mirror of
https://gitee.com/dcren/openiddict-documentation.git
synced 2025-09-19 01:57:56 +08:00
Update the documentation pages
This commit is contained in:
OpenIddict Bot
@@ -141,28 +141,6 @@
|
||||
|
||||
application.RedirectUris = new JArray(addresses).ToString(Formatting.None);
|
||||
}
|
||||
|
||||
// Grant the application all the permissions. Don't hesitate to update
|
||||
// the list to only grant the permissions really needed by the application.
|
||||
if (string.IsNullOrEmpty(application.Permissions))
|
||||
{
|
||||
var permissions = new[]
|
||||
{
|
||||
OpenIddictConstants.Permissions.Endpoints.Authorization,
|
||||
OpenIddictConstants.Permissions.Endpoints.Introspection,
|
||||
OpenIddictConstants.Permissions.Endpoints.Logout,
|
||||
OpenIddictConstants.Permissions.Endpoints.Revocation,
|
||||
OpenIddictConstants.Permissions.Endpoints.Token,
|
||||
|
||||
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
|
||||
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
|
||||
OpenIddictConstants.Permissions.GrantTypes.Implicit,
|
||||
OpenIddictConstants.Permissions.GrantTypes.Password,
|
||||
OpenIddictConstants.Permissions.GrantTypes.RefreshToken
|
||||
};
|
||||
|
||||
application.Permissions = new JArray(permissions).ToString(Formatting.None);
|
||||
}
|
||||
}
|
||||
|
||||
// If you use a different entity type or a custom key,
|
||||
@@ -199,60 +177,11 @@
|
||||
UpdateOpenIddictTablesAsync(app.ApplicationServices).GetAwaiter().GetResult();
|
||||
}
|
||||
</code></pre><p>Run your application. Once it's correctly started, stop it and remove the migration script.</p>
|
||||
<h2 id="if-necessary-update-your-code-to-grant-applications-the-required-permissions">If necessary, update your code to grant applications the required permissions</h2>
|
||||
<p>If you have code that relies on <code>OpenIddictApplicationManager.CreateAsync(OpenIddictApplicationDescriptor)</code>,
|
||||
make sure that the appropriate set of permissions is granted.</p>
|
||||
<p>For instance, to allow a client application to use the password and refresh token flows, you must grant the following permissions:</p>
|
||||
<pre><code class="lang-csharp">var descriptor = new OpenIddictApplicationDescriptor
|
||||
{
|
||||
// ...
|
||||
Permissions =
|
||||
{
|
||||
OpenIddictConstants.Permissions.Endpoints.Token,
|
||||
OpenIddictConstants.Permissions.GrantTypes.Password,
|
||||
OpenIddictConstants.Permissions.GrantTypes.RefreshToken
|
||||
}
|
||||
};
|
||||
|
||||
await manager.CreateAsync(descriptor);
|
||||
</code></pre><p>For the authorization code flow, the following permissions are required:</p>
|
||||
<pre><code class="lang-csharp">var descriptor = new OpenIddictApplicationDescriptor
|
||||
{
|
||||
// ...
|
||||
Permissions =
|
||||
{
|
||||
OpenIddictConstants.Permissions.Endpoints.Authorization,
|
||||
OpenIddictConstants.Permissions.Endpoints.Token,
|
||||
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode
|
||||
}
|
||||
};
|
||||
|
||||
await manager.CreateAsync(descriptor);
|
||||
</code></pre><p>For custom flows, use the <code>OpenIddictConstants.Permissions.Prefixes.GrantType</code> constant:</p>
|
||||
<pre><code class="lang-csharp">var descriptor = new OpenIddictApplicationDescriptor
|
||||
{
|
||||
// ...
|
||||
Permissions =
|
||||
{
|
||||
OpenIddictConstants.Permissions.Endpoints.Token,
|
||||
OpenIddictConstants.Permissions.Prefixes.GrantType + "google_token_exchange"
|
||||
}
|
||||
};
|
||||
|
||||
await manager.CreateAsync(descriptor);
|
||||
</code></pre><p>If your application uses introspection or revocation, these endpoints must also be enable. E.g:</p>
|
||||
<pre><code class="lang-csharp">var descriptor = new OpenIddictApplicationDescriptor
|
||||
{
|
||||
// ...
|
||||
Permissions =
|
||||
{
|
||||
OpenIddictConstants.Permissions.Endpoints.Introspection,
|
||||
OpenIddictConstants.Permissions.Endpoints.Revocation
|
||||
}
|
||||
};
|
||||
|
||||
await manager.CreateAsync(descriptor);
|
||||
</code></pre><h1 id="list-of-changes-for-applications-using-custom-stores">List of changes (for applications using custom stores)</h1>
|
||||
<h2 id="optionally-update-your-code-to-grant-applications-the-minimum-required-permissions">Optionally, update your code to grant applications the minimum required permissions</h2>
|
||||
<p>Starting with RC2, OpenIddict includes an optional feature codenamed "app permissions" that allows
|
||||
controlling and limiting the OAuth2/OpenID Connect features a client application is able to use.</p>
|
||||
<p>To learn more about this feature, read the <a href="../features/application-permissions.html">Application permissions documentation</a>.</p>
|
||||
<h1 id="list-of-changes-for-applications-using-custom-stores">List of changes (for applications using custom stores)</h1>
|
||||
<h2 id="renamed-properties">Renamed properties</h2>
|
||||
<table>
|
||||
<thead>
|
||||
|
||||
Reference in New Issue
Block a user