Reworked code around signing keys have key details much more isolated from the other parts of the program.

IdentityShroud.Api.Tests/Apis/RealmApisTests.cs

@@ -44,7 +44,9 @@ public class RealmApisTests : IClassFixture<ApplicationFactory>
         var client = _factory.CreateClient();
 
         Guid? inputId = id is null ? (Guid?)null : new Guid(id);
-        var response = await client.PostAsync("/realms", JsonContent.Create(new
+        
+        // act
+        var response = await client.PostAsync("/api/v1/realms", JsonContent.Create(new
             {
                 Id = inputId,
                 Slug = slug,
@@ -88,16 +90,21 @@ public class RealmApisTests : IClassFixture<ApplicationFactory>
 
         // act
         var client = _factory.CreateClient();
-        var response = await client.GetAsync("/realms/foo/.well-known/openid-configuration",
+        var response = await client.GetAsync("auth/realms/foo/.well-known/openid-configuration",
             TestContext.Current.CancellationToken);
 
         // verify
+#if DEBUG
+        string contents = await response.Content.ReadAsStringAsync(TestContext.Current.CancellationToken);
+#endif
+        Assert.Equal(HttpStatusCode.OK, response.StatusCode);        
+        
         var result = await response.Content.ReadFromJsonAsync<JsonObject>(TestContext.Current.CancellationToken);
         Assert.NotNull(result);
-        JsonObjectAssert.Equal("http://localhost/realms/foo/openid-connect/auth", result, "authorization_endpoint");
-        JsonObjectAssert.Equal("http://localhost/realms/foo", result, "issuer");
-        JsonObjectAssert.Equal("http://localhost/realms/foo/openid-connect/token", result, "token_endpoint");
-        JsonObjectAssert.Equal("http://localhost/realms/foo/openid-connect/jwks", result, "jwks_uri");
+        JsonObjectAssert.Equal("http://localhost/auth/realms/foo/openid-connect/auth", result, "authorization_endpoint");
+        JsonObjectAssert.Equal("http://localhost/auth/realms/foo", result, "issuer");
+        JsonObjectAssert.Equal("http://localhost/auth/realms/foo/openid-connect/token", result, "token_endpoint");
+        JsonObjectAssert.Equal("http://localhost/auth/realms/foo/openid-connect/jwks", result, "jwks_uri");
     }
 
     [Theory]
@@ -137,7 +144,7 @@ public class RealmApisTests : IClassFixture<ApplicationFactory>
         
         // act
         var client = _factory.CreateClient();
-        var response = await client.GetAsync("/realms/foo/openid-connect/jwks",
+        var response = await client.GetAsync("/auth/realms/foo/openid-connect/jwks",
             TestContext.Current.CancellationToken);
         
         Assert.Equal(HttpStatusCode.OK, response.StatusCode);

IdentityShroud.Api.Tests/Mappers/KeyMapperTests.cs

@@ -1,41 +1,17 @@
-using System.Security.Cryptography;
 using IdentityShroud.Api.Mappers;
 using IdentityShroud.Core.Contracts;
 using IdentityShroud.Core.Messages;
-using IdentityShroud.Core.Model;
 using IdentityShroud.TestUtils.Substitutes;
 using Microsoft.AspNetCore.WebUtilities;
 
 namespace IdentityShroud.Api.Tests.Mappers;
 
-public class KeyMapperTests
-{
-    private readonly IEncryptionService _encryptionService = EncryptionServiceSubstitute.CreatePassthrough();
-
-    [Fact]
-    public void Test()
-    {
-        // Setup
-        using RSA rsa = RSA.Create(2048);
-
-        RSAParameters parameters = rsa.ExportParameters(includePrivateParameters: false);
-        
-        RealmKey realmKey = new()
-        {
-            Id = new("60bb79cf-4bac-4521-87f2-ac87cc15541f"),
-            CreatedAt = DateTime.UtcNow,
-            Priority = 10,
-        };
-        realmKey.SetPrivateKey(_encryptionService, rsa.ExportPkcs8PrivateKey());
-
-        // Act
-        KeyMapper mapper = new(_encryptionService);
-        JsonWebKey jwk = mapper.KeyToJsonWebKey(realmKey);
-
-        Assert.Equal("RSA", jwk.KeyType);
-        Assert.Equal(realmKey.Id.ToString(), jwk.KeyId);
-        Assert.Equal("sig", jwk.Use);
-        Assert.Equal(parameters.Exponent, WebEncoders.Base64UrlDecode(jwk.Exponent));
-        Assert.Equal(parameters.Modulus, WebEncoders.Base64UrlDecode(jwk.Modulus));
-    }
-}
+// public class KeyMapperTests
+// {
+//     private readonly IEncryptionService _encryptionService = EncryptionServiceSubstitute.CreatePassthrough();
+//
+//     [Fact]
+//     public void Test()
+//     {
+//     }
+// }

IdentityShroud.Api.Tests/Mappers/KeyServiceTests.cs

@@ -0,0 +1,43 @@
+using System.Buffers.Text;
+using System.Security.Cryptography;
+using IdentityShroud.Core.Contracts;
+using IdentityShroud.Core.Model;
+using IdentityShroud.Core.Security.Keys;
+using IdentityShroud.Core.Services;
+using IdentityShroud.TestUtils.Substitutes;
+
+namespace IdentityShroud.Api.Tests.Mappers;
+
+public class KeyServiceTests
+{
+    private readonly IEncryptionService _encryptionService = EncryptionServiceSubstitute.CreatePassthrough();
+    //private readonly IKeyProviderFactory _keyProviderFactory = Substitute.For<IKeyProviderFactory>();
+
+    [Fact]
+    public void Test()
+    {
+        // Setup
+        using RSA rsa = RSA.Create(2048);
+
+        RSAParameters parameters = rsa.ExportParameters(includePrivateParameters: false);
+        
+        RealmKey realmKey = new(
+            new("60bb79cf-4bac-4521-87f2-ac87cc15541f"),
+            "RSA",
+            rsa.ExportPkcs8PrivateKey(),
+            DateTime.UtcNow)
+        {
+            Priority = 10,
+        };
+        
+        // Act
+        KeyService sut = new(_encryptionService, new KeyProviderFactory(), new ClockService());
+        var jwk = sut.CreateJsonWebKey(realmKey);
+
+        Assert.Equal("RSA", jwk.KeyType);
+        Assert.Equal(realmKey.Id.ToString(), jwk.KeyId);
+        Assert.Equal("sig", jwk.Use);
+        Assert.Equal(parameters.Exponent, Base64Url.DecodeFromChars(jwk.Exponent));
+        Assert.Equal(parameters.Modulus, Base64Url.DecodeFromChars(jwk.Modulus));
+    }
+}