SSW Foursquare

Do you know how to migrate OWIN to ASP.NET Core?

Last updated by Brook Jeynes [SSW] 5 months ago.See history

OWIN is the Open Web Interface for .NET, which was intended to provide a standard interface between .NET web servers and web applications for ASP.NET. It provided the ability to chain middleware together to form pipelines and to register modules.

The Katana libraries provided a flexible set of popular components for OWIN-based web applications. These components were supplied through packages prefixed with Microsoft.Owin.

Middleware and module registering functionality are now core features of ASP.NET Core. Microsoft provides adapters to and from the OWIN interface for ASP.NET that can be used to gradually migrate custom OWIN components. By contrast, ASP.NET Core has native ports for Katana components.

CORS functionality

CORS functionality was enabled in OWIN with the UseCors(...) extension method. For ASP.NET Core, it is provided by the UseCors(...) extension method in the Microsoft.AspNet.Cors package.

public void Configuration(Owin.IAppBuilder app) {
    // ... other logic ...
    app.UseCors(getCorsOption());
    // ... other logic ...
}

private static CorsOptions BuildCorsOptions() {
    var corsPolicy = new CorsPolicy
    {
        AllowAnyMethod = true,
        AllowAnyHeader = true,
        SupportsCredentials = true
    };
    corsPolicy.Origins.Add("https://staging.northwind.com");
    return new CorsOptions 
    {
        PolicyProvider = new CorsPolicyProvider
        {
            PolicyResolver = context => Task.FromResult(corsPolicy)
        }
    };
}

Figure: Basic OWIN CORS example.

var builder = WebApplication.CreateBuilder(args);
var app = builder.Build();

app.UseCors(corsPolicyBuilder => {
    corsPolicyBuilder.AllowAnyMethod()
                     .AllowAnyHeader()
                     .AllowCredentials()
                     .WithOrigins(new string[] { "https://staging.northwind.com" });
})

Figure: Basic OWIN CORS example ported to ASP.NET Core.

Third-Party Authentication

A common use for OWIN was to provide access to third-party authentication sources. AspNet.Security.OAuth.Providers is a collection of security middleware that works natively in ASP.NET Core to support authentication sources such as GitHub and Azure DevOps. The full list of providers is published here, and the details of the migration differ from provider to provider.

Nick Curran
.NET 8 Migrations
We open source. Powered by GitHub