Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/8.0-preview7] Add more MapIdentityApi endpoints #49559

Merged
merged 6 commits into from
Jul 21, 2023
Merged

[release/8.0-preview7] Add more MapIdentityApi endpoints #49559

merged 6 commits into from
Jul 21, 2023

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Jul 21, 2023
edited by halter73
Loading

Backport of #49498 to release/8.0-preview7

/cc @halter73

Add more MapIdentityApi endpoints

Description

This adds the following new endpoints:

  • GET /confirmEmail
  • POST /resendConfirmationEmail
  • POST /resetPassword
  • GET /account/2fa
  • POST /account/2fa
  • GET /account/info
  • POST /account/info

Additionally, the existing /login endpoint now accepts 2fa codes and 2fa recovery codes as part of the request body. These can be queried and regenerated from /account/2fa. The /login endpoint now also gives limited failure reasons in the form of application/problem+json instead of empty 401 responses with details such as "LockedOut", "RequiresTwoFactor", "NotAllowed" (usually because lack of email confirmation), and the generic "Failed" statuses.

Fixes #47232 (lockout support)
Fixes #47231 (reset password support)
Fixes #47230 (2fa support)
Fixes #47229 (change username and password)
Fixes #49404 (Removes AddIdentityBearerToken which is no longer needed)

Customer Impact

This makes the MapIdentityApi API introduced in preview4 more usable. See https://devblogs.microsoft.com/dotnet/asp-net-core-updates-in-dotnet-8-preview-4/#auth where we promised the following.

In addition to user registration and login, the identity API endpoints will support features like two-factor authentication and email verification in upcoming previews. You can find a list of planned features in the issues labeled feature-token-identity on the ASP.NET Core GitHub repository.

This PR adds all of these features, and it's important to make this available to customers as soon as possible, so we have time to react to any feedback. It appears customers are excited to give it a go.

Regression?

  • Yes
  • No

Risk

  • High
  • Medium
  • Low

This is primarily new API with minimal changes to SignInManager that should have no impact unless used by the new MapIdentityApi endpoints.

Verification

  • Manual (required)
  • Automated

Packaging changes reviewed?

  • Yes
  • No
  • N/A

@github-actions github-actions bot requested a review from javiercn as a code owner July 21, 2023 01:29
@dotnet-issue-labeler dotnet-issue-labeler bot added the area-identity Includes: Identity and providers label Jul 21, 2023
@halter73 halter73 added the Servicing-consider Shiproom approval is required for the issue label Jul 21, 2023
@ghost
Copy link

ghost commented Jul 21, 2023

Hi @github-actions[bot]. Please make sure you've updated the PR description to use the Shiproom Template. Also, make sure this PR is not marked as a draft and is ready-to-merge.

To learn more about how to prepare a servicing PR click here.

davidfowl
davidfowl reviewed Jul 21, 2023
View reviewed changes
src/Identity/Core/src/IdentityApiEndpointRouteBuilderExtensions.cs
Comment on lines +171 to +177
.Add(endpointBuilder =>
{
var finalPattern = ((RouteEndpointBuilder)endpointBuilder).RoutePattern.RawText;
confirmEmailEndpointName = $"{nameof(MapIdentityApi)}-{finalPattern}";
endpointBuilder.Metadata.Add(new EndpointNameMetadata(confirmEmailEndpointName));
endpointBuilder.Metadata.Add(new RouteNameMetadata(confirmEmailEndpointName));
});
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is this for?

Copy link
Member

@halter73 halter73 Jul 21, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's to generate a unique name for the /confirmEmail endpoint for link generation. This works even if MapIdentityApi is called multiple times in different route groups. See the CanAddEndpointsToMultipleRouteGroupsForSameUserType and CanAddEndpointsToMultipleRouteGroupsForMultipleUsersTypes tests.

@mkArtakMSFT mkArtakMSFT added Servicing-approved Shiproom has approved the issue and removed Servicing-consider Shiproom approval is required for the issue labels Jul 21, 2023
@ghost
Copy link

ghost commented Jul 21, 2023

Hi @github-actions[bot]. This PR was just approved to be included in the upcoming servicing release. Somebody from the @dotnet/aspnet-build team will get it merged when the branches are open. Until then, please make sure all the CI checks pass and the PR is reviewed.

@mkArtakMSFT mkArtakMSFT merged commit 0c0bc01 into release/8.0-preview7 Jul 21, 2023
25 checks passed
@mkArtakMSFT mkArtakMSFT deleted the backport/pr-49498-to-release/8.0-preview7 branch July 21, 2023 18:01
@ghost ghost added this to the 8.0-preview7 milestone Jul 21, 2023
@Amit-limbasiya Amit-limbasiya mentioned this pull request Jan 5, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@halter73 halter73 halter73 left review comments

@davidfowl davidfowl davidfowl left review comments

@javiercn javiercn javiercn approved these changes

@Tratcher Tratcher Awaiting requested review from Tratcher

Assignees
No one assigned
Labels
area-identity Includes: Identity and providers Servicing-approved Shiproom has approved the issue
Projects
None yet
Milestone
8.0-preview7
Development

Successfully merging this pull request may close these issues.
4 participants
@halter73 @davidfowl @javiercn @mkArtakMSFT