To use the ASP Identity manager there are some builtin extension methods that add all the required dependencies.
- AddIdentity<TUser, TRole> – this method adds the UserManager, SignInManager and RoleManager
- AddIdentityCore<TUser> – this method adds only the UserManager
To add the identity with the SignManager but excluding the RoleManager we have to manually build it up, but it’s as easy as writing 3 lines of code:
First let’s take a look at what AddIdentity does:
Now the basic one, AddIdentityCore
Ok. Now we can detect the misssing pieces and recompose what we need:
The final picture would look something like this:
Going into details of what are we adding with these extension methods:
AddSignInManager() adds the HttpContextAccessor, the ISecurityStampValidator and the ITwoFactorSecurityStampValidator
AddDefaultTokenProviders () will add the following:
For more about token providers check my previous article
And at the end we use the AddUserStore method to register our store which is needed by the UserManager.
Note : If you are configuring Identity to protect personal data (IdentityServer will look for the protector to protect the normalized user name and email) you will need to have the following:
While Identity provides a default implementation for the IPersonalDataProtector, it’s up to you to implement the rest.
You can find an implementation at the following git repository. But proceed with carefull consideration and study the implementation because this one stores keys on disk, and if you plan to use a distributed approach (multiple instances of IS on multiple VM’s) then you need to change how the keys are stored
