Update documentation links and enhance README content

README.md

@@ -11,7 +11,7 @@ This repository contains the core products developed by Duende Software.
 
 Duende IdentityServer is a modern, standards-compliant OpenID Connect and OAuth 2.0 framework for ASP.NET Core, designed to provide secure authentication and API access control for modern applications. It supports a wide range of authentication flows, token types, and extension points for customization.
 
-- [Documentation](https://docs.duendesoftware.com/identityserver/v7)
+- [Documentation](https://docs.duendesoftware.com/identityserver/)
 - [Source Code](./identity-server)
 
 ### Duende BFF (Backend for Frontend)
@@ -21,7 +21,7 @@ Duende IdentityServer is a modern, standards-compliant OpenID Connect and OAuth
 
 The Backend for Frontend (BFF) pattern is a security architecture for browser-based JavaScript applications. It keeps access and refresh tokens on the server and eliminates the need for CORS, providing improved security for your web applications.
 
-- [Documentation](https://docs.duendesoftware.com/identityserver/v7/bff/)
+- [Documentation](https://docs.duendesoftware.com//bff/)
 - [Source Code](./bff)
 
 ### AspNet Core JWT Bearer Authentication Extensions
@@ -31,7 +31,7 @@ The Backend for Frontend (BFF) pattern is a security architecture for browser-ba
 
 Extends the ASP.NET Core JWT Bearer authentication handler with support for OAuth 2.0 Demonstrating Proof-of-Possession (DPoP), enhancing security for bearer tokens by proving possession of a private key.
 
-- [Documentation](https://docs.duendesoftware.com/identityserver/v7/apis/aspnetcore/dpop/)
+- [Documentation](https://docs.duendesoftware.com/identityserver/tokens/pop/)
 - [Source Code](./aspnetcore-authentication-jwtbearer)
 
 ## License
@@ -40,4 +40,4 @@ By accessing the Duende Products code here, you are agreeing to the [licensing t
 
 ## Contributing
 
-Please see our [contributing guidelines](/.github/CONTRIBUTING.md).
+Please see our [contributing guidelines](/.github/CONTRIBUTING.md).

aspnetcore-authentication-jwtbearer/README.md

@@ -1,7 +1,57 @@
-# Duende Extensions for ASP.NET
+# Duende JWT Bearer Authentication Extensions
 
-Extensions for ASP.NET to leverage advanced features of Duende IdentityServer.
+Extensions for
+the [ASP.NET JwtBearer authentication handler](https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.JwtBearer)
+that add support for advanced features of Duende IdentityServer, particularly OAuth 2.0 Demonstrating
+Proof-of-Possession (DPoP) as specified in [RFC 9449](https://datatracker.ietf.org/doc/rfc9449/).
 
-### Extensions for the JwtBearer authentication handler
+Read more about the Duende packages at [documentation](https://docs.duendesoftware.com/).
 
-* support for DPoP
+## Features
+
+* Implements DPoP support for enhanced security of bearer tokens
+* Seamlessly integrates with existing ASP.NET Core JWT Bearer authentication
+* Validates DPoP proofs according to RFC 9449 specifications
+
+The following services collection extension methods are included under the features of this package:
+
+1. **`ConfigureDPoPTokensForScheme(this IServiceCollection services, string scheme)`**
+   Configures DPoP support for a specific JwtBearer authentication scheme.
+
+2. **`ConfigureDPoPTokensForScheme(this IServiceCollection services, string scheme, Action<DPoPOptions> configure)`**
+   Configures DPoP support for a specific JwtBearer authentication scheme and allows customization through `DPoPOptions`.
+
+#### HTTP Request Extensions
+
+- **`GetAuthorizationScheme(this HttpRequest request)`**: Retrieves the authorization scheme from the `Authorization` header of the HTTP request.
+- **`GetDPoPProofToken(this HttpRequest request)`**: Retrieves the DPoP proof token from the `DPoP` header of the HTTP request.
+
+#### Authentication Properties Extensions
+
+- **`GetDPoPNonce(this AuthenticationProperties props)`**: Retrieves the nonce value used for DPoP from the provided `AuthenticationProperties`.
+- **`SetDPoPNonce(this AuthenticationProperties props, string nonce)`**: Sets a nonce value used for DPoP in the provided `AuthenticationProperties`.
+
+#### JSON Web Key Extensions
+
+- **`CreateThumbprintCnf(this JsonWebKey jwk)`**: Creates the value of a confirmation claim (`cnf`) from a JSON Web Key thumbprint.
+- **`CreateThumbprint(this JsonWebKey jwk)`**: Creates the thumbprint of a JSON Web Key (`jwk`).
+
+
+## Licensing
+
+Duende IdentityServer is source-available, but requires a paid license for production use.
+
+- **Development and Testing**: You are free to use and explore the code for development, testing, or personal projects without a license.
+- **Production**: A license is required for production environments.
+- **Free Community Edition**: A free Community Edition license is available for qualifying companies and non-profit organizations.
+
+By accessing the Duende Products code here, you are agreeing to the [licensing terms](https://duendesoftware.com/license).
+
+## Contributing
+
+Please see our [contributing guidelines](https://github.com/DuendeSoftware/products/blob/main/.github/CONTRIBUTING.md).
+
+## Reporting Issues and Getting Support
+
+- For bug reports or feature requests, [use our developer community forum](https://github.com/DuendeSoftware/community).
+- For security-related concerns, please contact us privately at: **[email protected]**.

aspnetcore-authentication-jwtbearer/src/AspNetCore.Authentication.JwtBearer/README.md

@@ -1,3 +1,57 @@
-Extensions for the [ASP.NET JwtBearer authentication handler](https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.JwtBearer) to leverage advanced features of Duende IdentityServer.
+# Duende JWT Bearer Authentication Extensions
 
-* Adds support for [DPoP](https://datatracker.ietf.org/doc/rfc9449/)
+Extensions for
+the [ASP.NET JwtBearer authentication handler](https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.JwtBearer)
+that add support for advanced features of Duende IdentityServer, particularly OAuth 2.0 Demonstrating
+Proof-of-Possession (DPoP) as specified in [RFC 9449](https://datatracker.ietf.org/doc/rfc9449/).
+
+Read more about the Duende packages at [documentation](https://docs.duendesoftware.com/).
+
+## Features
+
+* Implements DPoP support for enhanced security of bearer tokens
+* Seamlessly integrates with existing ASP.NET Core JWT Bearer authentication
+* Validates DPoP proofs according to RFC 9449 specifications
+
+The following services collection extension methods are included under the features of this package:
+
+1. **`ConfigureDPoPTokensForScheme(this IServiceCollection services, string scheme)`**
+   Configures DPoP support for a specific JwtBearer authentication scheme.
+
+2. **`ConfigureDPoPTokensForScheme(this IServiceCollection services, string scheme, Action<DPoPOptions> configure)`**
+   Configures DPoP support for a specific JwtBearer authentication scheme and allows customization through `DPoPOptions`.
+
+#### HTTP Request Extensions
+
+- **`GetAuthorizationScheme(this HttpRequest request)`**: Retrieves the authorization scheme from the `Authorization` header of the HTTP request.
+- **`GetDPoPProofToken(this HttpRequest request)`**: Retrieves the DPoP proof token from the `DPoP` header of the HTTP request.
+
+#### Authentication Properties Extensions
+
+- **`GetDPoPNonce(this AuthenticationProperties props)`**: Retrieves the nonce value used for DPoP from the provided `AuthenticationProperties`.
+- **`SetDPoPNonce(this AuthenticationProperties props, string nonce)`**: Sets a nonce value used for DPoP in the provided `AuthenticationProperties`.
+
+#### JSON Web Key Extensions
+
+- **`CreateThumbprintCnf(this JsonWebKey jwk)`**: Creates the value of a confirmation claim (`cnf`) from a JSON Web Key thumbprint.
+- **`CreateThumbprint(this JsonWebKey jwk)`**: Creates the thumbprint of a JSON Web Key (`jwk`).
+
+
+## Licensing
+
+Duende IdentityServer is source-available, but requires a paid license for production use.
+
+- **Development and Testing**: You are free to use and explore the code for development, testing, or personal projects without a license.
+- **Production**: A license is required for production environments.
+- **Free Community Edition**: A free Community Edition license is available for qualifying companies and non-profit organizations.
+
+By accessing the Duende Products code here, you are agreeing to the [licensing terms](https://duendesoftware.com/license).
+
+## Contributing
+
+Please see our [contributing guidelines](https://github.com/DuendeSoftware/products/blob/main/.github/CONTRIBUTING.md).
+
+## Reporting Issues and Getting Support
+
+- For bug reports or feature requests, [use our developer community forum](https://github.com/DuendeSoftware/community).
+- For security-related concerns, please contact us privately at: **[email protected]**.

bff/README.md

@@ -5,7 +5,7 @@ _Securing SPAs and Blazor WASM applications once and for all._
 Welcome to the official GitHub repository for the [Duende](https://duendesoftware.com) Backend for Frontend (BFF) Security Framework!
 
