diff --git a/src/OpenIddict.Validation.AspNetCore/OpenIddict.Validation.AspNetCore.csproj b/src/OpenIddict.Validation.AspNetCore/OpenIddict.Validation.AspNetCore.csproj index e4157c31..69713ce7 100644 --- a/src/OpenIddict.Validation.AspNetCore/OpenIddict.Validation.AspNetCore.csproj +++ b/src/OpenIddict.Validation.AspNetCore/OpenIddict.Validation.AspNetCore.csproj @@ -2,6 +2,7 @@ net461;netcoreapp2.1;netcoreapp3.1 + enable @@ -14,12 +15,12 @@ + Condition=" '$(TargetFrameworkIdentifier)' == '.NETCoreApp' And $([MSBuild]::VersionGreaterThanOrEquals($(TargetFrameworkVersion), '3.0')) "> + Condition=" '$(TargetFrameworkIdentifier)' != '.NETCoreApp' Or $([MSBuild]::VersionLessThan($(TargetFrameworkVersion), '3.0')) "> diff --git a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreBuilder.cs b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreBuilder.cs index 6dc5146a..ed47e11b 100644 --- a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreBuilder.cs +++ b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreBuilder.cs @@ -6,7 +6,6 @@ using System; using System.ComponentModel; -using JetBrains.Annotations; using OpenIddict.Validation.AspNetCore; using SR = OpenIddict.Abstractions.OpenIddictResources; @@ -22,7 +21,7 @@ namespace Microsoft.Extensions.DependencyInjection /// Initializes a new instance of . /// /// The services collection. - public OpenIddictValidationAspNetCoreBuilder([NotNull] IServiceCollection services) + public OpenIddictValidationAspNetCoreBuilder(IServiceCollection services) => Services = services ?? throw new ArgumentNullException(nameof(services)); /// @@ -37,7 +36,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The delegate used to configure the OpenIddict options. /// This extension can be safely called multiple times. /// The . - public OpenIddictValidationAspNetCoreBuilder Configure([NotNull] Action configuration) + public OpenIddictValidationAspNetCoreBuilder Configure(Action configuration) { if (configuration == null) { @@ -54,7 +53,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The issuer address. /// The . - public OpenIddictValidationAspNetCoreBuilder SetRealm([NotNull] string realm) + public OpenIddictValidationAspNetCoreBuilder SetRealm(string realm) { if (string.IsNullOrEmpty(realm)) { @@ -70,7 +69,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The object to compare with the current object. /// true if the specified object is equal to the current object; otherwise, false. [EditorBrowsable(EditorBrowsableState.Never)] - public override bool Equals([CanBeNull] object obj) => base.Equals(obj); + public override bool Equals(object? obj) => base.Equals(obj); /// /// Serves as the default hash function. @@ -84,6 +83,6 @@ namespace Microsoft.Extensions.DependencyInjection /// /// A string that represents the current object. [EditorBrowsable(EditorBrowsableState.Never)] - public override string ToString() => base.ToString(); + public override string? ToString() => base.ToString(); } } diff --git a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreConfiguration.cs b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreConfiguration.cs index acffa8fd..f854067e 100644 --- a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreConfiguration.cs +++ b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreConfiguration.cs @@ -5,7 +5,7 @@ */ using System; -using JetBrains.Annotations; +using System.Collections.Generic; using Microsoft.AspNetCore.Authentication; using Microsoft.Extensions.Options; using SR = OpenIddict.Abstractions.OpenIddictResources; @@ -23,7 +23,7 @@ namespace OpenIddict.Validation.AspNetCore /// Registers the OpenIddict validation handler in the global authentication options. /// /// The options instance to initialize. - public void Configure([NotNull] AuthenticationOptions options) + public void Configure(AuthenticationOptions options) { if (options == null) { @@ -41,7 +41,7 @@ namespace OpenIddict.Validation.AspNetCore OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme, displayName: null); } - public void Configure([NotNull] OpenIddictValidationOptions options) + public void Configure(OpenIddictValidationOptions options) { if (options == null) { @@ -57,28 +57,29 @@ namespace OpenIddict.Validation.AspNetCore /// /// The name of the options instance to configure, if applicable. /// The options instance to initialize. - public void PostConfigure([CanBeNull] string name, [NotNull] AuthenticationOptions options) + public void PostConfigure(string name, AuthenticationOptions options) { if (options == null) { throw new ArgumentNullException(nameof(options)); } - bool TryValidate(string scheme) + if (!TryValidate(options.SchemeMap, options.DefaultSignInScheme) || + !TryValidate(options.SchemeMap, options.DefaultSignOutScheme)) + { + throw new InvalidOperationException(SR.GetResourceString(SR.ID1164)); + } + + static bool TryValidate(IDictionary map, string? scheme) { // If the scheme was not set or if it cannot be found in the map, return true. - if (string.IsNullOrEmpty(scheme) || !options.SchemeMap.TryGetValue(scheme, out var builder)) + if (string.IsNullOrEmpty(scheme) || !map.TryGetValue(scheme, out