From 196610158752de05e6b1d974d5cbbcb58fb51d13 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Chalet?= Date: Wed, 23 Dec 2020 21:22:37 +0100 Subject: [PATCH] Update OpenIddictServerDataProtectionFormatter/OpenIddictValidationDataProtectionFormatter.ReadToken() to never return a null value --- .../IOpenIddictServerDataProtectionFormatter.cs | 2 +- .../OpenIddictServerDataProtectionFormatter.cs | 12 ++---------- .../IOpenIddictValidationDataProtectionFormatter.cs | 2 +- .../OpenIddictValidationDataProtectionFormatter.cs | 12 ++---------- 4 files changed, 6 insertions(+), 22 deletions(-) diff --git a/src/OpenIddict.Server.DataProtection/IOpenIddictServerDataProtectionFormatter.cs b/src/OpenIddict.Server.DataProtection/IOpenIddictServerDataProtectionFormatter.cs index bf28a9d6..91425c16 100644 --- a/src/OpenIddict.Server.DataProtection/IOpenIddictServerDataProtectionFormatter.cs +++ b/src/OpenIddict.Server.DataProtection/IOpenIddictServerDataProtectionFormatter.cs @@ -11,7 +11,7 @@ namespace OpenIddict.Server.DataProtection { public interface IOpenIddictServerDataProtectionFormatter { - ClaimsPrincipal? ReadToken(BinaryReader reader); + ClaimsPrincipal ReadToken(BinaryReader reader); void WriteToken(BinaryWriter writer, ClaimsPrincipal principal); } } \ No newline at end of file diff --git a/src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionFormatter.cs b/src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionFormatter.cs index 850bb211..2cc0fedf 100644 --- a/src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionFormatter.cs +++ b/src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionFormatter.cs @@ -22,7 +22,7 @@ namespace OpenIddict.Server.DataProtection { public class OpenIddictServerDataProtectionFormatter : IOpenIddictServerDataProtectionFormatter { - public ClaimsPrincipal? ReadToken(BinaryReader reader) + public ClaimsPrincipal ReadToken(BinaryReader reader) { if (reader is null) { @@ -30,10 +30,6 @@ namespace OpenIddict.Server.DataProtection } var (principal, properties) = Read(reader); - if (principal is null) - { - return null; - } // Tokens serialized using the ASP.NET Core Data Protection stack are compound // of both claims and special authentication properties. To ensure existing tokens @@ -61,7 +57,7 @@ namespace OpenIddict.Server.DataProtection .SetClaim(Claims.Private.TokenId, GetProperty(properties, Properties.InternalTokenId)) .SetClaim(Claims.Private.UserCodeLifetime, GetProperty(properties, Properties.UserCodeLifetime)); - static (ClaimsPrincipal? principal, IReadOnlyDictionary properties) Read(BinaryReader reader) + static (ClaimsPrincipal principal, IReadOnlyDictionary properties) Read(BinaryReader reader) { // Read the version of the format used to serialize the ticket. var version = reader.ReadInt32(); @@ -75,10 +71,6 @@ namespace OpenIddict.Server.DataProtection // Read the number of identities stored in the serialized payload. var count = reader.ReadInt32(); - if (count < 0) - { - return (null, ImmutableDictionary.Create()); - } var identities = new ClaimsIdentity[count]; for (var index = 0; index != count; ++index) diff --git a/src/OpenIddict.Validation.DataProtection/IOpenIddictValidationDataProtectionFormatter.cs b/src/OpenIddict.Validation.DataProtection/IOpenIddictValidationDataProtectionFormatter.cs index 7ff57c03..76a59a7b 100644 --- a/src/OpenIddict.Validation.DataProtection/IOpenIddictValidationDataProtectionFormatter.cs +++ b/src/OpenIddict.Validation.DataProtection/IOpenIddictValidationDataProtectionFormatter.cs @@ -11,6 +11,6 @@ namespace OpenIddict.Validation.DataProtection { public interface IOpenIddictValidationDataProtectionFormatter { - ClaimsPrincipal? ReadToken(BinaryReader reader); + ClaimsPrincipal ReadToken(BinaryReader reader); } } \ No newline at end of file diff --git a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionFormatter.cs b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionFormatter.cs index 9d73173d..7e9a199e 100644 --- a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionFormatter.cs +++ b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionFormatter.cs @@ -19,7 +19,7 @@ namespace OpenIddict.Validation.DataProtection { public class OpenIddictValidationDataProtectionFormatter : IOpenIddictValidationDataProtectionFormatter { - public ClaimsPrincipal? ReadToken(BinaryReader reader) + public ClaimsPrincipal ReadToken(BinaryReader reader) { if (reader is null) { @@ -27,10 +27,6 @@ namespace OpenIddict.Validation.DataProtection } var (principal, properties) = Read(reader); - if (principal is null) - { - return null; - } // Tokens serialized using the ASP.NET Core Data Protection stack are compound // of both claims and special authentication properties. To ensure existing tokens @@ -58,7 +54,7 @@ namespace OpenIddict.Validation.DataProtection .SetClaim(Claims.Private.TokenId, GetProperty(properties, Properties.InternalTokenId)) .SetClaim(Claims.Private.UserCodeLifetime, GetProperty(properties, Properties.UserCodeLifetime)); - static (ClaimsPrincipal? principal, IReadOnlyDictionary properties) Read(BinaryReader reader) + static (ClaimsPrincipal principal, IReadOnlyDictionary properties) Read(BinaryReader reader) { // Read the version of the format used to serialize the ticket. var version = reader.ReadInt32(); @@ -72,10 +68,6 @@ namespace OpenIddict.Validation.DataProtection // Read the number of identities stored in the serialized payload. var count = reader.ReadInt32(); - if (count < 0) - { - return (null, ImmutableDictionary.Create()); - } var identities = new ClaimsIdentity[count]; for (var index = 0; index != count; ++index)