YAML... (part 2)

Author: maartenba

src/content/docs/identityserver/upgrades/identityserver4-to-duende-identityserver-v7.mdx

@@ -17,20 +17,20 @@ You can determine the version of IdentityServer4 by running the `dotnet list` co
 
 {/* prettier-ignore */}
 <Tabs syncKey="operatingSystem">
-    <TabItem label="Windows">
-        <Code
-            code={'dotnet list package | sls "IdentityServer4"'}
-            lang="bash"
-            title="Terminal"
-        />
-    </TabItem>
-    <TabItem label="macOS / Linux">
-        <Code
-            code={"dotnet list package | grep IdentityServer4"}
-            lang="bash"
-            title="Terminal"
-        />
-    </TabItem>
+  <TabItem label="Windows">
+    <Code
+      code={'dotnet list package | sls "IdentityServer4"'}
+      lang="bash"
+      title="Terminal"
+    />
+  </TabItem>
+  <TabItem label="macOS / Linux">
+    <Code
+      code={"dotnet list package | grep IdentityServer4"}
+      lang="bash"
+      title="Terminal"
+    />
+  </TabItem>
 </Tabs>
 
 This command will print a list of packages you are using in your solution, along with their version.
@@ -57,11 +57,11 @@ Between IdentityServer4 v3.x and v4.x, the configuration object model was update
 
 - The relation between `ApiResources` and `ApiScopes` was changed from parent-child to many-to-many.
 - A number of configuration types were renamed:
-- `ApiProperties` to `ApiResourceProperties`
-- `ApiSecrets` to `ApiResourceSecrets`
-- `IdentityClaims` to `IdentityResourceClaims`
-- `IdentityProperties` to `IdentityResourceProperties`
-- `ApiScopes` to `ApiResourceScopes`
+  - `ApiProperties` to `ApiResourceProperties`
+  - `ApiSecrets` to `ApiResourceSecrets`
+  - `IdentityClaims` to `IdentityResourceClaims`
+  - `IdentityProperties` to `IdentityResourceProperties`
+  - `ApiScopes` to `ApiResourceScopes`
 
 IdentityServer4 projects that use the `IdentityServer4.EntityFramework` package or implement their own stores will need to update their code and/or database to reflect these changes.
 
@@ -94,63 +94,63 @@ A couple of compilation errors and required changes you may encounter:
 - The `IIdentityServerInteractionService.GetAllUserConsentsAsync` method was renamed to `IIdentityServerInteractionService.GetAllUserGrantsAsync`
 - `ConsentResponse.Denied` was removed. Use the `DenyAuthorizationAsync` instead:
 
-```diff lang="csharp" title="*.cs"
-- await _interaction.GrantConsentAsync(context, ConsentResponse.Denied);
-+ await _interaction.DenyAuthorizationAsync(context, AuthorizationError.AccessDenied);
+  ```diff lang="csharp" title="*.cs"
+  - await _interaction.GrantConsentAsync(context, ConsentResponse.Denied);
+  + await _interaction.DenyAuthorizationAsync(context, AuthorizationError.AccessDenied);
   ```
 
 - No overload method `SignInAsync` takes N arguments. The `HttpContext.SignInAsync` signature changed:
 
-```diff lang="csharp" title="*.cs"
-// issue authentication cookie with subject ID and username
-- await HttpContext.SignInAsync(user.SubjectId, user.Username, props);
-+ var isuser = new IdentityServerUser(user.SubjectId)
-+ {
-+     DisplayName = user.Username
-+ };
-+
-+ await HttpContext.SignInAsync(isuser);
+  ```diff lang="csharp" title="*.cs"
+  // issue authentication cookie with subject ID and username
+  - await HttpContext.SignInAsync(user.SubjectId, user.Username, props);
+  + var isuser = new IdentityServerUser(user.SubjectId)
+  + {
+  +     DisplayName = user.Username
+  + };
+  +
+  + await HttpContext.SignInAsync(isuser);
   ```
 
 * `AuthorizationRequest` doesn't contain definition for `ClientId`:
 
-```diff lang="csharp" title="*.cs"
-- var client = await _clientStore.FindEnabledClientByIdAsync(request.ClientId);
-+ var client = await _clientStore.FindEnabledClientByIdAsync(request.Client.ClientId);
+  ```diff lang="csharp" title="*.cs"
+  - var client = await _clientStore.FindEnabledClientByIdAsync(request.ClientId);
+  + var client = await _clientStore.FindEnabledClientByIdAsync(request.Client.ClientId);
   ```
 