var builder)) { return true; } return builder.HandlerType != typeof(OpenIddictValidationAspNetCoreHandler); } - - if (!TryValidate(options.DefaultSignInScheme) || !TryValidate(options.DefaultSignOutScheme)) - { - throw new InvalidOperationException(SR.GetResourceString(SR.ID1164)); - } } } } diff --git a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreExtensions.cs b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreExtensions.cs index d5270d30..78ebd55c 100644 --- a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreExtensions.cs +++ b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreExtensions.cs @@ -6,7 +6,6 @@ using System; using System.Linq; -using JetBrains.Annotations; using Microsoft.AspNetCore.Authentication; using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.Extensions.Options; @@ -28,7 +27,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The services builder used by OpenIddict to register new services. /// This extension can be safely called multiple times. /// The . - public static OpenIddictValidationAspNetCoreBuilder UseAspNetCore([NotNull] this OpenIddictValidationBuilder builder) + public static OpenIddictValidationAspNetCoreBuilder UseAspNetCore(this OpenIddictValidationBuilder builder) { if (builder == null) { @@ -67,8 +66,7 @@ namespace Microsoft.Extensions.DependencyInjection /// This extension can be safely called multiple times. /// The . public static OpenIddictValidationBuilder UseAspNetCore( - [NotNull] this OpenIddictValidationBuilder builder, - [NotNull] Action configuration) + this OpenIddictValidationBuilder builder, Action configuration) { if (builder == null) { diff --git a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreFeature.cs b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreFeature.cs index 5e07e916..bcb99ac7 100644 --- a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreFeature.cs +++ b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreFeature.cs @@ -15,6 +15,6 @@ namespace OpenIddict.Validation.AspNetCore /// Gets or sets the validation transaction that encapsulates all specific /// information about an individual OpenID Connect validation request. /// - public OpenIddictValidationTransaction Transaction { get; set; } + public OpenIddictValidationTransaction? Transaction { get; set; } } } diff --git a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandler.cs b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandler.cs index b4488414..cbd4e3c0 100644 --- a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandler.cs +++ b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandler.cs @@ -6,9 +6,9 @@ using System; using System.Collections.Generic; +using System.Diagnostics; using System.Text.Encodings.Web; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Http; using Microsoft.Extensions.Logging; @@ -33,18 +33,19 @@ namespace OpenIddict.Validation.AspNetCore /// Creates a new instance of the class. /// public OpenIddictValidationAspNetCoreHandler( - [NotNull] IOpenIddictValidationDispatcher dispatcher, - [NotNull] IOpenIddictValidationFactory factory, - [NotNull] IOptionsMonitor options, - [NotNull] ILoggerFactory logger, - [NotNull] UrlEncoder encoder, - [NotNull] ISystemClock clock) + IOpenIddictValidationDispatcher dispatcher, + IOpenIddictValidationFactory factory, + IOptionsMonitor options, + ILoggerFactory logger, + UrlEncoder encoder, + ISystemClock clock) : base(options, logger, encoder, clock) { _dispatcher = dispatcher; _factory = factory; } + /// public async Task HandleRequestAsync() { // Note: the transaction may be already attached when replaying an ASP.NET Core request @@ -54,7 +55,7 @@ namespace OpenIddict.Validation.AspNetCore { // Create a new transaction and attach the HTTP request to make it available to the ASP.NET Core handlers. transaction = await _factory.CreateTransactionAsync(); - transaction.Properties[typeof(HttpRequest).FullName] = new WeakReference(Request); + transaction.Properties[typeof(HttpRequest).FullName!] = new WeakReference(Request); // Attach the OpenIddict validation transaction to the ASP.NET Core features // so that it can retrieved while performing challenge/forbid operations. @@ -104,6 +105,7 @@ namespace OpenIddict.Validation.AspNetCore return false; } + /// protected override async Task HandleAuthenticateAsync() { var transaction = Context.Features.Get()?.Transaction ?? @@ -112,7 +114,7 @@ namespace OpenIddict.Validation.AspNetCore // Note: in many cases, the authentication token was already validated by the time this action is called // (generally later in the pipeline, when using the pass-through mode). To avoid having to re-validate it, // the authentication context is resolved from the transaction. If it's not available, a new one is created. - var context = transaction.GetProperty(typeof(ProcessAuthenticationContext).FullName); + var context = transaction.GetProperty(typeof(ProcessAuthenticationContext).FullName!); if (context == null) { context = new ProcessAuthenticationContext(transaction); @@ -120,7 +122,7 @@ namespace OpenIddict.Validation.AspNetCore // Store the context object in the