It looks like instead of registering auth middleware per scheme, there's just one auth middleware and different auth schemes are added by calling services.AddScheme<TOptions, THandler>.
The new authentication stack - that I helped design - is so different than the previous one that it will require massive changes in both ASOS and OpenIddict. I'll probably have something ready for 2.0-preview2.
https://github.com/OrchardCMS/Orchard2/issues/730#issuecomment-298250282
Correct me if I'm wrong (and I don't doubt that I am), but isn't the majority of the change just moving where you provide your AuthHandler to DI (AddScheme) rather than having a middleware do it? When I glanced through the changes in the external auth providers actual AuthHandlers seemed the same. To be fair though that's on the validation side and not on the issuing side.
Correct me if I'm wrong (and I don't doubt that I am), but isn't the majority of the change just moving where you provide your AuthHandler to DI (AddScheme) rather than having a middleware do it?
Well, it's indeed the most visible change, but it's not the only one: there's a bunch of API signatures changes and things that are not possible at all in the new world for which we'll have to find different approaches (e.g authentication middleware selection via pipeline branching: https://github.com/openiddict/openiddict-samples/blob/master/samples/CodeFlow/AuthorizationServer/Startup.cs#L103-L158).
There's nothing complicated, just time that must be spent to port the validation/introspection middleware, ASOS and OpenIddict :smile:
Any news about this?
Do you mean that in general OpenIddict does not require changes except middleware registration logic?
Any news about this?
The ASOS/OpenIddict/validation/introspection handlers' port is currently blocked by https://github.com/aspnet/Security/issues/1282 and https://github.com/aspnet/Security/issues/1287. I'll publish 2.0 preview3-compatible bits as soon as these bugs are fixed.
Do you mean that in general OpenIddict does not require changes except middleware registration logic?
The internal changes are massive but the plan is to keep OpenIddict's public APIs identical to their 1.0 equivalent.
but the plan is to keep OpenIddict's public API identical to their 1.0 equivalent
That is perfect. Then starting new project on 1.0
Thanks!
OpenIddict and aspnet-contrib packages compatible with the ASP.NET Core 2.0 preview3/RTM nightly builds are now available and can be downloaded from the aspnet-contrib MyGet feed.
For those who are interested, you can take a look at these PRs to see what's changed:
netcoreapp2.0 - Could not load type 'Microsoft.AspnetCore.Builder.AuthenticationOptions'.Any suggestion Please ?
THANKS.
I am having the same problem, is there any solution? Would appreciate help/guidance.
Thanks
What's the exact OpenIddict version you're using?
Same issue here
@felipecruz91 you're most likely referencing both 1.x and 2.x ASP.NET Core packages, which causes an incompatibility.
Most helpful comment
Well, it's indeed the most visible change, but it's not the only one: there's a bunch of API signatures changes and things that are not possible at all in the new world for which we'll have to find different approaches (e.g authentication middleware selection via pipeline branching: https://github.com/openiddict/openiddict-samples/blob/master/samples/CodeFlow/AuthorizationServer/Startup.cs#L103-L158).
There's nothing complicated, just time that must be spent to port the validation/introspection middleware, ASOS and OpenIddict :smile: