Exemple #1
0
        /// <summary>
        /// Registers the OpenIddict validation/System.Net.Http integration services in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
        public static OpenIddictValidationSystemNetHttpBuilder UseSystemNetHttp(this OpenIddictValidationBuilder builder)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddHttpClient();

            // Register the built-in validation event handlers used by the OpenIddict System.Net.Http components.
            // Note: the order used here is not important, as the actual order is set in the options.
            builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

            // Register the built-in filters used by the default OpenIddict System.Net.Http event handlers.
            builder.Services.TryAddSingleton <RequireHttpMetadataAddress>();

            // Note: TryAddEnumerable() is used here to ensure the initializers are registered only once.
            builder.Services.TryAddEnumerable(new[]
            {
                ServiceDescriptor.Singleton <IConfigureOptions <OpenIddictValidationOptions>, OpenIddictValidationSystemNetHttpConfiguration>(),
                ServiceDescriptor.Singleton <IConfigureOptions <HttpClientFactoryOptions>, OpenIddictValidationSystemNetHttpConfiguration>()
            });

            return(new OpenIddictValidationSystemNetHttpBuilder(builder.Services));
        }
        /// <summary>
        /// Registers the OpenIddict validation services for ASP.NET Core in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictValidationAspNetCoreBuilder"/>.</returns>
        public static OpenIddictValidationAspNetCoreBuilder UseAspNetCore(this OpenIddictValidationBuilder builder)
        {
            if (builder is null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddAuthentication();

            builder.Services.TryAddScoped <OpenIddictValidationAspNetCoreHandler>();

            // Register the built-in event handlers used by the OpenIddict ASP.NET Core validation components.
            // Note: the order used here is not important, as the actual order is set in the options.
            builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

            // Register the built-in filters used by the default OpenIddict ASP.NET Core validation event handlers.
            builder.Services.TryAddSingleton <RequireHttpRequest>();

            // Register the option initializer used by the OpenIddict ASP.NET Core validation integration services.
            // Note: TryAddEnumerable() is used here to ensure the initializers are only registered once.
            builder.Services.TryAddEnumerable(new[]
            {
                ServiceDescriptor.Singleton <IConfigureOptions <AuthenticationOptions>, OpenIddictValidationAspNetCoreConfiguration>(),
                ServiceDescriptor.Singleton <IPostConfigureOptions <AuthenticationOptions>, OpenIddictValidationAspNetCoreConfiguration>(),

                ServiceDescriptor.Singleton <IConfigureOptions <OpenIddictValidationOptions>, OpenIddictValidationAspNetCoreConfiguration>()
            });

            return(new OpenIddictValidationAspNetCoreBuilder(builder.Services));
        }
        /// <summary>
        /// Registers the OpenIddict token validation services in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
        public static OpenIddictValidationBuilder AddValidation([NotNull] this OpenIddictBuilder builder)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddLogging();
            builder.Services.AddOptions();

            builder.Services.TryAddScoped <IOpenIddictValidationProvider, OpenIddictValidationProvider>();

            // Register the built-in validation event handlers used by the OpenIddict validation components.
            // Note: the order used here is not important, as the actual order is set in the options.
            builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

            // Register the built-in filters used by the default OpenIddict validation event handlers.
            builder.Services.TryAddSingleton <RequireAuthorizationValidationEnabled>();
            builder.Services.TryAddSingleton <RequireReferenceTokensDisabled>();
            builder.Services.TryAddSingleton <RequireReferenceTokensEnabled>();

            // Note: TryAddEnumerable() is used here to ensure the initializer is registered only once.
            builder.Services.TryAddEnumerable(ServiceDescriptor.Singleton <
                                                  IPostConfigureOptions <OpenIddictValidationOptions>, OpenIddictValidationConfiguration>());

            return(new OpenIddictValidationBuilder(builder.Services));
        }
        /// <summary>
        /// Registers the OpenIddict token server services in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
        public static OpenIddictServerBuilder AddServer([NotNull] this OpenIddictBuilder builder)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddLogging();
            builder.Services.AddOptions();

            builder.Services.TryAddScoped <IOpenIddictServerProvider, OpenIddictServerProvider>();

