OpenRiaServices.Hosting.AspNetCore
1.3.1
Prefix Reserved
dotnet add package OpenRiaServices.Hosting.AspNetCore --version 1.3.1
NuGet\Install-Package OpenRiaServices.Hosting.AspNetCore -Version 1.3.1
<PackageReference Include="OpenRiaServices.Hosting.AspNetCore" Version="1.3.1" />
paket add OpenRiaServices.Hosting.AspNetCore --version 1.3.1
#r "nuget: OpenRiaServices.Hosting.AspNetCore, 1.3.1"
// Install OpenRiaServices.Hosting.AspNetCore as a Cake Addin #addin nuget:?package=OpenRiaServices.Hosting.AspNetCore&version=1.3.1 // Install OpenRiaServices.Hosting.AspNetCore as a Cake Tool #tool nuget:?package=OpenRiaServices.Hosting.AspNetCore&version=1.3.1
This software will allow existing applications written for OpenRiaServices or WCF RIA Services to run on net6 and kestrel, making them future proof and improving their performance.
Hopefully it will allow you as a consumer to make large savings in development time, weeks or even man years, by not having to rewrite your application as well as allowing rapid development.
The software is provided free of charge, but I urge you to use some of the money saved by using this software to support Ukraine The civilian suffering due to the Russian invasion, the attacks on hospitals and other war crimes are enormous.
TERM OF USE
By using this project or its source code, for any purpose and in any shape or form, you grant your agreement to all the following statements:
- You condemn Russia and its military aggression against Ukraine
- You recognize that Russia is an occupant that unlawfully invaded a sovereign state
- You support Ukraine's territorial integrity, including its claims over temporarily occupied territories of Crimea and Donbas
- You do not support the Russian invasion or contribute to its propaganda'
This excludes usage by the Russian state, Russian state-owned companies, Russian education who spread propaganda instead of truth, anyone who work with the filtration camps, or finance the war by importing Russian oil or gas.
- You allow anonymized telemetry to collected and sent during the preview releases to gather feedback about usage
Sample
There is no documentation except for this yet readme, please see AspNetCoreWebsite project in repository for usage.
- For a sample see WpfCore_AspNetCore in Samples repository
Getting Started
Create a new dotnet 6 web application
dotnet new web
or similarAdd a reference to OpenRiaServices.Hosting.AspNetCore
dotnet add package OpenRiaServices.Hosting.AspNetCore
Add a reference to OpenRiaServices.Server
Add one or more domainservices
[EnableClientAccess]
public class CityDomainService : DomainService
{
/* ..... */
}
For more documentation see https://openriaservices.gitbook.io/openriaservices/ee707348/ee707373 or samples https://github.com/OpenRIAServices/OpenRiaServices/blob/086ea8c8fcb115000749be6b2b01cd43bb95bf80/docs/gg602754.md#add-the-poco-class
- Setup hosting integration
Sample program:
using OpenRiaServices.Hosting.AspNetCore;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddOpenRiaServices();
// Register DomainServices in DI
builder.Services.AddDomainService<CityDomainService>();
// OR builder.Services.AddDomainServices(AppDomain.CurrentDomain.GetAssemblies());
var app = builder.Build();
// Map OpenRiaServices routes , you can optionally add a prefix such as "/Services"
// This will automatically map all DomainServices that are registered in builder.Services
// Using routes similar to $"{DomainServiceName}/{MethodName}"
app.MapOpenRiaServices();
// OR app.MapOpenRiaServices(builder => { builder.AddDomainService<CityDomainService>(); }); to specify exactly the DomainServices to map which works better with Trimming
app.Run();
Advanced
Configuring Hosting Options
You can configure the hosting options by passing a callback to AddOpenRiaServices
method.
Options include:
ExceptionHandler
- A delegate that can be used to handle exceptions that occur during the execution of a DomainService method.- It allows customizing the error message, and error code that is sent to the client as well as the HTTP status code.
