Veracity.Authentication.OpenIDConnect.Core 1.1.0

Converting from Veracity.Authentication.OpenIDConnect.* to Veracity.Common.Authentication.*

As we have changed our strategy to provide a unified set of packages that build upon eachother with authientication as the foundation we have deprecated the Veracity.Authentication.OpenIDConnect.* packages. This guide will help in the process of upgrading to the new packages.

We now support different options with regards of token caching through the Microsoft.Extensions.Caching namespace. This provides an easy and standard way of setting up the caching strategy that is most siutable for your solution. Note that persistent token chacing like redis and sql require you to encrupt the tokens before storing them. We also provide options for doing this.

ASPNETCORE

1. Remove the old package
2. install the package: Install-Package Veracity.Common.Authentication.AspNetCore
3. Remove ConfigureServices(s=>s.AddSingleton<IVeracityIntegrationConfigService, VeracityIntegrationConfigService>()) from program.cs
4. Remove ConfigureServices(s=>s.AddSingleton<IVeracityOpenIdManager, VeracityOpenIdManager>()) from program.cs
5. Change Constructor, se sample below
6. Replace services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>() with services.AddVeracity(Configuration)
7. Remove: services.AddHttpClient<VeracityPlatformService>();
8. Remove: services.AddSession()
9. Replace AddOpenIdConnect with AddVeracityAuthentication(Configuration)
10. Add token cache, see sample
11. Add DataProtection, see sample

Startup.cs constructor, uses key vault for secrets

public Startup(IHostingEnvironment env)
{
    var azureServiceTokenProvider = new AzureServiceTokenProvider();
    var builder = new ConfigurationBuilder()
        .SetBasePath(env.ContentRootPath)
        .AddJsonFile("appsettings.json", true, true)
        .AddJsonFile($"appsettings.{env.EnvironmentName}.json", true, true)
        .AddAzureKeyVault("https://veracitydevdaydemo.vault.azure.net/", new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback)), new DefaultKeyVaultSecretManager())
        .AddEnvironmentVariables();
    Configuration = builder.Build();
}

Startup.cs ConfigureServices

public void ConfigureServices(IServiceCollection services)
{
    services.AddVeracity(Configuration)
        .AddSingleton(ConstructDataProtector)
        .AddSingleton(ConstructDistributedCache).Configure<CookiePolicyOptions>(options =>
    {
        // This lambda determines whether user consent for non-essential cookies is needed for a given request.
        options.CheckConsentNeeded = context => true;
        options.MinimumSameSitePolicy = SameSiteMode.None;
    }).AddAuthentication(sharedOptions =>
        {
            sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
        })
        .AddVeracityAuthentication(Configuration)
        .AddCookie();


    services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
}

Create token cache

private IDistributedCache ConstructDistributedCache(IServiceProvider s)
{
    return new MemoryDistributedCache(new OptionsWrapper<MemoryDistributedCacheOptions>(new MemoryDistributedCacheOptions()));
}

Create dataprotector

private IDataProtector ConstructDataProtector(IServiceProvider s)
{
    return new DataProtector<IDataProtectionProvider>(s.GetDataProtectionProvider(), (p, data) => p.CreateProtector("token").Protect(data), (p, data) => p.CreateProtector("token").Unprotect(data));
}