space-wizards · juliangiebel · Aug 10, 2025 · Aug 10, 2025 · Aug 10, 2025 · Aug 10, 2025
diff --git a/.gitignore b/.gitignore
@@ -7,4 +7,5 @@ riderModule.iml
 /*.sln.DotSettings.user
 
 */appsettings.Secret.yml
-*/tempkey.jwk
+*/tempkey.jwk
+cert
diff --git a/OAuthTest/OAuthTest.csproj b/OAuthTest/OAuthTest.csproj
@@ -1,10 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
     <PropertyGroup>
-        <TargetFramework>net7.0</TargetFramework>
+        <TargetFramework>net9.0</TargetFramework>
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="6.0.1" />
+        <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="9.0.8" />
     </ItemGroup>
 </Project>
diff --git a/OAuthTest/Startup.cs b/OAuthTest/Startup.cs
@@ -24,10 +24,10 @@ public void ConfigureServices(IServiceCollection services)
         services.AddHttpLogging(logging =>
         {
             logging.LoggingFields = HttpLoggingFields.All;
-            //Write your code to configure the HttpLogging middleware here    
+            //Write your code to configure the HttpLogging middleware here
         });
         JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
-            
+
         services.AddControllersWithViews();
 
         services.AddAuthentication(options =>
@@ -39,15 +39,15 @@ public void ConfigureServices(IServiceCollection services)
             .AddOpenIdConnect("oidc", options =>
             {
                 options.SignInScheme = "Cookies";
-                    
-                options.Authority = "https://localhost:5003";
-                options.ClientId = "A";
-                options.ClientSecret = "A";
+
+                options.Authority = "https://localhost:5001";
+                options.ClientId = "test_client";
+                options.ClientSecret = "test_secret";
 
                 options.GetClaimsFromUserInfoEndpoint = true;
                 options.ResponseType = OpenIdConnectResponseType.Code;
                 //options.SaveTokens = true;
-                    
+
                 options.Scope.Add("profile");
                 options.Scope.Add("email");
                 options.ResponseType = "code";
@@ -85,4 +85,4 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
                 pattern: "{controller=Home}/{action=Index}/{id?}");
         });
     }
-}
+}
diff --git a/README.md b/README.md
@@ -26,7 +26,13 @@ ConnectionStrings:
 Mutex:
   # Change this to something local on disk.
   DbPath: 'C:\Users\Pieter-Jan Briers\Projects\ss14\web\mutex.db'
-``` 
+```
 
 * Create the mutex DB mentioned above manually, and run `init_mutex.sql` on it. (I recommend https://sqlitebrowser.org/ for this task)
 * If I didn't forget anything you should now be able to start both services and it should work:tm:.
+
+### Handling migrations
+The following ef core commands can be used:
+- Creating a migration: `dotnet ef migrations add <migration name> -p SS14.Auth.Shared`
+- Removing migrations: `dotnet ef migrations remove -p SS14.Auth.Shared --connection "<connection string>"`
+- Updating the database: `dotnet ef database update -p SS14.Auth.Shared -s .\SS14.Web\ --connection "<connection string>"`
diff --git a/SS14.Auth.Shared/Data/AccountLogManager.cs b/SS14.Auth.Shared/Data/AccountLogManager.cs
@@ -88,4 +88,4 @@ public AccountLogActor NoActor()
     }
 }
 
-public sealed record AccountLogActor(Guid? User, IPAddress? Address);
+public sealed record AccountLogActor(Guid? User, IPAddress? Address);
diff --git a/SS14.Auth.Shared/Data/ApplicationDbContext.cs b/SS14.Auth.Shared/Data/ApplicationDbContext.cs
@@ -1,19 +1,12 @@
 using System;
-using System.Threading.Tasks;
-using IdentityServer4.EntityFramework.Entities;
-using IdentityServer4.EntityFramework.Extensions;
-using IdentityServer4.EntityFramework.Interfaces;
-using IdentityServer4.EntityFramework.Options;
 using Microsoft.AspNetCore.DataProtection.EntityFrameworkCore;
 using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore;
 
 namespace SS14.Auth.Shared.Data;
 
 public class ApplicationDbContext : IdentityDbContext<SpaceUser, SpaceRole, Guid>,
-    IDataProtectionKeyContext,
-    IConfigurationDbContext,
-    IPersistedGrantDbContext
+    IDataProtectionKeyContext
 {
     public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options)
         : base(options)
@@ -61,49 +54,13 @@ protected override void OnModelCreating(ModelBuilder builder)
             .HasIndex(p => p.SpaceUserId)
             .IsUnique();
 
