diff --git a/FOSS/content/AccessTokenManagement/Advanced/DPoP.md b/FOSS/content/AccessTokenManagement/Advanced/DPoP.md index f4f6f690..c7fd5d98 100644 --- a/FOSS/content/AccessTokenManagement/Advanced/DPoP.md +++ b/FOSS/content/AccessTokenManagement/Advanced/DPoP.md @@ -1,5 +1,5 @@ +++ -title = "DPop" +title = "DPoP" weight = 40 chapter = false +++ diff --git a/FOSS/content/AccessTokenManagement/Advanced/_index.md b/FOSS/content/AccessTokenManagement/Advanced/_index.md index b3ffee61..5255b4d9 100644 --- a/FOSS/content/AccessTokenManagement/Advanced/_index.md +++ b/FOSS/content/AccessTokenManagement/Advanced/_index.md @@ -6,3 +6,7 @@ chapter = true Advanced ======== + +The following topics are available in this advanced section: + +{{%children style="h4" /%}} \ No newline at end of file diff --git a/FOSS/content/AccessTokenManagement/_index.md b/FOSS/content/AccessTokenManagement/_index.md index 1ea199ff..4f2f30a7 100644 --- a/FOSS/content/AccessTokenManagement/_index.md +++ b/FOSS/content/AccessTokenManagement/_index.md @@ -4,7 +4,7 @@ weight = 10 chapter = true +++ -AccessTokenManagement +Duende.AccessTokenManagement ======== This library provides automatic access token management features for .NET worker and ASP.NET Core web applications: @@ -13,3 +13,6 @@ This library provides automatic access token management features for .NET worker * automatic access token lifetime management using a refresh token for API calls on-behalf of the currently logged-in user * revocation of access tokens +The following tutorials are available: + +{{%children style="h4" /%}} diff --git a/FOSS/content/IdentityModel.OidcClient/_index.md b/FOSS/content/IdentityModel.OidcClient/_index.md index 4212f238..25ec6e24 100644 --- a/FOSS/content/IdentityModel.OidcClient/_index.md +++ b/FOSS/content/IdentityModel.OidcClient/_index.md @@ -20,4 +20,8 @@ Framework 4.6.2 or later. You can use OidcClient to build: - Android and iPhone apps with .NET MAUI - Windows Desktop Applications with WPF or WinForms -- Cross Platform Console Applications +- Cross Platform Console Applications + +Please refer to the following sections for details on how to use this library: + +{{%children style="h4" /%}} diff --git a/FOSS/content/IdentityModel/_index.md b/FOSS/content/IdentityModel/_index.md index 18608cdc..571d9ba0 100644 --- a/FOSS/content/IdentityModel/_index.md +++ b/FOSS/content/IdentityModel/_index.md @@ -4,5 +4,16 @@ weight = 20 chapter = true +++ -IdentityModel +Duende.IdentityModel ======== + +The Duende.IdentityModel package is the base library for OIDC and OAuth 2.0 related protocol +operations. It provides an object model to interact with the endpoints defined in the +various OAuth and OpenId Connect specifications in the form of types to represent the +requests and responses, extension methods to invoke requests constants defined in the +specifications, such as standard scope, claim, and parameter names, and other convenience +methods for performing common identity related operations. + +Duende.IdentityModel targets .NET Standard 2.0, making it suitable for .NET and .NET Framework. + +{{%children style="h4" /%}} \ No newline at end of file diff --git a/FOSS/content/IdentityModel/endpoints/_index.md b/FOSS/content/IdentityModel/endpoints/_index.md index f0bf694c..313e50cf 100644 --- a/FOSS/content/IdentityModel/endpoints/_index.md +++ b/FOSS/content/IdentityModel/endpoints/_index.md @@ -1,100 +1,10 @@ +++ -title = "Calling Protocol Endpoints" +title = "Endpoints" weight = 10 chapter = true +++ -Calling Protocol Endpoints -======== +Endpoints +======= -IdentityModel contains client libraries for many interactions with -endpoints defined in OpenID Connect and OAuth 2.0. All of these -libraries have a common design, let\'s examine the various layers using -the client for the token endpoint. - -Request and response objects ----------------------------- - -All protocol request are modelled as request objects and have a common -base class called *ProtocolRequest* which has properties to set the -endpoint address, client ID, client secret, client assertion, and the -details of how client secrets are transmitted (e.g. authorization header -vs POST body). *ProtocolRequest* derives from *HttpRequestMessage* and -thus also allows setting custom headers etc. - -The following code snippet creates a request for a client credentials -grant type: - -```cs -var request = new ClientCredentialsTokenRequest -{ - Address = "https://demo.identityserver.io/connect/token", - ClientId = "client", - ClientSecret = "secret" -}; -``` - -While in theory you could now call *Prepare* (which internally sets the -headers, body and address) and send the request via a plain -*HttpClient*, typically there are more parameters with special semantics -and encoding required. That\'s why we provide extension methods to do -the low level work. - -Equally, a protocol response has a corresponding *ProtocolResponse* -implementation that parses the status codes and response content. The -following code snippet would parse the raw HTTP response from a token -endpoint and turn it into a *TokenResponse* object: - -```cs -var tokenResponse = await ProtocolResponse - .FromHttpResponseAsync(httpResponse); -``` - -Again these steps are automated using the extension methods. So let\'s -have a look at an example next. - -Extension methods ------------------ - -For each protocol