Merge branch 'main' into joe/configuration-identitymodel-7.0

DuendeSoftware · Feb 13, 2024 · 7ab25a1 · 7ab25a1
2 parents f1262d4 + db1f368
commit 7ab25a1
Show file tree

Hide file tree

Showing 647 changed files with 30,624 additions and 4,557 deletions.
diff --git a/...Server/v7/AspNetIdentity/IdentityServerAspNetIdentity/IdentityServerAspNetIdentity.csproj b/...Server/v7/AspNetIdentity/IdentityServerAspNetIdentity/IdentityServerAspNetIdentity.csproj
@@ -6,7 +6,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer.AspNetIdentity" Version="7.0.0-preview.2" />
+    <PackageReference Include="Duende.IdentityServer.AspNetIdentity" Version="7.0.0" />
 
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="8.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="8.0.0" />

diff --git a/...ver/v7/BFF/TokenExchange/TokenExchange.IdentityServer/TokenExchange.IdentityServer.csproj b/...ver/v7/BFF/TokenExchange/TokenExchange.IdentityServer/TokenExchange.IdentityServer.csproj
@@ -6,7 +6,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer" Version="7.0.0-preview.2" />
+    <PackageReference Include="Duende.IdentityServer" Version="7.0.0" />
     <PackageReference Include="Serilog.AspNetCore" Version="8.0.0" />
   </ItemGroup>
 

diff --git a/IdentityServer/v7/Basics/IdentityServer/src/IdentityServerHost.csproj b/IdentityServer/v7/Basics/IdentityServer/src/IdentityServerHost.csproj
@@ -5,7 +5,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer" Version="7.0.0-preview.2" />
+    <PackageReference Include="Duende.IdentityServer" Version="7.0.0" />
     <PackageReference Include="Serilog.AspNetCore" Version="8.0.0" />
   </ItemGroup>
 

diff --git a/IdentityServer/v7/Basics/MvcPar/src/Client.csproj b/IdentityServer/v7/Basics/MvcPar/src/Client.csproj
@@ -8,6 +8,7 @@
 		<PackageReference Include="Duende.AccessTokenManagement.OpenIdConnect" Version="2.0.3"/>
 		<PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="8.0.0"/>
 		<PackageReference Include="Serilog.AspNetCore" Version="8.0.0" />
+		<PackageReference Include="IdentityModel" Version="7.0.0-preview.1" />
 	</ItemGroup>
 
 	<!-- Constants and helpers -->

diff --git a/IdentityServer/v7/Basics/MvcPar/src/ParOidcEvents.cs b/IdentityServer/v7/Basics/MvcPar/src/ParOidcEvents.cs
@@ -1,8 +1,7 @@
 using System;
+using System.Linq;
 using System.Net.Http;
-using System.Net.Http.Json;
 using System.Text;
-using System.Text.Json.Serialization;
 using System.Threading.Tasks;
 using IdentityModel.Client;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;
@@ -16,7 +15,7 @@ public class ParOidcEvents(HttpClient httpClient, IDiscoveryCache discoveryCache
         private readonly HttpClient _httpClient = httpClient;
         private readonly IDiscoveryCache _discoveryCache = discoveryCache;
         private readonly ILogger<ParOidcEvents> _logger = logger;
-
+        
         public override async Task RedirectToIdentityProvider(RedirectContext context)
         {
             var clientId = context.ProtocolMessage.ClientId;
@@ -85,28 +84,30 @@ private async Task RedirectToAuthorizeEndpoint(RedirectContext context, OpenIdCo
             throw new NotImplementedException($"An unsupported authentication method has been configured: {context.Options.AuthenticationMethod}");
         }
 
