IdentityServer3.Contrib.RedisStore 1.3.0

Additional Details

Identity Server 3 has reached end of life

dotnet add package IdentityServer3.Contrib.RedisStore --version 1.3.0
NuGet\Install-Package IdentityServer3.Contrib.RedisStore -Version 1.3.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="IdentityServer3.Contrib.RedisStore" Version="1.3.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add IdentityServer3.Contrib.RedisStore --version 1.3.0
#r "nuget: IdentityServer3.Contrib.RedisStore, 1.3.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install IdentityServer3.Contrib.RedisStore as a Cake Addin
#addin nuget:?package=IdentityServer3.Contrib.RedisStore&version=1.3.0

// Install IdentityServer3.Contrib.RedisStore as a Cake Tool
#tool nuget:?package=IdentityServer3.Contrib.RedisStore&version=1.3.0

IdentityServer3.Contrib.RedisStore

IdentityServer3.Contrib.RedisStore is a persistance layer using Redis DB for operational data of Identity Server 3. Specifically, this store provides implementation for AuthorizationCodeStore, RefreshTokenStore and TokenHandleStore.

How to use

You need to install the nuget package

then you can inject the stores in the Identity Server service Factory

like the following:

var factory = new IdentityServerServiceFactory();

...

factory.ConfigureOperationalRedisStoreServices(new ConfigurationOptions { /* ... */  });

Or:

var factory = new IdentityServerServiceFactory();

...

factory.ConfigureOperationalRedisStoreServices("--- redis store connection string goes here ---");

Note: you can add prefix to the keys stored in Redis Store by setting keyPrefix parameter to a value of your own choice on any of ConfigureOperationalRedisStoreServices overloads.

the solution approach

the solution was approached based on how the SQL Store storing the operational data, but the concept of Redis as a NoSQL db is totally different than relational db concepts, all the operational data stores implement the following ITransientDataRepository interface:

    public interface ITransientDataRepository<T>
        where T : ITokenMetadata
    {

        Task StoreAsync(string key, T value);

        Task<T> GetAsync(string key);

        Task RemoveAsync(string key);

        Task<IEnumerable<ITokenMetadata>> GetAllAsync(string subject);

        Task RevokeAsync(string subject, string client);
    }

and the ITokenMetadata defines the following contract:

    public interface ITokenMetadata
    {
        string SubjectId { get; }
        string ClientId { get; }
        IEnumerable<string> Scopes { get; }
    }

with the ITransientDataRepository contract, we notice that the GetAllAsync(subject) and RevokeAsync(subject,client) defines a contract to read based on subject id and revoke all the tokens in the store based on subject and client ids.

this brings trouble to Redis store since redis as a reliable dictionary is not designed for relational queries, so the trick is to store multiple entries for the same token, and can be reached using key, subject and client ids.

so the StoreAsync operation stores the following entries in Redis:

  1. Key(TokenType:Key) → Token: stored as key string value pairs, used to retrieve the Token based on the key, if the token exists or not expired.

  2. Key(TokenType:SubjectId) → Key* : stored in a redis Set, used on the GetAllAsync, to retrieve all the tokens related to a given subject id.

  3. Key(TokenType:SubjectId:ClientId) → Key* : stored in a redis set, used to retrieve all the keys that are related to a subject and client ids, to revoke them while calling RevokeAsync.

for more information on data structures used to store the token please refer to Redis data types documentation

since Redis has a key Expiration feature based on a defined date time or time span, and to not implement a logic similar to SQL store implementation for cleaning up the store periodically from dangling tokens, the store uses the key expiration of Redis while storing based on the following criteria:

  1. for Key(TokenType:Key) the expiration is straight forward, it's set on the StringSet Redis operation as defined by identity server on the token object.

  2. for Key(TokenType:SubjectId:ClientId) set the expiration also set as the lifetime of the token passed by the identity server, since the Client has unified lifetime for the token defined in the configuration.

  3. for Key(TokenType:SubjectId) Set, there is no expiration since the subject id is involved, so on GetAllAsync and RevokeAsync the Store is clearing the expired keys.

Feedback

feedbacks are always welcomed, please open an issue for any problem or bug found, and the suggestions are also welcomed.

Product Compatible and additional computed target framework versions.
.NET Framework net46 is compatible.  net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.3.0 38,384 9/9/2018
1.2.0 1,561 4/12/2018
1.1.4.1 1,016 2/15/2018
1.1.4 1,062 1/30/2018
1.1.3 1,297 12/2/2017
1.1.2.1 1,031 10/31/2017
1.1.1.2 1,308 9/5/2017
1.1.0-preview3 761 8/29/2017
1.1.0-preview2 807 8/28/2017
1.0.3-preview 775 8/21/2017
1.0.2 1,158 4/26/2017
1.0.1 1,179 4/8/2017
1.0.0 993 4/8/2017

RTM