interaction, an extension method for -*HttpMessageInvoker* (that's the base class of *HttpClient*) exists. -The extension methods expect a request object and return a response -object. - -It is your responsibility to setup and manage the lifetime of the -*HttpClient*, e.g. manually: - -```cs -var client = new HttpClient(); - -var response = await client.RequestClientCredentialsTokenAsync( - new ClientCredentialsTokenRequest - { - Address = "https://demo.identityserver.io/connect/token", - ClientId = "client", - ClientSecret = "secret" - }); -``` - -You might want to use other techniques to obtain an *HttpClient*, e.g. -via the HTTP client factory: - -```cs -var client = HttpClientFactory.CreateClient("my_named_token_client"); - -var response = await client.RequestClientCredentialsTokenAsync( - new ClientCredentialsTokenRequest - { - Address = "https://demo.identityserver.io/connect/token", - ClientId = "client", - ClientSecret = "secret" - }); -``` - -All other endpoint client follow the same design. - -{{% notice note %}} -Some client libraries also include a stateful client object (e.g. -*TokenClient* and *IntrospectionClient*). See the corresponding section -to find out more. -{{% /notice %}} +{{%children style="h4" /%}} \ No newline at end of file diff --git a/FOSS/content/IdentityModel/endpoints/general_usage.md b/FOSS/content/IdentityModel/endpoints/general_usage.md new file mode 100644 index 00000000..0c792dbf --- /dev/null +++ b/FOSS/content/IdentityModel/endpoints/general_usage.md @@ -0,0 +1,99 @@ ++++ +title = "General Usage" +weight = 10 ++++ + +General Usage +======== + +IdentityModel contains client libraries for many interactions with +endpoints defined in OpenID Connect and OAuth 2.0. All of these +libraries have a common design, let\'s examine the various layers using +the client for the token endpoint. + +Request and response objects +---------------------------- + +All protocol request are modelled as request objects and have a common +base class called *ProtocolRequest* which has properties to set the +endpoint address, client ID, client secret, client assertion, and the +details of how client secrets are transmitted (e.g. authorization header +vs POST body). *ProtocolRequest* derives from *HttpRequestMessage* and +thus also allows setting custom headers etc. + +The following code snippet creates a request for a client credentials +grant type: + +```cs +var request = new ClientCredentialsTokenRequest +{ + Address = "https://demo.identityserver.io/connect/token", + ClientId = "client", + ClientSecret = "secret" +}; +``` + +While in theory you could now call *Prepare* (which internally sets the +headers, body and address) and send the request via a plain +*HttpClient*, typically there are more parameters with special semantics +and encoding required. That\'s why we provide extension methods to do +the low level work. + +Equally, a protocol response has a corresponding *ProtocolResponse* +implementation that parses the status codes and response content. The +following code snippet would parse the raw HTTP response from a token +endpoint and turn it into a *TokenResponse* object: + +```cs +var tokenResponse = await ProtocolResponse + .FromHttpResponseAsync(httpResponse); +``` + +Again these steps are automated using the extension methods. So let\'s +have a look at an example next. + +Extension methods +----------------- + +For each protocol interaction, an extension method for +*HttpMessageInvoker* (that's the base class of *HttpClient*) exists. +The extension methods expect a request object and return a response +object. + +It is your responsibility to setup and manage the lifetime of the +*HttpClient*, e.g. manually: + +```cs +var client = new HttpClient(); + +var response = await client.RequestClientCredentialsTokenAsync( + new ClientCredentialsTokenRequest + { + Address = "https://demo.identityserver.io/connect/token", + ClientId = "client", + ClientSecret = "secret" + }); +``` + +You might want to use other techniques to obtain an *HttpClient*, e.g. +via the HTTP client factory: + +```cs +var client = HttpClientFactory.CreateClient("my_named_token_client"); + +var response = await client.RequestClientCredentialsTokenAsync( + new ClientCredentialsTokenRequest + { + Address = "https://demo.identityserver.io/connect/token", + ClientId = "client", + ClientSecret = "secret" + }); +``` + +All other endpoint client follow the same design. + +{{% notice note %}} +Some client libraries also include a stateful client object (e.g. +*TokenClient* and *IntrospectionClient*). See the corresponding section +to find out more. +{{% /notice %}} diff --git a/FOSS/content/_index.md b/FOSS/content/_index.md index 81c49dbf..dafcc0c7 100644 --- a/FOSS/content/_index.md +++ b/FOSS/content/_index.md @@ -31,7 +31,7 @@ Duende.IdentityModel targets .NET Standard 2.0, making it suitable for .NET and ## [Duende.IdentityModel.OidcClient]({{< ref "IdentityModel.OidcClient" >}}) -Duende.IdentityModel.OidcClient is an OpenID Connect (OIDC) client library for native +Duende.IdentityModel.OidcClient is an OpenID Connect (OIDC) client library for mobile and native applications in .NET. It is a certified OIDC relying party and implements [RFC 8252](https://datatracker.ietf.org/doc/html/rfc8252/), "OAuth 2.0 for native Applications". It provides types that describe OIDC requests and responses, low level