-        private async Task<ParResponse> PushAuthorizationParameters(RedirectContext context, string clientId)
+        private async Task<PushedAuthorizationResponse> PushAuthorizationParameters(RedirectContext context, string clientId)
         {
-            // Send our PAR request
-            var requestBody = new FormUrlEncodedContent(context.ProtocolMessage.Parameters);
-            _httpClient.SetBasicAuthentication(clientId, "secret");
-
             var disco = await _discoveryCache.GetAsync();
             if (disco.IsError)
             {
                 throw new Exception(disco.Error);
             }
-            var parEndpoint = disco.TryGetValue("pushed_authorization_request_endpoint").GetString();
-            var response = await _httpClient.PostAsync(parEndpoint, requestBody);
-            if (!response.IsSuccessStatusCode)
+            var par = new PushedAuthorizationRequest
             {
-                throw new Exception("PAR failure");
+                Address = disco.PushedAuthorizationRequestEndpoint,
+                ClientId = "mvc.par", // This has to be set here, even though it is already in the Parameters collection. We use this property to set the auth header
+                ClientSecret = "secret",
+                Parameters = new Parameters(context.ProtocolMessage.Parameters.Where(p => p.Key != "client_id")),
+            };
+            var response = await _httpClient.PushAuthorizationAsync(par);
+
+            if (response.IsError )
+            {
+                throw new Exception("PAR failure", response.Exception);
             }
-            return await response.Content.ReadFromJsonAsync<ParResponse>();
-
+            return response; 
         }
 
-        private static void SetAuthorizeParameters(RedirectContext context, string clientId, ParResponse parResponse)
+        private static void SetAuthorizeParameters(RedirectContext context, string clientId, PushedAuthorizationResponse parResponse)
         {
             // Remove all the parameters from the protocol message, and replace with what we got from the PAR response
             context.ProtocolMessage.Parameters.Clear();
@@ -129,14 +130,5 @@ public override Task TokenResponseReceived(TokenResponseReceivedContext context)
         {
             return base.TokenResponseReceived(context);
         }
-
-        private class ParResponse
-        {
-            [JsonPropertyName("expires_in")]
-            public int ExpiresIn { get; set; }
-
-            [JsonPropertyName("request_uri")]
-            public string RequestUri { get; set; }
-        }
     }
 }
diff --git a/IdentityServer/v7/Basics/MvcPar/src/Program.cs b/IdentityServer/v7/Basics/MvcPar/src/Program.cs
@@ -10,11 +10,10 @@ public class Program
     {
         public static int Main(string[] args)
         {
+            Console.Title = "MvcPar";
+
             Log.Logger = new LoggerConfiguration()
-                .MinimumLevel.Warning()
-                .MinimumLevel.Override("IdentityModel", LogEventLevel.Debug)
-                .MinimumLevel.Override("System.Net.Http", LogEventLevel.Information)
-                .MinimumLevel.Override("Microsoft.AspNetCore.Authentication", LogEventLevel.Information)
+                .MinimumLevel.Information()
                 .Enrich.FromLogContext()
                 .WriteTo.Console(outputTemplate: "[{Timestamp:HH:mm:ss} {Level}] {SourceContext}{NewLine}{Message:lj}{NewLine}{Exception}{NewLine}")
                 .CreateLogger();

diff --git a/IdentityServer/v7/Configuration/Permissions/Configuration/Configuration.csproj b/IdentityServer/v7/Configuration/Permissions/Configuration/Configuration.csproj
@@ -7,8 +7,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer.Configuration" Version="7.0.0-rc.2" />
-    <PackageReference Include="Duende.IdentityServer.Configuration.EntityFramework" Version="7.0.0-rc.2" />
+    <PackageReference Include="Duende.IdentityServer.Configuration" Version="7.0.0" />
+    <PackageReference Include="Duende.IdentityServer.Configuration.EntityFramework" Version="7.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.1" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="8.0.1" />
   </ItemGroup>

diff --git a/IdentityServer/v7/Configuration/PipelineRegistration/Configuration/Configuration.csproj b/IdentityServer/v7/Configuration/PipelineRegistration/Configuration/Configuration.csproj
@@ -7,8 +7,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer.Configuration" Version="7.0.0-rc.2" />
-    <PackageReference Include="Duende.IdentityServer.Configuration.EntityFramework" Version="7.0.0-rc.2" />
+    <PackageReference Include="Duende.IdentityServer.Configuration" Version="7.0.0" />
+    <PackageReference Include="Duende.IdentityServer.Configuration.EntityFramework" Version="7.0.0" />
     <PackageReference Include="IdentityModel.AspNetCore.OAuth2Introspection" Version="6.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.1" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="8.0.1" />

diff --git a/IdentityServer/v7/Configuration/PipelineRegistration/IdentityServer/IdentityServer.csproj b/IdentityServer/v7/Configuration/PipelineRegistration/IdentityServer/IdentityServer.csproj
@@ -7,7 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer.EntityFramework" Version="7.0.0-rc.2" />
+    <PackageReference Include="Duende.IdentityServer.EntityFramework" Version="7.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="8.0.1" />
     <PackageReference Include="Serilog.AspNetCore" Version="8.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="8.0.1" />

