eelke
650fe99990
Encrypt realm data with dek which is encrypted with kek. The signing keys are also encrypted with the kek.
2026-02-26 19:46:14 +01:00
eelke
644b005f2a
Support rotation of master key.
...
The EncryptionService now loads a set of keys and uses the active one to encrypt and selects key based on keyid during decryption. Introduced EncryptedValue to hold keyId and encrypted data.
(There are no intermeddiate keys yet)
2026-02-24 06:32:58 +01:00
eelke
e0f6f3f8a9
Cleanup
2026-02-22 09:28:05 +01:00
eelke
3d73a9914c
Tests voor client api and service
2026-02-22 09:27:57 +01:00
eelke
0c6f227049
Reworked code around signing keys have key details much more isolated from the other parts of the program.
2026-02-21 20:15:46 +01:00
eelke
eb872a4f44
WIP making ClientCreate endpoint
2026-02-20 17:35:38 +01:00
eelke
138f335af0
Within the openid spec there is no need to return data at realms/name. Removed placeholders.
2026-02-15 19:34:17 +01:00
eelke
3e5ce9d81d
EncryptionService should be using ISecretProvider
...
Remove Async from method that was not Async
2026-02-15 19:18:02 +01:00
eelke
ccb06b260c
Implement jwks endpoint and add test for it.
...
This also let to some improvements/cleanups of the other tests and fixtures.
2026-02-15 19:06:09 +01:00
eelke
ed52e2f789
Fixes some warnings.
2026-02-14 14:55:22 +01:00
eelke
d440979451
Add tests and fixes to .well-known/openid-configuration and create realm
2026-02-14 14:50:06 +01:00
eelke
ddbb1f42d7
Add validation to RealmCreate
2026-02-08 18:00:24 +01:00
eelke
92b34bd0b5
Happy flow for creating realms works
...
But needs more validating...
2026-02-08 11:57:57 +01:00
eelke
f99c97f392
Miscelanious trials
2026-02-06 19:58:01 +01:00