            // Register the built-in server event handlers used by the OpenIddict server components.
            // Note: the order used here is not important, as the actual order is set in the options.
            builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

            // Register the built-in filters used by the default OpenIddict server event handlers.
            builder.Services.TryAddSingleton <RequireAccessTokenIncluded>();
            builder.Services.TryAddSingleton <RequireAuthorizationCodeIncluded>();
            builder.Services.TryAddSingleton <RequireClientIdParameter>();
            builder.Services.TryAddSingleton <RequireDegradedModeDisabled>();
            builder.Services.TryAddSingleton <RequireDegradedModeEnabled>();
            builder.Services.TryAddSingleton <RequireEndpointPermissionsEnabled>();
            builder.Services.TryAddSingleton <RequireGrantTypePermissionsEnabled>();
            builder.Services.TryAddSingleton <RequireIdentityTokenIncluded>();
            builder.Services.TryAddSingleton <RequireRefreshTokenIncluded>();
            builder.Services.TryAddSingleton <RequireScopePermissionsEnabled>();
            builder.Services.TryAddSingleton <RequireScopeValidationEnabled>();

            // Note: TryAddEnumerable() is used here to ensure the initializer is registered only once.
            builder.Services.TryAddEnumerable(ServiceDescriptor.Singleton <
                                                  IPostConfigureOptions <OpenIddictServerOptions>, OpenIddictServerConfiguration>());

            return(new OpenIddictServerBuilder(builder.Services));
        }
Exemple #5
0
    /// <summary>
    /// Registers the OpenIddict validation services for OWIN in the DI container.
    /// </summary>
    /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
    /// <remarks>This extension can be safely called multiple times.</remarks>
    /// <returns>The <see cref="OpenIddictValidationOwinBuilder"/>.</returns>
    public static OpenIddictValidationOwinBuilder UseOwin(this OpenIddictValidationBuilder builder)
    {
        if (builder is null)
        {
            throw new ArgumentNullException(nameof(builder));
        }

        // Note: unlike regular OWIN middleware, the OpenIddict validation middleware is registered
        // as a scoped service in the DI container. This allows containers that support middleware
        // resolution (like Autofac) to use it without requiring additional configuration.
        builder.Services.TryAddScoped <OpenIddictValidationOwinMiddleware>();

        // Register the built-in event handlers used by the OpenIddict OWIN validation components.
        // Note: the order used here is not important, as the actual order is set in the options.
        builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

        // Register the built-in filters used by the default OpenIddict OWIN validation event handlers.
        builder.Services.TryAddSingleton <RequireOwinRequest>();

        // Register the option initializers used by the OpenIddict OWIN validation integration services.
        // Note: TryAddEnumerable() is used here to ensure the initializers are only registered once.
        builder.Services.TryAddEnumerable(new[]
        {
            ServiceDescriptor.Singleton <IConfigureOptions <OpenIddictValidationOptions>, OpenIddictValidationOwinConfiguration>()
        });

        return(new OpenIddictValidationOwinBuilder(builder.Services));
    }
        /// <summary>
        /// Registers the OpenIddict ASP.NET Core Data Protection server services in the DI container
        /// and configures OpenIddict to validate and issue ASP.NET Data Protection-based tokens.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
        public static OpenIddictServerDataProtectionBuilder UseDataProtection(this OpenIddictServerBuilder builder)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddDataProtection();

            // Register the built-in server event handlers used by the OpenIddict Data Protection components.
            // Note: the order used here is not important, as the actual order is set in the options.
            builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

