CODEWITHSUNDEEP
authenticationasp.net-core
Jerreck
Jerreck

Reputation: 3010

What is the difference between AddAuthentication and AddAuthenticationCore?

Looking at the code for AuthenticationServiceCollectionExtensions.AddAuthentication() vs AuthenticationCoreServiceCollectionExtensions.AddAuthenticationCore(), it looks like AddAuthentication implicitly calls AddAuthenticationCore, adds some other goodies, and then returns a new instance of AuthenticationBuilder instead of just returning IServiceCollection.

Am I understanding the code correctly? If so, are there generally any reasons to call AddAuthenticationCore instead of AddAuthentication outside of writing your own extension?

Upvotes: 18

Views: 9458

Answers (2)

Rocklan
Rocklan

Reputation: 8130

Actually there is a reason. Currently AddAuthentication() also adds data protection services, which you may not need - for example if you are writing your own Authentication Scheme. So instead you can do this:

services.AddAuthenticationCore(o => {
    o.DefaultScheme = "My Custom Scheme";
});
services.AddWebEncoders();
services.AddSingleton<ISystemClock, SystemClock>();
var authBuilder = new AuthenticationBuilder(services);

however I fully expect this to break in future versions of asp.net core as it's undocumented and a bit of a hack.

Upvotes: 3

M&#233;toule
M&#233;toule

Reputation: 14472

It seems to be a typical pattern in ASP.NET Core: the Add[xxx]Core methods add the bare minimum to enable a feature, but without any bells and whistles. It's also probably used to make unit testing the core features easier.

You can make a parallel with the AddMvc vs AddMvcCore methods. There's a question that asks Should I use AddMvc or AddMvcCore for ASP.NET Core MVC development?, and the gist is that it allows for fine-grained control on what middleware you want to use.

To answer your question: for a typical user, there's probably no reason to use AddAuthenticationCore.

Upvotes: 10

Related Questions