polishing the packages

.github/workflows/ci-cd.yml

@@ -3,8 +3,6 @@ name: CI/CD with Auto Versioning
 on:
   push:
     branches: [ master ]
-  pull_request:
-    branches: [ master ]
 
 jobs:
   versioning:
@@ -42,7 +40,7 @@ jobs:
       - name: Pack
         run: dotnet pack --no-build -c Release -o nupkg /p:PackageVersion=${{ needs.versioning.outputs.version }}
       - name: Upload NuGet packages as artifacts
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4.3.1
         with:
           name: nuget-packages
           path: nupkg/*.nupkg
@@ -51,7 +49,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download NuGet packages artifacts
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4.1.4
         with:
           name: nuget-packages
           path: nupkg

Abblix.DependencyInjection/Abblix.DependencyInjection.csproj

@@ -8,7 +8,7 @@
       Enhances .NET applications with Abblix's sophisticated dependency injection patterns,
       offering features like service aliasing, composite services, and decorators for streamlined service registration.
     </Description>
-    <GeneratePackageOnBuild>True</GeneratePackageOnBuild>
+    <IsPackable>true</IsPackable>
   </PropertyGroup>
 
   <ItemGroup>

Abblix.Jwt/Abblix.Jwt.csproj

@@ -4,6 +4,14 @@
     <TargetFrameworks>net6.0;net7.0;net8.0</TargetFrameworks>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
+    <IsPackable>true</IsPackable>
+    <Description>
+      A lightweight, easy-to-use library for generating, validating, and working with JSON Web Tokens (JWT) in .NET applications.
+      Whether you're developing web APIs, microservices, or serverless applications that require secure, stateless authentication
+      and authorization solutions, Abblix.Jwt provides a robust set of features to incorporate JWT-based authentication
+      with minimal effort. Features include token validation, custom claims, signature verification, and audience validation,
+      making it an ideal choice for developers looking to secure their .NET applications efficiently.
+    </Description>
   </PropertyGroup>
 
   <ItemGroup>

Abblix.Oidc.Server.Mvc/Controllers/DiscoveryController.cs

@@ -97,7 +97,7 @@ public Task<ActionResult<ConfigurationResponse>> ConfigurationAsync(
 	{
 		var response = new ConfigurationResponse
 		{
-			Issuer = LicenseChecker.CheckLicense(issuerProvider.GetIssuer()),
+			Issuer = LicenseChecker.CheckIssuer(issuerProvider.GetIssuer()),
 
 			JwksUri = Resolve(Path.Keys, OidcEndpoints.Keys),
 			AuthorizationEndpoint = Resolve(Path.Authorize, OidcEndpoints.Authorize),