            // Register the built-in filter used by the default OpenIddict Data Protection event handlers.
            builder.Services.TryAddSingleton <RequireDataProtectionAccessTokenFormatEnabled>();
            builder.Services.TryAddSingleton <RequireDataProtectionAuthorizationCodeFormatEnabled>();
            builder.Services.TryAddSingleton <RequireDataProtectionDeviceCodeFormatEnabled>();
            builder.Services.TryAddSingleton <RequireDataProtectionRefreshTokenFormatEnabled>();
            builder.Services.TryAddSingleton <RequireDataProtectionUserCodeFormatEnabled>();

            // Note: TryAddEnumerable() is used here to ensure the initializers are registered only once.
            builder.Services.TryAddEnumerable(new[]
            {
                ServiceDescriptor.Singleton <IConfigureOptions <OpenIddictServerOptions>, OpenIddictServerDataProtectionConfiguration>(),
                ServiceDescriptor.Singleton <IPostConfigureOptions <OpenIddictServerDataProtectionOptions>, OpenIddictServerDataProtectionConfiguration>()
            });

            return(new OpenIddictServerDataProtectionBuilder(builder.Services));
        }
Exemple #7
0
        /// <summary>
        /// Registers the OpenIddict token server services in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
        public static OpenIddictServerBuilder AddServer(this OpenIddictBuilder builder)
        {
            if (builder is null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddLogging();
            builder.Services.AddOptions();

            builder.Services.TryAddScoped <IOpenIddictServerDispatcher, OpenIddictServerDispatcher>();
            builder.Services.TryAddScoped <IOpenIddictServerFactory, OpenIddictServerFactory>();

            // Register the built-in server event handlers used by the OpenIddict server components.
            // Note: the order used here is not important, as the actual order is set in the options.
            builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

            // Register the built-in filters used by the default OpenIddict server event handlers.
            builder.Services.TryAddSingleton <RequireAccessTokenGenerated>();
            builder.Services.TryAddSingleton <RequireAuthorizationCodeGenerated>();
            builder.Services.TryAddSingleton <RequireAuthorizationStorageEnabled>();
            builder.Services.TryAddSingleton <RequireAuthorizationRequest>();
            builder.Services.TryAddSingleton <RequireClientIdParameter>();
            builder.Services.TryAddSingleton <RequireConfigurationRequest>();
            builder.Services.TryAddSingleton <RequireCryptographyRequest>();
            builder.Services.TryAddSingleton <RequireDegradedModeDisabled>();
            builder.Services.TryAddSingleton <RequireDeviceCodeGenerated>();
            builder.Services.TryAddSingleton <RequireDeviceRequest>();
            builder.Services.TryAddSingleton <RequireEndpointPermissionsEnabled>();
            builder.Services.TryAddSingleton <RequireGrantTypePermissionsEnabled>();
            builder.Services.TryAddSingleton <RequireIdentityTokenGenerated>();
            builder.Services.TryAddSingleton <RequireIntrospectionRequest>();
            builder.Services.TryAddSingleton <RequireLogoutRequest>();
            builder.Services.TryAddSingleton <RequirePostLogoutRedirectUriParameter>();
            builder.Services.TryAddSingleton <RequireReferenceAccessTokensEnabled>();
            builder.Services.TryAddSingleton <RequireReferenceRefreshTokensEnabled>();
            builder.Services.TryAddSingleton <RequireRefreshTokenGenerated>();
            builder.Services.TryAddSingleton <RequireResponseTypePermissionsEnabled>();
            builder.Services.TryAddSingleton <RequireRevocationRequest>();
            builder.Services.TryAddSingleton <RequireSlidingRefreshTokenExpirationEnabled>();
            builder.Services.TryAddSingleton <RequireScopePermissionsEnabled>();
            builder.Services.TryAddSingleton <RequireScopeValidationEnabled>();
            builder.Services.TryAddSingleton <RequireTokenStorageEnabled>();
            builder.Services.TryAddSingleton <RequireTokenRequest>();
            builder.Services.TryAddSingleton <RequireUserCodeGenerated>();
            builder.Services.TryAddSingleton <RequireUserinfoRequest>();
            builder.Services.TryAddSingleton <RequireVerificationRequest>();

