Skip to content

Add profile management to STS, change int to default guid for Identity #161

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 18 commits into from
Feb 6, 2019

Conversation

skoruba
Copy link
Owner

@skoruba skoruba commented Feb 3, 2019

  • Add profile management - Account linking, Password reset, Two-Factor Authentication (2FA)
  • Add support for Sendgrid
  • Change int to default guid for Identity
  • Add editing mode for Picker component

@skoruba skoruba self-assigned this Feb 3, 2019
@skoruba skoruba requested a review from xmichaelx February 3, 2019 15:54
Copy link
Contributor

@xmichaelx xmichaelx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some issue with cookies not being cleaned up after password reset but other than that everything seems to work - we can check that issue out on dev branch.

Copy link
Contributor

@duki994 duki994 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@skoruba @xmichaelx

String is actually default not because of GUID, but because of different built-in types across diferent SQL databases. Any type of key can be cast from string and checked if they are valid integers or any other type across myriad of languages.

DBs create primary keys with varchar/nvarchar (or whatever type is for string with all possible characters support). SQL Server creates nvarchar(450) PK for default string PK's in identity.

Then multiple tables with same ID become unsuitable for clustered indexes (ref dotnet/aspnetcore#5757)

Automatically, some data may not be saved due to index size violations and stuff like that.

I know this seems very philosophical, but these violations are common with SQL Server due to large indexes.

Commonly logging behavior of each user login can create large data-sets. And for better SQL performance clustered index may be viable. SQL Server has 900-byte constraint on this. And kaboom.
Perfectly legal data becomes unsaveable due to clustered index size constraint.

This should be added in docs, or at least a reference to dotnet/aspnetcore#5757
so a user is notified of possible shortcomings of this type of key on some datastores

@skoruba
Copy link
Owner Author

skoruba commented Feb 5, 2019

@duki994 - Thank you for good points!

@duki994
Copy link
Contributor

duki994 commented Feb 5, 2019

@xmichaelx

Some issue with cookies not being cleaned up after password reset but other than that everything seems to work - we can check that issue out on dev branch.

You have to use SignInManager SignOutAsync to sign out async.

HttpContext SignOutAsync should sign-out all authentication schemes.
EDIT 1:
I was very wrong. HttpContext SignOutAsync is signing out only DefaultAuthenticationScheme.

BUT (a big but)
ASP.NET Identity uses internally it's own authentication scheme so HttpContext.SignOutAsync won't work (weird and wrong from my point of view, but that's how it is) (see EDIT 1).

That's reason why SignInManager and SignOutAsync actually exist in ASP.NET Identity.
So you need to call explicitly SignInManager's SignOutAsync, as it will sign out it's own scheme.

dotPeek and many IL decompilers have witnessed how much time many of my colleagues and I lost on this issue.
So this should be documented too save innocent developer from inferno of multiple auth schemes and multiple "same" implementations :)

Found the issue while writing comment: DuendeArchive/IdentityServer4#2087

I will do a PR on weekend to add this stuff to docs.
Simple, yet very much time saving for someone using and/or modifying this solution.

@skoruba
Copy link
Owner Author

skoruba commented Feb 6, 2019

@duki994 - We are using await _signInManager.SignOutAsync();

@skoruba skoruba merged commit 915a439 into dev Feb 6, 2019
@skoruba skoruba deleted the feature/sts-profile-management branch February 6, 2019 13:05
@skoruba skoruba mentioned this pull request Apr 4, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants