Bump OpenIddict to 6.0.0

openiddict · Dec 17, 2024 · a140314 · a140314
1 parent 5a508ac
commit a140314
Show file tree

Hide file tree

Showing 29 changed files with 122 additions and 149 deletions.
diff --git a/Directory.Packages.props b/Directory.Packages.props
@@ -44,11 +44,11 @@
     <PackageVersion Include="Microsoft.Owin.Security.Cookies"                            Version="4.2.2"   />
     <PackageVersion Include="Microsoft.Owin.Security.OAuth"                              Version="4.2.2"   />
     <PackageVersion Include="Microsoft.Web.Infrastructure"                               Version="2.0.1"   />
-    <PackageVersion Include="OpenIddict.Client.SystemIntegration"                        Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.Client.SystemNetHttp"                            Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.EntityFramework"                                 Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.EntityFrameworkCore"                             Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.Owin"                                            Version="5.8.0"   />
+    <PackageVersion Include="OpenIddict.Client.SystemIntegration"                        Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.Client.SystemNetHttp"                            Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.EntityFramework"                                 Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.EntityFrameworkCore"                             Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.Owin"                                            Version="6.0.0"   />
     <PackageVersion Include="WebGrease"                                                  Version="1.6.0"   />
   </ItemGroup>
 
@@ -85,15 +85,15 @@
     <PackageVersion Include="Microsoft.Extensions.Hosting"                               Version="8.0.1"   />
     <PackageVersion Include="Microsoft.Extensions.Http"                                  Version="8.0.1"   />
     <PackageVersion Include="Microsoft.VisualStudio.Web.CodeGeneration.Design"           Version="8.0.7"   />
-    <PackageVersion Include="OpenIddict.Abstractions"                                    Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.AspNetCore"                                      Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.Client.SystemIntegration"                        Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.Client.SystemNetHttp"                            Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.Client.WebIntegration"                           Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.EntityFrameworkCore"                             Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.Quartz"                                          Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.Validation.AspNetCore"                           Version="5.8.0"   />
-    <PackageVersion Include="OpenIddict.Validation.SystemNetHttp"                        Version="5.8.0"   />
+    <PackageVersion Include="OpenIddict.Abstractions"                                    Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.AspNetCore"                                      Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.Client.SystemIntegration"                        Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.Client.SystemNetHttp"                            Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.Client.WebIntegration"                           Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.EntityFrameworkCore"                             Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.Quartz"                                          Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.Validation.AspNetCore"                           Version="6.0.0"   />
+    <PackageVersion Include="OpenIddict.Validation.SystemNetHttp"                        Version="6.0.0"   />
     <PackageVersion Include="Quartz.Extensions.Hosting"                                  Version="3.5.0"   />
     <PackageVersion Include="Spectre.Console"                                            Version="0.49.1"  />
     <PackageVersion Include="System.Linq.Async"                                          Version="6.0.1"   />

diff --git a/samples/Aridka/Aridka.Server/Startup.cs b/samples/Aridka/Aridka.Server/Startup.cs
@@ -34,7 +34,6 @@ public void ConfigureServices(IServiceCollection services)
         // (like pruning orphaned authorizations/tokens from the database) at regular intervals.
         services.AddQuartz(options =>
         {
-            options.UseMicrosoftDependencyInjectionJobFactory();
             options.UseSimpleTypeLoader();
             options.UseInMemoryStore();
         });

diff --git a/samples/Balosar/Balosar.Server/Controllers/AuthorizationController.cs b/samples/Balosar/Balosar.Server/Controllers/AuthorizationController.cs
@@ -61,13 +61,13 @@ public async Task<IActionResult> Authorize()
         // For scenarios where the default authentication handler configured in the ASP.NET Core
         // authentication options shouldn't be used, a specific scheme can be specified here.
         var result = await HttpContext.AuthenticateAsync();
-        if (result == null || !result.Succeeded || request.HasPrompt(Prompts.Login) ||
+        if (result == null || !result.Succeeded || request.HasPromptValue(PromptValues.Login) ||
            (request.MaxAge != null && result.Properties?.IssuedUtc != null &&
             DateTimeOffset.UtcNow - result.Properties.IssuedUtc > TimeSpan.FromSeconds(request.MaxAge.Value)))
         {
             // If the client application requested promptless authentication,
             // return an error indicating that the user is not logged in.
-            if (request.HasPrompt(Prompts.None))
+            if (request.HasPromptValue(PromptValues.None))
             {
                 return Forbid(
                     authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
@@ -80,7 +80,7 @@ public async Task<IActionResult> Authorize()
 