            // Note: TryAddEnumerable() is used here to ensure the initializer is registered only once.
            builder.Services.TryAddEnumerable(ServiceDescriptor.Singleton <
                                                  IPostConfigureOptions <OpenIddictServerOptions>, OpenIddictServerConfiguration>());

            return(new OpenIddictServerBuilder(builder.Services));
        }
Exemple #8
0
    /// <summary>
    /// Registers the OpenIddict client services in the DI container.
    /// </summary>
    /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
    /// <remarks>This extension can be safely called multiple times.</remarks>
    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
    public static OpenIddictClientBuilder AddClient(this OpenIddictBuilder builder)
    {
        if (builder is null)
        {
            throw new ArgumentNullException(nameof(builder));
        }

        builder.Services.AddLogging();
        builder.Services.AddOptions();

        builder.Services.TryAddScoped <IOpenIddictClientDispatcher, OpenIddictClientDispatcher>();
        builder.Services.TryAddScoped <IOpenIddictClientFactory, OpenIddictClientFactory>();
        builder.Services.TryAddSingleton <OpenIddictClientService>();

        // Register the built-in filters used by the default OpenIddict client event handlers.
        builder.Services.TryAddSingleton <RequireAuthorizationCodeOrImplicitGrantType>();
        builder.Services.TryAddSingleton <RequireAuthorizationCodeValidated>();
        builder.Services.TryAddSingleton <RequireBackchannelAccessTokenValidated>();
        builder.Services.TryAddSingleton <RequireBackchannelIdentityTokenValidated>();
        builder.Services.TryAddSingleton <RequireBackchannelIdentityTokenPrincipal>();
        builder.Services.TryAddSingleton <RequireClientAssertionTokenGenerated>();
        builder.Services.TryAddSingleton <RequireFrontchannelAccessTokenValidated>();
        builder.Services.TryAddSingleton <RequireFrontchannelIdentityTokenValidated>();
        builder.Services.TryAddSingleton <RequireFrontchannelIdentityTokenPrincipal>();
        builder.Services.TryAddSingleton <RequireJsonWebTokenFormat>();
        builder.Services.TryAddSingleton <RequireRedirectionRequest>();
        builder.Services.TryAddSingleton <RequireRefreshTokenValidated>();
        builder.Services.TryAddSingleton <RequireStateTokenGenerated>();
        builder.Services.TryAddSingleton <RequireStateTokenPrincipal>();
        builder.Services.TryAddSingleton <RequireStateTokenValidated>();
        builder.Services.TryAddSingleton <RequireTokenEntryCreated>();
        builder.Services.TryAddSingleton <RequireTokenPayloadPersisted>();
        builder.Services.TryAddSingleton <RequireTokenRequest>();
        builder.Services.TryAddSingleton <RequireTokenStorageEnabled>();
        builder.Services.TryAddSingleton <RequireUserinfoRequest>();
        builder.Services.TryAddSingleton <RequireUserinfoTokenExtracted>();
        builder.Services.TryAddSingleton <RequireUserinfoTokenPrincipal>();

        // Register the built-in client event handlers used by the OpenIddict client components.
        // Note: the order used here is not important, as the actual order is set in the options.
        builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

        // Note: TryAddEnumerable() is used here to ensure the initializer is registered only once.
        builder.Services.TryAddEnumerable(ServiceDescriptor.Singleton <
                                              IPostConfigureOptions <OpenIddictClientOptions>, OpenIddictClientConfiguration>());

        return(new OpenIddictClientBuilder(builder.Services));
    }
        /// <summary>
        /// Registers the OpenIddict token validation services in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
        public static OpenIddictValidationBuilder AddValidation(this OpenIddictBuilder builder)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddLogging();
            builder.Services.AddOptions();

            builder.Services.TryAddSingleton <OpenIddictValidationService>();
            builder.Services.TryAddScoped <IOpenIddictValidationDispatcher, OpenIddictValidationDispatcher>();
            builder.Services.TryAddScoped <IOpenIddictValidationFactory, OpenIddictValidationFactory>();

