AspnetBoilerplate IdentityServer - 配置存储

Question

Story context

TIP : You could skip this if you are familiar with abp + postgres + IdentityServer, and go to Question

I am currently trying to implement an identity provider using the AspnetBoilerplate.

For this I did the following steps:

• I dowloaded AspNet Core 3.x com Multi Page Web Application Template from ABP site.
• I changed EF to use Postgres .
• And then I have Implemented IdentityServer , with some extra steps to accept angular client tokens.

You could see my solution here .

---

Question

At this point I have an functional Identity Provider, but the clients, api resources and identity resources are running in memory as you could see :

//AuthConfigurer.cs#L45

services.AddIdentityServer()
          .AddDeveloperSigningCredential()
          .AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources())
          .AddInMemoryApiResources(IdentityServerConfig.GetApiResources())
          .AddInMemoryClients(IdentityServerConfig.GetClients())
          .AddAbpPersistedGrants<IAbpPersistedGrantDbContext>()
          .AddAbpIdentityServer<User>();

So now I want to put then in EF, for that I tried the following:

//SSODbContext.cs
using Microsoft.EntityFrameworkCore;
using Abp.Zero.EntityFrameworkCore;
using Coders.SSO.Authorization.Roles;
using Coders.SSO.Authorization.Users;
using Coders.SSO.MultiTenancy;
using Abp.Localization;
using Abp.IdentityServer4;
using IdentityServer4.EntityFramework.Interfaces;
using IdentityServer4.EntityFramework.Entities;
using System.Threading.Tasks;

namespace Coders.SSO.EntityFrameworkCore
{
    public class SSODbContext : AbpZeroDbContext<Tenant, Role, User, SSODbContext>, IAbpPersistedGrantDbContext, IConfigurationDbContext
    {
        /* Define a DbSet for each entity of the application */
        public DbSet<PersistedGrantEntity> PersistedGrants { get; set; }
        public DbSet<Client> Clients { get; set; }
        public DbSet<ApiResource> ApiResources { get; set; }
        public DbSet<IdentityResource> IdentityResources { get; set; }

        public SSODbContext(DbContextOptions<SSODbContext> options)
            : base(options)
        {
        }

        // add these lines to override max length of property
        // we should set max length smaller than the PostgreSQL allowed size (10485760)
        protected override void OnModelCreating(ModelBuilder modelBuilder)
        {
            base.OnModelCreating(modelBuilder);
            
            modelBuilder.Entity<ApplicationLanguageText>()
                .Property(p => p.Value)
                .HasMaxLength(100); // any integer that is smaller than 10485760

            modelBuilder.ConfigurePersistedGrantEntity();
        }

        public Task<int> SaveChangesAsync() => base.SaveChangesAsync();
    }
}

Applied a new migration and update database, then I changed the service call as following:

services.AddIdentityServer()
          .AddDeveloperSigningCredential()
          .AddConfigurationStore<SSODbContext>()
          .AddAbpPersistedGrants<IAbpPersistedGrantDbContext>()
          .AddAbpIdentityServer<User>();

but didn't work, any idea how to setup Configuration Store on AspNetBoilerplate?

Answer 1

Perhaps the problem is that you use an interface here?

.AddAbpPersistedGrants<IAbpPersistedGrantDbContext>()

Should it not be a concrete type instead? Why do you need to have this interface?

Answer 2

I solved this issue creating my own Stores in Application project inheriting from IdentityServer Stores interfaces, like the Scott Brady said in his blog (Article: Creating Your Own IdentityServer4 Storage Library).

And then I added my stores in Startup like:

services.AddIdentityServer()
    // existing registrations
    .AddClientStore<ClientStoreAppService>()
    .AddCorsPolicyService<CorsPolicyService>()
    .AddResourceStore<ResourcesStoreAppService>()
    .AddPersistedGrantStore<PersistedGrantStoreAppService>()
    .AddDeviceFlowStore<DeviceFlowStoreAppService>(); 

---

Step by step

• Create Entities
• Create Services
• Create necessary method in each service
• Register the services in IdentityServer