![[The AI Show Episode 144]: ChatGPT’s New Memory, Shopify CEO’s Leaked “AI First” Memo, Google Cloud Next Releases, o3 and o4-mini Coming Soon & Llama 4’s Rocky Launch](https://www.marketingaiinstitute.com/hubfs/ep%20144%20cover.png)
.png?#)
-Baldur’s-Gate-3-The-Final-Patch---An-Animated-Short-00-03-43.png?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
_Aleksey_Funtap_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![Apple's Foldable iPhone May Cost Between $2100 and $2300 [Rumor]](https://www.iclarified.com/images/news/97028/97028/97028-640.jpg)
![Apple Releases Public Betas of iOS 18.5, iPadOS 18.5, macOS Sequoia 15.5 [Download]](https://www.iclarified.com/images/news/97024/97024/97024-640.jpg)
![Apple to Launch In-Store Recycling Promotion Tomorrow, Up to $20 Off Accessories [Gurman]](https://www.iclarified.com/images/news/97023/97023/97023-640.jpg)
CoreIdent Phase 2 Complete: Adding Persistence and Extensibility
Hey .NET community! I'm excited to share that Phase 2 of CoreIdent is now complete, building on the foundation I shared in my initial announcement. This milestone brings us one step closer to a comprehensive, modern identity solution for .NET developers. What's New in Phase 2? Phase 2 focused on two critical aspects: persistence and extensibility. Let me walk you through what's been accomplished: 1. Entity Framework Core Storage The new CoreIdent.Storage.EntityFrameworkCore project provides a full-featured persistence layer: CoreIdentDbContext with properly configured entity relationships EF Core implementations for all key interfaces: EfUserStore for user management EfRefreshTokenStore for secure token handling EfClientStore for OAuth client configuration EfScopeStore for scope management Migrations support for easy database setup Extension methods for seamless integration: AddCoreIdentEntityFrameworkStores() Initial SQLite support ensures developers can get started quickly, while the architecture supports any EF Core provider. 2. Delegated User Store Adapter One of the most requested features was integration with existing user databases. The new CoreIdent.Adapters.DelegatedUserStore project makes this possible: A flexible adapter pattern for connecting to external user stores Simple delegate-based configuration Support for read operations against existing systems Clean extension methods: AddCoreIdentDelegatedUserStore() This means you can now use CoreIdent with your existing ASP.NET Identity database, custom user tables, or even external identity providers. 3. Refined Interfaces and Models The core interfaces have been significantly enhanced: IUserStore now includes comprehensive methods for password management, claims, and lockout functionality New IRefreshTokenStore, IClientStore, and IScopeStore interfaces provide clear contracts Model refinements throughout the codebase enhance consistency and security 4. Robust Refresh Token Implementation Security was a major focus in Phase 2: Full token rotation implementation (old tokens automatically invalidated when used) Proper token hashing and validation Prevention of common token replay attacks Clean integration with the persistence layer What's Next: Phase 3 With Phase 2 complete, development is now focused on Phase 3: Core OAuth 2.0 and OpenID Connect server mechanics. This will include: Authorization Code flow with PKCE Client Credentials flow OpenID Connect discovery endpoints ID Token issuance The groundwork laid in Phases 1 and 2 provides a solid foundation for these advanced features. Getting Involved CoreIdent is being built as a gift to the .NET community. If you're interested in modern, secure, and developer-friendly authentication: Check out the GitHub repository Star the project to show your support Contribute ideas, issues, or pull requests Try it out and provide feedback Whether you're building a small side project or an enterprise application, CoreIdent aims to make authentication both secure and painless. I'm excited to continue this journey and bring a truly modern identity solution to .NET developers. Stay tuned for Phase 3! What aspects of identity management in .NET do you find most challenging? Let me know in the comments!
Hey .NET community! I'm excited to share that Phase 2 of CoreIdent is now complete, building on the foundation I shared in my initial announcement. This milestone brings us one step closer to a comprehensive, modern identity solution for .NET developers.
What's New in Phase 2?
Phase 2 focused on two critical aspects: persistence and extensibility. Let me walk you through what's been accomplished:
1. Entity Framework Core Storage
The new CoreIdent.Storage.EntityFrameworkCore project provides a full-featured persistence layer:
-
CoreIdentDbContextwith properly configured entity relationships - EF Core implementations for all key interfaces:
-
EfUserStorefor user management -
EfRefreshTokenStorefor secure token handling -
EfClientStorefor OAuth client configuration -
EfScopeStorefor scope management
-
- Migrations support for easy database setup
- Extension methods for seamless integration:
AddCoreIdentEntityFrameworkStores()
Initial SQLite support ensures developers can get started quickly, while the architecture supports any EF Core provider.
2. Delegated User Store Adapter
One of the most requested features was integration with existing user databases. The new CoreIdent.Adapters.DelegatedUserStore project makes this possible:
- A flexible adapter pattern for connecting to external user stores
- Simple delegate-based configuration
- Support for read operations against existing systems
- Clean extension methods:
AddCoreIdentDelegatedUserStore()
This means you can now use CoreIdent with your existing ASP.NET Identity database, custom user tables, or even external identity providers.
3. Refined Interfaces and Models
The core interfaces have been significantly enhanced:
-
IUserStorenow includes comprehensive methods for password management, claims, and lockout functionality - New
IRefreshTokenStore,IClientStore, andIScopeStoreinterfaces provide clear contracts - Model refinements throughout the codebase enhance consistency and security
4. Robust Refresh Token Implementation
Security was a major focus in Phase 2:
- Full token rotation implementation (old tokens automatically invalidated when used)
- Proper token hashing and validation
- Prevention of common token replay attacks
- Clean integration with the persistence layer
What's Next: Phase 3
With Phase 2 complete, development is now focused on Phase 3: Core OAuth 2.0 and OpenID Connect server mechanics. This will include:
- Authorization Code flow with PKCE
- Client Credentials flow
- OpenID Connect discovery endpoints
- ID Token issuance
The groundwork laid in Phases 1 and 2 provides a solid foundation for these advanced features.
Getting Involved
CoreIdent is being built as a gift to the .NET community. If you're interested in modern, secure, and developer-friendly authentication:
- Check out the GitHub repository
- Star the project to show your support
- Contribute ideas, issues, or pull requests
- Try it out and provide feedback
Whether you're building a small side project or an enterprise application, CoreIdent aims to make authentication both secure and painless.
I'm excited to continue this journey and bring a truly modern identity solution to .NET developers. Stay tuned for Phase 3!
What aspects of identity management in .NET do you find most challenging? Let me know in the comments!
