Quartz Integration

Quartz .NET is an open-source job scheduling system that OpenIddict supports for cleaning up temporary data such as orphaned authorizations or tokens from the database. The Rock Solid Knowledge Saml component for OpenIddict uses a store to hold SamlMessages as they are too large to be passed around in the query string.

The component also uses a store to hold SAML artifact data. This data should be pruned to prevent slowdown. A quartz integration is available in the Rsk.Saml.OpenIddict.Quartz package.

Setting up the Quartz integration

In order to set up the Quartz integration you will need to do the following:

• Configure a Quartz job store to hold data for the SAML component.
• Potentially create (or point to) a database to store the Quartz data.
• Configure the integration within DI.

Configuring a quartz job store

Quarts by default uses a job store that stores all data in memory.

Whilst this will work for getting started, we do not recommend you use this for production workloads.

For production we recommend you use the AdoJobStore.

To learn how to set this up, please refer to the Quartz tutorial here.

Initializing a database for the Quartz AdoJobStore.

If you wish to use the AdoJobStore, you will need to run a database script to initialize the required tables.

The script you will need depends on the database provider you wish to use.

The below table provides links to the SQL scripts required for each provider.

Database	SQL script
SQL Server	https://github.com/quartznet/quartznet/blob/main/database/tables/tables_sqlServer.sql
Postgres	https://github.com/quartznet/quartznet/blob/main/database/tables/tables_postgres.sql
MySql	https://github.com/quartznet/quartznet/blob/main/database/tables/tables_mysql_innodb.sql
Sqlite	https://github.com/quartznet/quartznet/blob/main/database/tables/tables_sqlite.sql

Configure the integration within DI.

Once you have a job store set up, you will need to configure the integration within DI. This involves making several calls within ConfigureServices.

Before calling AddSamlPlugin, you need to call both the AddQuartz and AddQuartzHostedService methods.

Pruning old SAML messages and artifact data

After calling AddSamlPlugin, you can then call either PruneSamlMessages or PruneSamlArtifacts on the OpenIddictSamlBuilder.

Three overloads of each method exist. The first will prune messages or artifacts older than 14 days and will run the quartz job every hour.

The second allows you to enable or disable either the SAML message or SAML artifacts removal jobs by setting either the EnableSamlMessageRemoval or EnableSamlArtifactRemoval property of either the SamlOpenIddictMessageRemoverOptions or SamlOpenIddictArtifactDataRemoverOptions to false as well as configuring the MaximumRefireCount (the default is two) and the MinimumSamlMessageLifespan and MinimumSamlArtifactLifespan which both have a default of 14 days.

The final overload returns an OpenIddictSamlQuartzBuilder allowing you to configure the same options as above but in a fluent manner.