Abblix.Oidc.Server.Mvc/README.md

@@ -0,0 +1,93 @@
+# Abblix.Oidc.Server.Mvc
+
+The Abblix.Oidc.Server.Mvc library extends the capabilities of Abblix.Oidc.Server by integrating seamlessly with ASP.NET Core MVC applications. It provides specialized support for MVC-based projects, enhancing the OpenID Connect (OIDC) protocol implementation with MVC-specific features and configurations.
+
+## Features
+
+- **MVC Integration**: Designed specifically for ASP.NET Core MVC applications, ensuring a smooth integration.
+- **Enhanced Routing and Controllers**: Supports MVC routing and controllers for OIDC endpoints, offering greater control over the OIDC flow within MVC applications.
+- **Customizable View Components**: Offers customizable MVC view components for login, logout, and consent pages, allowing for a consistent user experience aligned with your application's design.
+- **Extended Documentation**: Includes detailed documentation on MVC-specific configurations and best practices.
+
+## Getting Started
+
+Ensure you have the .NET SDK and ASP.NET Core MVC installed on your system. Abblix.Oidc.Server.Mvc can be added to your MVC project using the NuGet Package Manager:
+
+```powershell
+Install-Package Abblix.Oidc.Server.Mvc
+```
+
+## Getting Started
+
+To get started with Abblix.Oidc.Server, first, ensure you have the .NET SDK installed on your system. Then, you can add the library to your project using the NuGet Package Manager:
+
+```powershell
+Install-Package Abblix.Oidc.Server
+```
+
+## Usage
+Here's how to integrate Abblix.Oidc.Server.Mvc into an ASP.NET Core MVC application:
+
+Configure Services:
+```csharp
+public void ConfigureServices(IServiceCollection services)
+{
+    services.AddAbblixOidcServer(options => 
+    {
+        options.Issuer = "https://yourdomain.com";
+        // Configure other options as needed
+    });
+}
+```
+
+Define an Endpoint:
+```csharp
+public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
+{
+    // Use routing
+    app.UseRouting();
+
+    // Use authentication and authorization
+    app.UseAuthentication();
+    app.UseAuthorization();
+
+    // Map OIDC endpoints
+    app.UseEndpoints(endpoints =>
+    {
+        endpoints.MapAbblixOidcServer();
+    });
+}
+```
+
+## API Reference
+The library offers a wide range of APIs to manage authentication, tokens, clients, and more. For detailed API documentation, please refer to API Documentation.
+
+## Support
+For support, you can check the comprehensive documentation or raise an issue on the project’s GitHub page if you encounter any problems or have suggestions for improvements.
+
+## Contributing
+We welcome contributions from the community! If you're interested in contributing, please read our contributing guidelines and submit a pull request.
+
+# License
+
+Abblix OIDC Server is available under different licensing models:
+
+## For Non-Commercial and Educational Projects
+
+If you're working on a free educational project, a game without monetization, or testing versions of commercial systems for piloting/demonstrating performance in internal non-commercial environments without generating profit, you can download and use Abblix OIDC Server free of charge. This free license is subject to all terms and conditions specified in the full [LICENSE.md](LICENSE.md).
+
+## For Commercial Use
+
+For commercial projects or any projects that include any form of monetization (including advertisements, paid subscriptions, or any commercial component), a proprietary license must be obtained. Please refer to the [LICENSE.md](LICENSE.md) for detailed terms and conditions regarding commercial use.
+
+## Activation and Duration
+
+The license for Abblix OIDC Server may require activation, and the number of activations can be limited. The duration of the license, including any extensions, is specified at the time of purchase or as agreed upon with any Abblix partner from whom you might obtain the software.
+
+## Compliance
+
+By using Abblix OIDC Server, you agree to comply with the terms set forth in the LICENSE.md file and ensure your use of the software does not violate any applicable laws or regulations.
+
+For detailed licensing information, please consult the [LICENSE.md](LICENSE.md) file provided with this package.
+
+If you have any questions or require further information regarding licensing for the Abblix OIDC Server, please contact us at [email protected] or visit our website at www.abblix.com.

Abblix.Oidc.Server/Abblix.Oidc.Server.csproj

@@ -13,7 +13,7 @@
     <ItemGroup>
       <EmbeddedResource Include=".\Features\SessionManagement\Resources\checkSession.html" />
       <EmbeddedResource Include=".\Features\Licensing\Resources\Abblix Licensing.pem" />
-      <None Include="..\README.md" />
+      <None Include="README.md" />
     </ItemGroup>
 
     <ItemGroup>
@@ -28,4 +28,18 @@
       <ProjectReference Include="..\Abblix.Jwt\Abblix.Jwt.csproj" />
     </ItemGroup>
 