IncludeExceptionMessageInErrors
- A boolean that determines if the exception message should be included in the error response.- WARNING: Exposing this information might help a hacker. It is generally better to use the
ExceptionHandler
and ensuring that the message is not passed on to the client is "safe" and does not give to much information about the system to a potential hacker.
- WARNING: Exposing this information might help a hacker. It is generally better to use the
IncludeExceptionStackTraceInErrors
- A boolean that determines if the exception stack trace should be included in the error response.- WARNING: This is considered INSECURE and is NOT *recommended for production use as it would gives an attacker detailed information about your system
Example setup:
builder.Services.AddOpenRiaServices(o => {
o.ExceptionHandler = (context, response) =>
{
// Pass all exceptions to client
response.ErrorMessage ??= context.Exception.Message;
};
// There is at least one test which test that checks that calls stacks of normal exceptions are passed to the client
// To get StackTrack of "normal" exceptions we need to pass them on to the user, as well as include stack traces
o.IncludeExceptionMessageInErrors = true;
o.IncludeExceptionStackTraceInErrors = true;
});
Specifying endpoint routes
You can choose between 3 different approaches to how the endpoint routes are generated.
You do this by adding the DomainServiceEndpointRoutePattern
attribute to your assembly.
- If the attribute is defined in the assembly of a specific DomainService, then that will be used
- Otherwise if there is an attribute in the "startup" assembly then that will be used (since the code generation cannot know what project is the startup project, it will always treat the "LinkedServerProject" as the startup project)
The options are WCF
, FullName
and ShortName
.
WCF
will generate the same routes as WCF RIA ServicesSome-Namespace-TypeName.svc/binary/Method
- This is the only option that works with the (obsolete) WCF based DomainClient
FullName
will generate routes with the full name of the DomainServiceSome-Namespace-TypeName/Method
Name
will generate routes with the short name of the DomainServiceTypeName/Method
The default will be changed to FullName
which is the same as in WCF RIA Services.
[assembly: DomainServiceEndpointRoutePattern(EndpointRoutePattern.WCF)]
// or
[assembly: DomainServiceEndpointRoutePattern(EndpointRoutePattern.FullName)]
// or
[assembly: DomainServiceEndpointRoutePattern(EndpointRoutePattern.Name)]
If you want to change the route for a specific DomainService or need to map a DomainService to multiple routes you can specify
a route directly when adding domainservices during the MapOpenRiaServices
call.
app.MapOpenRiaServices(builder =>
{
builder.AddDomainService<Cities.CityDomainService>("Cities-CityDomainService.svc/binary");
});
Asp.Net Core integration
Since 0.4.0 any attivbute applied to Invoke/Query are added to the corresponding AspNetCore-Endpoint allowing the use of any AspNetCore endpoint middleware (not MVC specific filters, they must work with "minimal api's").
This means you can use standard aspnetcore Authentication and Authorization to validate most requests (but NOT indivudual Insert,Update,Delete methods, you can apply atttributes to your DomainService class for those). The validation will happen before the DomainService is even created, making them more powerful than built in attributes.
You can still (and probably should) use the OpenRiaServices specific attributes such as [RequiresAuthentication]
or your own Authorization attributes
Simple authorization, which works on all methods.
AspNetCore Authentication and Authorization
You can use standard aspnetcore Authentication and Authorization to validate most requests (but NOT indivudual Insert, Update, Delete methods, you can apply atttributes to your DomainService class for those). The validation will happen before the DomainService is even created, making them more powerful than built in attributes.
The AspNetCore Sample shows how cookie based login similar to ASP.NET Membership provider can be handled. The change was added in #16: Add AspNetCore AuthenticationService You will need to tweak it so it validates credentials, assign correct Claims (Roles) to users and fits your choosen scheme for authentication.