            // Register the built-in validation event handlers used by the OpenIddict validation components.
            // Note: the order used here is not important, as the actual order is set in the options.
            builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

            // Register the built-in filters used by the default OpenIddict validation event handlers.
            builder.Services.TryAddSingleton <RequireAuthorizationEntryValidationEnabled>();
            builder.Services.TryAddSingleton <RequireLocalValidation>();
            builder.Services.TryAddSingleton <RequireTokenEntryValidationEnabled>();
            builder.Services.TryAddSingleton <RequireIntrospectionValidation>();

            builder.Services.TryAddSingleton <IStringLocalizer <OpenIddictResources> >(provider =>
            {
                // Note: the string localizer factory is deliberately not resolved from
                // the DI container to ensure the built-in .resx files are always used
                // even if the factory was replaced by a different implementation in DI.
                var factory = new ResourceManagerStringLocalizerFactory(
                    localizationOptions: Options.Create(new LocalizationOptions()),
                    loggerFactory: NullLoggerFactory.Instance);

                return(new StringLocalizer <OpenIddictResources>(factory));
            });

            // Note: TryAddEnumerable() is used here to ensure the initializer is registered only once.
            builder.Services.TryAddEnumerable(ServiceDescriptor.Singleton <
                                                  IPostConfigureOptions <OpenIddictValidationOptions>, OpenIddictValidationConfiguration>());

            return(new OpenIddictValidationBuilder(builder.Services));
        }
        /// <summary>
        /// Registers the OpenIddict server services for ASP.NET Core in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictServerAspNetCoreBuilder"/>.</returns>
        public static OpenIddictServerAspNetCoreBuilder UseAspNetCore(this OpenIddictServerBuilder builder)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddAuthentication();

            builder.Services.TryAddScoped <OpenIddictServerAspNetCoreHandler>();

            // Register the built-in event handlers used by the OpenIddict ASP.NET Core server components.
            // Note: the order used here is not important, as the actual order is set in the options.
            builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

            // Register the built-in filters used by the default OpenIddict ASP.NET Core server event handlers.
            builder.Services.TryAddSingleton <RequireAuthorizationEndpointCachingEnabled>();
            builder.Services.TryAddSingleton <RequireAuthorizationEndpointPassthroughEnabled>();
            builder.Services.TryAddSingleton <RequireErrorPassthroughEnabled>();
            builder.Services.TryAddSingleton <RequireHttpRequest>();
            builder.Services.TryAddSingleton <RequireLogoutEndpointCachingEnabled>();
            builder.Services.TryAddSingleton <RequireLogoutEndpointPassthroughEnabled>();
            builder.Services.TryAddSingleton <RequireTransportSecurityRequirementEnabled>();
            builder.Services.TryAddSingleton <RequireStatusCodePagesIntegrationEnabled>();
            builder.Services.TryAddSingleton <RequireTokenEndpointPassthroughEnabled>();
            builder.Services.TryAddSingleton <RequireUserinfoEndpointPassthroughEnabled>();
            builder.Services.TryAddSingleton <RequireVerificationEndpointPassthroughEnabled>();

            // Register the option initializer used by the OpenIddict ASP.NET Core server integration services.
            // Note: TryAddEnumerable() is used here to ensure the initializers are only registered once.
            builder.Services.TryAddEnumerable(new[]
            {
                ServiceDescriptor.Singleton <IConfigureOptions <AuthenticationOptions>, OpenIddictServerAspNetCoreConfiguration>(),
                ServiceDescriptor.Singleton <IPostConfigureOptions <AuthenticationOptions>, OpenIddictServerAspNetCoreConfiguration>(),

                ServiceDescriptor.Singleton <IConfigureOptions <OpenIddictServerOptions>, OpenIddictServerAspNetCoreConfiguration>(),