+    <ItemGroup>
+      <None Include="bin\Release\net6.0\Abblix.Utils.dll" Pack="true" PackagePath="lib\net6.0" />
+      <None Include="bin\Release\net6.0\Abblix.Jwt.dll" Pack="true" PackagePath="lib\net6.0" />
+      <None Include="bin\Release\net6.0\Abblix.DependencyInjection.dll" Pack="true" PackagePath="lib\net6.0" />
+
+      <None Include="bin\Release\net7.0\Abblix.Utils.dll" Pack="true" PackagePath="lib\net7.0" />
+      <None Include="bin\Release\net7.0\Abblix.Jwt.dll" Pack="true" PackagePath="lib\net7.0" />
+      <None Include="bin\Release\net7.0\Abblix.DependencyInjection.dll" Pack="true" PackagePath="lib\net7.0" />
+
+      <None Include="bin\Release\net8.0\Abblix.Utils.dll" Pack="true" PackagePath="lib\net8.0" />
+      <None Include="bin\Release\net8.0\Abblix.Jwt.dll" Pack="true" PackagePath="lib\net8.0" />
+      <None Include="bin\Release\net8.0\Abblix.DependencyInjection.dll" Pack="true" PackagePath="lib\net8.0" />
+    </ItemGroup>
+
 </Project>

Abblix.Oidc.Server/Abblix.Oidc.Server.nuspec

@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="utf-8"?>
+<package xmlns="http://schemas.microsoft.com/packaging/2013/05/nuspec.xsd">
+  <metadata>
+    <id>Abblix.Oidc.Server</id>
+    <version>1.0.0</version>
+    <title>Abblix OpenID Connect Server</title>
+    <authors>Abblix.Oidc.Server</authors>
+    <description>Flexible OpenID Connect and OAuth 2.0 server-side implementation for modern ASP.NET projects</description>
+    <repository type="git" url="https://github.com/Abblix/Oidc.Server" commit="6ccbb8fb05e4eed5f1bfcfbbee401dd9deb9df28" />
+    <dependencies>
+      <group targetFramework="net6.0">
+        <dependency id="Abblix.DependencyInjection" version="1.0.0" exclude="Build,Analyzers" />
+        <dependency id="Abblix.Jwt" version="1.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Caching.Memory" version="8.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Hosting.Abstractions" version="8.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Http" version="8.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Options" version="8.0.1" exclude="Build,Analyzers" />
+      </group>
+      <group targetFramework="net7.0">
+        <dependency id="Abblix.DependencyInjection" version="1.0.0" exclude="Build,Analyzers" />
+        <dependency id="Abblix.Jwt" version="1.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Caching.Memory" version="8.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Hosting.Abstractions" version="8.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Http" version="8.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Options" version="8.0.1" exclude="Build,Analyzers" />
+      </group>
+      <group targetFramework="net8.0">
+        <dependency id="Abblix.DependencyInjection" version="1.0.0" exclude="Build,Analyzers" />
+        <dependency id="Abblix.Jwt" version="1.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Caching.Memory" version="8.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Hosting.Abstractions" version="8.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Http" version="8.0.0" exclude="Build,Analyzers" />
+        <dependency id="Microsoft.Extensions.Options" version="8.0.1" exclude="Build,Analyzers" />
+      </group>
+    </dependencies>
+  </metadata>
+  <files>
+    <file src="bin\Release\net6.0\*.dll" target="lib\net6.0" />
+    <file src="bin\Release\net7.0\*.dll" target="lib\net7.0" />
+    <file src="bin\Release\net8.0\*.dll" target="lib\net8.0" />
+  </files>
+</package>

Abblix.Oidc.Server/Endpoints/Authorization/AuthorizationRequestProcessor.cs

@@ -101,7 +101,7 @@ public AuthorizationRequestProcessor(
 	/// </returns>
 	public async Task<AuthorizationResponse> ProcessAsync(ValidAuthorizationRequest request)
 	{
-		request.ClientInfo.CheckLicense();
+		request.ClientInfo.CheckClient();
 		var model = request.Model;
 
 		var authSessions = await GetAvailableAuthSessionsAsync(model);

Abblix.Oidc.Server/Endpoints/DynamicClientManagement/RegisterClientRequestProcessor.cs

@@ -113,13 +113,14 @@ public async Task<ClientRegistrationResponse> ProcessAsync(ValidClientRegistrati
         var clientId = model.ClientId.HasValue() ? model.ClientId : _clientIdGenerator.GenerateClientId();
         var (clientSecret, expiresAt) = GenerateClientSecret(model.TokenEndpointAuthMethod, issuedAt);
 
