add demo client, simplify setup

Author: leastprivilege

clients/ConsoleClientWithBrowserAndDPoP/Program.cs

@@ -6,20 +6,17 @@
 using System.Text.Json;
 using System.Threading.Tasks;
 using Serilog.Sinks.SystemConsole.Themes;
-using Microsoft.IdentityModel.Tokens;
-using IdentityModel;
-using System.Security.Cryptography;
 using IdentityModel.DPoP;
 
 namespace ConsoleClientWithBrowserAndDPoP
 {
     public class Program
     {
-        //static string _api = "https://demo.duendesoftware.com/api/dpop/test";
-        static string _api = "https://localhost:5002/api/dpop/test";
+        static string _api = "https://demo.duendesoftware.com/api/dpop/test";
+        //static string _api = "https://localhost:5002/api/dpop/test";
 
-        //static string authority = "https://demo.duendesoftware.com";
-        static string authority = "https://localhost:5001";
+        static string authority = "https://demo.duendesoftware.com";
+        //static string authority = "https://localhost:5001";
 
         static OidcClient _oidcClient;
         static HttpClient _apiClient = new HttpClient { BaseAddress = new Uri(_api) };
@@ -43,27 +40,19 @@ private static async Task SignIn()
             var browser = new SystemBrowser();
             string redirectUri = string.Format($"http://127.0.0.1:{browser.Port}");
 
-            var key = new RsaSecurityKey(RSA.Create(2048))
-            {
-                KeyId = CryptoRandom.CreateUniqueId(16, CryptoRandom.OutputFormat.Hex)
-            };
-            var jwk = JsonWebKeyConverter.ConvertFromRSASecurityKey(key);
-            jwk.Alg = "RS256";
-            var jwkJson = JsonSerializer.Serialize(jwk);
-            var tokenDpopHandler = new ProofTokenMessageHandler(jwkJson, new SocketsHttpHandler());
-            var apiDpopHandler = new ProofTokenMessageHandler(jwkJson, new SocketsHttpHandler());
+            var proofKey = JsonWebKeys.CreateRsaJson();
+            var tokenDpopHandler = new ProofTokenMessageHandler(proofKey, new SocketsHttpHandler());
+            var apiDpopHandler = new ProofTokenMessageHandler(proofKey, new SocketsHttpHandler());
 
             var options = new OidcClientOptions
             {
                 Authority = authority,
-                //ClientId = "interactive.public.short",
-                ClientId = "dpop.native",
+                ClientId = "native.dpop",
                 RedirectUri = redirectUri,
                 Scope = "openid profile api offline_access",
                 FilterClaims = false,
-
                 Browser = browser,
-                IdentityTokenValidator = new JwtHandlerIdentityTokenValidator(),
+                
                 BackchannelHandler = tokenDpopHandler,
                 RefreshTokenInnerHttpHandler = apiDpopHandler
             };

clients/ConsoleClientWithBrowserAndDPoP/SystemBrowser.cs

@@ -4,11 +4,9 @@
 using Microsoft.AspNetCore.Http;
 using System;
 using System.Diagnostics;
-using System.IO;
 using System.Net;
 using System.Net.Sockets;
 using System.Runtime.InteropServices;
-using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
 

src/DPoP/JsonWebKeys.cs

@@ -3,6 +3,7 @@
 
 using System;
 using System.Security.Cryptography;
+using System.Text.Json;
 using Microsoft.IdentityModel.Tokens;
 
 namespace IdentityModel.DPoP;
@@ -25,6 +26,14 @@ public static JsonWebKey CreateRsa(string algorithm = OidcConstants.Algorithms.A
         return jwk;
     }
 
+    /// <summary>
+    /// Creates a new RSA JWK string.
+    /// </summary>
+    public static string CreateRsaJson(string algorithm = OidcConstants.Algorithms.Asymmetric.PS256)
+    {
+        return JsonSerializer.Serialize(CreateRsa(algorithm));
+    }
+    
     /// <summary>
     /// Creates a new ECDSA JWK.
     /// </summary>
@@ -39,6 +48,14 @@ public static JsonWebKey CreateECDsa(string algorithm = OidcConstants.Algorithms
         return jwk;
     }
 
+    /// <summary>
+    /// Creates a new ECDSA JWK string.
+    /// </summary>
+    public static string CreateECDsaJson(string algorithm = OidcConstants.Algorithms.Asymmetric.ES256)
+    {
+        return JsonSerializer.Serialize(CreateECDsa(algorithm));
+    }
+    
     internal static string GetCurveNameFromSigningAlgorithm(string alg)
     {
         return alg switch