I am refactoring an old codebase from OpenIddict 2 to version 4. One of the pieces of code I am having a hard time migrating comes from an old configuration that allowed setting the formats for refresh and access tokens:
services
.AddOpenIddict()
.AddServer(options =>
{
options.Configure(
o =>
{
o.RefreshTokenFormat = new JWTRefreshTokenFormat(
tokenKey,
OrbitConfiguration.SystemHostname,
OrbitConfiguration.AlternativeSystemHostname);
o.AccessTokenFormat = new JWTAccessTokenFormat(
tokenKey,
OrbitConfiguration.SystemHostname,
OrbitConfiguration.AlternativeSystemHostname);
});
}
The code above allowed us to set custom implementations of ISecureDataFormat<AuthenticationTicket> for both the refresh and access token. Unfortunately, I wasn't able to find an alternative for it as I am migrating to version 4 of Openiddict.
I tried looking at the code in github, also checked the git history to see if I could find when or why this got removed, but failed to find it since this was an old code from an archived library.
There's no such thing in recent versions of OpenIddict. Instead, you need to create custom
IOpenIddictServerHandler<GenerateTokenContext>andIOpenIddictServerHandler<ValidateTokenContext>event handlers.See https://github.com/openiddict/openiddict-core/tree/dev/src/OpenIddict.Server.DataProtection for a concrete example using ASP.NET Core Data Protection as the token format.