Update OpenIddictServerDataProtectionFormatter/OpenIddictValidationDataProtectionFormatter.ReadToken() to never return a null value

5 years ago · 1966101587
4 changed files with 6 additions and 22 deletions
--- a/src/OpenIddict.Server.DataProtection/IOpenIddictServerDataProtectionFormatter.cs
+++ b/src/OpenIddict.Server.DataProtection/IOpenIddictServerDataProtectionFormatter.cs
@ -11,7 +11,7 @@ namespace OpenIddict.Server.DataProtection
 {
    public interface IOpenIddictServerDataProtectionFormatter
    {
-        ClaimsPrincipal? ReadToken(BinaryReader reader);
+        ClaimsPrincipal ReadToken(BinaryReader reader);
        void WriteToken(BinaryWriter writer, ClaimsPrincipal principal);
    }
 }
--- a/src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionFormatter.cs
+++ b/src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionFormatter.cs
@ -22,7 +22,7 @@ namespace OpenIddict.Server.DataProtection
 {
    public class OpenIddictServerDataProtectionFormatter : IOpenIddictServerDataProtectionFormatter
    {
-        public ClaimsPrincipal? ReadToken(BinaryReader reader)
+        public ClaimsPrincipal ReadToken(BinaryReader reader)
        {
            if (reader is null)
            {
@ -30,10 +30,6 @@ namespace OpenIddict.Server.DataProtection
            }

            var (principal, properties) = Read(reader);
-            if (principal is null)
-            {
-                return null;
-            }

            // Tokens serialized using the ASP.NET Core Data Protection stack are compound
            // of both claims and special authentication properties. To ensure existing tokens
@ -61,7 +57,7 @@ namespace OpenIddict.Server.DataProtection
                .SetClaim(Claims.Private.TokenId, GetProperty(properties, Properties.InternalTokenId))
                .SetClaim(Claims.Private.UserCodeLifetime, GetProperty(properties, Properties.UserCodeLifetime));

-            static (ClaimsPrincipal? principal, IReadOnlyDictionary<string, string> properties) Read(BinaryReader reader)
+            static (ClaimsPrincipal principal, IReadOnlyDictionary<string, string> properties) Read(BinaryReader reader)
            {
                // Read the version of the format used to serialize the ticket.
                var version = reader.ReadInt32();
@ -75,10 +71,6 @@ namespace OpenIddict.Server.DataProtection

                // Read the number of identities stored in the serialized payload.
                var count = reader.ReadInt32();
-                if (count < 0)
-                {
-                    return (null, ImmutableDictionary.Create<string, string>());
-                }

                var identities = new ClaimsIdentity[count];
                for (var index = 0; index != count; ++index)
--- a/src/OpenIddict.Validation.DataProtection/IOpenIddictValidationDataProtectionFormatter.cs
+++ b/src/OpenIddict.Validation.DataProtection/IOpenIddictValidationDataProtectionFormatter.cs
@ -11,6 +11,6 @@ namespace OpenIddict.Validation.DataProtection
 {
    public interface IOpenIddictValidationDataProtectionFormatter
    {
-        ClaimsPrincipal? ReadToken(BinaryReader reader);
+        ClaimsPrincipal ReadToken(BinaryReader reader);
    }
 }
--- a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionFormatter.cs
+++ b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionFormatter.cs
@ -19,7 +19,7 @@ namespace OpenIddict.Validation.DataProtection
 {
    public class OpenIddictValidationDataProtectionFormatter : IOpenIddictValidationDataProtectionFormatter
    {
-        public ClaimsPrincipal? ReadToken(BinaryReader reader)
+        public ClaimsPrincipal ReadToken(BinaryReader reader)
        {
            if (reader is null)
            {
@ -27,10 +27,6 @@ namespace OpenIddict.Validation.DataProtection
            }

            var (principal, properties) = Read(reader);
-            if (principal is null)
-            {
-                return null;
-            }

            // Tokens serialized using the ASP.NET Core Data Protection stack are compound
            // of both claims and special authentication properties. To ensure existing tokens
@ -58,7 +54,7 @@ namespace OpenIddict.Validation.DataProtection
                .SetClaim(Claims.Private.TokenId, GetProperty(properties, Properties.InternalTokenId))
                .SetClaim(Claims.Private.UserCodeLifetime, GetProperty(properties, Properties.UserCodeLifetime));

-            static (ClaimsPrincipal? principal, IReadOnlyDictionary<string, string> properties) Read(BinaryReader reader)
+            static (ClaimsPrincipal principal, IReadOnlyDictionary<string, string> properties) Read(BinaryReader reader)
            {
                // Read the version of the format used to serialize the ticket.
                var version = reader.ReadInt32();
@ -72,10 +68,6 @@ namespace OpenIddict.Validation.DataProtection

                // Read the number of identities stored in the serialized payload.
                var count = reader.ReadInt32();
-                if (count < 0)
-                {
-                    return (null, ImmutableDictionary.Create<string, string>());
-                }

                var identities = new ClaimsIdentity[count];
                for (var index = 0; index != count; ++index)