IdentityServerOptions PublicOrigin-CodePudding

Slowly migrating system up from .net core 2.1 to 3.1. While updating IdentityServer4 to 3.1 version. I've stucked into problem method AddIdentityServer where options are specified..

var builder = services.AddIdentityServer(options =>
{             
    (!string.IsNullOrWhiteSpace(identityServerSettingsConfig.PublicOrigin))
    {
        options.PublicOrigin = identityServerSettingsConfig.PublicOrigin;
    }
})

Error: 'IdentityServerOptions' does not contain a definition for 'PublicOrigin' and no accessible extension method 'PublicOrigin' accepting a first argument of type 'IdentityServerOptions' could be found

Installed packages:

    <PackageReference Include="IdentityServer4" Version="4.1.2" />
    <PackageReference Include="IdentityServer4.AccessTokenValidation" Version="3.0.1" />
    <PackageReference Include="IdentityServer4.AspNetIdentity" Version="4.1.2" />
    <PackageReference Include="IdentityServer4.EntityFramework" Version="2.5.3" />
    <PackageReference Include="Microsoft.AspNetCore.App" />
    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="5.0.5" />
    <PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="3.1.0" />
    <PackageReference Include="Microsoft.AspNetCore.Mvc.NewtonsoftJson" Version="3.1.0" />
    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="3.1.0">

CodePudding user response：

The IdentityServerOptions.PublicOrigin property was removed in IdentityServer4 1.0 back in 2016.

This GitHub issue is asking the same question as yourself: https://github.com/IdentityServer/IdentityServer4/issues/4535

One of IdentityServer's authors said it was removed and explained why - and how you can work-around it (assuming you actually need it, I mention this because you probably don't need to restore this functionality):

leastprivilege commented on 19 Jun 2020:

It's gone. It was a hack - please use the forwarded headers approach in ASP.NET Core from now on.

The workaround is to add a middleware step that calls HttpContextExtensions.SetIdentityServerOrigin at the beginning of your pipeline, so it should look something like this:

In the code-block below, add the code between the //------- comments.
I included other Configure pipeline/appBuilder methods from one of my own IS4 projects so you can see a complete example.

using IdentityServer4.Extensions; // For IS4's `HttpContextExtensions`

public class Startup
{
    // ...

    public void Configure( IApplicationBuilder app, IWebHostEnvironment env, IHostApplicationLifetime applicationLifetime )
    {
        _ = app
            //-------------------------------- Add the code below this line
            .Use( async (ctx, next) =>
            {
                ctx.SetIdentityServerOrigin( "https://example.com" );
                await next();
            })
            //-------------------------------- Add the code above this line

            .UseCors()
            .UseAuthentication()
            .UseOpenApi()
            .UseSwaggerUi3()
            .UseIdentityServer()
            .UseRouting()
            .UseAuthorization()
            .UseEndpoints( routeBuilder =>
            {
                _ = routeBuilder.MapControllers();
            } )
            .UseStaticFiles();
    }
}