[Bug] Microsoft.Identity.Web should not call BuildServiceProvider #234
Assignees
Labels
Milestone
Comments
jmprieur
added
.NET Core 5
bug
|
dotnet/aspnetcore#18772 (comment) In fact, you could do it in both versions and avoid the #ifs. |
|
thanks @Tratcher |
|
So I understand that the section in WebApiAuthenticationBuilderExtensions.cs could be: #if DOTNET_CORE_31
// Change the authentication configuration to accommodate the Microsoft identity platform endpoint (v2.0).
builder.AddJwtBearer(jwtBearerScheme, options => { });
builder.Services.AddOptions<JwtBearerOptions>(jwtBearerScheme)
.Configure<IServiceProvider>((options, serviceProvider) =>
{
#else
builder.AddJwtBearer<IServiceProvider>(jwtBearerScheme, (options, serviceProvider) =>
{
#endifAnd in WebAppAuthenticationBuilderExtensions.cs, it could be: #if DOTNET_CORE_31
builder.AddOpenIdConnect(openIdConnectScheme, options => { });
builder.Services.AddOptions<OpenIdConnectOptions>(openIdConnectScheme)
.Configure<IServiceProvider>((options, serviceProvider) =>
{
#else
builder.AddOpenIdConnect<IServiceProvider>(openIdConnectScheme, (options, serviceProvider) =>
{
#endif@jennyf19, moving back to "in progress" now that Chris has shared the work around for .NET Core 3.1 |
|
Finalized (even better), part of #277 |
|
Included in 0.2.0-preview release |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Which Version of Microsoft Identity Web are you using ?
Microsoft Identity Web 0.1.5-preview
Where is the issue?
Repro
See:
microsoft-identity-web/src/Microsoft.Identity.Web/WebApiAuthenticationBuilderExtensions.cs
Line 145 in 5bc881b
microsoft-identity-web/src/Microsoft.Identity.Web/WebAppAuthenticationBuilderExtensions.cs
Line 202 in 5bc881b
Expected behavior
NEVER call
BuildServiceProvider.Actual behavior
Microsoft.Identity.Web calls
BuildServiceProviderDiscussion
It's a MUST FIX
In NET 5.0, there is an overload of
AddJwtBearer/AddOpenIdConnectwith a service that you want to injectWe need to come-up with alternatives for 3.0. @Tratcher will help
in addition raise an issue with ASP.NET Core to have these diagnostics available by default without wrapping the events.
Possible design
(but feel free to do differently)
Add a constant in the Microsoft.Identity.Web.csproj file depending on the TargetFramework (maybe something like:
Based on the constant use one form of the other of AddOpenIdConnect and AddJwtBearer. For instance for AddOpenIdConnect we could have something like the following:
Note that the aspnetcoreapp3.1 case would still use the BuildServiceProvider until Chris provides a workaround
In the section garded by the subscribeToXXXMiddlewareDiagnosticsEvents boolean, just use the serviceProvider to call GetRequiredService<>
For instance for the OIDC case, something like:
Consider doing [Bug] Remove the weird pattern for newing up redundant copies of MicrosoftIdentityOptions #239 soon after this one, as it leverages similar mechanisms
Follow-up with @Tratcher for the NET 3.1 work around to populate the service provider in the case of netcore3.1
The text was updated successfully, but these errors were encountered: