Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update docs for 7.1.0-rc.1 #548

Merged
merged 1 commit into from
Dec 12, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 15 additions & 7 deletions IdentityServer/v7/docs/content/fundamentals/license_key.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ title: "Licensing"
weight: 60
---

IdentityServer is free for development, testing and personal projects, but production use
IdentityServer is [free](#trial-mode) for development, testing and personal projects, but production use
requires a [license](https://duendesoftware.com/products/identityserver).

## Editions
Expand All @@ -14,7 +14,7 @@ The Starter edition includes the core OIDC and OAuth protocol implementation. Th
economical option that is a good fit for organizations with basic needs. It's also a great
choice if you have an aging IdentityServer4 implementation that needs to be updated and
licensed. The Starter edition includes all the features that were part of
IdentityServer4, along with support for the latest .NET release, improved observability
IdentityServer4, along with support for the latest .NET releases, improved observability
through OTEL support, and years of bug fixes and enhancements.

#### Business Edition
Expand Down Expand Up @@ -44,10 +44,9 @@ If present, the content of the file will be used as the license key.

#### Startup

If you prefer to load the license key programatically, you can do so in your startup code.
This allows you to use the ASP.NET configuration system to load the license key from any
[configuration
provider](https://learn.microsoft.com/en-us/aspnet/core/fundamentals/configuration/?view=aspnetcore-7.0#cp),
If you prefer to load the license key programmatically, you can do so in your startup
code. This allows you to use the ASP.NET configuration system to load the license key from
any [configuration provider](https://learn.microsoft.com/en-us/aspnet/core/fundamentals/configuration/?view=aspnetcore-7.0#cp),
including environment variables, appsettings.json, an external configuration service such
as Azure App Configuration, etc.

Expand All @@ -72,7 +71,7 @@ validation.
#### Startup Validation
At startup, IdentityServer first checks for a license. If there is no license configured,
IdentityServer logs a warning indicating that a license is required in a production
deployment. You can ignore these messages in non-production environments.
deployment and enters [Trial Mode](#trial-mode).

Next, assuming a license is configured, IdentityServer compares its configuration to the
license. If there are discrepancies between the license and the configuration,
Expand All @@ -96,6 +95,15 @@ Again, the absence of a license is permitted for development and testing, and th
does not disable any of these features. Similarly, using an expired license that includes
those features does not cause those features to be disabled.

#### Trial Mode
Using IdentityServer without a license is considered Trial Mode. In Trial Mode, all
enterprise features are enabled. Trial Mode is limited to 500 protocol requests. This
includes all HTTP requests that IdentityServer itself handles, such as requests for the
discovery, authorize, and token endpoints. UI requests, such as the login page, are not
included in this limit. Beginning in IdentityServer 7.1, IdentityServer will log a warning
when the trial mode threshold is exceeded. In a future version, IdentityServer will shut
down at that time instead.

## Redistribution
We understand that when IdentityServer is redistributed, log messages from the licensing
system are not likely to be very useful to your redistribution customers. For that reason,
Expand Down
6 changes: 3 additions & 3 deletions IdentityServer/v7/docs/content/reference/options.md
Original file line number Diff line number Diff line change
Expand Up @@ -326,17 +326,17 @@ Logging related settings, including filters that will remove sensitive values an

* ***TokenRequestSensitiveValuesFilter***

Collection of parameter names passed to the token endpoint that are considered sensitive and will be excluded from logging. Defaults to *client_secret*, *password*, *client_assertion*, *refresh_token*, and *device_code*.
Collection of parameter names passed to the token endpoint that are considered sensitive and will be excluded from logging. In *v7.0* and earlier, defaults to *client_secret*, *password*, *client_assertion*, *refresh_token*, and *device_code*. In *v7.1*, *subject_token* is also excluded.

* ***BackchannelAuthenticationRequestSensitiveValuesFilter***

Collection of parameter names passed to the backchannel authentication endpoint that are considered senstivie and will be excluded from logging. Defaults to *client_secret*, *client_assertion*, and *id_token_hint*.
Collection of parameter names passed to the backchannel authentication endpoint that are considered sensitive and will be excluded from logging. Defaults to *client_secret*, *client_assertion*, and *id_token_hint*.

