I have a couple of questions related to upgrading some .NET server-side code (WebAPI, .NET v4.5.2) to a newer version of the Auth0 .NET SDK. It is currently using a very old version of the Auth0 NuGet package 1.11.3, and it’s time to upgrade.
First of all, exactly what version can I update to if our client is not yet marked as OIDC conformant? If I’m reading it right, I think GitHub - auth0/auth0.net: .NET client for the Auth0 Authentication & Management APIs. states that we HAVE to stay with version 3, but I’m wondering if 4 will work too, even if we aren’t OIDC yet. Is the statement to stay with v3 a suggestion or a mandate? It’s often easier in Visual Studio to just upgrade to the latest NuGet packages instead of having to pick and choose and leave some behind.
Secondly, depending on the answer to the first question can anyone suggest how this bit of code would get rewritten using v3 or v4?
var client = new Auth0.Client(
clientID: Auth0ClientId,
clientSecret: Auth0ClientSecret,
domain: Auth0Domain);
var loginResult = client.LoginUser(emailAddress, password, ConnectionName);
var userInfo = client.GetUserInfo(loginResult);
var roles = userInfo.ExtraProperties"roles"] as string];
The classes have changed so much since the version we are using, and even between v3 and v4 so that it’s left me wondering the best way forward. This was my first attempt, but it won’t compile because there’s no ClientSecret in v3.
var client = new AuthenticationApiClient(new Uri(Auth0Domain));
var token = await client.AuthenticateAsync(new AuthenticationRequest
{
ClientId = Auth0ClientId,
ClientSecret = Auth0ClientSecret, <--- Error v3 no ClientSecret
Connection = ConnectionName,
Username = emailAddress,
Password = password,
Scope = "openid profile",
});
var user = await client.GetUserInfoAsync(token.AccessToken);
Thanks!