Reworked code around signing keys have key details much more isolated from the other parts of the program.

IdentityShroud.Core/Contracts/IClientService.cs

@@ -6,7 +6,7 @@ namespace IdentityShroud.Core.Contracts;
 
 public class ClientCreateRequest
 {
-    public string ClientId { get; set; }
+    public required string ClientId { get; set; }
     public string? Name { get; set; }
     public string? Description { get; set; }
     public string? SignatureAlgorithm { get; set; }
@@ -22,4 +22,5 @@ public interface IClientService
         CancellationToken ct = default);
 
     Task<Client?> GetByClientId(string clientId, CancellationToken ct = default);
+    Task<Client?> FindById(int id, CancellationToken ct = default);
 }

IdentityShroud.Core/Contracts/IEncryptionService.cs

@@ -3,5 +3,5 @@ namespace IdentityShroud.Core.Contracts;
 public interface IEncryptionService
 {
     byte[] Encrypt(byte[] plain);
-    byte[] Decrypt(byte[] cipher);
+    byte[] Decrypt(ReadOnlyMemory<byte> cipher);
 }

IdentityShroud.Core/Contracts/IKeyProvisioningService.cs

@@ -1,8 +0,0 @@
-using IdentityShroud.Core.Model;
-
-namespace IdentityShroud.Core.Contracts;
-
-public interface IKeyProvisioningService
-{
-    RealmKey CreateRsaKey(int keySize = 2048);
-}

IdentityShroud.Core/Contracts/IKeyService.cs

@@ -0,0 +1,12 @@
+using IdentityShroud.Core.Messages;
+using IdentityShroud.Core.Model;
+using IdentityShroud.Core.Security.Keys;
+
+namespace IdentityShroud.Core.Contracts;
+
+public interface IKeyService
+{
+    RealmKey CreateKey(KeyPolicy policy);
+
+    JsonWebKey? CreateJsonWebKey(RealmKey realmKey);
+}

IdentityShroud.Core/Contracts/IRealmService.cs

@@ -6,6 +6,7 @@ namespace IdentityShroud.Core.Contracts;
 
 public interface IRealmService
 {
+    Task<Realm?> FindById(Guid id, CancellationToken ct = default);
     Task<Realm?> FindBySlug(string slug, CancellationToken ct = default);
         
     Task<Result<RealmCreateResponse>> Create(RealmCreateRequest request, CancellationToken ct = default);