                ServiceDescriptor.Singleton <IPostConfigureOptions <OpenIddictServerAspNetCoreOptions>, OpenIddictServerAspNetCoreConfiguration>()
            });

            return(new OpenIddictServerAspNetCoreBuilder(builder.Services));
        }
        /// <summary>
        /// Registers the OpenIddict server services for OWIN in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictServerOwinBuilder"/>.</returns>
        public static OpenIddictServerOwinBuilder UseOwin(this OpenIddictServerBuilder builder)
        {
            if (builder is null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddWebEncoders();

            // Note: unlike regular OWIN middleware, the OpenIddict server middleware is registered
            // as a scoped service in the DI container. This allows containers that support middleware
            // resolution (like Autofac) to use it without requiring additional configuration.
            builder.Services.TryAddScoped <OpenIddictServerOwinMiddleware>();

            // Register the built-in event handlers used by the OpenIddict OWIN server components.
            // Note: the order used here is not important, as the actual order is set in the options.
            builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

            // Register the built-in filters used by the default OpenIddict OWIN server event handlers.
            builder.Services.TryAddSingleton <RequireAuthorizationRequestCachingEnabled>();
            builder.Services.TryAddSingleton <RequireAuthorizationEndpointPassthroughEnabled>();
            builder.Services.TryAddSingleton <RequireErrorPassthroughEnabled>();
            builder.Services.TryAddSingleton <RequireLogoutRequestCachingEnabled>();
            builder.Services.TryAddSingleton <RequireLogoutEndpointPassthroughEnabled>();
            builder.Services.TryAddSingleton <RequireTransportSecurityRequirementEnabled>();
            builder.Services.TryAddSingleton <RequireOwinRequest>();
            builder.Services.TryAddSingleton <RequireTokenEndpointPassthroughEnabled>();
            builder.Services.TryAddSingleton <RequireUserinfoEndpointPassthroughEnabled>();
            builder.Services.TryAddSingleton <RequireVerificationEndpointPassthroughEnabled>();

            // Register the option initializers used by the OpenIddict OWIN server integration services.
            // Note: TryAddEnumerable() is used here to ensure the initializers are only registered once.
            builder.Services.TryAddEnumerable(new[]
            {
                ServiceDescriptor.Singleton <IConfigureOptions <OpenIddictServerOptions>, OpenIddictServerOwinConfiguration>(),
                ServiceDescriptor.Singleton <IPostConfigureOptions <OpenIddictServerOwinOptions>, OpenIddictServerOwinConfiguration>()
            });

            return(new OpenIddictServerOwinBuilder(builder.Services));
        }
        /// <summary>
        /// Registers the OpenIddict ASP.NET Core Data Protection validation services in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
        public static OpenIddictValidationDataProtectionBuilder UseDataProtection(this OpenIddictValidationBuilder builder)
        {
            if (builder is null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddDataProtection();

            // Register the built-in validation event handlers used by the OpenIddict Data Protection components.
            // Note: the order used here is not important, as the actual order is set in the options.
            builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

            // Note: TryAddEnumerable() is used here to ensure the initializers are registered only once.
            builder.Services.TryAddEnumerable(new[]
            {
                ServiceDescriptor.Singleton <IConfigureOptions <OpenIddictValidationOptions>, OpenIddictValidationDataProtectionConfiguration>(),
                ServiceDescriptor.Singleton <IPostConfigureOptions <OpenIddictValidationDataProtectionOptions>, OpenIddictValidationDataProtectionConfiguration>()
            });

            return(new OpenIddictValidationDataProtectionBuilder(builder.Services));
        }
        /// <summary>
        /// Registers the OpenIddict token server services in the DI container.
        /// </summary>
        /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
        /// <remarks>This extension can be safely called multiple times.</remarks>
        /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
        public static OpenIddictServerBuilder AddServer(this OpenIddictBuilder builder)
        {
            if (builder == null)
            {
                throw new ArgumentNullException(nameof(builder));
            }

            builder.Services.AddLocalization();
            builder.Services.AddLogging();
            builder.Services.AddOptions();

            builder.Services.TryAddScoped <IOpenIddictServerDispatcher, OpenIddictServerDispatcher>();
            builder.Services.TryAddScoped <IOpenIddictServerFactory, OpenIddictServerFactory>();