             // To avoid endless login -> authorization redirects, the prompt=login flag
             // is removed from the authorization request payload before redirecting the user.
-            var prompt = string.Join(" ", request.GetPrompts().Remove(Prompts.Login));
+            var prompt = string.Join(" ", request.GetPromptValues().Remove(PromptValues.Login));
 
             var parameters = Request.HasFormContentType ?
                 Request.Form.Where(parameter => parameter.Key != Parameters.Prompt).ToList() :
@@ -130,7 +130,7 @@ public async Task<IActionResult> Authorize()
             // return an authorization response without displaying the consent form.
             case ConsentTypes.Implicit:
             case ConsentTypes.External when authorizations.Count is not 0:
-            case ConsentTypes.Explicit when authorizations.Count is not 0 && !request.HasPrompt(Prompts.Consent):
+            case ConsentTypes.Explicit when authorizations.Count is not 0 && !request.HasPromptValue(PromptValues.Consent):
                 // Create the claims-based identity that will be used by OpenIddict to generate tokens.
                 var identity = new ClaimsIdentity(
                     authenticationType: TokenValidationParameters.DefaultAuthenticationType,
@@ -167,8 +167,8 @@ public async Task<IActionResult> Authorize()
 
             // At this point, no authorization was found in the database and an error must be returned
             // if the client application specified prompt=none in the authorization request.
-            case ConsentTypes.Explicit   when request.HasPrompt(Prompts.None):
-            case ConsentTypes.Systematic when request.HasPrompt(Prompts.None):
+            case ConsentTypes.Explicit   when request.HasPromptValue(PromptValues.None):
+            case ConsentTypes.Systematic when request.HasPromptValue(PromptValues.None):
                 return Forbid(
                     authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
                     properties: new AuthenticationProperties(new Dictionary<string, string>

diff --git a/samples/Balosar/Balosar.Server/Startup.cs b/samples/Balosar/Balosar.Server/Startup.cs
@@ -42,7 +42,6 @@ public void ConfigureServices(IServiceCollection services)
         // (like pruning orphaned authorizations/tokens from the database) at regular intervals.
         services.AddQuartz(options =>
         {
-            options.UseMicrosoftDependencyInjectionJobFactory();
             options.UseSimpleTypeLoader();
             options.UseInMemoryStore();
         });
@@ -106,9 +105,9 @@ public void ConfigureServices(IServiceCollection services)
             {
                 // Enable the authorization, logout, token and userinfo endpoints.
                 options.SetAuthorizationEndpointUris("connect/authorize")
-                       .SetLogoutEndpointUris("connect/logout")
+                       .SetEndSessionEndpointUris("connect/logout")
                        .SetTokenEndpointUris("connect/token")
-                       .SetUserinfoEndpointUris("connect/userinfo");
+                       .SetUserInfoEndpointUris("connect/userinfo");
 
                 // Mark the "email", "profile" and "roles" scopes as supported scopes.
                 options.RegisterScopes(Scopes.Email, Scopes.Profile, Scopes.Roles);
@@ -125,7 +124,7 @@ public void ConfigureServices(IServiceCollection services)
                 // Register the ASP.NET Core host and configure the ASP.NET Core-specific options.
                 options.UseAspNetCore()
                        .EnableAuthorizationEndpointPassthrough()
-                       .EnableLogoutEndpointPassthrough()
+                       .EnableEndSessionEndpointPassthrough()
                        .EnableStatusCodePagesIntegration()
                        .EnableTokenEndpointPassthrough();
             })

diff --git a/samples/Balosar/Balosar.Server/Worker.cs b/samples/Balosar/Balosar.Server/Worker.cs
@@ -44,7 +44,7 @@ await manager.CreateAsync(new OpenIddictApplicationDescriptor
                 Permissions =
                 {
                     Permissions.Endpoints.Authorization,
-                    Permissions.Endpoints.Logout,
+                    Permissions.Endpoints.EndSession,
                     Permissions.Endpoints.Token,
                     Permissions.GrantTypes.AuthorizationCode,
                     Permissions.GrantTypes.RefreshToken,

diff --git a/samples/Contruum/Contruum.Server/Handlers.cs b/samples/Contruum/Contruum.Server/Handlers.cs
diff --git a/samples/Contruum/Contruum.Server/Pages/Connect/Authorize.cshtml.cs b/samples/Contruum/Contruum.Server/Pages/Connect/Authorize.cshtml.cs
@@ -33,7 +33,7 @@ public async Task<IActionResult> OnGetAsync()
         {
             // If the client application requested promptless authentication,
             // return an error indicating that the user is not logged in.
-            if (request.HasPrompt(Prompts.None))
+            if (request.HasPromptValue(PromptValues.None))
             {
                 return Forbid(
                     authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
@@ -55,11 +55,11 @@ public async Task<IActionResult> OnGetAsync()
 
