Due to these differences, contributing a new provider to the OpenIddict stack is quite different from adding an aspnet-contrib provider:
<Provider> node for the new providerTo add a new OpenIddict web provider, the first step is to add a new <Provider> node to the OpenIddictClientWebIntegrationProviders.xml file. For instance:
<Provider Name="Zendesk" Documentation="https://developer.zendesk.com/documentation/live-chat/getting-started/auth/">
+<Provider Name="Zendesk" Id="89fdfe22-c796-4227-a44a-d9cd3c467bbb"
+ Documentation="https://developer.zendesk.com/documentation/live-chat/getting-started/auth/">
</Provider>
If available, a link to the official documentation MUST be added. If multiple languages are available, the following order SHOULD be used:
@@ -132,7 +133,7 @@ the approach used by the ASP.NET Core OAuth 2.0 base handler, that doesn't s
- If the provider supports multiple environments, multiple
<Environment> nodes - one per environment - MUST be added under <Provider>:
-
<Provider Name="Salesforce">
+<Provider Name="Salesforce" Id="ce5bc4bc-6133-4e87-85ad-626b3c0a4427">
<Environment Name="Production" />
<Environment Name="Development" />
@@ -142,7 +143,7 @@ the approach used by the ASP.NET Core OAuth 2.0 base handler, that doesn't s
- If the provider doesn't support multiple environment, a single
<Environment> MUST be added (the Name attribute SHOULD be omitted):
-<Provider Name="Google">
+<Provider Name="Google" Id="e0e90ce7-adb5-4b05-9f54-594941e5d960">
<Environment />
</Provider>
Add the appropriate configuration for each environment
@@ -156,7 +157,7 @@ supports OpenID Connect/OAuth 2.0 server metadata.
without the /.well-known/openid-configuration part. For instance, Google exposes its discovery document at https://accounts.google.com/.well-known/openid-configuration
so the correct issuer to use is https://accounts.google.com/:
-<Provider Name="Google">
+<Provider Name="Google" Id="e0e90ce7-adb5-4b05-9f54-594941e5d960">
<Environment Issuer="https://accounts.google.com/" />
</Provider>
@@ -164,7 +165,7 @@ so the correct issuer to use is https://accounts.google.com/:
the value given in the documentation or the base address of the server) and a <Configuration> node with the static configuration needed by
the OpenIddict client to communicate with the remote authorization server. For instance:
-<Provider Name="Reddit">
+<Provider Name="Reddit" Id="01ae8033-935c-43b9-8568-eaf4d08c0613">
<Environment Issuer="https://www.reddit.com/">
<Configuration AuthorizationEndpoint="https://www.reddit.com/api/v1/authorize"
TokenEndpoint="https://www.reddit.com/api/v1/access_token"
@@ -177,7 +178,7 @@ the OpenIddict client to communicate with the remote authorization server. For i
Note
If the provider doesn't support grant_type=refresh_token and only supports the authorization code flow
(typically with non-expiring access tokens), the <GrantType> nodes MUST be removed for clarity,
as the authorization code flow is always considered supported by default if no <GrantType> is present:
-<Provider Name="Reddit">
+<Provider Name="Reddit" Id="01ae8033-935c-43b9-8568-eaf4d08c0613">
<Environment Issuer="https://www.reddit.com/">
<Configuration AuthorizationEndpoint="https://www.reddit.com/api/v1/authorize"
TokenEndpoint="https://www.reddit.com/api/v1/access_token"
@@ -187,7 +188,7 @@ as the authorization code flow is always considered supported by default if no <
Caution
If the provider doesn't support server metadata but is known to support Proof Key for Code Exchange (PKCE), a <CodeChallengeMethod> node MUST
be added under <Configuration> to ensure the OpenIddict client will send appropriate code_challenge/code_challenge_method parameters:
-<Provider Name="Fitbit">
+<Provider Name="Fitbit" Id="10a558b9-8c81-47cc-8941-e54d0432fd51">
<Environment Issuer="https://www.fitbit.com/">
<Configuration AuthorizationEndpoint="https://www.fitbit.com/oauth2/authorize"
TokenEndpoint="https://api.fitbit.com/oauth2/token"
@@ -200,7 +201,7 @@ be added under <Configuration> to ensure the OpenIddict clien
Note
Some providers use a multitenant configuration that relies on a subdomain, a custom domain or a virtual path to discriminate tenant instances.
