EntityFramework Core | SAML2P Documentation

OpenIddict contains no default or in-memory storage, instead, it provides separate packages for data persistence and storage. The officially supported frameworks are EntityFrameworkCore, and MongoDb.

RockSolidKnowledge provides the Rsk.Saml.OpenIddict.EntityFrameworkCore package for EntityFramework Core integration.

At this time only EntityFramework Core is supported for the RSK SAML implementation for OpenIddict

The Rsk.Saml.OpenIddict.EntityFrameworkCore package contains EntityFramework Core Store implementations and three DbContexts: - OpenIddictSamlMessageDbContext - SamlConfigurationDbContext - SamlArtifactDbContext

Beyond your standard OpenIddict migrations, you will need to generate and apply migrations for both the OpenIddictSamlMessageDbContext and SamlConfigurationDbContext DbContexts. The SamlArtifactDbContext is only required if you are using the back-channel artifact binding.

Migrations generated by EntityFramework Core are provider specific, your configured DbContexts will be used to generate the correct migrations for your provider. Any provider supported by EntityFramework core will work, however we don't recommend using the in-memory or SQLite provider for production instances. For more information on migrations in EntityFrameworkCore see Microsoft's documentation.

Configure EntityFramework Core SAML Configuration and Message Stores

To configure the EntityFramework implementation of the Saml Configuration and Message stores you can use the UseSamlEntityFrameworkCore extension method on the OpenIddictSamlBuilder.

 options.AddSamlPlugin(builder =>
    {
        builder.UseSamlEntityFrameworkCore();
    });

This will add an EntityFramework Core implementation of the IServiceProviderStore, IOpenIddictSamlMessageStore and ISamlArtifactStore stores to your DI container.

Configure EntityFramework Core SAML DbContexts

Calling the UseSamlEntityFrameworkCore extension method will only configure the Store implementations, not the DbContexts. The stores require a valid DbContext of the correct type to be configured within the DI container.

To configure the default OpenIddictSamlMessageDbContext, SamlConfigurationDbContext and SamlArtifactDbContext you can use the AddSamlMessageDbContext, AddSamlConfigurationDbContext and AddSamlArtefactDbContext extension methods and pass in an option builder configured for your chosen provider.

 options.AddSamlPlugin(builder =>
    {
        //Already added the DbContext above
        builder.UseSamlEntityFrameworkCore()
            .AddSamlMessageDbContext(optionsBuilder => )
            .AddSamlConfigurationDbContext(optionsBuilder => )
            .AddSamlArtefactDbContext(optionsBuilder => );
    });

The AddSamlDbContexts can also be used to configure the OpenIddictSamlMessageDbContext, SamlConfigurationDbContext and SamlArtifactDbContext with one call.

 options.AddSamlPlugin(builder =>
    {
        //Already added the DbContext above
        builder.UseSamlEntityFrameworkCore()
            .AddSamlDbContexts(optionsBuilder => );
    });

Previous Next