diff --git a/IdentityServer/v7/BFF/DPoP/.vscode/launch.json b/IdentityServer/v7/BFF/DPoP/.vscode/launch.json
index 71e82bc5..66034807 100644
--- a/IdentityServer/v7/BFF/DPoP/.vscode/launch.json
+++ b/IdentityServer/v7/BFF/DPoP/.vscode/launch.json
@@ -17,7 +17,7 @@
"type": "coreclr",
"request": "launch",
"preLaunchTask": "build-api",
- "program": "${workspaceFolder}/DPoP.Api/bin/Debug/net6.0/DPoP.Api.dll",
+ "program": "${workspaceFolder}/DPoP.Api/bin/Debug/net8.0/DPoP.Api.dll",
"args": [],
"cwd": "${workspaceFolder}/DPoP.Api",
"env": {
@@ -30,7 +30,7 @@
"type": "coreclr",
"request": "launch",
"preLaunchTask": "build-bff",
- "program": "${workspaceFolder}/DPoP.Bff/bin/Debug/net6.0/DPoP.Bff.dll",
+ "program": "${workspaceFolder}/DPoP.Bff/bin/Debug/net8.0/DPoP.Bff.dll",
"args": [],
"cwd": "${workspaceFolder}/DPoP.Bff",
"env": {
diff --git a/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP.Api.csproj b/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP.Api.csproj
index 32a23fe2..55f79f8e 100644
--- a/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP.Api.csproj
+++ b/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP.Api.csproj
@@ -1,12 +1,12 @@
- net6.0
+ net8.0
-
-
-
+
+
+
diff --git a/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP/DPoPJwtBearerEvents.cs b/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP/DPoPJwtBearerEvents.cs
index 2b71a68b..3cec1290 100644
--- a/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP/DPoPJwtBearerEvents.cs
+++ b/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP/DPoPJwtBearerEvents.cs
@@ -1,5 +1,6 @@
using IdentityModel;
using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Options;
using Microsoft.Net.Http.Headers;
using System.Text;
@@ -130,7 +131,7 @@ public override Task Challenge(JwtBearerChallengeContext context)
}
}
- context.Response.Headers.Add(HeaderNames.WWWAuthenticate, sb.ToString());
+ context.Response.Headers.Append(HeaderNames.WWWAuthenticate, sb.ToString());
if (context.HttpContext.Items.ContainsKey("DPoP-Nonce"))
diff --git a/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP/DPoPProofValidator.cs b/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP/DPoPProofValidator.cs
index effb21e8..0d36ed3e 100644
--- a/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP/DPoPProofValidator.cs
+++ b/IdentityServer/v7/BFF/DPoP/DPoP.Api/DPoP/DPoPProofValidator.cs
@@ -130,7 +130,7 @@ protected virtual Task ValidateHeaderAsync(DPoPProofValidatonContext context, DP
return Task.CompletedTask;
}
- if (!token.TryGetHeaderValue>(JwtClaimTypes.JsonWebKey, out var jwkValues))
+ if (!token.TryGetHeaderValue(JwtClaimTypes.JsonWebKey, out var jwkValues))
{
result.IsError = true;
result.ErrorDescription = "Invalid 'jwk' value.";
@@ -169,7 +169,7 @@ protected virtual Task ValidateHeaderAsync(DPoPProofValidatonContext context, DP
///
/// Validates the signature.
///
- protected virtual Task ValidateSignatureAsync(DPoPProofValidatonContext context, DPoPProofValidatonResult result)
+ protected virtual async Task ValidateSignatureAsync(DPoPProofValidatonContext context, DPoPProofValidatonResult result)
{
TokenValidationResult tokenValidationResult;
@@ -185,14 +185,14 @@ protected virtual Task ValidateSignatureAsync(DPoPProofValidatonContext context,
};
var handler = new JsonWebTokenHandler();
- tokenValidationResult = handler.ValidateToken(context.ProofToken, tvp);
+ tokenValidationResult = await handler.ValidateTokenAsync(context.ProofToken, tvp);
}
catch (Exception ex)
{
Logger.LogDebug("Error parsing DPoP token: {error}", ex.Message);
result.IsError = true;
result.ErrorDescription = "Invalid signature on DPoP token.";
- return Task.CompletedTask;
+ return;
}
if (tokenValidationResult.Exception != null)
@@ -200,12 +200,10 @@ protected virtual Task ValidateSignatureAsync(DPoPProofValidatonContext context,
Logger.LogDebug("Error parsing DPoP token: {error}", tokenValidationResult.Exception.Message);
result.IsError = true;
result.ErrorDescription = "Invalid signature on DPoP token.";
- return Task.CompletedTask;
+ return;
}
result.Payload = tokenValidationResult.Claims;
-
- return Task.CompletedTask;
}
///
diff --git a/IdentityServer/v7/BFF/DPoP/DPoP.Bff/DPoP.Bff.csproj b/IdentityServer/v7/BFF/DPoP/DPoP.Bff/DPoP.Bff.csproj
index 325eed12..a25aa7d5 100644
--- a/IdentityServer/v7/BFF/DPoP/DPoP.Bff/DPoP.Bff.csproj
+++ b/IdentityServer/v7/BFF/DPoP/DPoP.Bff/DPoP.Bff.csproj
@@ -1,14 +1,14 @@
- net6.0
+ net8.0
Host6
enable
-
-
-
+
+
+
diff --git a/IdentityServer/v7/BFF/DPoP/DPoP.Bff/Startup.cs b/IdentityServer/v7/BFF/DPoP/DPoP.Bff/Startup.cs
index 03e81659..595c2fc0 100644
--- a/IdentityServer/v7/BFF/DPoP/DPoP.Bff/Startup.cs
+++ b/IdentityServer/v7/BFF/DPoP/DPoP.Bff/Startup.cs
@@ -91,8 +91,8 @@ public void ConfigureServices(IServiceCollection services)
var jwk = JsonSerializer.Serialize(jwkKey);
options.DPoPJsonWebKey = jwk;
})
- .AddRemoteApis()
- .AddServerSideSessions();
+ .AddRemoteApis();
+ // .AddServerSideSessions();
// local APIs
services.AddControllers();
@@ -204,7 +204,6 @@ private static void MapRemoteUrls(IEndpointRouteBuilder endpoints)
// On this path, we require the user token
endpoints.MapRemoteBffApiEndpoint("/api/user-token", "https://localhost:6001")
- .WithUserAccessTokenParameter(new BffUserAccessTokenParameters(resource: "urn:example-api"))
.RequireAccessToken(TokenType.User);
}
}
diff --git a/IdentityServer/v7/BFF/DPoP/DPoP.Bff/wwwroot/index.html b/IdentityServer/v7/BFF/DPoP/DPoP.Bff/wwwroot/index.html
index e0514de4..4eb6b324 100644
--- a/IdentityServer/v7/BFF/DPoP/DPoP.Bff/wwwroot/index.html
+++ b/IdentityServer/v7/BFF/DPoP/DPoP.Bff/wwwroot/index.html
@@ -11,7 +11,7 @@