            // Register the built-in server event handlers used by the OpenIddict server components.
            // Note: the order used here is not important, as the actual order is set in the options.
            builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

            // Register the built-in filters used by the default OpenIddict server event handlers.
            builder.Services.TryAddSingleton <RequireAccessTokenIncluded>();
            builder.Services.TryAddSingleton <RequireAuthorizationCodeIncluded>();
            builder.Services.TryAddSingleton <RequireAuthorizationStorageEnabled>();
            builder.Services.TryAddSingleton <RequireAuthorizationRequest>();
            builder.Services.TryAddSingleton <RequireClientIdParameter>();
            builder.Services.TryAddSingleton <RequireConfigurationRequest>();
            builder.Services.TryAddSingleton <RequireCryptographyRequest>();
            builder.Services.TryAddSingleton <RequireDegradedModeDisabled>();
            builder.Services.TryAddSingleton <RequireDeviceCodeIncluded>();
            builder.Services.TryAddSingleton <RequireDeviceRequest>();
            builder.Services.TryAddSingleton <RequireEndpointPermissionsEnabled>();
            builder.Services.TryAddSingleton <RequireGrantTypePermissionsEnabled>();
            builder.Services.TryAddSingleton <RequireIdentityTokenIncluded>();
            builder.Services.TryAddSingleton <RequireIntrospectionRequest>();
            builder.Services.TryAddSingleton <RequireLogoutRequest>();
            builder.Services.TryAddSingleton <RequirePostLogoutRedirectUriParameter>();
            builder.Services.TryAddSingleton <RequireReferenceAccessTokensEnabled>();
            builder.Services.TryAddSingleton <RequireReferenceRefreshTokensEnabled>();
            builder.Services.TryAddSingleton <RequireRefreshTokenIncluded>();
            builder.Services.TryAddSingleton <RequireRevocationRequest>();
            builder.Services.TryAddSingleton <RequireRollingTokensDisabled>();
            builder.Services.TryAddSingleton <RequireRollingRefreshTokensEnabled>();
            builder.Services.TryAddSingleton <RequireSlidingRefreshTokenExpirationEnabled>();
            builder.Services.TryAddSingleton <RequireScopePermissionsEnabled>();
            builder.Services.TryAddSingleton <RequireScopeValidationEnabled>();
            builder.Services.TryAddSingleton <RequireTokenStorageEnabled>();
            builder.Services.TryAddSingleton <RequireTokenRequest>();
            builder.Services.TryAddSingleton <RequireUserCodeIncluded>();
            builder.Services.TryAddSingleton <RequireUserinfoRequest>();
            builder.Services.TryAddSingleton <RequireVerificationRequest>();

            builder.Services.TryAddSingleton <IStringLocalizer <OpenIddictResources> >(provider =>
            {
                // Note: the string localizer factory is deliberately not resolved from
                // the DI container to ensure the built-in .resx files are always used
                // even if the factory was replaced by a different implementation in DI.
                var factory = new ResourceManagerStringLocalizerFactory(
                    localizationOptions: Options.Create(new LocalizationOptions()),
                    loggerFactory: NullLoggerFactory.Instance);

                return(new StringLocalizer <OpenIddictResources>(factory));
            });

            // Note: TryAddEnumerable() is used here to ensure the initializer is registered only once.
            builder.Services.TryAddEnumerable(ServiceDescriptor.Singleton <
                                                  IPostConfigureOptions <OpenIddictServerOptions>, OpenIddictServerConfiguration>());

            return(new OpenIddictServerBuilder(builder.Services));
        }