Brock Allen
Brock Allen
Perhaps you should consider nuget signing: https://docs.microsoft.com/en-us/nuget/create-packages/sign-a-package https://docs.microsoft.com/en-us/nuget/reference/signed-packages-reference You'll get a blue checkmark in NuGet so people know it's the right package author (instead of knock-offs).
The built-in ExpiresUtc on the AuthenticationProperties is used for inactivity, but there is no built-in AbsoluteExpiresUtc. Consider adding such a feature. Likely would be a new/custom entry in the Items...
Sometimes somethings are triggered in Startup before a request. Check where this could happen and see if it's ok to nop in those scenarios. https://github.com/DuendeSoftware/Support/issues/43
We need a story for programmatically configuring clients/resources/provider. This will likely involve: * read/write repository interface design * EF implementation * API endpoints for repo interfaces * security model for...
For this change: https://github.com/dotnet/aspnetcore/pull/42606
Perhaps emit better log saying what item/record can't be unprotected, and say old DP keys can't be accessed to unprotect, and indicate the ID of the record to remove if...
To allow for issuer name, token endpoint, and/or PAR endpoint. https://datatracker.ietf.org/doc/html/rfc9126#section-2
This PR adds logic when processing request parameters that are exact duplicates to filter/ignore them. Fixes: https://github.com/DuendeSoftware/Support/issues/124