted using pull requests.

    Special thanks to our sponsors for their incredible support:

    Volosoft logo

    -

    Sébastien RosAndrewDovydas NavickasSchmitt ChristianThomas WFlorian WachsSebastian StehleDr_Cox1911Communicatie CockpitJasmin SavardThomasMichael CalasanzSycDigitalOps Co. Ltd.Thom van den AkkerJaco Jansen van VuurenEYERIDE Fleet Management SystemJulien DebacheAlexander TrauzziStian Håve

    +

    Sébastien RosAndrewDovydas NavickasSchmitt ChristianThomas WFlorian WachsSebastian StehleCommunicatie CockpitJasmin SavardThomasMichael CalasanzDigitalOps Co. Ltd.Thom van den AkkerJaco Jansen van VuurenEYERIDE Fleet Management SystemJulien DebacheStian HåveRowan RichardsRavindu LiyanapathiranaHieronymusBlaze

    License

    This project is licensed under the Apache License. This means that you can use, modify and distribute it freely. diff --git a/manifest.json b/manifest.json index 9b8ee68..75af89e 100644 --- a/manifest.json +++ b/manifest.json @@ -1612,7 +1612,7 @@ "output": { ".html": { "relative_path": "guides/getting-started.html", - "hash": "mT272boRGfEMUWq6J++rhg==" + "hash": "bmEep/5YBpDf6EdVoax3Gg==" } }, "is_incremental": false, @@ -1694,7 +1694,7 @@ "output": { ".html": { "relative_path": "index.html", - "hash": "gVlUuQJLJ4mqh8IoFgj9AQ==" + "hash": "EzKrSmlomALjvzfgGUHPng==" } }, "is_incremental": false,