Add tests and fixes to .well-known/openid-configuration and create realm

IdentityShroud.Core.Tests/Model/KeyTests.cs

@@ -0,0 +1,51 @@
+using IdentityShroud.Core.Contracts;
+using IdentityShroud.Core.Model;
+
+namespace IdentityShroud.Core.Tests.Model;
+
+public class KeyTests
+{
+    [Fact]
+    public void SetNewKey()
+    {
+        byte[] privateKey = [5, 6, 7, 8];
+        byte[] encryptedPrivateKey = [1, 2, 3, 4];
+        
+        var encryptionService = Substitute.For<IEncryptionService>();
+        encryptionService
+            .Encrypt(Arg.Any<byte[]>())
+            .Returns(x => encryptedPrivateKey); 
+        
+        Key key = new();
+        key.SetPrivateKey(encryptionService, privateKey);
+
+        // should be able to return original without calling decrypt
+        Assert.Equal(privateKey, key.GetPrivateKey(encryptionService));
+        Assert.Equal(encryptedPrivateKey, key.PrivateKeyEncrypted);
+
+        encryptionService.Received(1).Encrypt(privateKey);
+        encryptionService.DidNotReceive().Decrypt(Arg.Any<byte[]>());
+    }
+    
+    [Fact]
+    public void GetDecryptedKey()
+    {
+        byte[] privateKey = [5, 6, 7, 8];
+        byte[] encryptedPrivateKey = [1, 2, 3, 4];
+        
+        var encryptionService = Substitute.For<IEncryptionService>();
+        encryptionService
+            .Decrypt(encryptedPrivateKey)
+            .Returns(x => privateKey); 
+        
+        Key key = new();
+        key.PrivateKeyEncrypted = encryptedPrivateKey;
+
+        // should be able to return original without calling decrypt
+        Assert.Equal(privateKey, key.GetPrivateKey(encryptionService));
+        Assert.Equal(encryptedPrivateKey, key.PrivateKeyEncrypted);
+
+        encryptionService.Received(1).Decrypt(encryptedPrivateKey);
+    }
+    
+}