IdentityServer4 with asp.net core2.0 erron on AuthenticationOptions class

Question

I am working on Identity Server 4 with asp.net core 2.0.

In ConfigurationServices() method i added:

app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
        {
            Authority = "http://localhost:59391",
            RequireHttpsMetadata = false,

           ApiName = "api1"
        });

But it gives compile error that:

Reference to type 'AuthenticationOptions' claims it is defined in 'Microsoft.AspNetCore.Authentication', but it could not be found.

When i look into assembly code:

    namespace Microsoft.AspNetCore.Builder
    {
    public class IdentityServerAuthenticationOptions : Builder.AuthenticationOptions
    {
      // properties goes here
    }
    }

I worked based on this sample project (.net core 1.1) and AuthenticationOptions build error was discussed a lot in this Github link but seems like Identity Server 4 not fully supported yet with asp .net core2.0.Is it true?

Please share your thoughts how to resolve this error or how to workaround this issue.

Answer 1

That's correct - authentication middleware changed in asp.net core 2.0. I believe there is a release candidate of IndentityServer4.AccessTokenValidation for 2.0; however, at the moment, the Identity Server docs and samples have not been updated for 2.0.

One option is to use the Microsoft JwtBearer handler to secure your api. The IdentityServer4.AccessTokenValidation library uses this under the hood. It would look something like this (inside ConfigureServices()):

services.AddAuthentication(o =>
{
    o.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
    o.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(o =>
{
    o.Audience = "api1";
    o.Authority = "http://localhost:59391";
    o.RequireHttpsMetadata = false;
}); 

Another option is to update your code to use the IdentityServer4.AccessTokenValidation 2.0 rc. I haven't tried this yet but it would look something like this:

services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(o =>
{
    o.ApiName = "api1";
    o.Authority = "http://localhost:59391";
    o.RequireHttpsMetadata = false;
});