If the provider you want to support requires adding a dynamic part in one of its URIs, a <Setting> node MUST be added under <Provider> to
store the tenant name. Once added, the URIs can include a placeholder of the same name:
-<Provider Name="Zendesk">
+<Provider Name="Zendesk" Id="89fdfe22-c796-4227-a44a-d9cd3c467bbb">
<!--
Note: Zendesk is a multitenant provider that relies on subdomains to identify instances.
As such, the following URIs all include a {tenant} placeholder that will be dynamically
@@ -219,14 +220,14 @@ store the tenant name. Once added, the URIs can include a placeholder of the sam
Test the generated provider
If the targeted service is fully standard-compliant, no additional configuration should be required at this point.
-To confirm it, build the solution and add the new provider to the OpenIddict.Sandbox.AspNetCore.Client sandbox:
+To confirm it, build the solution and add an instance of the new provider to the OpenIddict.Sandbox.AspNetCore.Client sandbox:
- Update
Startup.cs to register your new provider:
// Register the Web providers integrations.
options.UseWebProviders()
// ... other providers...
- .Use[provider name](options =>
+ .Add[provider name](options =>
{
options.SetClientId("bXgwc0U3N3A3YWNuaWVsdlRmRWE6MTpjaQ");
options.SetClientSecret("VcohOgBp-6yQCurngo4GAyKeZh0D6SUCCSjJgEo1uRzJarjIUS");
@@ -259,7 +260,7 @@ made to the sandbox project don't need to be committed and included in your
Providers that implement OpenID Connect discovery or OAuth 2.0 authorization server metadata will typically return the client authentication methods they support.
If the provider doesn't expose its metadata, the supported methods MUST be added manually to the static configuration using one or multiple <TokenEndpointAuthMethod>:
-<Provider Name="Twitter">
+<Provider Name="Twitter" Id="1fd20ab5-d3f2-40aa-8c91-094f71652c65">
<Environment Issuer="https://twitter.com/">
<Configuration AuthorizationEndpoint="https://twitter.com/i/oauth2/authorize"
TokenEndpoint="https://api.twitter.com/2/oauth2/token"
@@ -273,7 +274,7 @@ If the provider doesn't expose its metadata, the supported methods MUST be a
- The provider MAY require sending one or multiple default or required scopes. If so, the default/required scopes MUST be added to the
<Environment> node:
-<Provider Name="Twitter" Documentation="https://developer.twitter.com/en/docs/authentication/oauth-2-0/authorization-code">
+<Provider Name="Twitter" Id="1fd20ab5-d3f2-40aa-8c91-094f71652c65">
<Environment Issuer="https://twitter.com/">
<Configuration AuthorizationEndpoint="https://twitter.com/i/oauth2/authorize"
TokenEndpoint="https://api.twitter.com/2/oauth2/token"
@@ -324,11 +325,11 @@ public class FormatNonStandardScopeParameter : IOpenIddictClientHandler<Proce
throw new ArgumentNullException(nameof(context));
}
- context.Request.Scope = context.Registration.ProviderName switch
+ context.Request.Scope = context.Registration.ProviderType switch
{
// The following providers are known to use comma-separated scopes instead of
// the standard format (that requires using a space as the scope separator):
- Providers.Reddit => string.Join(",", context.Scopes),
+ ProviderTypes.Reddit => string.Join(",", context.Scopes),
_ => context.Request.Scope
};
diff --git a/guides/getting-started.html b/guides/getting-started.html
index 28f351d..b2067c0 100644
--- a/guides/getting-started.html
+++ b/guides/getting-started.html
@@ -102,8 +102,8 @@
using individual user accounts authentication is strongly recommended as it automatically includes the default ASP.NET Core Identity UI, based on Razor Pages.