 * `AuthorizationRequest` doesn't contain definition for `ScopesRequested`:
 
-```diff lang="csharp" title="*.cs"
-- var resources = await _resourceStore.FindEnabledResourcesByScopeAsync(request.ScopesRequested);
-+ var resources = await _resourceStore.FindEnabledResourcesByScopeAsync(request.ValidatedResources.RawScopeValues);
+  ```diff lang="csharp" title="*.cs"
+  - var resources = await _resourceStore.FindEnabledResourcesByScopeAsync(request.ScopesRequested);
+  + var resources = await _resourceStore.FindEnabledResourcesByScopeAsync(request.ValidatedResources.RawScopeValues);
   ```
 
 * `IClientStore` doesn't contain definition for `IsPkceClientAsync`:
 
-```diff lang="csharp" title="*.cs"
-- if (await _clientStore.IsPkceClientAsync(context.ClientId))
-+ if (context.IsNativeClient())
+  ```diff lang="csharp" title="*.cs"
+  - if (await _clientStore.IsPkceClientAsync(context.ClientId))
+  + if (context.IsNativeClient())
   ```
 
 * The name `ProcessLoginCallbackForOidc` does not exist in the current context:
 
-```diff lang="csharp" title="*.cs"
-- ProcessLoginCallbackForOidc(result, additionalLocalClaims, localSignInProps);
-- ProcessLoginCallbackForWsFed(result, additionalLocalClaims, localSignInProps);
-- ProcessLoginCallbackForSaml2p(result, additionalLocalClaims, localSignInProps);
-+ ProcessLoginCallback(result, additionalLocalClaims, localSignInProps);
+  ```diff lang="csharp" title="*.cs"
+  - ProcessLoginCallbackForOidc(result, additionalLocalClaims, localSignInProps);
+  - ProcessLoginCallbackForWsFed(result, additionalLocalClaims, localSignInProps);
+  - ProcessLoginCallbackForSaml2p(result, additionalLocalClaims, localSignInProps);
+  + ProcessLoginCallback(result, additionalLocalClaims, localSignInProps);
   ```
 
 * `ConsentResponse` does not contain a definition for `ScopesConsented`:
 
-```diff lang="csharp" title="*.cs"
-grantedConsent = new ConsentResponse
-{
-    RememberConsent = model.RememberConsent,
--    ScopesConsented = scopes.ToArray()
-+    ScopesValuesConsented = scopes.ToArray()
-};
+  ```diff lang="csharp" title="*.cs"
+  grantedConsent = new ConsentResponse
+  {
+      RememberConsent = model.RememberConsent,
+  -    ScopesConsented = scopes.ToArray()
+  +    ScopesValuesConsented = scopes.ToArray()
+  };
   ```
 
 ### Step 3: Update Database Schema
@@ -168,17 +168,17 @@ For the operational data, you can create and apply an Entity Framework Core migr
 {/* prettier-ignore */}
 <Steps>
 
-    1. Create the migration:
+1. Create the migration:
 
-    ```bash title="Terminal"
-    dotnet ef migrations add Grants_v4 -c PersistedGrantDbContext -o Migrations/PersistedGrantDb
-    ```
+   ```bash title="Terminal"
+   dotnet ef migrations add Grants_v4 -c PersistedGrantDbContext -o Migrations/PersistedGrantDb
+   ```
 
-    2. Apply the migration to your database:
+2. Apply the migration to your database:
 
-    ```bash title="Terminal"
-    dotnet ef database update -c PersistedGrantDbContext
-    ```
+   ```bash title="Terminal"
+   dotnet ef database update -c PersistedGrantDbContext
+   ```
 
 </Steps>
 
@@ -188,66 +188,66 @@ We'll start with creating a migration that targets the `ConfigurationDbContext`
 {/* prettier-ignore */}
 <Steps>
 
-    1. Create the migration:
+1. Create the migration:
 
-    ```bash title="Terminal"
-    dotnet ef migrations add Config_v4 -c ConfigurationDbContext -o Migrations/ConfigurationDb
-    ```
+   ```bash title="Terminal"
+   dotnet ef migrations add Config_v4 -c ConfigurationDbContext -o Migrations/ConfigurationDb
+   ```
 
-    You will see a message _"An operation was scaffolded that may result in the loss of data. Please review the migration for accuracy."_ in the output.
-    To avoid data loss, the migration will need to be updated.
+   You will see a message _"An operation was scaffolded that may result in the loss of data. Please review the migration for accuracy."_ in the output.
+   To avoid data loss, the migration will need to be updated.
 
