[release/8.0-preview7] Add more MapIdentityApi endpoints #49559
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
ghost
added
the
halter73
added
the
Servicing-consider
|
Hi @github-actions[bot]. Please make sure you've updated the PR description to use the Shiproom Template. Also, make sure this PR is not marked as a draft and is ready-to-merge. To learn more about how to prepare a servicing PR click here. |
| .Add(endpointBuilder => | ||
| { | ||
| var finalPattern = ((RouteEndpointBuilder)endpointBuilder).RoutePattern.RawText; | ||
| confirmEmailEndpointName = $"{nameof(MapIdentityApi)}-{finalPattern}"; | ||
| endpointBuilder.Metadata.Add(new EndpointNameMetadata(confirmEmailEndpointName)); | ||
| endpointBuilder.Metadata.Add(new RouteNameMetadata(confirmEmailEndpointName)); | ||
| }); |
There was a problem hiding this comment.
It's to generate a unique name for the /confirmEmail endpoint for link generation. This works even if MapIdentityApi is called multiple times in different route groups. See the CanAddEndpointsToMultipleRouteGroupsForSameUserType and CanAddEndpointsToMultipleRouteGroupsForMultipleUsersTypes tests.
mkArtakMSFT
added
Servicing-approved
|
Hi @github-actions[bot]. This PR was just approved to be included in the upcoming servicing release. Somebody from the @dotnet/aspnet-build team will get it merged when the branches are open. Until then, please make sure all the CI checks pass and the PR is reviewed. |
Backport of #49498 to release/8.0-preview7
/cc @halter73
Add more MapIdentityApi endpoints
Description
This adds the following new endpoints:
Additionally, the existing /login endpoint now accepts 2fa codes and 2fa recovery codes as part of the request body. These can be queried and regenerated from /account/2fa. The /login endpoint now also gives limited failure reasons in the form of application/problem+json instead of empty 401 responses with details such as "LockedOut", "RequiresTwoFactor", "NotAllowed" (usually because lack of email confirmation), and the generic "Failed" statuses.
Fixes #47232 (lockout support)
Fixes #47231 (reset password support)
Fixes #47230 (2fa support)
Fixes #47229 (change username and password)
Fixes #49404 (Removes AddIdentityBearerToken which is no longer needed)
Customer Impact
This makes the MapIdentityApi API introduced in preview4 more usable. See https://devblogs.microsoft.com/dotnet/asp-net-core-updates-in-dotnet-8-preview-4/#auth where we promised the following.
This PR adds all of these features, and it's important to make this available to customers as soon as possible, so we have time to react to any feedback. It appears customers are excited to give it a go.
Regression?
Risk
This is primarily new API with minimal changes to SignInManager that should have no impact unless used by the new MapIdentityApi endpoints.
Verification
Packaging changes reviewed?