 ## Overview
-Duende.BFF is a framework for building services that solve security and identity problems in browser based applications such as SPAs and Blazor WASM applications. It is used to create a backend host that is paired with a frontend application. This backend is called the Backend For Frontend (BFF) host, and is responsible for all of the OAuth and OIDC protocol interactions. Moving the protocol handling out of JavaScript provides important security benefits and works around changes in browser privacy rules that increasingly disrupt OAuth and OIDC protocol flows in browser based applications. The Duende.BFF library makes it easy to build and secure BFF hosts by providing [session and token management](https://docs.duendesoftware.com/bff/fundamentals/session), [API endpoint protection](https://docs.duendesoftware.com/bff/fundamentals/apis), and [logout notifications](https://docs.duendesoftware.com/bff/fundamentals/session/management/back-channel-logout).
+Duende.BFF is a framework for building services that solve security and identity problems in browser based applications such as SPAs and Blazor WASM applications. It is used to create a backend host that is paired with a frontend application. This backend is called the Backend For Frontend (BFF) host, and is responsible for all of the OAuth and OIDC protocol interactions. Moving the protocol handling out of JavaScript provides important security benefits and works around changes in browser privacy rules that increasingly disrupt OAuth and OIDC protocol flows in browser based applications. The Duende.BFF library makes it easy to build and secure BFF hosts by providing [session and token management](https://docs.duendesoftware.com/bff/fundamentals/session/), [API endpoint protection](https://docs.duendesoftware.com/bff/fundamentals/apis/), and [logout notifications](https://docs.duendesoftware.com/bff/fundamentals/session/management/back-channel-logout/).
 
 ## Extensibility
 Duende.BFF can be extended with:

bff/src/Bff.Blazor.Client/README.md

@@ -0,0 +1,37 @@
+# Duende.BFF.Blazor.Client
+
+The `Duende.BFF.Blazor.Client` package provides integration between Blazor WebAssembly applications and the Backend for
+Frontend (BFF) security architecture. It enables secure communication between Blazor WASM clients and BFF hosts by
+handling authentication, session management, and API access.
+
+## Features
+
+* Seamless integration with Blazor WebAssembly applications
+* Automatic handling of BFF authentication and session management
+* Built-in support for secure API calls through the BFF host
+* Integration with standard Blazor authentication state providers
+* Support for both interactive and silent token refresh
+* Automatic handling of session expiration and logout
+
+## Getting Started
+
+For detailed documentation and examples, please visit
+the [Duende BFF documentation](https://docs.duendesoftware.com/bff/).
+
+## Licensing
+
+Duende.BFF.Blazor.Client is source-available, but requires a paid license for production use.
+
+- **Development and Testing**: You are free to use and explore the code for development, testing, or personal projects
+  without a license.
+- **Production**: A license is required for production environments.
+- **Free Community Edition**: A free Community Edition license is available for qualifying companies and non-profit
+  organizations.
+
+By accessing the Duende Products code here, you are agreeing to
+the [licensing terms](https://duendesoftware.com/license).
+
+## Reporting Issues and Getting Support
+
+- For bug reports or feature requests, [use our developer community forum](https://github.com/DuendeSoftware/community)
+- For security-related concerns, please contact us privately at: **[email protected]**

