OpenIddict Blazor Wasm UI Migration Guide

Blazor Project

• In the MyApplication.Blazor.csproj replace project references:

  <PackageReference Include="Verto.Vcp.IdentityServer.Blazor.WebAssembly" Version="6.0.*" />
  

  with

  <PackageReference Include="Verto.Vcp.OpenIddict.Pro.Blazor.WebAssembly" Version="6.0.*" />
  

• In the MyApplicationBlazorModule.cs replace usings and module dependencies:

  using IdentityModel;
  using Verto.Vcp.IdentityServer.Blazor.WebAssembly;
  ...
  typeof(VcpIdentityServerBlazorWebAssemblyModule),
  

  with

  using OpenIddict.Abstractions;
  using Verto.Vcp.OpenIddict.Pro.Blazor.WebAssembly;
  ...
  typeof(VcpOpenIddictProBlazorWebAssemblyModule),
  

• In the MyApplicationBlazorModule.cs update the ConfigureAuthentication method:

  builder.Services.AddOidcAuthentication(options =>
  {
    builder.Configuration.Bind("AuthServer", options.ProviderOptions);
      options.UserOptions.NameClaim = OpenIddictConstants.Claims.Name; // Add this line
      options.UserOptions.RoleClaim = OpenIddictConstants.Claims.Role; // Add this line
  
      options.ProviderOptions.DefaultScopes.Add("MyApplication");
      options.ProviderOptions.DefaultScopes.Add("roles"); // Update role to roles
      options.ProviderOptions.DefaultScopes.Add("email");
      options.ProviderOptions.DefaultScopes.Add("phone");
  });
  

  Remove options.UserOptions.RoleClaim = JwtClaimTypes.Role; and update role scope to roles.

• In the MyApplicationMenuContributor.cs under Navigation folder, replace the using and menu name under ConfigureMainMenuAsync:

  using Verto.Vcp.IdentityServer.Blazor.Navigation;
  ...
  //Administration->Identity Server
  administration.SetSubItemOrder(VcpIdentityServerMenuNames.GroupName, 2);
  

  with

  using Verto.Vcp.OpenIddict.Pro.Blazor.Menus;
  ...
  //Administration->OpenIddict
  administration.SetSubItemOrder(OpenIddictProMenus.GroupName, 2);
  

Http.Api.Host (Non-Separated IdentityServer)

• In the MyApplication.HttpApi.Host.csproj replace project references:

  <PackageReference Include="Verto.Vcp.Account.Pro.Public.Web.IdentityServer" Version="6.0.*" />
  

  with

  <PackageReference Include="Verto.Vcp.Account.Pro.Public.Web.OpenIddict" Version="6.0.*" />
  

• In the MyApplicationHttpApiHostModule.cs replace usings and module dependencies:

  using IdentityServer4.Configuration;
  using Verto.Vcp.AspNetCore.Authentication.JwtBearer;
  ...
  typeof(VcpAccountPublicWebIdentityServerModule),
  

  with

  using OpenIddict.Validation.AspNetCore;
  ...
  typeof(VcpAccountPublicWebOpenIddictModule),
  

• In the MyApplicationHostModule.cs add PreConfigureServices like below with your application name as the audience:

  public override void PreConfigureServices(ServiceConfigurationContext context)
  {
      PreConfigure<OpenIddictBuilder>(builder =>
      {
          builder.AddValidation(options =>
          {
              options.AddAudiences("MyApplication"); // Replace with your application name
              options.UseLocalServer();
              options.UseAspNetCore();
          });
      });
  }
  

• In the MyApplicationHostModule.cs ConfigureServices method, replace the method call:

  From ConfigureAuthentication(context, configuration); to ConfigureAuthentication(context); and update the method as:

  private void ConfigureAuthentication(ServiceConfigurationContext context)
  {
      context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
  }
  

• In the MyApplicationHostModule.cs OnApplicationInitialization method, replace the midware:

  app.UseJwtTokenMiddleware();
  app.UseIdentityServer();
  

  with

  app.UseVcpOpenIddictValidation();
  

• Delete c.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]); in app.UseVcpSwaggerUI options configurations which is no longer needed.

• In appsettings.json delete SwaggerClientSecret from the AuthServer section like below:

  "AuthServer": {
      "Authority": "https://localhost:44345",
      "RequireHttpsMetadata": "false",
      "SwaggerClientId": "MyApplication_Swagger"
  },
  

Http.Api.Host (Separated IdentityServer)

• In the MyApplicationHttpApiHostModule.cs OnApplicationInitialization method, delete c.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]); in app.UseVcpSwaggerUI options configurations which is no longer needed.

• In appsettings.json delete SwaggerClientSecret from the AuthServer section like below:

  "AuthServer": {
      "Authority": "https://localhost:44345",
      "RequireHttpsMetadata": "false",
      "SwaggerClientId": "MyApplication_Swagger"
  },
  

IdentityServer

This project is renamed to AuthServer after v6.0.0. You can also refactor and rename your project to AuthServer for easier updates in the future.

• In MyApplication.IdentityServer.csproj replace project references:

  <PackageReference Include="Verto.Vcp.Account.Pro.Public.Web.IdentityServer" Version="6.0.*" />
  

  with

  <PackageReference Include="Verto.Vcp.Account.Pro.Public.Web.OpenIddict" Version="6.0.*" />
  

• In the MyApplicationIdentityServerModule.cs replace usings and module dependencies:

  using IdentityServer4.Configuration;
  using Verto.Vcp.AspNetCore.Authentication.JwtBearer;
  ...
  typeof(VcpAccountPublicWebIdentityServerModule),
  

  with

  using OpenIddict.Validation.AspNetCore;
  ...
  typeof(VcpAccountPublicWebOpenIddictModule),
  

• In the MyApplicationIdentityServerModule.cs add PreConfigureServices like below with your application name as the audience:

  public override void PreConfigureServices(ServiceConfigurationContext context)
  {
      PreConfigure<OpenIddictBuilder>(builder =>
      {
          builder.AddValidation(options =>
          {
              options.AddAudiences("MyApplication"); // Replace with your application name
              options.UseLocalServer();
              options.UseAspNetCore();
          });
      });
  }
  

• In the MyApplicationIdentityServerModule.cs replace ForwardIdentityAuthenticationForBearer under ConfigureServices method:

  context.Services.ForwardIdentityAuthenticationForBearer();
  

  with

  context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
  

• In the MyApplicationIdentityServerModule.cs, remove IdentityServerOptions configuration and JwtBearer options under ConfigureServices method:

  if (Convert.ToBoolean(configuration["AuthServer:SetSelfAsIssuer"])) // Remove
  {
      Configure<IdentityServerOptions>(options => { options.IssuerUri = configuration["App:SelfUrl"]; });
  }
  ...
  context.Services.AddAuthentication() // Remove
      .AddJwtBearer(options =>
      {
         options.Authority = configuration["AuthServer:Authority"];
         options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
         options.Audience = "MyApplication";
      })
  

• In the MyApplicationIdentityServerModule.cs OnApplicationInitialization method, replace the midware:

  app.UseJwtTokenMiddleware();
  app.UseIdentityServer();
  

  with

 app.UseVcpOpenIddictValidation();

• To use the new AuthServer page, replace Index.cshtml.cs with AuthServer Index.cshtml.cs and Index.cshtml file with AuthServer Index.cshtml.

  Note: It can be found under the Pages folder.

See Also

• OpenIddict Step-by-Step Guide