         // If prompt=login was specified by the client application,
         // immediately return the user agent to the login page.
-        if (request.HasPrompt(Prompts.Login))
+        if (request.HasPromptValue(PromptValues.Login))
         {
             // To avoid endless login -> authorization redirects, the prompt=login flag
             // is removed from the authorization request payload before redirecting the user.
-            var prompt = string.Join(" ", request.GetPrompts().Remove(Prompts.Login));
+            var prompt = string.Join(" ", request.GetPromptValues().Remove(PromptValues.Login));
 
             var parameters = Request.HasFormContentType ?
                 Request.Form.Where(parameter => parameter.Key != Parameters.Prompt).ToList() :

diff --git a/samples/Contruum/Contruum.Server/Startup.cs b/samples/Contruum/Contruum.Server/Startup.cs
@@ -1,4 +1,6 @@
+using System.Globalization;
 using System.IO;
+using System.Text.Json;
 using Contruum.Server.Models;
 using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Builder;
@@ -7,7 +9,9 @@
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
+using OpenIddict.Abstractions;
 using Quartz;
+using static OpenIddict.Abstractions.OpenIddictConstants;
 using static OpenIddict.Server.OpenIddictServerEvents;
 
 namespace Contruum.Server;
@@ -43,7 +47,6 @@ public void ConfigureServices(IServiceCollection services)
         // (like pruning orphaned authorizations/tokens from the database) at regular intervals.
         services.AddQuartz(options =>
         {
-            options.UseMicrosoftDependencyInjectionJobFactory();
             options.UseSimpleTypeLoader();
             options.UseInMemoryStore();
         });
@@ -69,8 +72,8 @@ public void ConfigureServices(IServiceCollection services)
                 options.SetAuthorizationEndpointUris(Configuration["OpenIddict:Endpoints:Authorization"]!)
                        .SetTokenEndpointUris(Configuration["OpenIddict:Endpoints:Token"]!)
                        .SetIntrospectionEndpointUris(Configuration["OpenIddict:Endpoints:Introspection"]!)
-                       .SetUserinfoEndpointUris(Configuration["OpenIddict:Endpoints:Userinfo"]!)
-                       .SetLogoutEndpointUris(Configuration["OpenIddict:Endpoints:Logout"]!);
+                       .SetUserInfoEndpointUris(Configuration["OpenIddict:Endpoints:Userinfo"]!)
+                       .SetEndSessionEndpointUris(Configuration["OpenIddict:Endpoints:Logout"]!);
 
                 // Enable the authorization code, implicit, hybrid and the refresh token flows.
                 options.AllowAuthorizationCodeFlow()
@@ -96,11 +99,51 @@ public void ConfigureServices(IServiceCollection services)
                 options.UseAspNetCore()
                        .EnableAuthorizationEndpointPassthrough()
                        .EnableAuthorizationRequestCaching()
-                       .EnableLogoutEndpointPassthrough();
-
-                // Register the event handler responsible for populating userinfo responses.
-                options.AddEventHandler<HandleUserinfoRequestContext>(options =>
-                    options.UseSingletonHandler<Handlers.PopulateUserinfo>());
+                       .EnableEndSessionEndpointPassthrough();
+
+                // Register the custom event handler responsible for populating userinfo responses.
+                options.AddEventHandler<HandleUserInfoRequestContext>(options => options.UseInlineHandler(context =>
+                {
+                    if (context.Principal.HasScope(Scopes.Profile))
+                    {
+                        context.GivenName = context.Principal.GetClaim(Claims.GivenName);
+                        context.FamilyName = context.Principal.GetClaim(Claims.FamilyName);
+                        context.BirthDate = context.Principal.GetClaim(Claims.Birthdate);
+                        context.Profile = context.Principal.GetClaim(Claims.Profile);
+                        context.PreferredUsername = context.Principal.GetClaim(Claims.PreferredUsername);
+                        context.Website = context.Principal.GetClaim(Claims.Website);
+
+                        context.Claims[Claims.Name] = context.Principal.GetClaim(Claims.Name);
+                        context.Claims[Claims.Gender] = context.Principal.GetClaim(Claims.Gender);
+                        context.Claims[Claims.MiddleName] = context.Principal.GetClaim(Claims.MiddleName);
+                        context.Claims[Claims.Nickname] = context.Principal.GetClaim(Claims.Nickname);
+                        context.Claims[Claims.Picture] = context.Principal.GetClaim(Claims.Picture);
+                        context.Claims[Claims.Locale] = context.Principal.GetClaim(Claims.Locale);
+                        context.Claims[Claims.Zoneinfo] = context.Principal.GetClaim(Claims.Zoneinfo);
+                        context.Claims[Claims.UpdatedAt] = long.Parse(
+                            context.Principal.GetClaim(Claims.UpdatedAt)!,
+                            NumberStyles.Number, CultureInfo.InvariantCulture);
+                    }
+
+                    if (context.Principal.HasScope(Scopes.Email))
+                    {
+                        context.Email = context.Principal.GetClaim(Claims.Email);
+                        context.EmailVerified = false;
+                    }
+
+                    if (context.Principal.HasScope(Scopes.Phone))
+                    {
+                        context.PhoneNumber = context.Principal.GetClaim(Claims.PhoneNumber);
+                        context.PhoneNumberVerified = false;
+                    }
+
+                    if (context.Principal.HasScope(Scopes.Address))
+                    {
+                        context.Address = JsonSerializer.Deserialize<JsonElement>(context.Principal.GetClaim(Claims.Address)!);
+                    }
+
+                    return default;
+                }));
             })
 
             .AddValidation(options =>