transaction so it can be later retrieved by handlers // that want to access the authentication result without triggering a new authentication flow. - transaction.SetProperty(typeof(ProcessAuthenticationContext).FullName, context); + transaction.SetProperty(typeof(ProcessAuthenticationContext).FullName!, context); } if (context.IsRequestHandled || context.IsRequestSkipped) @@ -138,7 +140,7 @@ namespace OpenIddict.Validation.AspNetCore return AuthenticateResult.NoResult(); } - var properties = new AuthenticationProperties(new Dictionary + var properties = new AuthenticationProperties(new Dictionary { [OpenIddictValidationAspNetCoreConstants.Properties.Error] = context.Error, [OpenIddictValidationAspNetCoreConstants.Properties.ErrorDescription] = context.ErrorDescription, @@ -150,6 +152,10 @@ namespace OpenIddict.Validation.AspNetCore else { + Debug.Assert(context.Principal != null, SR.GetResourceString(SR.ID5006)); + Debug.Assert(!string.IsNullOrEmpty(context.Principal.GetTokenType()), SR.GetResourceString(SR.ID5009)); + Debug.Assert(!string.IsNullOrEmpty(context.Token), SR.GetResourceString(SR.ID5010)); + // Store the token to allow any ASP.NET Core component (e.g a controller) // to retrieve it (e.g to make an API request to another application). var properties = new AuthenticationProperties(); @@ -157,7 +163,7 @@ namespace OpenIddict.Validation.AspNetCore { new AuthenticationToken { - Name = context.TokenType, + Name = context.Principal.GetTokenType(), Value = context.Token } }); @@ -168,12 +174,13 @@ namespace OpenIddict.Validation.AspNetCore } } - protected override async Task HandleChallengeAsync([CanBeNull] AuthenticationProperties properties) + /// + protected override async Task HandleChallengeAsync(AuthenticationProperties? properties) { var transaction = Context.Features.Get()?.Transaction ?? throw new InvalidOperationException(SR.GetResourceString(SR.ID1165)); - transaction.Properties[typeof(AuthenticationProperties).FullName] = properties ?? new AuthenticationProperties(); + transaction.Properties[typeof(AuthenticationProperties).FullName!] = properties ?? new AuthenticationProperties(); var context = new ProcessChallengeContext(transaction) { @@ -210,7 +217,8 @@ namespace OpenIddict.Validation.AspNetCore } } - protected override Task HandleForbiddenAsync([CanBeNull] AuthenticationProperties properties) + /// + protected override Task HandleForbiddenAsync(AuthenticationProperties? properties) => HandleChallengeAsync(properties); } } diff --git a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlerFilters.cs b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlerFilters.cs index aaf06181..fb899d11 100644 --- a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlerFilters.cs +++ b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlerFilters.cs @@ -7,7 +7,6 @@ using System; using System.ComponentModel; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.AspNetCore; using static OpenIddict.Validation.OpenIddictValidationEvents; @@ -24,7 +23,7 @@ namespace OpenIddict.Validation.AspNetCore /// public class RequireHttpRequest : IOpenIddictValidationHandlerFilter { - public ValueTask IsActiveAsync([NotNull] BaseContext context) + public ValueTask IsActiveAsync(BaseContext context) { if (context == null) { diff --git a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlers.cs b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlers.cs index 41513256..afd1b7f9 100644 --- a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlers.cs +++ b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlers.cs @@ -8,12 +8,12 @@ using System; using System.Collections.Generic; using System.Collections.Immutable; using System.ComponentModel; +using System.Diagnostics; using System.IO; using System.Text; using System.Text.Encodings.Web; using System.Text.Json; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.AspNetCore; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Http; @@ -82,14 +82,8 @@ namespace OpenIddict.Validation.AspNetCore .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessRequestContext context) + /// + public ValueTask HandleAsync(ProcessRequestContext context) { if (context == null) { @@ -120,7 +114,7 @@ namespace OpenIddict.Validation.AspNetCore return default; } - if (!Uri.TryCreate(request.Scheme + "://" + request.Host + request.PathBase, UriKind.Absolute, out Uri issuer) || + if (!Uri.TryCreate(request.Scheme + "://" + request.Host + request.PathBase, UriKind.Absolute, out Uri? issuer) || !issuer.IsWellFormedOriginalString()) { context.Reject( @@ -153,14 +147,8 @@ namespace OpenIddict.Validation.AspNetCore .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -213,14 +201,8 @@ namespace OpenIddict.Validation.AspNetCore .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public async ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public async ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -277,14 +259,8 @@ namespace OpenIddict.Validation.AspNetCore .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -336,21 +312,15 @@ namespace OpenIddict.Validation.AspNetCore .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessChallengeContext context) + /// + public ValueTask HandleAsync(ProcessChallengeContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } - var properties = context.Transaction.GetProperty(typeof(AuthenticationProperties).FullName); + var properties = context.Transaction.GetProperty(typeof(AuthenticationProperties).FullName!); if (properties != null) { context.Response.Error = properties.GetString(Properties.Error); @@ -380,20 +350,16 @@ namespace OpenIddict.Validation.AspNetCore .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } + Debug.Assert(context.Transaction.Response != null, SR.GetResourceString(SR.ID5007)); + // This handler only applies to ASP.NET Core requests. If the HTTP context cannot be resolved, // this may indicate that the request was incorrectly processed by another server stack. var response = context.Transaction.GetHttpRequest()?.HttpContext.Response; @@ -402,7 +368,7 @@ namespace OpenIddict.Validation.AspNetCore throw new InvalidOperationException(SR.GetResourceString(SR.ID1113)); } - response.StatusCode = context.Response.Error switch + response.StatusCode = context.Transaction.Response.Error switch { null => 200, @@ -436,14 +402,8 @@ namespace OpenIddict.Validation.AspNetCore .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { @@ -475,7 +435,7 @@ namespace OpenIddict.Validation.AspNetCore { private readonly IOptionsMonitor _options; - public AttachWwwAuthenticateHeader([NotNull] IOptionsMonitor options) + public AttachWwwAuthenticateHeader(IOptionsMonitor options) => _options = options; /// @@ -489,20 +449,16 @@ namespace OpenIddict.Validation.AspNetCore .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } + Debug.Assert(context.Transaction.Response != null, SR.GetResourceString(SR.ID5007)); + // This handler only applies to ASP.NET Core requests. If the HTTP context cannot be resolved, // this may indicate that the request was incorrectly processed by another server stack. var response = context.Transaction.GetHttpRequest()?.HttpContext.Response; @@ -511,7 +467,7 @@ namespace OpenIddict.Validation.AspNetCore throw new InvalidOperationException(SR.GetResourceString(SR.ID1113)); } - var scheme = context.Response.Error switch + var scheme = context.Transaction.Response.Error switch { Errors.InvalidToken => Schemes.Bearer, Errors.MissingToken => Schemes.Bearer, @@ -534,11 +490,11 @@ namespace OpenIddict.Validation.AspNetCore parameters[Parameters.Realm] = _options.CurrentValue.Realm; } - foreach (var parameter in context.Response.GetParameters()) + foreach (var parameter in context.Transaction.Response.GetParameters()) { // Note: the error details are only included if the error was not caused by a missing token, as recommended // by the OAuth 2.0 bearer specification: https://tools.ietf.org/html/rfc6750#section-3.1. - if (string.Equals(context.Response.Error, Errors.MissingToken, StringComparison.Ordinal) && + if (string.Equals(context.Transaction.Response.Error, Errors.MissingToken, StringComparison.Ordinal) && (string.Equals(parameter.Key, Parameters.Error, StringComparison.Ordinal) || string.Equals(parameter.Key, Parameters.ErrorDescription, StringComparison.Ordinal) || string.Equals(parameter.Key, Parameters.ErrorUri, StringComparison.Ordinal))) @@ -547,7 +503,7 @@ namespace OpenIddict.Validation.AspNetCore } // Ignore values that can't be represented as unique strings. - var value = (string) parameter.Value; + var value = (string?) parameter.Value; if (string.IsNullOrEmpty(value)) { continue; @@ -598,14 +554,8 @@ namespace OpenIddict.Validation.AspNetCore .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { @@ -626,7 +576,7 @@ namespace OpenIddict.Validation.AspNetCore return default; } - context.Logger.LogInformation(SR.GetResourceString(SR.ID7141), context.Response); + context.Logger.LogInformation(SR.GetResourceString(SR.ID7141), context.Transaction.Response); context.HandleRequest(); return default; @@ -650,14 +600,8 @@ namespace OpenIddict.Validation.AspNetCore .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public async ValueTask HandleAsync([NotNull] TContext context) + /// + public async ValueTask HandleAsync(TContext context) { if (context == null) { @@ -672,10 +616,10 @@ namespace OpenIddict.Validation.AspNetCore throw new InvalidOperationException(SR.GetResourceString(SR.ID1113)); } - context.Logger.LogInformation(SR.GetResourceString(SR.ID7142), context.Response); + context.Logger.LogInformation(SR.GetResourceString(SR.ID7142), context.Transaction.Response); using var stream = new MemoryStream(); - await JsonSerializer.SerializeAsync(stream, context.Response, new JsonSerializerOptions + await JsonSerializer.SerializeAsync(stream, context.Transaction.Response, new JsonSerializerOptions { Encoder = JavaScriptEncoder.UnsafeRelaxedJsonEscaping, WriteIndented = false diff --git a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHelpers.cs b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHelpers.cs index 2facfb68..a0365ae2 100644 --- a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHelpers.cs +++ b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHelpers.cs @@ -5,7 +5,6 @@ */ using