-        await _clientInfoManager.AddClientAsync(ToClientInfo(model, clientId, clientSecret, expiresAt, request.SectorIdentifier));
+        var clientInfo = ToClientInfo(model, clientId, clientSecret, expiresAt, request.SectorIdentifier);
+        await _clientInfoManager.AddClientAsync(clientInfo);
 
         var response = new ClientRegistrationSuccessResponse(clientId, issuedAt)
         {
             ClientSecret = clientSecret,
             ClientSecretExpiresAt = expiresAt,
-            RegistrationAccessToken = await IssueRegistrationAccessToken(clientId, issuedAt),
+            RegistrationAccessToken = await IssueRegistrationAccessTokenAsync(clientId, issuedAt),
         };
         return response;
     }
@@ -206,7 +207,7 @@ private ClientInfo ToClientInfo(
         return clientInfo;
     }
 
-    private Task<string> IssueRegistrationAccessToken(string clientId, DateTimeOffset issuedAt)
+    private Task<string> IssueRegistrationAccessTokenAsync(string clientId, DateTimeOffset issuedAt)
     {
         var token = new JsonWebToken
         {
@@ -215,12 +216,13 @@ private Task<string> IssueRegistrationAccessToken(string clientId, DateTimeOffse
                 Type = JwtTypes.RegistrationAccessToken,
                 Algorithm = SigningAlgorithms.RS256,
             },
-            Payload = {
+            Payload =
+            {
                 IssuedAt = issuedAt,
                 NotBefore = issuedAt,
                 //ExpiresAt = issuedAt + ..., //TODO think about the expiration of this token
 
-                Issuer = LicenseChecker.CheckLicense(_issuerProvider.GetIssuer()),
+                Issuer = LicenseChecker.CheckIssuer(_issuerProvider.GetIssuer()),
                 Audiences = new[] { clientId },
                 Subject = clientId,
             },

Abblix.Oidc.Server/Endpoints/EndSession/EndSessionRequestProcessor.cs

@@ -114,7 +114,7 @@ public async Task<EndSessionResponse> ProcessAsync(ValidEndSessionRequest reques
 		await _authenticationService.SignOutAsync();
 		_logger.LogDebug("The user with subject={Subject} was logged out from session {Session}", subjectId, sessionId);
 
-		var context = new LogoutContext(sessionId, subjectId, LicenseChecker.CheckLicense(_issuerProvider.GetIssuer()));
+		var context = new LogoutContext(sessionId, subjectId, LicenseChecker.CheckIssuer(_issuerProvider.GetIssuer()));
 
 		var tasks = new List<Task>();
 		foreach (var clientId in authSession.AffectedClientIds)

Abblix.Oidc.Server/Endpoints/Token/TokenRequestProcessor.cs

@@ -87,7 +87,7 @@ public TokenRequestProcessor(
 	/// </remarks>
 	public async Task<TokenResponse> ProcessAsync(ValidTokenRequest request)
 	{
-		request.ClientInfo.CheckLicense();
+		request.ClientInfo.CheckClient();
 
 		var accessToken = await _accessTokenService.CreateAccessTokenAsync(
 			request.AuthSession,

Abblix.Oidc.Server/Endpoints/UserInfo/UserInfoRequestProcessor.cs

@@ -93,7 +93,7 @@ public async Task<UserInfoResponse> ProcessAsync(ValidUserInfoRequest request)
 		var subject = _subjectTypeConverter.Convert(request.AuthSession.Subject, request.ClientInfo);
 		userInfo.SetProperty(JwtClaimTypes.Subject, subject);
 
-		var issuer = LicenseChecker.CheckLicense(_issuerProvider.GetIssuer());
+		var issuer = LicenseChecker.CheckIssuer(_issuerProvider.GetIssuer());
 		return new UserInfoFoundResponse(userInfo, request.ClientInfo, issuer);
 	}
 }