-    2. To ensure no data is lost, make sure to include the [`ConfigurationDb_v4_delta.sql`](https://github.com/DuendeArchive/UpgradeSample-IdentityServer4-v3/blob/main/IdentityServerMigrationSample/ConfigurationDb_v4_delta.sql)
-    script in your project.
+2. To ensure no data is lost, make sure to include the [`ConfigurationDb_v4_delta.sql`](https://github.com/DuendeArchive/UpgradeSample-IdentityServer4-v3/blob/main/IdentityServerMigrationSample/ConfigurationDb_v4_delta.sql)
+   script in your project.
 
-    You can add the script as an embedded resource by updating the `.csproj` file:
+   You can add the script as an embedded resource by updating the `.csproj` file:
 
-    ```xml title=".csproj"
-    <ItemGroup>
-        <EmbeddedResource Include="ConfigurationDb_v4_delta.sql" />
-    </ItemGroup>
-    ```
+   ```xml title=".csproj"
+   <ItemGroup>
+       <EmbeddedResource Include="ConfigurationDb_v4_delta.sql" />
+   </ItemGroup>
+   ```
 
-    :::note[Update the SQL script for your database type]
-    The `ConfigurationDb_v4_delta.sql` file assumes you are using SQL Server. If a different database server type is used for your IdentityServer host, you'll need to update the SQL script to use the correct syntax.
-    :::
-
-    3. Modify the migration class that was just created and replace it with the following code:
-
-    ```csharp title="Config_v4.cs"
-    using System.IO;
-    using Microsoft.EntityFrameworkCore.Migrations;
-
-    namespace IdentityServerMigrationSample.Migrations.ConfigurationDb
-    {
-        public partial class Config_v4 : Migration
-    {
-        protected override void Up(MigrationBuilder migrationBuilder)
-    {
-        var assembly = typeof(Program).Assembly;
-
-        using (var s = assembly.GetManifestResourceStream("IdentityServerMigrationSample.ConfigurationDb_v4_delta.sql"))
-    {
-        using (StreamReader sr = new StreamReader(s))
-    {
-        var sql = sr.ReadToEnd();
-        migrationBuilder.Sql(sql);
-    }
-    }
-    }
-
-        protected override void Down(MigrationBuilder migrationBuilder)
-    {
-    }
-    }
-    }
-    ```
+   :::note[Update the SQL script for your database type]
+   The `ConfigurationDb_v4_delta.sql` file assumes you are using SQL Server. If a different database server type is used for your IdentityServer host, you'll need to update the SQL script to use the correct syntax.
+   :::
 
-    4. Apply the migration to your database:
+3. Modify the migration class that was just created and replace it with the following code:
 
-    ```bash title="Terminal"
-    dotnet ef database update -c ConfigurationDbContext
-    ```
+   ```csharp title="Config_v4.cs"
+   using System.IO;
+   using Microsoft.EntityFrameworkCore.Migrations;
+
+   namespace IdentityServerMigrationSample.Migrations.ConfigurationDb
+   {
+       public partial class Config_v4 : Migration
+       {
+           protected override void Up(MigrationBuilder migrationBuilder)
+           {
+               var assembly = typeof(Program).Assembly;
+
+               using (var s = assembly.GetManifestResourceStream("IdentityServerMigrationSample.ConfigurationDb_v4_delta.sql"))
+               {
+                   using (StreamReader sr = new StreamReader(s))
+                   {
+                       var sql = sr.ReadToEnd();
+                       migrationBuilder.Sql(sql);
+                   }
+               }
+           }
+
+           protected override void Down(MigrationBuilder migrationBuilder)
+           {
+           }
+       }
+   }
+   ```
+
+4. Apply the migration to your database:
+
+   ```bash title="Terminal"
+   dotnet ef database update -c ConfigurationDbContext
+   ```
 
 </Steps>
 
@@ -405,15 +405,15 @@ In this section, we'll look at updating the database schema based on the stores
 - Improve primary keys on the persisted grants table ([more details](https://github.com/DuendeSoftware/products/pull/793)).
 - Add new properties to the [`Duende.IdentityServer.Models.Client` model](/identityserver/reference/models/client):
 