System; -using JetBrains.Annotations; using Microsoft.AspNetCore.Http; using OpenIddict.Abstractions; using OpenIddict.Validation; @@ -24,19 +23,19 @@ namespace Microsoft.AspNetCore /// /// The transaction instance. /// The instance or null if it couldn't be found. - public static HttpRequest GetHttpRequest([NotNull] this OpenIddictValidationTransaction transaction) + public static HttpRequest? GetHttpRequest(this OpenIddictValidationTransaction transaction) { if (transaction == null) { throw new ArgumentNullException(nameof(transaction)); } - if (!transaction.Properties.TryGetValue(typeof(HttpRequest).FullName, out object property)) + if (!transaction.Properties.TryGetValue(typeof(HttpRequest).FullName!, out object? property)) { return null; } - if (property is WeakReference reference && reference.TryGetTarget(out HttpRequest request)) + if (property is WeakReference reference && reference.TryGetTarget(out HttpRequest? request)) { return request; } @@ -49,7 +48,7 @@ namespace Microsoft.AspNetCore /// /// The context instance. /// The . - public static OpenIddictValidationEndpointType GetOpenIddictValidationEndpointType([NotNull] this HttpContext context) + public static OpenIddictValidationEndpointType GetOpenIddictValidationEndpointType(this HttpContext context) { if (context == null) { @@ -64,7 +63,7 @@ namespace Microsoft.AspNetCore /// /// The context instance. /// The instance or null if it couldn't be found. - public static OpenIddictRequest GetOpenIddictValidationRequest([NotNull] this HttpContext context) + public static OpenIddictRequest? GetOpenIddictValidationRequest(this HttpContext context) { if (context == null) { @@ -79,7 +78,7 @@ namespace Microsoft.AspNetCore /// /// The context instance. /// The instance or null if it couldn't be found. - public static OpenIddictResponse GetOpenIddictValidationResponse([NotNull] this HttpContext context) + public static OpenIddictResponse? GetOpenIddictValidationResponse(this HttpContext context) { if (context == null) { diff --git a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreOptions.cs b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreOptions.cs index 37577ef1..3e0625df 100644 --- a/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreOptions.cs +++ b/src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreOptions.cs @@ -14,9 +14,8 @@ namespace OpenIddict.Validation.AspNetCore public class OpenIddictValidationAspNetCoreOptions : AuthenticationSchemeOptions { /// - /// Gets or sets the optional "realm" value returned to - /// the caller as part of the WWW-Authenticate header. + /// Gets or sets the optional "realm" value returned to the caller as part of the WWW-Authenticate header. /// - public string Realm { get; set; } + public string? Realm { get; set; } } } diff --git a/src/OpenIddict.Validation.DataProtection/IOpenIddictValidationDataProtectionFormatter.cs b/src/OpenIddict.Validation.DataProtection/IOpenIddictValidationDataProtectionFormatter.cs index 8fa709fc..7ff57c03 100644 --- a/src/OpenIddict.Validation.DataProtection/IOpenIddictValidationDataProtectionFormatter.cs +++ b/src/OpenIddict.Validation.DataProtection/IOpenIddictValidationDataProtectionFormatter.cs @@ -6,12 +6,11 @@ using System.IO; using System.Security.Claims; -using JetBrains.Annotations; namespace OpenIddict.Validation.DataProtection { public interface IOpenIddictValidationDataProtectionFormatter { - ClaimsPrincipal ReadToken([NotNull] BinaryReader reader); + ClaimsPrincipal? ReadToken(BinaryReader reader); } } \ No newline at end of file diff --git a/src/OpenIddict.Validation.DataProtection/OpenIddict.Validation.DataProtection.csproj b/src/OpenIddict.Validation.DataProtection/OpenIddict.Validation.DataProtection.csproj index 4d391679..1f6a4a34 100644 --- a/src/OpenIddict.Validation.DataProtection/OpenIddict.Validation.DataProtection.csproj +++ b/src/OpenIddict.Validation.DataProtection/OpenIddict.Validation.DataProtection.csproj @@ -2,6 +2,7 @@ net461;netcoreapp3.1;netstandard2.0;netstandard2.1 + enable @@ -14,12 +15,12 @@ + Condition=" '$(TargetFrameworkIdentifier)' == '.NETCoreApp' And $([MSBuild]::VersionGreaterThanOrEquals($(TargetFrameworkVersion), '3.0')) "> + Condition=" '$(TargetFrameworkIdentifier)' != '.NETCoreApp' Or $([MSBuild]::VersionLessThan($(TargetFrameworkVersion), '3.0')) "> diff --git a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionBuilder.cs b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionBuilder.cs index 3f7e3afa..4faee373 100644 --- a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionBuilder.cs +++ b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionBuilder.cs @@ -6,7 +6,6 @@ using System; using System.ComponentModel; -using JetBrains.Annotations; using Microsoft.AspNetCore.DataProtection; using OpenIddict.Validation.DataProtection; @@ -22,7 +21,7 @@ namespace Microsoft.Extensions.DependencyInjection /// Initializes a new instance of . /// /// The services collection. - public OpenIddictValidationDataProtectionBuilder([NotNull] IServiceCollection services) + public OpenIddictValidationDataProtectionBuilder(IServiceCollection services) => Services = services ?? throw