* ***UnhandledExceptionLoggingFilter*** (added in *v6.2*)

A function that is called when the IdentityServer middleware detects an unhandled exception, and is used to determine if the exception is logged.
The arguments to the function are the HttpContext and the Exception. It should return true to log the exception, and false to suppress.
The default is to suppress *TaskCanceledException*s when the *CancellationToken* on the *HttpContext* has requested cancellation. Such exceptions are thrown when Http requests are canceled, which is an expected occurrence. Logging them creates unnecessary noise in the logs.
The default is to suppress logging of cancellation-related exceptions when the *CancellationToken* on the *HttpContext* has requested cancellation. Such exceptions are thrown when Http requests are canceled, which is an expected occurrence. Logging them creates unnecessary noise in the logs. In *v7.0* and earlier, only *TaskCanceledException*s were filtered. Beginning in *v7.1*, *OperationCanceledException*s are filtered as well.

## InputLengthRestrictions

Expand Down
61 changes: 61 additions & 0 deletions IdentityServer/v7/docs/content/upgrades/v7.0_to_v7.1.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
---
title: "Duende IdentityServer v7.0 to v7.1"
weight: 29
---

## What's New

IdentityServer v7.1 includes support for .NET 9 and many other smaller fixes and
enhancements. Please see our [release
notes](https://github.com/DuendeSoftware/IdentityServer/releases/tag/7.1.0-rc.1) for
complete details.

There are no schema changes needed for IdentityServer 7.1. There are two changes that may require small code changes for a minority of users:
- IdentityModel renamed Duende.IdentityModel
- *ClientConfigurationStore* now uses IConfigurationDbContext

## Step 1 (Optional):
IdentityServer 7.1 supports both .NET 8 and 9. If you wish, you can update your .NET version as part of this upgrade.

For example in your project file:

```
<TargetFramework>net8.0</TargetFramework>
```

would change to:

```
<TargetFramework>net9.0</TargetFramework>
```

Any NuGet packages that you are using that target an older version of .NET should also be updated.
For example, the version of *Microsoft.EntityFrameworkCore.SqlServer* or *Microsoft.AspNetCore.Authentication.Google* should be updated.
Depending on what your IdentityServer host project is using, there may or may not be code changes based on those updated dependencies.

## Step 2:

In your IdentityServer host project, update the version of the Duende.IdentityServer package.
For example in your project file:

```
<PackageReference Include="Duende.IdentityServer" Version="7.0.8" />
```

would change to:

```
<PackageReference Include="Duende.IdentityServer" Version="7.1.0-rc.1" />
```

## Step 3: Breaking Changes

#### IdentityModel renamed Duende.IdentityModel
Our open source IdentityModel library has been renamed Duende.IdentityModel, and we now depend on Duende.IdentityModel instead of IdentityModel. Duende.IdentityModel is a drop-in replacement for IdentityModel with updated namespaces that include the Duende prefix. If you are using IdentityModel's types in your IdentityServer implementation, you will need to update references from IdentityModel to Duende.IdentityModel (replace "using IdentityModel" with "using Duende.IdentityModel")._

#### ClientConfigurationStore now uses IConfigurationDbContext
The *ClientConfigurationStore* in the *Duende.Configuration.EntityFramework* package now depends on *IConfigurationDbContext* instead of *ConfigurationDbContext* to allow for customization. If you have a customized store that derives from the default store, you may need to update your constructors. Note that this only affects the Entity Framework based implementation of the configuration store used by the dynamic client registration configuration API.

## Step 4: Done!

That's it. Of course, at this point you can and should test that your IdentityServer is updated and working properly.
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,15 @@
<div class="highlightable">
<ul class="topics">

{{if eq .Site.Params.ordersectionsby "title"}}
{{if eq .Site.Params.ordersectionsby "title"}}
{{range .Site.Home.Sections.ByTitle}}
{{ template "section-tree-nav" dict "sect" . "currentnode" $currentNode "showvisitedlinks" $showvisitedlinks}}
{{end}}
{{else}}
{{range .Site.Home.Sections.ByWeight}}
{{ template "section-tree-nav" dict "sect" . "currentnode" $currentNode "showvisitedlinks" $showvisitedlinks}}
{{end}}
{{end}}
{{end}}
</ul>