Authentication: Client setup
For the client, you need to ensure that all HttpClients share the same CookieContainer and that the it is set to use to cookies (https://learn.microsoft.com/en-us/dotnet/api/system.net.http.httpclienthandler.usecookies?view=net-7.0#system-net-http-httpclienthandler-usecookies)
Authentication: Asp.Net Core Setup Authentication and Authorization setup
In Program.cs the following code is needed
Service registrations, adds cookie based authentication and enable Authorization
// Additional dependencies for cookie based AuthenticationService
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie();
builder.Services.AddHttpContextAccessor();
builder.Services.AddAuthorization();
After the "application has been built" and the middleware is configured you should add Authentication (and Authorization if used). They should be added before OpenRiaServices
// Add authentication
app.UseAuthentication();
app.UseAuthorization();
// Enable OpenRiaServices
app.MapOpenRiaServices(....
Authorization: Protecting DomainServices using Authorization middleware
A good idea is to protect your DomainServices, all of them or individual, by requiring authorization. The Authorization middleware should run before the DomainService is created so you will avoid any cost with creating the DomainService and it's dependencies, providing a much better protection against DOS.
IMPORANT: error message on the client will be different and not as user friendly as if the [RequiresAuthentication]
attribute is used.
You might want to consider changing the HTTP status code to match 401 or similar instead of 404 (when it tries to redirect to missing "/Account/Login" endpoint)
Note: If you need to selectivly only require authentication for some Submit operations (Insert, Update, Delete or Entity Action) then remember to use [RequiresAuthentication]
Require request to all DomainServices be authorized using default authorization policy:
app.MapOpenRiaServices(builder =>
{
builder.AddDomainService<SampleDomainService>();
builder.AddDomainService<MyAuthenticationService>();
}).RequireAuthorization();
You can also control the setting per DomainService using code
app.MapOpenRiaServices(builder =>
{
builder.AddDomainService<SampleDomainService>()
.RequireAuthorization();
});
You can also control the setting per DomainService using attributes
[Authorize]
public class MyAuthenticationService : DomainService, IAuthentication<MyUser>
{
[AllowAnonymous]
public MyUser GetUser() {...}
Output Cache Integration
Sample showing how to integrate the OutputCache middleware WARNING: Se caching documentation and ensure that any usage of output cache is not sent to the wrong user.
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddOpenRiaServices();
builder.Services.AddOutputCache(options =>
{
options.AddBasePolicy(builder => builder.NoCache());
});
builder.Services.AddDomainService<CacheTestDomainService>();
var app = builder.Build();
app.UseOutputCache();
[EnableClientAccess]
public class CacheTestDomainService : DomainService
{
[Invoke(HasSideEffects = false)]
public string NoCache()
=> DateTime.Now.ToString();
[Invoke(HasSideEffects = false)]
[Microsoft.AspNetCore.OutputCaching.OutputCache(Duration = 5)]
public string OutputCache()
=> DateTime.Now.ToString();
}
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
-
net8.0
- OpenRiaServices.Server (>= 5.6.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Version | Downloads | Last updated |
---|---|---|
1.3.1 | 308 | 11/18/2024 |
1.3.0 | 112 | 11/14/2024 |
1.2.0 | 208 | 6/13/2024 |
1.1.0 | 198 | 3/14/2024 |
1.1.0-ci.9 | 55 | 3/14/2024 |
1.0.0 | 219 | 1/11/2024 |
0.4.0 | 283 | 6/22/2023 |
0.4.0-preview.2 | 86 | 8/1/2023 |
0.3.0 | 184 | 5/26/2023 |
0.2.1 | 235 | 4/14/2023 |
0.2.1-tags-v-5-3-0.8 | 91 | 4/14/2023 |
0.2.0 | 378 | 11/25/2022 |
0.1.0 | 510 | 6/9/2022 |
For release notes see https://github.com/OpenRIAServices/OpenRiaServices/releases