new ArgumentNullException(nameof(services)); /// @@ -37,7 +36,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The delegate used to configure the OpenIddict options. /// This extension can be safely called multiple times. /// The . - public OpenIddictValidationDataProtectionBuilder Configure([NotNull] Action configuration) + public OpenIddictValidationDataProtectionBuilder Configure(Action configuration) { if (configuration == null) { @@ -55,7 +54,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The data protection provider used to create token protectors. /// The . - public OpenIddictValidationDataProtectionBuilder UseDataProtectionProvider([NotNull] IDataProtectionProvider provider) + public OpenIddictValidationDataProtectionBuilder UseDataProtectionProvider(IDataProtectionProvider provider) { if (provider == null) { @@ -70,7 +69,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The formatter used to read tokens. /// The . - public OpenIddictValidationDataProtectionBuilder UseFormatter([NotNull] IOpenIddictValidationDataProtectionFormatter formatter) + public OpenIddictValidationDataProtectionBuilder UseFormatter(IOpenIddictValidationDataProtectionFormatter formatter) { if (formatter == null) { @@ -86,7 +85,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The object to compare with the current object. /// true if the specified object is equal to the current object; otherwise, false. [EditorBrowsable(EditorBrowsableState.Never)] - public override bool Equals([CanBeNull] object obj) => base.Equals(obj); + public override bool Equals(object? obj) => base.Equals(obj); /// /// Serves as the default hash function. @@ -100,6 +99,6 @@ namespace Microsoft.Extensions.DependencyInjection /// /// A string that represents the current object. [EditorBrowsable(EditorBrowsableState.Never)] - public override string ToString() => base.ToString(); + public override string? ToString() => base.ToString(); } } diff --git a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionConfiguration.cs b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionConfiguration.cs index 43d98a00..09fab289 100644 --- a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionConfiguration.cs +++ b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionConfiguration.cs @@ -5,7 +5,6 @@ */ using System; -using JetBrains.Annotations; using Microsoft.AspNetCore.DataProtection; using Microsoft.Extensions.Options; @@ -23,10 +22,10 @@ namespace OpenIddict.Validation.DataProtection /// Creates a new instance of the class. /// /// The ASP.NET Core Data Protection provider. - public OpenIddictValidationDataProtectionConfiguration([NotNull] IDataProtectionProvider dataProtectionProvider) + public OpenIddictValidationDataProtectionConfiguration(IDataProtectionProvider dataProtectionProvider) => _dataProtectionProvider = dataProtectionProvider; - public void Configure([NotNull] OpenIddictValidationOptions options) + public void Configure(OpenIddictValidationOptions options) { if (options == null) { @@ -43,7 +42,7 @@ namespace OpenIddict.Validation.DataProtection /// /// The name of the options instance to configure, if applicable. /// The options instance to initialize. - public void PostConfigure([CanBeNull] string name, [NotNull] OpenIddictValidationDataProtectionOptions options) + public void PostConfigure(string name, OpenIddictValidationDataProtectionOptions options) { if (options == null) { diff --git a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionExtensions.cs b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionExtensions.cs index 7a535f78..a981126b 100644 --- a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionExtensions.cs +++ b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionExtensions.cs @@ -6,7 +6,6 @@ using System; using System.Linq; -using JetBrains.Annotations; using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.Extensions.Options; using OpenIddict.Validation; @@ -26,7 +25,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The services builder used by OpenIddict to register new services. /// This extension can be safely called multiple times. /// The . - public static OpenIddictValidationDataProtectionBuilder UseDataProtection([NotNull] this OpenIddictValidationBuilder builder) + public static OpenIddictValidationDataProtectionBuilder UseDataProtection(this OpenIddictValidationBuilder builder) { if (builder == null) { @@ -57,8 +56,7 @@ namespace Microsoft.Extensions.DependencyInjection /// This extension can be safely called multiple times. /// The . public static OpenIddictValidationBuilder UseDataProtection( - [NotNull] this OpenIddictValidationBuilder builder, - [NotNull] Action configuration) + this OpenIddictValidationBuilder builder, Action configuration) { if (builder == null) { diff --git a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionFormatter.cs b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionFormatter.cs index 2db0cc41..e3191c78 100644 --- a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionFormatter.cs +++ b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionFormatter.cs @@ -10,7 +10,6 @@ using