diff --git a/IdentityServer/v7/Configuration/SimpleDcr/Configuration/Configuration.csproj b/IdentityServer/v7/Configuration/SimpleDcr/Configuration/Configuration.csproj
@@ -7,8 +7,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer.Configuration" Version="7.0.0-rc.2" />
-    <PackageReference Include="Duende.IdentityServer.Configuration.EntityFramework" Version="7.0.0-rc.2" />
+    <PackageReference Include="Duende.IdentityServer.Configuration" Version="7.0.0" />
+    <PackageReference Include="Duende.IdentityServer.Configuration.EntityFramework" Version="7.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.1" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="8.0.1" />
   </ItemGroup>

diff --git a/IdentityServer/v7/Configuration/SimpleDcr/IdentityServer/IdentityServer.csproj b/IdentityServer/v7/Configuration/SimpleDcr/IdentityServer/IdentityServer.csproj
@@ -7,7 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer.EntityFramework" Version="7.0.0-rc.2" />
+    <PackageReference Include="Duende.IdentityServer.EntityFramework" Version="7.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="8.0.1" />
     <PackageReference Include="Serilog.AspNetCore" Version="8.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="8.0.1" />

diff --git a/IdentityServer/v7/Configuration/SoftwareStatement/Configuration/Configuration.csproj b/IdentityServer/v7/Configuration/SoftwareStatement/Configuration/Configuration.csproj
@@ -7,8 +7,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer.Configuration" Version="7.0.0-rc.2" />
-    <PackageReference Include="Duende.IdentityServer.Configuration.EntityFramework" Version="7.0.0-rc.2" />
+    <PackageReference Include="Duende.IdentityServer.Configuration" Version="7.0.0" />
+    <PackageReference Include="Duende.IdentityServer.Configuration.EntityFramework" Version="7.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.1" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="8.0.1" />
   </ItemGroup>

diff --git a/IdentityServer/v7/Configuration/SoftwareStatement/IdentityServer/IdentityServer.csproj b/IdentityServer/v7/Configuration/SoftwareStatement/IdentityServer/IdentityServer.csproj
@@ -7,7 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer.EntityFramework" Version="7.0.0-rc.2" />
+    <PackageReference Include="Duende.IdentityServer.EntityFramework" Version="7.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="8.0.1" />
     <PackageReference Include="Serilog.AspNetCore" Version="8.0.0" />
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="8.0.1" />

diff --git a/IdentityServer/v7/DPoP/IdentityServerHost/IdentityServerHost.csproj b/IdentityServer/v7/DPoP/IdentityServerHost/IdentityServerHost.csproj
@@ -6,7 +6,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer" Version="7.0.0-rc.2" />
+    <PackageReference Include="Duende.IdentityServer" Version="7.0.0" />
     <PackageReference Include="Serilog.AspNetCore" Version="8.0.0" />
   </ItemGroup>
 

diff --git a/IdentityServer/v7/MTLS/IdentityServerHost/IdentityServerHost.csproj b/IdentityServer/v7/MTLS/IdentityServerHost/IdentityServerHost.csproj
@@ -5,7 +5,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer" Version="7.0.0-rc.2" />
+    <PackageReference Include="Duende.IdentityServer" Version="7.0.0" />
     <PackageReference Include="Serilog.AspNetCore" Version="8.0.0" />
   </ItemGroup>
 

diff --git a/IdentityServer/v7/PAT/IdentityServerHost/IdentityServerHost.csproj b/IdentityServer/v7/PAT/IdentityServerHost/IdentityServerHost.csproj
@@ -5,7 +5,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer" Version="7.0.0-rc.2" />
+    <PackageReference Include="Duende.IdentityServer" Version="7.0.0" />
 
     <PackageReference Include="Serilog.AspNetCore" Version="8.0.0" />
   </ItemGroup>

diff --git a/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Api/Api.csproj b/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Api/Api.csproj
@@ -1,11 +1,14 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
+
   <PropertyGroup>
-    <TargetFramework>net6.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
+    <InvariantGlobalization>true</InvariantGlobalization>
   </PropertyGroup>
+
   <ItemGroup>
-    <PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3"/>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.13"/>
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.1" />
   </ItemGroup>
-</Project>
+
+</Project>
diff --git a/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Api/Controllers/IdentityController.cs b/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Api/Controllers/IdentityController.cs
diff --git a/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Api/Program.cs b/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Api/Program.cs
@@ -1,42 +1,31 @@
 // Copyright (c) Duende Software. All rights reserved.
 // See LICENSE in the project root for license information.
 
