Is Restier compatible with Microsoft.AspNetCore.Identity ?

[GYSRichardGUION]

Hi,

Is Restier compatible with Microsoft.AspNetCore.Identity ?

Can the identity endpoints can be shared with those of the Restier API in Swagger ?

And how to add authorizations to the Restier API endpoints ?

Thank you in advance for your answers.

[robertmclaws]

Since you fully control the URLs for Restier APIs, they can co-exist with Identity APIs just fine.

If you need to authorize your the whole API app, you can add this to ConfigureServices (from our sample):

services.Configure<AuthorizationOptions>(options => options.FallbackPolicy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build());

Then you can use [AllowAnonymous] to stop authentication on certain regular ASP.NET Controller methods. That attribute will NOT work on Restier Interceptors tho, they are called later in the pipeline after authorization has already been processed.

Would recommend separate controllers be put into Areas for logical code separation from Restier controllers.

HTH!

[GYSRichardGUION]

Thanks for your response @robertmclaws

Sorry but i'm lost.

I don't want to disturb you but if i add this line

services.Configure(options => options.FallbackPolicy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build());

I can't connect to swagger definition. i've an error HTTP 401.

If i comment this line, i can't have Identity endpoints. I've only restier enpoints.

What I expect is to have the Identity endpoints (register, login, ...) with the Restier API endpoints on the Swagger page.

Next, it is to apply Identity authorizations to all Restier endpoints.

Here my code:

using Microsoft.AspNet.OData.Extensions;
using Microsoft.EntityFrameworkCore;
using Microsoft.Restier.AspNetCore;
using Microsoft.AspNetCore.Authorization;
using Microsoft.Restier.Core;
using WebApi.Models;
using WebApi.Controllers;
using Microsoft.AspNetCore.Identity;

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddDbContext<GysIdentityContext>(options => {
    options.UseSqlServer(builder.Configuration.GetConnectionString("DefaultConnection"));
});


builder.Services.AddIdentityApiEndpoints<IdentityUser>()
    .AddEntityFrameworkStores<GysIdentityContext>();

builder.Services.AddRestier(configureApisAction =>
{
    configureApisAction.AddRestierApi<GysApi>((routeServices) =>
    {
        routeServices.AddOptions();
        routeServices.AddEFCoreProviderServices<GysContext>((services, options) =>
        {
            options.UseSqlServer(builder.Configuration.GetConnectionString("DefaultConnection"));
        });
    });
}, true);

builder.Services.AddRestierSwagger();

/* builder.Services.Configure<AuthorizationOptions>(options => 
    options.FallbackPolicy = new AuthorizationPolicyBuilder().RequireAuthenticatedUser().Build()
); */

var app = builder.Build();

app.UseRestierBatching();
app.UseRouting();
//app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
    _ = endpoints.MapIdentityApi<IdentityUser>();
    _ = endpoints.Select().Expand().Filter().OrderBy().MaxTop(100).Count().SetTimeZoneInfo(TimeZoneInfo.Utc);
    _ = endpoints.MapRestier(builder =>
    {
        builder.MapApiRoute<GysApi>("", "", true);
    });
});

app.UseClaimsPrincipals();

app.UseHttpsRedirection();
app.UseRestierSwagger(true);
app.MapControllers();
app.Run();

I would appreciate if you could help me. What am I doing wrong?

If you could at least give me some direction.

Thanks you.

[robertmclaws]

I don't use Microsoft's Identity APIs, so I'm not going to be able to be much help here.

My first concern with your code is that the order in which you register things matters. You can't just willy-nilly call .UseXXXX(). Please check the sample again for the proper order of how to register Restier.

Second, I don't think you can have unauthenticated Swagger pages that call authenticated Swagger APIs, at least without more Swagger configuration. The configuration overloads let you help configure Swagger.

Third, you can get rid of the underscore assignments in the endpoints registration, they are an unnecessary distraction.

I wish I had more direct advice. My recommendation would be to get Restier working first, get Authentication working next, and then get Swagger working last. HTH!

[GYSRichardGUION]

@robertmclaws, thank you for your response.

Here is a link that quickly explains Identity in DotNet 8
https://devblogs.microsoft.com/dotnet/whats-new-with-identity-in-dotnet-8/

This is just a Swagger issue, as Restier and Identity endpoints work fine with Postman.

Using AddRestierSwagger overrides Identity endpoints for Swagger UI.

Without this, these are well displayed but not those of Restier.

It would be nice to make Identity work with Restier.