AddIdentity vs AddIdentityCore

by

AddIdentityCore adds the services that are necessary for user-management actions, such as creating users, hashing passwords, etc. Here’s the relevant source:

public static IdentityBuilder AddIdentityCore<TUser>(this IServiceCollection services, Action<IdentityOptions> setupAction)
    where TUser : class
{
    // Services identity depends on
    services.AddOptions().AddLogging();

    // Services used by identity
    services.TryAddScoped<IUserValidator<TUser>, UserValidator<TUser>>();
    services.TryAddScoped<IPasswordValidator<TUser>, PasswordValidator<TUser>>();
    services.TryAddScoped<IPasswordHasher<TUser>, PasswordHasher<TUser>>();
    services.TryAddScoped<ILookupNormalizer, UpperInvariantLookupNormalizer>();
    
    // No interface for the error describer so we can add errors without rev'ing the interface
    services.TryAddScoped<IdentityErrorDescriber>();
    services.TryAddScoped<IUserClaimsPrincipalFactory<TUser>, UserClaimsPrincipalFactory<TUser>>();
    services.TryAddScoped<UserManager<TUser>>();

    ...
}

Essentially, this boils down to registering an instance of UserManager<TUser>, but first registers all of its dependencies. With these services registered, you can retrieve an instance of UserManager<TUser> from DI and create users, set passwords, change emails, etc.

AddIdentity registers the same services as AddIdentityCore, with a few extras:

  • Cookie-based authentication schemes for the application itself, external sign-in (e.g. Facebook and Google), and 2FA.
  • The SignInManager, which effectively sits on top of the UserManager as a sort of orchestrator. For example, PasswordSignInAsync uses UserManager to retrieve a user, verify the password (if set) and then takes care of cookie creation.
  • AddIdentity itself also takes a TRole and registers the services that are necessary for supporting Roles.

Here’s the AddIdentity source for completeness:

public static IdentityBuilder AddIdentity<TUser, TRole>(this IServiceCollection services, Action<IdentityOptions> setupAction)
    where TUser : class
    where TRole : class
{
    // Services used by identity
    services.AddAuthentication(options =>
    {
        options.DefaultAuthenticateScheme = IdentityConstants.ApplicationScheme;
        options.DefaultChallengeScheme = IdentityConstants.ApplicationScheme;
        options.DefaultSignInScheme = IdentityConstants.ExternalScheme;
    })
    .AddCookie(IdentityConstants.ApplicationScheme, o =>
    {
        o.LoginPath = new PathString("/Account/Login");
        o.Events = new CookieAuthenticationEvents
        {
            OnValidatePrincipal = SecurityStampValidator.ValidatePrincipalAsync
        };
    })
    .AddCookie(IdentityConstants.ExternalScheme, o =>
    {
        o.Cookie.Name = IdentityConstants.ExternalScheme;
        o.ExpireTimeSpan = TimeSpan.FromMinutes(5);
    })
    .AddCookie(IdentityConstants.TwoFactorRememberMeScheme, o =>
    {
        o.Cookie.Name = IdentityConstants.TwoFactorRememberMeScheme;
        o.Events = new CookieAuthenticationEvents
        {
            OnValidatePrincipal = SecurityStampValidator.ValidateAsync<ITwoFactorSecurityStampValidator>
        };
    })
    .AddCookie(IdentityConstants.TwoFactorUserIdScheme, o =>
    {
        o.Cookie.Name = IdentityConstants.TwoFactorUserIdScheme;
        o.ExpireTimeSpan = TimeSpan.FromMinutes(5);
    });

    // Hosting doesn't add IHttpContextAccessor by default
    services.AddHttpContextAccessor();
    
    // Identity services
    services.TryAddScoped<IUserValidator<TUser>, UserValidator<TUser>>();
    services.TryAddScoped<IPasswordValidator<TUser>, PasswordValidator<TUser>>();
    services.TryAddScoped<IPasswordHasher<TUser>, PasswordHasher<TUser>>();
    services.TryAddScoped<ILookupNormalizer, UpperInvariantLookupNormalizer>();
    services.TryAddScoped<IRoleValidator<TRole>, RoleValidator<TRole>>();
    // No interface for the error describer so we can add errors without rev'ing the interface
    services.TryAddScoped<IdentityErrorDescriber>();
    services.TryAddScoped<ISecurityStampValidator, SecurityStampValidator<TUser>>();
    services.TryAddScoped<ITwoFactorSecurityStampValidator, TwoFactorSecurityStampValidator<TUser>>();
    services.TryAddScoped<IUserClaimsPrincipalFactory<TUser>, UserClaimsPrincipalFactory<TUser, TRole>>();
    services.TryAddScoped<UserManager<TUser>>();
    services.TryAddScoped<SignInManager<TUser>>();
    services.TryAddScoped<RoleManager<TRole>>();

    ...
}

More Related Contents:

  1. How do I transform appsettings.json in a .NET Core MVC project?
  2. Smtp authentification required [duplicate]
  3. How to get the current user in ASP.NET MVC
  4. ASP.NET MVC Razor pass model to layout
  5. How should I inject a DbContext instance into an IHostedService?
  6. How can I test for the presence of an Action Filter with constructor arguments?
  7. Filter/Search using Multiple Fields – ASP.NET MVC
  8. Determine if uploaded file is image (any format) on MVC
  9. MVC/JQuery validation does not accept comma as decimal separator
  10. Visual Studio – Resx File default ‘internal’ to ‘public’
  11. ASP.NET MVC – How to show unauthorized error on login page?
  12. MVC 4 how pass data correctly from controller to view
  13. How to extend IdentityUser with custom property
  14. How can I use Dependency Injection in a .Net Core ActionFilterAttribute?
  15. How to know the selected checkboxes from within the HttpPost Create action method?
  16. How to implement Permission Based Access Control with Asp.Net Core
  17. How do I setup multiple auth schemes in ASP.NET Core 2.0?
  18. Create zip file from byte[]
  19. How to consume a Scoped service from a Singleton?
  20. Avoid or control circular references in Entity Framework Core
  21. Set database timeout in Entity Framework
  22. ASP.NET Core middleware vs filters
  23. The model item passed into the dictionary is of type ‘mvc.Models.ModelA’ but this dictionary requires a model item of type ‘mvc.Models.ModelB‘
  24. Multiple Authorization attributes on method
  25. Can I use ASP.NET MVC together with regular ASP.NET Web forms
  26. ASP.NET Web API and [Serializable] class
  27. Tag helper not being processed in ASP.NET Core 2
  28. An error occurred attempting to determine the process id of dotnet.exe which is hosting your application. One or more error occured
  29. HttpContext in .net standard library
  30. .net Core Quartz Dependency Injection

Leave a Comment