bff/src/Bff.Blazor/README.md

@@ -0,0 +1,115 @@
+# Duende.BFF.Blazor
+
+[![NuGet](https://img.shields.io/nuget/v/Duende.BFF.Blazor.svg)](https://www.nuget.org/packages/BFF.Blazor)
+
+`Duende.BFF.Blazor` is a specialized .NET library designed to support secure browser-based applications, mainly using the Backend for Frontend (BFF) pattern in combination with Blazor Server, Blazor WASM (WebAssembly), and SPA frontends. 
+
+It facilitates simpler and safer implementations of OpenID Connect (OIDC) and OAuth2 flows by moving token handling and other protocol interactions to the server.
+
+[Learn more about the BFF pattern](https://docs.duendesoftware.com/bff/).
+
+---
+
+## Features
+
+- **Token Management**: Provides server-side storage and handling of access tokens, improving security by removing tokens from the browser.
+- **Seamless Integration With Blazor**: Easily integrates with Blazor Server or Blazor WASM applications, streamlining authentication functionalities.
+- **Customizable Security**: Includes extension points to customize claims transformation, authentication logic, and session management.
+- **Supports Modern OAuth2 and OIDC Flows**: Works around browser privacy restrictions affecting OAuth/OIDC protocols.
+- **Proxies for Secure API Access**: Enables secure API calls via the server to prevent token exposure to the client.
+
+---
+
+## Getting Started
+
+To get started with **Duende.BFF.Blazor**, follow these steps:
+
+### Installation via NuGet
+
+You can install the library via NuGet:
+
+```bash
+dotnet add package Duende.BFF.Blazor
+```
+
+### Dependencies
+
+Ensure your project targets **.NET 8.0 or higher** and references ASP.NET Core for Blazor development. 
+
+This library also integrates seamlessly with [Duende IdentityServer](https://duendesoftware.com/products/identityserver) or other compliant providers for OIDC and OAuth2.
+
+---
+
+## Usage
+
+### Quick Example
+
+1. **Configure Services**
+   Add the necessary services in your `Startup.cs` or `Program.cs`:
+
+   ```csharp
+   builder.Services.AddBff()
+       .AddBlazorBffServer()
+       .AddServerSideManagementClaims();
+   ```
+
+2. **Update Middleware Pipeline**
+   Update your app's middleware pipeline to include BFF features:
+
+   ```csharp
+   app.UseRouting();
+   app.UseAuthentication();
+   app.UseBff();
+   app.UseAuthorization();
+
+   app.MapBffManagementApis();
+   app.MapControllers();
+   ```
+
+3. **Secure API Endpoints**
+   Secure your API endpoints using the `[Authorize]` attribute to ensure they adhere to authentication and authorization policies.
+
+   ```csharp
+   [Authorize]
+   [HttpGet("/api/secure-data")]
+   public IActionResult GetSecureData()
+   {
+       return Ok(new { Message = "Secure data accessed" });
+   }
+   ```
+
+4. **Integrate with Blazor Components**
+   Use `AuthenticationStateProvider` or other related services to manage authentication state within your Blazor components.
+
+## Documentation
+
+Extensive documentation is available to guide you through key concepts, setup details, and advanced configuration options:
+
+- [API Documentation](https://docs.duendesoftware.com/bff/fundamentals/)
+- [Blazor Integration Guide](https://docs.duendesoftware.com/bff/fundamentals/blazor/)
+
+## Related Projects
+
+- [Duende.IdentityServer](https://github.com/DuendeSoftware/products) - Standards-compliant OpenID Connect and OAuth 2.0 framework.
+- [BFF.YARP](https://www.nuget.org/packages/Duende.BFF.Yarp) - BFF integration with YARP for reverse proxying.
+
+## Licensing
+
+**BFF.Blazor** is source-available, but requires a paid license for production use:
+
+- **Development and Testing**: Free to use and explore for personal or development purposes.
+- **Production Use**: A commercial license is required. Visit [Duende Licensing](https://duendesoftware.com/license) for details.
+- **Community Edition**: A free Community Edition license is available for qualifying organizations. Learn more [here](https://duendesoftware.com/products/communityedition).
+
+By using **Duende.BFF.Blazor**, you agree to abide by its [licensing terms](https://duendesoftware.com/license).
+
+## Contributing
+
+We welcome community contributions. Please refer to our [contributing guidelines](https://github.com/YourGitHub/bff-blazor/blob/main/CONTRIBUTING.md) for more information.
+
+## Support and Issues
+
+- **Report Issues**: Use [GitHub Issues](https://github.com/duendesoftware/products/issues) for bugs and feature requests.
+- **Security Concerns**: For security-related inquiries, contact **[email protected]**.
+- **Community Discussions**: Join our [developer forum](https://github.com/duendesoftware/community).
+