Update your .csproj file to reference the latest OpenIddict packages:
-<PackageReference Include="OpenIddict.AspNetCore" Version="4.4.0" />
-<PackageReference Include="OpenIddict.EntityFrameworkCore" Version="4.4.0" />
+<PackageReference Include="OpenIddict.AspNetCore" Version="4.5.0" />
+<PackageReference Include="OpenIddict.EntityFrameworkCore" Version="4.5.0" />
Configure the OpenIddict core, server and validation services in Startup.ConfigureServices.
Here's an example for the client credentials grant, used in machine-to-machine scenarios:
diff --git a/integrations/entity-framework-core.html b/integrations/entity-framework-core.html
index 876148c..4e84d18 100644
--- a/integrations/entity-framework-core.html
+++ b/integrations/entity-framework-core.html
@@ -97,7 +97,7 @@
To configure OpenIddict to use Entity Framework Core as the database for applications, authorizations, scopes and tokens, you'll need to:
Reference the OpenIddict.EntityFrameworkCore package:
-<PackageReference Include="OpenIddict.EntityFrameworkCore" Version="4.4.0" />
+<PackageReference Include="OpenIddict.EntityFrameworkCore" Version="4.5.0" />
Create a database context deriving from DbContext (or IdentityDbContext when using ASP.NET Core Identity):
public class ApplicationDbContext : DbContext
diff --git a/integrations/entity-framework.html b/integrations/entity-framework.html
index 08ab454..057acac 100644
--- a/integrations/entity-framework.html
+++ b/integrations/entity-framework.html
@@ -97,7 +97,7 @@
To configure OpenIddict to use Entity Framework 6.x as the database for applications, authorizations, scopes and tokens, you'll need to:
Reference the OpenIddict.EntityFramework package:
-<PackageReference Include="OpenIddict.EntityFramework" Version="4.4.0" />
+<PackageReference Include="OpenIddict.EntityFramework" Version="4.5.0" />
Create a database context deriving from DbContext and register the OpenIddict entities in the model:
public class ApplicationDbContext : DbContext
diff --git a/integrations/mongodb.html b/integrations/mongodb.html
index e8f0c8f..caa9ffe 100644
--- a/integrations/mongodb.html
+++ b/integrations/mongodb.html
@@ -97,7 +97,7 @@
To configure OpenIddict to use MongoDB as the database for applications, authorizations, scopes and tokens, you'll need to:
Reference the OpenIddict.MongoDb package:
-<PackageReference Include="OpenIddict.MongoDb" Version="4.4.0" />
+<PackageReference Include="OpenIddict.MongoDb" Version="4.5.0" />
Configure OpenIddict to use the MongoDB stores:
services.AddOpenIddict()
diff --git a/manifest.json b/manifest.json
index cf074fd..0859b93 100644
--- a/manifest.json
+++ b/manifest.json
@@ -1600,7 +1600,7 @@
"output": {
".html": {
"relative_path": "guides/contributing-a-new-web-provider.html",
- "hash": "qD89/ZR4YobTX/dxSI/xpQ=="
+ "hash": "t+F4qikdH+m7k3ak2irnfA=="
}
},
"is_incremental": false,
@@ -1612,7 +1612,7 @@
"output": {
".html": {
"relative_path": "guides/getting-started.html",
- "hash": "oEXNnWk8a8pAnyxesOTT+w=="
+ "hash": "DXG48kl0x/jGWkUuyxNG9w=="
}
},
"is_incremental": false,
@@ -1706,7 +1706,7 @@
"output": {
".html": {
"relative_path": "integrations/entity-framework-core.html",
- "hash": "grajz1JozIeOOSmwG882AA=="
+ "hash": "FtAhrMVduEhGd9n+nXy8Xg=="
}
},
"is_incremental": false,
@@ -1718,7 +1718,7 @@
"output": {
".html": {
"relative_path": "integrations/entity-framework.html",
- "hash": "sJkgZutOHjA5Om5oUD58Sg=="
+ "hash": "TLgT3hjCP6wcMB36WufaFQ=="
}
},
"is_incremental": false,
@@ -1742,7 +1742,7 @@
"output": {
".html": {
"relative_path": "integrations/mongodb.html",
- "hash": "ovF6mpKeXvky7KpTE8Q1Jg=="
+ "hash": "w1HiPVIRk3fuVgVTebZVMQ=="
}
},
"is_incremental": false,