-        builder.Entity<UserOAuthClient>()
-            .HasIndex(p => new { p.ClientId })
-            .IsUnique();
-
         builder.Entity<Hwid>()
             .HasIndex(h => h.ClientData)
             .IsUnique();
 
         builder.Entity<HwidUser>()
             .HasIndex(h => new { h.HwidId, h.SpaceUserId })
             .IsUnique();
-
-        var cfgStoreOptions = new ConfigurationStoreOptions
-        {
-            IdentityResource = new TableConfiguration("IdentityResources", "IS4"),
-            IdentityResourceClaim = new TableConfiguration("IdentityResourceClaims", "IS4"),
-            IdentityResourceProperty = new TableConfiguration("IdentityResourceProperties", "IS4"),
-            ApiResource = new TableConfiguration("ApiResources", "IS4"),
-            ApiResourceSecret = new TableConfiguration("ApiResourceSecrets", "IS4"),
-            ApiResourceScope = new TableConfiguration("ApiResourceScopes", "IS4"),
-            ApiResourceClaim = new TableConfiguration("ApiResourceClaims", "IS4"),
-            ApiResourceProperty = new TableConfiguration("ApiResourceProperties", "IS4"),
-            Client = new TableConfiguration("Clients", "IS4"),
-            ClientGrantType = new TableConfiguration("ClientGrantTypes", "IS4"),
-            ClientRedirectUri = new TableConfiguration("ClientRedirectUris", "IS4"),
-            ClientPostLogoutRedirectUri = new TableConfiguration("ClientPostLogoutRedirectUris", "IS4"),
-            ClientScopes = new TableConfiguration("ClientScopes", "IS4"),
-            ClientSecret = new TableConfiguration("ClientSecrets", "IS4"),
-            ClientClaim = new TableConfiguration("ClientClaims", "IS4"),
-            ClientIdPRestriction = new TableConfiguration("ClientIdPRestrictions", "IS4"),
-            ClientCorsOrigin = new TableConfiguration("ClientCorsOrigins", "IS4"),
-            ClientProperty = new TableConfiguration("ClientProperties", "IS4"),
-            ApiScope = new TableConfiguration("ApiScopes", "IS4"),
-            ApiScopeClaim = new TableConfiguration("ApiScopeClaims", "IS4"),
-            ApiScopeProperty = new TableConfiguration("ApiScopeProperties", "IS4")
-        };
-        builder.ConfigureClientContext(cfgStoreOptions);
-        builder.ConfigureResourcesContext(cfgStoreOptions);
-        builder.ConfigurePersistedGrantContext(new OperationalStoreOptions
-        {
-            PersistedGrants = new TableConfiguration("PersistedGrants", "IS4"),
-            DeviceFlowCodes = new TableConfiguration("DeviceCodes", "IS4"),
-        });
     }
 
     public DbSet<LoginSession> ActiveSessions { get; set; }
@@ -113,26 +70,8 @@ protected override void OnModelCreating(ModelBuilder builder)
     public DbSet<WhitelistEmail> WhitelistEmails { get; set; }
     public DbSet<Patron> Patrons { get; set; }
     public DbSet<PatreonWebhookLog> PatreonWebhookLogs { get; set; }
-    public DbSet<UserOAuthClient> UserOAuthClients { get; set; }
     public DbSet<PastAccountName> PastAccountNames { get; set; }
     public DbSet<AccountLog> AccountLogs { get; set; }
     public DbSet<Hwid> Hwids { get; set; }
     public DbSet<HwidUser> HwidUsers { get; set; }
-
-    // IS4 configuration.
-    public DbSet<Client> Clients { get; set; }
-    public DbSet<ClientSecret> ClientSecrets { get; set; }
-    public DbSet<ClientCorsOrigin> ClientCorsOrigins { get; set; }
-    public DbSet<IdentityResource> IdentityResources { get; set; }
-    public DbSet<ApiResource> ApiResources { get; set; }
-    public DbSet<ApiScope> ApiScopes { get; set; }
-
-    // IS4 operational.
-    public DbSet<PersistedGrant> PersistedGrants { get; set; }
-    public DbSet<DeviceFlowCodes> DeviceFlowCodes { get; set; }
-
-    Task<int> IPersistedGrantDbContext.SaveChangesAsync()
-    {
-        return base.SaveChangesAsync();
-    }
 }
diff --git a/SS14.Auth.Shared/Data/ApplicationDesignTimeDbContextFactory.cs b/SS14.Auth.Shared/Data/ApplicationDesignTimeDbContextFactory.cs
@@ -1,6 +1,7 @@
 using JetBrains.Annotations;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Design;
+using static SS14.Auth.Shared.Data.OpeniddictDefaultTypes;
 
 namespace SS14.Auth.Shared.Data;
 
@@ -11,6 +12,7 @@ public ApplicationDbContext CreateDbContext(string[] args)
     {
         var optionsBuilder = new DbContextOptionsBuilder<ApplicationDbContext>();
         optionsBuilder.UseNpgsql("Server=localhost");
+        optionsBuilder.UseOpenIddict<SpaceApplication, DefaultAuthorization, DefaultScope, DefaultToken, string>();
         return new ApplicationDbContext(optionsBuilder.Options);
     }
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -88,4 +88,4 @@ public AccountLogActor NoActor() @@
         }
     }
-    public sealed record AccountLogActor(Guid? User, IPAddress? Address);
+    public sealed record AccountLogActor(Guid? User, IPAddress? Address);