Target .NET 8 and upgrade OpenIddict to 5.3 (#6)

* Target .NET 8. * Upgraded OpenIddict and other NuGet packages. * Fixed the order number of the OpenIddict caching middleware
AKlaus · Mar 24, 2024 · e20665e · e20665e
1 parent 1ccf088
commit e20665e
Show file tree

Hide file tree

Showing 10 changed files with 27 additions and 22 deletions.
diff --git a/AzureADAuthClient/AzureADAuthClient.csproj b/AzureADAuthClient/AzureADAuthClient.csproj
@@ -1,10 +1,9 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
 	<ItemGroup>
-		<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.9" />
-		<PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="7.0.9" />
-		<PackageReference Include="Microsoft.Identity.Web" Version="2.13.2" />
-		<PackageReference Include="NSwag.AspNetCore" Version="13.19.0" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.3" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="8.0.3" />
+		<PackageReference Include="Microsoft.Identity.Web" Version="2.17.2" />
 	</ItemGroup>
 
 	<ItemGroup>

diff --git a/AzureADAuthClient/Configuration/AddAndConfigureSwagger.cs b/AzureADAuthClient/Configuration/AddAndConfigureSwagger.cs
@@ -21,7 +21,7 @@ public static IServiceCollection AddAndConfigureSwagger(this IServiceCollection
 						Type = OpenApiSecuritySchemeType.OAuth2,
 						Description = "Azure AD auth by `id_token` only",
 						Flow = OpenApiOAuth2Flow.Implicit,
-						ExtensionData = new Dictionary<string, object> 
+						ExtensionData = new Dictionary<string, object?> 
 						{
 							// Forcing to extract `id_token` and use it as the bearer token (see https://stackoverflow.com/a/59784134/968003)
 							["x-tokenName"]= "id_token"
@@ -42,7 +42,7 @@ public static IServiceCollection AddAndConfigureSwagger(this IServiceCollection
 	public static IApplicationBuilder ConfigureSwagger(this IApplicationBuilder app, AppSettings settings)
 	{
 		app.UseOpenApi();
-		app.UseSwaggerUi3(cfg =>
+		app.UseSwaggerUi(cfg =>
 			{
 				cfg.OAuth2Client = new OAuth2ClientSettings
 				{

diff --git a/AzureADAuthClient/Properties/launchSettings.json b/AzureADAuthClient/Properties/launchSettings.json
@@ -1,7 +1,7 @@
 {
   "$schema": "https://json.schemastore.org/launchsettings.json",
   "profiles": {
-    "WebApiWithAzureADauth": {
+    "AzureADAuthClient": {
       "commandName": "Project",
       "dotnetRunMessages": true,
       "launchBrowser": true,

diff --git a/Directory.Build.props b/Directory.Build.props
@@ -1,6 +1,6 @@
 <Project>
     <PropertyGroup>
-        <TargetFramework>net7.0</TargetFramework>
+        <TargetFramework>net8.0</TargetFramework>
         <LangVersion>latest</LangVersion>
         <Nullable>enable</Nullable>
         <Features>strict</Features>
@@ -15,4 +15,8 @@
         <UserSecretsId>AK.OAuthSamples</UserSecretsId>
 
     </PropertyGroup>
+
+    <ItemGroup>
+        <PackageReference Include="NSwag.AspNetCore" Version="14.0.4" />
+    </ItemGroup>
 </Project>
diff --git a/OpenIdDict.Client.Api/Configuration/AddAndConfigureSwagger.cs b/OpenIdDict.Client.Api/Configuration/AddAndConfigureSwagger.cs
@@ -33,7 +33,7 @@ public static IServiceCollection AddAndConfigureSwagger(this IServiceCollection
 	public static IApplicationBuilder ConfigureSwagger(this IApplicationBuilder app, AppSettings settings)
 	{
 		app.UseOpenApi();
-		app.UseSwaggerUi3(cfg =>
+		app.UseSwaggerUi(cfg =>
 			{
 				cfg.OAuth2Client = new OAuth2ClientSettings
 				{

diff --git a/OpenIdDict.Client.Api/OpenIdDict.Client.Api.csproj b/OpenIdDict.Client.Api/OpenIdDict.Client.Api.csproj
@@ -1,9 +1,8 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
 	<ItemGroup>
-		<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.9" />
-		<PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="7.0.9" />
-		<PackageReference Include="NSwag.AspNetCore" Version="13.19.0" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.3" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="8.0.3" />
 	</ItemGroup>
 