{{ $disableShortcutsTitle := .Site.Params.DisableShortcutsTitle}}
Expand All @@ -31,19 +31,19 @@
<h3>{{ if not $disableShortcutsTitle}}{{ T "Shortcuts-Title"}}{{ end }}</h3>
<ul>
{{ range sort . "Weight"}}
<li>
<li>
{{.Pre}}<a class="padding" href="{{.URL | absLangURL }}">{{safeHTML .Name}}</a>{{.Post}}
</li>
{{end}}
</ul>
</section>
{{end}}

{{ if or .Site.IsMultiLingual $showvisitedlinks }}
{{ if or hugo.IsMultilingual $showvisitedlinks }}
<section id="prefooter">
<hr/>
<ul>
{{ if and .Site.IsMultiLingual (not .Site.Params.DisableLanguageSwitchingButton)}}
{{ if and hugo.IsMultilingual (not .Site.Params.DisableLanguageSwitchingButton)}}
<li>
<a class="padding">
<i class="fas fa-language fa-fw"></i>
Expand Down Expand Up @@ -77,7 +77,7 @@ <h3>{{ if not $disableShortcutsTitle}}{{ T "Shortcuts-Title"}}{{ end }}</h3>
</a>
</li>
{{end}}

{{ if $showvisitedlinks}}
<li><a class="padding" href="#" data-clear-history-toggle=""><i class="fas fa-history fa-fw"></i> {{T "Clear-History"}}</a></li>
{{ end }}
Expand All @@ -99,7 +99,7 @@ <h3>{{ if not $disableShortcutsTitle}}{{ T "Shortcuts-Title"}}{{ end }}</h3>
{{with .sect}}
{{if and .IsSection (or (not .Params.hidden) $.showhidden)}}
{{safeHTML .Params.head}}
<li data-nav-id="{{.RelPermalink}}" title="{{.Title}}" class="dd-item
<li data-nav-id="{{.RelPermalink}}" title="{{.Title}}" class="dd-item
{{if .IsAncestor $currentNode }}parent{{end}}
{{if eq .File.UniqueID $currentFileUniqueID}}active{{end}}
{{if .Params.alwaysopen}}parent{{end}}
Expand All @@ -118,24 +118,24 @@ <h3>{{ if not $disableShortcutsTitle}}{{ T "Shortcuts-Title"}}{{ end }}</h3>
{{ $currentNode.Scratch.Set "pages" (.Pages | union .Sections) }}
{{end}}
{{ $pages := ($currentNode.Scratch.Get "pages") }}
{{if eq .Site.Params.ordersectionsby "title"}}

{{if eq .Site.Params.ordersectionsby "title"}}
{{ range $pages.ByTitle }}
{{ if and .Params.hidden (not $.showhidden) }}
{{ if and .Params.hidden (not $.showhidden) }}
{{else}}
{{ template "section-tree-nav" dict "sect" . "currentnode" $currentNode "showvisitedlinks" $showvisitedlinks }}
{{end}}
{{ end }}
{{else}}
{{ range $pages.ByWeight }}
{{ if and .Params.hidden (not $.showhidden) }}
{{ if and .Params.hidden (not $.showhidden) }}
{{else}}
{{ template "section-tree-nav" dict "sect" . "currentnode" $currentNode "showvisitedlinks" $showvisitedlinks }}
{{end}}
{{ end }}
{{end}}
</ul>
{{ end }}
{{ end }}
</li>
{{else}}
{{ if not .Params.Hidden }}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
<script type="text/javascript" src="{{"js/lunr.min.js" | relURL}}{{ if $assetBusting }}?{{ now.Unix }}{{ end }}"></script>
<script type="text/javascript" src="{{"jquery-ui-1.13.2.custom/jquery-ui.min.js" | relURL}}{{ if $assetBusting }}?{{ now.Unix }}{{ end }}"></script>
<script type="text/javascript">
{{ if .Site.IsMultiLingual }}
{{ if hugo.IsMultilingual }}
var baseurl = "{{.Site.BaseURL}}{{.Site.LanguagePrefix}}";
{{ else }}
var baseurl = "{{.Site.BaseURL}}";
Expand Down
3 changes: 3 additions & 0 deletions root/trial-mode.html
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
<script>
window.location.assign("/identityserver/v7/fundamentals/license_key#trial-mode")
</script>
Loading