-var builder = WebApplication.CreateBuilder(args);
 
-// Add services to the container.
+using System.Security.Claims;
+
+var builder = WebApplication.CreateBuilder(args);
 
-builder.Services.AddControllers();
-// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
-builder.Services.AddEndpointsApiExplorer();
-builder.Services.AddSwaggerGen();
-builder.Services.AddAuthentication("Bearer")
+builder.Services.AddAuthentication()
     .AddJwtBearer(options =>
     {
         options.Authority = "https://localhost:5001";
         options.TokenValidationParameters.ValidateAudience = false;
     });
 builder.Services.AddAuthorization(options =>
+{
     options.AddPolicy("ApiScope", policy =>
     {
         policy.RequireAuthenticatedUser();
         policy.RequireClaim("scope", "api1");
-    })
-);
+    });
+});
 
 var app = builder.Build();
 
-// Configure the HTTP request pipeline.
-if (app.Environment.IsDevelopment())
-{
-    app.UseSwagger();
-    app.UseSwaggerUI();
-}
-
 app.UseHttpsRedirection();
 
-app.UseAuthentication();
-app.UseAuthorization();
-
-app.MapControllers().RequireAuthorization("ApiScope");
-
+app.MapGet("identity", (ClaimsPrincipal user) => user.Claims.Select(c => new { c.Type, c.Value }))
+    .RequireAuthorization("ApiScope");
+
 app.Run();
diff --git a/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Api/Properties/launchSettings.json b/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Api/Properties/launchSettings.json
@@ -1,27 +1,10 @@
-{
-  "$schema": "https://json.schemastore.org/launchsettings.json",
-  "iisSettings": {
-    "windowsAuthentication": false,
-    "anonymousAuthentication": true,
-    "iisExpress": {
-      "applicationUrl": "http://localhost:29615",
-      "sslPort": 44380
-    }
-  },
+{
+  "$schema": "http://json.schemastore.org/launchsettings.json",
   "profiles": {
-    "Api": {
+    "https": {
       "commandName": "Project",
-      "launchUrl": "identity",
-      "environmentVariables": {
-        "ASPNETCORE_ENVIRONMENT": "Development"
-      },
+      "dotnetRunMessages": true,
       "applicationUrl": "https://localhost:6001",
-      "dotnetRunMessages": true
-    },
-    "IIS Express": {
-      "commandName": "IISExpress",
-      "launchBrowser": true,
-      "launchUrl": "swagger",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       }

diff --git a/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Client/Client.csproj b/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Client/Client.csproj
@@ -1,14 +1,14 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>net6.0</TargetFramework>
     <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="IdentityModel" Version="6.0.0" />
+    <PackageReference Include="IdentityModel" Version="6.2.0" />
   </ItemGroup>
 
 </Project>
diff --git a/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Client/Program.cs b/IdentityServer/v7/Quickstarts/1_ClientCredentials/src/Client/Program.cs
@@ -7,7 +7,6 @@
 
 // discover endpoints from metadata
 var client = new HttpClient();
-
 var disco = await client.GetDiscoveryDocumentAsync("https://localhost:5001");
 if (disco.IsError)
 {
@@ -21,7 +20,6 @@
     Address = disco.TokenEndpoint,
     ClientId = "client",
     ClientSecret = "secret",
-
     Scope = "api1"
 });
 
@@ -32,12 +30,11 @@
     return;
 }
 
-Console.WriteLine(tokenResponse.Json);
-Console.WriteLine("\n\n");
+Console.WriteLine(tokenResponse.AccessToken);
 
 // call api
 var apiClient = new HttpClient();
-apiClient.SetBearerToken(tokenResponse.AccessToken);
+apiClient.SetBearerToken(tokenResponse.AccessToken!); // AccessToken is always non-null when IsError is false
 
 var response = await apiClient.GetAsync("https://localhost:6001/identity");
 if (!response.IsSuccessStatusCode)