-- `InitiateLoginUri` is a nullable string used for Third Party Initiated Login.
-- `RequireDPoP` is a non-nullable boolean flag that controls if a client is required to use [DPoP](../../tokens/pop).
-- `DPoPValidationMode` is a non-nullable column that controls the DPoP validation mechanism. Existing clients that are not using DPoP can set its value to `0`.
-- `DPoPClockSkew` is a non-nullable timespan that controls how much clock skew is allowed for a particular DPoP client. Existing clients that are not using DPoP can set its value to a timespan of length ``0.
+  - `InitiateLoginUri` is a nullable string used for Third Party Initiated Login.
+  - `RequireDPoP` is a non-nullable boolean flag that controls if a client is required to use [DPoP](../../tokens/pop).
+  - `DPoPValidationMode` is a non-nullable column that controls the DPoP validation mechanism. Existing clients that are not using DPoP can set its value to `0`.
+  - `DPoPClockSkew` is a non-nullable timespan that controls how much clock skew is allowed for a particular DPoP client. Existing clients that are not using DPoP can set its value to a timespan of length ``0.
 
 - Two new properties have been added to the `Client` model:
-- `Client.RequirePushedAuthorization` is a new boolean property that controls if this client requires [pushed authorization requests (PAR)](../../tokens/par). It is safe to initialize this column to `false` for existing clients, which will mean that the global PAR configuration will be used.
-- `Client.PushedAuthorizationLifetime` is a new nullable integer property that controls the lifetime of pushed
-authorization requests (in seconds) for a client. It is safe to initialize this column to `null` for existing clients, which means the global value is used.
+  - `Client.RequirePushedAuthorization` is a new boolean property that controls if this client requires [pushed authorization requests (PAR)](../../tokens/par). It is safe to initialize this column to `false` for existing clients, which will mean that the global PAR configuration will be used.
+  - `Client.PushedAuthorizationLifetime` is a new nullable integer property that controls the lifetime of pushed
+    authorization requests (in seconds) for a client. It is safe to initialize this column to `null` for existing clients, which means the global value is used.
 - A new `PushedAuthorizationRequest` table has been added to store pushed authorization requests.
 
 You'll need to create two database migrations that update the database schema: one that targets the `PersistedGrantDbContext` (for operational data), and one that targets the `ConfigurationDbContext` (for configuration data).
@@ -422,25 +422,25 @@ Note that you may want to change the database migration paths in the examples be
 {/* prettier-ignore */}
 <Steps>
 
-    1. Create the migrations for the operational and configuration database context:
+1. Create the migrations for the operational and configuration database context:
 
-    ```bash title="Terminal"
-    dotnet ef migrations add UpdateToDuende_v7_0 -c PersistedGrantDbContext -o Data/Migrations/IdentityServer/PersistedGrantDb
-    dotnet ef migrations add UpdateToDuende_v7_0 -c ConfigurationDbContext -o Data/Migrations/IdentityServer/ConfigurationDb
-    ```
+   ```bash title="Terminal"
+   dotnet ef migrations add UpdateToDuende_v7_0 -c PersistedGrantDbContext -o Data/Migrations/IdentityServer/PersistedGrantDb
+   dotnet ef migrations add UpdateToDuende_v7_0 -c ConfigurationDbContext -o Data/Migrations/IdentityServer/ConfigurationDb
+   ```
 
-    :::note
-    You may see a warning _"An operation was scaffolded that may result in the loss of data. Please review the migration for accuracy."_.
-    The column length for redirect URIs (for both login and logout) was reduced from 2000 to 400 to overcome database index size limits.
-    Unless you are using redirect URIs greater than 400 characters, this should not affect you.
-    :::
+   :::note
+   You may see a warning _"An operation was scaffolded that may result in the loss of data. Please review the migration for accuracy."_.
+   The column length for redirect URIs (for both login and logout) was reduced from 2000 to 400 to overcome database index size limits.
+   Unless you are using redirect URIs greater than 400 characters, this should not affect you.
+   :::
 
-    2. Apply the migrations to your database:
+2. Apply the migrations to your database:
 
-    ```bash title="Terminal"
-    dotnet ef database update -c PersistedGrantDbContext
-    dotnet ef database update -c ConfigurationDbContext
-    ```
+   ```bash title="Terminal"
+   dotnet ef database update -c PersistedGrantDbContext
+   dotnet ef database update -c ConfigurationDbContext
+   ```
 
 </Steps>