 	<ItemGroup>

diff --git a/OpenIdDict.Server/Authorisation/OpenIdDictTokenResolving.cs b/OpenIdDict.Server/Authorisation/OpenIdDictTokenResolving.cs
@@ -42,7 +42,7 @@ public CodeReferenceTokenStorageHandler(IMemoryCache memoryCache)
         = OpenIddictServerHandlerDescriptor.CreateBuilder<OpenIddictServerEvents.GenerateTokenContext>()
             .AddFilter<RequireDegradedModeEnabled>()
             .UseScopedHandler<CodeReferenceTokenStorageHandler>()
-            .SetOrder(OpenIddictServerHandlers.Protection.GenerateIdentityModelToken.Descriptor.Order + 2_000)
+            .SetOrder(OpenIddictServerHandlers.Protection.GenerateIdentityModelToken.Descriptor.Order + 990)
             .SetType(OpenIddictServerHandlerType.BuiltIn)
             .Build();
 
@@ -87,7 +87,11 @@ public ValidateCodeReferenceTokenHandler(IMemoryCache memoryCache)
         = OpenIddictServerHandlerDescriptor.CreateBuilder<OpenIddictServerEvents.ValidateTokenContext>()
             .AddFilter<RequireDegradedModeEnabled>()
             .UseScopedHandler<ValidateCodeReferenceTokenHandler>()
-            .SetOrder(OpenIddictServerHandlers.Protection.ResolveTokenValidationParameters.Descriptor.Order + 2_000)
+            /*
+             * NOTE that the order number below might need to be changed in future OpenIddict versions
+             * The auth code must be resolved cache before `OpenIddict.Server.OpenIddictServerHandlers.ValidateAuthorizationCode`
+             */
+            .SetOrder(OpenIddictServerHandlers.Protection.ResolveTokenValidationParameters.Descriptor.Order + 990)
             .SetType(OpenIddictServerHandlerType.BuiltIn)
             .Build();
 

diff --git a/OpenIdDict.Server/Configuration/AddAndConfigureSwagger.cs b/OpenIdDict.Server/Configuration/AddAndConfigureSwagger.cs
@@ -33,7 +33,7 @@ public static IServiceCollection AddAndConfigureSwagger(this IServiceCollection
 	public static IApplicationBuilder ConfigureSwagger(this IApplicationBuilder app, AppSettings settings)
 	{
 		app.UseOpenApi();
-		app.UseSwaggerUi3(cfg =>
+		app.UseSwaggerUi(cfg =>
 			{
 				cfg.OAuth2Client = new OAuth2ClientSettings
 				{

diff --git a/OpenIdDict.Server/OpenIdDict.Server.csproj b/OpenIdDict.Server/OpenIdDict.Server.csproj
@@ -1,12 +1,11 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
 	<ItemGroup>
-		<PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="7.0.0" />
-		<PackageReference Include="Microsoft.Identity.Web" Version="2.13.2" />
-		<PackageReference Include="NSwag.AspNetCore" Version="13.19.0" />
-		<PackageReference Include="OpenIddict.Server.AspNetCore" Version="4.6.0" />
-		<PackageReference Include="OpenIddict.Validation.AspNetCore" Version="4.6.0" />
-		<PackageReference Include="OpenIddict.Validation.ServerIntegration" Version="4.6.0" />
+		<PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="8.0.0" />
+		<PackageReference Include="Microsoft.Identity.Web" Version="2.17.2" />
+		<PackageReference Include="OpenIddict.Server.AspNetCore" Version="5.3.0" />
+		<PackageReference Include="OpenIddict.Validation.AspNetCore" Version="5.3.0" />
+		<PackageReference Include="OpenIddict.Validation.ServerIntegration" Version="5.3.0" />
 	</ItemGroup>
 
 	<ItemGroup>

diff --git a/OpenIdDict.Server/Program.cs b/OpenIdDict.Server/Program.cs
@@ -42,7 +42,7 @@ policyBuilder .AllowAnyOrigin()
 		})
 	.UseAuthentication()
 	.UseAuthorization();	// Note 1: 'Authorization' is required only if the project has secured end-points
-							// Note 2: the Authorization middleware must be register AFTER the Authentication middleware
+							// Note 2: the Authorization middleware must be registered AFTER the Authentication middleware
 app.MapTestRoutes();
 
 if (isLocal)