Abblix.Oidc.Server/Features/Licensing/LicenseChecker.cs

@@ -68,15 +68,15 @@ public static class LicenseChecker
     /// <returns>A task that, upon completion, returns the client information if it complies with the licensing
     /// constraints; otherwise, logs an error.</returns>
     public static async Task<ClientInfo?> WithLicenseCheck(this Task<ClientInfo?> clientInfo)
-        => (await clientInfo).CheckLicense();
+        => (await clientInfo).CheckClient();
 
     /// <summary>
     /// Applies licensing checks to client information.
     /// </summary>
     /// <param name="clientInfo">The client information to check against licensing constraints.</param>
     /// <returns>The client information if it complies with the licensing constraints; otherwise, logs an error.
     /// </returns>
-    public static ClientInfo? CheckLicense(this ClientInfo? clientInfo)
+    public static ClientInfo? CheckClient(this ClientInfo? clientInfo)
     {
         if (clientInfo != null)
         {
@@ -119,7 +119,7 @@ public static class LicenseChecker
     /// </summary>
     /// <param name="issuer">The issuer to check against licensing constraints.</param>
     /// <returns>The issuer if it complies with the licensing constraints; otherwise, logs an error.</returns>
-    public static string CheckLicense(string issuer)
+    public static string CheckIssuer(string issuer)
     {
         var utcNow = DateTimeOffset.UtcNow;
         var currentLicense = LicenseManager.TryGetCurrentLicenseLimit(utcNow) ?? FreeLicense;

Abblix.Oidc.Server/Features/Tokens/AccessTokenService.cs

@@ -114,7 +114,8 @@ public async Task<EncodedJsonWebToken> CreateAccessTokenAsync(
 				IssuedAt = issuedAt,
 				NotBefore = issuedAt,
 				ExpiresAt = issuedAt + clientInfo.AccessTokenExpiresIn,
-				Issuer = LicenseChecker.CheckLicense(_issuerProvider.GetIssuer()),
+				Issuer = LicenseChecker.CheckIssuer(_issuerProvider.GetIssuer()),
+				Audiences = new[] { clientInfo.ClientId },
 			},
 		};
 

Abblix.Oidc.Server/Features/Tokens/IdentityTokenService.cs

@@ -137,7 +137,7 @@ public async Task<EncodedJsonWebToken> CreateIdentityTokenAsync(
 				IssuedAt = issuedAt,
 				NotBefore = issuedAt,
 				ExpiresAt = issuedAt + clientInfo.IdentityTokenExpiresIn,
-				Issuer = LicenseChecker.CheckLicense(_issuerProvider.GetIssuer()),
+				Issuer = LicenseChecker.CheckIssuer(_issuerProvider.GetIssuer()),
 
 				Subject = _subjectTypeConverter.Convert(authSession.Subject, clientInfo),
 				SessionId = authSession.SessionId,

Abblix.Oidc.Server/Features/Tokens/RefreshTokenService.cs

@@ -107,7 +107,7 @@ public RefreshTokenService(
 				IssuedAt = issuedAt,
 				NotBefore = now,
 				ExpiresAt = expiresAt,
-				Issuer = LicenseChecker.CheckLicense(_issuerProvider.GetIssuer()),
+				Issuer = LicenseChecker.CheckIssuer(_issuerProvider.GetIssuer()),
 				Audiences = new[] { clientInfo.ClientId },
 			},
 		};

Abblix.Oidc.Server/Features/Tokens/Validation/AuthServiceJwtValidator.cs

@@ -81,7 +81,13 @@ public Task<JwtValidationResult> ValidateAsync(string jwt, ValidationOptions opt
 
 	private Task<bool> ValidateIssuerAsync(string issuer)
 	{
-		return Task.FromResult(issuer == _issuerProvider.GetIssuer());
+		var result = issuer == _issuerProvider.GetIssuer();
+		if (result)
+		{
+			LicenseChecker.CheckIssuer(issuer);
+		}
+
+		return Task.FromResult(result);
 	}
 
 	private async Task<bool> ValidateAudienceAsync(IEnumerable<string> audiences)