Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/damienbod/dpop-aspnetcore-idp

ASP.NET Core OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)
https://github.com/damienbod/dpop-aspnetcore-idp

aspnetcore dotnet dpop duende identity oauth oidc

Last synced: 3 months ago
JSON representation

ASP.NET Core OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)

Host: GitHub
URL: https://github.com/damienbod/dpop-aspnetcore-idp
Owner: damienbod
License: mit
Created: 2023-08-06T05:56:05.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-10-25T09:27:20.000Z (3 months ago)
Last Synced: 2024-10-25T11:51:21.995Z (3 months ago)
Topics: aspnetcore, dotnet, dpop, duende, identity, oauth, oidc
Language: C#
Homepage:
Size: 1.49 MB
Stars: 3
Watchers: 2
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# ASP.NET Core OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)

[![.NET](https://github.com/damienbod/DPOP-aspnetcore-idp/actions/workflows/dotnet.yml/badge.svg)](https://github.com/damienbod/DPOP-aspnetcore-idp/actions/workflows/dotnet.yml)

[Securing APIs using ASP.NET Core and OAuth 2.0 DPoP](https://damienbod.com/2023/08/14/securing-apis-using-asp-net-core-and-oauth-2-0-dpop/)

![setup](https://github.com/damienbod/DPOP-aspnetcore-idp/blob/main/images/dpop_aspnetcore_02.png)

### Debugging

- Identity provider/STS: https://localhost:5001
- API https://localhost:5005
- UI https://localhost:5007

## History

- 2024-11-01 Updated packages
- 2024-10-25 Improved security headers
- 2024-10-24 Updated packages, improved security headers
- 2024-06-22 Updated packages
- 2024-03-24 Updated packages
- 2024-01-28 Updated packages
- 2024-01-05 Updated packages
- 2023-11-17 Updated .NET 8
- 2023-11-03 Updated packages, fixed security headers
- 2023-10-10 Updated packages
- 2023-08-28 Updated packages

## Links

[OAuth 2.0 Demonstrating Proof of Possession DPoP](https://datatracker.ietf.org/doc/html/rfc9449)

https://github.com/DuendeSoftware

https://github.com/DuendeSoftware/Samples/tree/main/IdentityServer/v6/DPoP

https://github.com/DuendeSoftware/IdentityServer.Templates

https://docs.duendesoftware.com/identityserver/v6/tokens/pop/dpop/

https://developer.okta.com/docs/guides/dpop/main/#build-the-request

https://darutk.medium.com/illustrated-dpop-oauth-access-token-security-enhancement-801680d761ff

https://learn.microsoft.com/en-us/entra/msal/dotnet/advanced/proof-of-possession-tokens