2

I am using Identity Server 4 , ASP.NET Core and trying to replace the IdentityServer developer in Production environment. But getting the following error:

No storage mechanism for grants specified. Use the 'AddInMemoryStores' extension method to register a development version.

So, I tried to implement the services as mentioned in this answer:

  • IProfileService
  • IResourceOwnerPasswordValidator

This is my ConfigureServices Method in Startup class:

            services.AddMvc();
            var identityBuilder = services.AddIdentityServer();
            identityBuilder.AddInMemoryScopes(identitySrvConfig.GetScopes());
            identityBuilder.AddInMemoryClients(identitySrvConfig.GetClients());
            identityBuilder.AddProfileService<ProfileService>();
            identityBuilder.Services.AddTransient<IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>();

Taking into consideration that in my case the interface signature is different:

 public class ResourceOwnerPasswordValidator : IdentityServer4.Validation.IResourceOwnerPasswordValidator
{
    public Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
    {
        throw new NotImplementedException();
    }
}

But I am still getting the same error, what is the problem?

Community
  • 1
  • 1
Hussein Salman
  • 7,806
  • 15
  • 60
  • 98

2 Answers2

3

If you are applying custom Identity i.e

services.AddIdentity<AppUser, UserRole>(options => { options.User.RequireUniqueEmail = true; }).AddEntityFrameworkStores<AbcDbContext>();

then in

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)

Comment

app.UseIdentityServer();

because we are using custom identity, not default

1

They were/are reworking those APIs. You should use AddInMemoryPersistedGrants

Lutando
  • 4,909
  • 23
  • 42
  • 1
    I have updated Identity Server to rc3, and used the `AddInMemoryPersistedGrants`. However its says: `you are using the in-memory version of the persisted grant store this will store consent decisions, authorization codes, refresh and reference tokens in memory only. If you are using any of those in production, you want to switch to different store implementation`. I am using Implicit Flow not refresh and reference tokens. So, how would that affect my server when going into production? – Hussein Salman Nov 25 '16 at 16:00
  • If you are not persisting your persisted grants to some form of data store (SQL/Mongo) then they will be lost between deployments. So if you plan to use this in production, implement `IPersistedGrantStore` with a backing queryable data store. – Lutando Nov 27 '16 at 08:45