Home on Joe DeCock

About

joe@jmdc.dev (Joe DeCock) — Mon, 15 Apr 2024 20:46:40 -0500

Hi, I’m Joe.

I’m a security architect, software developer, and trainer. I help build Duende.IdentityServer, speak at conferences about security and identity, and train other developers about OAuth and OpenId Connect.

In my work with Duende, I’ve had the opportunity to implement Pushed Authorization Requests (RFC 9126) and Dynamic Client Registration (RFC 7591) in IdentityServer, add DPoP (RFC 9449) support to Duende.BFF, and learned a ton from Brock and Dominick (thanks guys!)

Open Source

I’m a maintainer for a number of open source libraries, including

Getting Started with PAR in ASP.NET 9 Previews

joe@jmdc.dev (Joe DeCock) — Tue, 06 Aug 2024 00:00:00 +0000

In my previous post, I shared my enthusiasm that I had contributed PAR support to ASP.NET, available in the upcoming 9.0 release. A deep dive on the extensibility points is still coming, but I thought first I should show a simple example of how to try out PAR today using nightly builds of the .NET SDK and OIDC nuget packages. The source for this example is on github, but read on for a step-by-step breakdown.

Support for PAR in ASP.NET Core 9.0

joe@jmdc.dev (Joe DeCock) — Fri, 19 Jul 2024 00:00:00 +0000

I’m really excited to share that ASP.NET Core 9.0 will include support for Pushed Authorization Requests (PAR). We’ve been discussing the new API in this issue, and my PR merged just a few hours ago as of this writing. You’ll be able to try it out in preview 7 of ASP.NET Core 9.0.