System.Collections.Immutable; using System.IO; using System.Security.Claims; using System.Text.Json; -using JetBrains.Annotations; using OpenIddict.Abstractions; using static OpenIddict.Abstractions.OpenIddictConstants; using Properties = OpenIddict.Validation.DataProtection.OpenIddictValidationDataProtectionConstants.Properties; @@ -19,7 +18,7 @@ namespace OpenIddict.Validation.DataProtection { public class OpenIddictValidationDataProtectionFormatter : IOpenIddictValidationDataProtectionFormatter { - public ClaimsPrincipal ReadToken([NotNull] BinaryReader reader) + public ClaimsPrincipal? ReadToken(BinaryReader reader) { if (reader == null) { @@ -58,7 +57,7 @@ namespace OpenIddict.Validation.DataProtection .SetClaim(Claims.Private.TokenId, GetProperty(properties, Properties.InternalTokenId)) .SetClaim(Claims.Private.UserCodeLifetime, GetProperty(properties, Properties.UserCodeLifetime)); - static (ClaimsPrincipal principal, IReadOnlyDictionary properties) Read(BinaryReader reader) + static (ClaimsPrincipal? principal, IReadOnlyDictionary properties) Read(BinaryReader reader) { // Read the version of the format used to serialize the ticket. var version = reader.ReadInt32(); @@ -175,7 +174,7 @@ namespace OpenIddict.Validation.DataProtection return value; } - static string GetProperty(IReadOnlyDictionary properties, string name) + static string? GetProperty(IReadOnlyDictionary properties, string name) => properties.TryGetValue(name, out var value) ? value : null; static ImmutableArray GetArrayProperty(IReadOnlyDictionary properties, string name) diff --git a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionHandlers.cs b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionHandlers.cs index 1df7bf31..352ef3ec 100644 --- a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionHandlers.cs +++ b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionHandlers.cs @@ -9,7 +9,6 @@ using System.Collections.Immutable; using System.ComponentModel; using System.IO; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.AspNetCore.DataProtection; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; @@ -41,7 +40,7 @@ namespace OpenIddict.Validation.DataProtection { private readonly IOptionsMonitor _options; - public ValidateDataProtectionToken([NotNull] IOptionsMonitor options) + public ValidateDataProtectionToken(IOptionsMonitor options) => _options = options; /// @@ -54,14 +53,8 @@ namespace OpenIddict.Validation.DataProtection .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { diff --git a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionOptions.cs b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionOptions.cs index 6de8daba..71ff5c1a 100644 --- a/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionOptions.cs +++ b/src/OpenIddict.Validation.DataProtection/OpenIddictValidationDataProtectionOptions.cs @@ -20,7 +20,7 @@ namespace OpenIddict.Validation.DataProtection /// When this property is set to null, the data protection provider /// is directly retrieved from the dependency injection container. /// - public IDataProtectionProvider DataProtectionProvider { get; set; } + public IDataProtectionProvider DataProtectionProvider { get; set; } = default!; /// /// Gets or sets the formatter used to read Data Protection tokens. diff --git a/src/OpenIddict.Validation.Owin/OpenIddict.Validation.Owin.csproj b/src/OpenIddict.Validation.Owin/OpenIddict.Validation.Owin.csproj index c4cc10e6..9c827963 100644 --- a/src/OpenIddict.Validation.Owin/OpenIddict.Validation.Owin.csproj +++ b/src/OpenIddict.Validation.Owin/OpenIddict.Validation.Owin.csproj @@ -2,6 +2,7 @@ net461 + enable diff --git a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinBuilder.cs b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinBuilder.cs index 1411b0b4..3d0f26f3 100644 --- a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinBuilder.cs +++ b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinBuilder.cs @@ -6,7 +6,6 @@ using System; using System.ComponentModel; -using JetBrains.Annotations; using Microsoft.Owin.Security; using OpenIddict.Validation.Owin; using SR = OpenIddict.Abstractions.OpenIddictResources; @@ -23,7 +22,7 @@ namespace Microsoft.Extensions.DependencyInjection /// Initializes a new instance of . /// /// The services collection. - public OpenIddictValidationOwinBuilder([NotNull] IServiceCollection services) + public OpenIddictValidationOwinBuilder(IServiceCollection services) => Services = services ?? throw new ArgumentNullException(nameof(services)); /// @@ -38,7 +37,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The delegate used to configure the OpenIddict options. /// This extension can be safely called multiple times. /// The . - public OpenIddictValidationOwinBuilder Configure([NotNull] Action configuration) + public OpenIddictValidationOwinBuilder Configure(Action configuration) { if (configuration == null) { @@ -70,7 +69,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The issuer address. /// The . - public OpenIddictValidationOwinBuilder SetRealm([NotNull] string realm) + public OpenIddictValidationOwinBuilder SetRealm(string realm) { if (string.IsNullOrEmpty(realm)) { @@ -86,7 +85,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The object to compare with the current object. /// true if the specified object is equal to the current object; otherwise, false. [EditorBrowsable(EditorBrowsableState.Never)] - public override bool Equals([CanBeNull] object obj) => base.Equals(obj); + public override bool Equals(object? obj) => base.Equals(obj); /// /// Serves as the default hash function. @@ -100,6 +99,6 @@ namespace Microsoft.Extensions.DependencyInjection /// /// A string that represents the current object. [EditorBrowsable(EditorBrowsableState.Never)] - public override string ToString() => base.ToString(); + public override string? ToString() => base.ToString(); } } diff --git a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinConfiguration.cs b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinConfiguration.cs index aac32fb7..d68e2244 100644 --- a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinConfiguration.cs +++ b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinConfiguration.cs @@ -5,7 +5,6 @@ */ using System; -using JetBrains.Annotations; using Microsoft.Extensions.Options; namespace OpenIddict.Validation.Owin @@ -15,7 +14,7 @@ namespace OpenIddict.Validation.Owin /// public class OpenIddictValidationOwinConfiguration : IConfigureOptions { - public void Configure([NotNull] OpenIddictValidationOptions options) + public void Configure(OpenIddictValidationOptions options) { if (options == null) { diff --git a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinExtensions.cs b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinExtensions.cs index 3701e495..c5553f73 100644 --- a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinExtensions.cs +++ b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinExtensions.cs @@ -6,7 +6,6 @@ using System; using System.Linq; -using JetBrains.Annotations; using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.Extensions.Options; using OpenIddict.Validation; @@ -27,7 +26,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The services builder used by OpenIddict to register new services. /// This extension can be safely called multiple times. /// The . - public static OpenIddictValidationOwinBuilder UseOwin([NotNull] this OpenIddictValidationBuilder builder) + public static OpenIddictValidationOwinBuilder UseOwin(this OpenIddictValidationBuilder builder) { if (builder == null) { @@ -64,8 +63,7 @@ namespace Microsoft.Extensions.DependencyInjection /// This extension can be safely called multiple times. /// The . public static OpenIddictValidationBuilder UseOwin( - [NotNull] this OpenIddictValidationBuilder builder, - [NotNull] Action configuration) + this OpenIddictValidationBuilder builder, Action configuration) { if (builder == null) { diff --git a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandler.cs b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandler.cs index a239945f..50a06828 100644 --- a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandler.cs +++ b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandler.cs @@ -6,9 +6,9 @@ using System; using System.Collections.Generic; +using System.Diagnostics; using System.Security.Claims; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.Owin; using Microsoft.Owin.Security; using Microsoft.Owin.Security.Infrastructure; @@ -33,13 +33,14 @@ namespace OpenIddict.Validation.Owin /// The OpenIddict validation provider used by this instance. /// The OpenIddict validation factory used by this instance. public OpenIddictValidationOwinHandler( - [NotNull] IOpenIddictValidationDispatcher dispatcher, - [NotNull] IOpenIddictValidationFactory factory) + IOpenIddictValidationDispatcher dispatcher, + IOpenIddictValidationFactory factory) { _dispatcher = dispatcher; _factory = factory; } + /// protected override async Task InitializeCoreAsync() { // Note: the transaction may be already attached when replaying an OWIN request @@ -49,7 +50,7 @@ namespace OpenIddict.Validation.Owin { // Create a new transaction and attach the OWIN request to make it available to the OWIN handlers. transaction = await _factory.CreateTransactionAsync(); - transaction.Properties[typeof(IOwinRequest).FullName] = new WeakReference(Request); + transaction.Properties[typeof(IOwinRequest).FullName!] = new WeakReference(Request); // Attach the OpenIddict validation transaction to the OWIN shared dictionary // so that it can retrieved while performing sign-in/sign-out operations. @@ -60,9 +61,10 @@ namespace OpenIddict.Validation.Owin await _dispatcher.DispatchAsync(context); // Store the context in the transaction so that it can be retrieved from InvokeAsync(). - transaction.SetProperty(typeof(ProcessRequestContext).FullName, context); + transaction.SetProperty(typeof(ProcessRequestContext).FullName!, context); } + /// public override async Task InvokeAsync() { // Note: due to internal differences between ASP.NET Core and Katana, the request MUST start being processed @@ -72,7 +74,7 @@ namespace OpenIddict.Validation.Owin var transaction = Context.Get(typeof(OpenIddictValidationTransaction).FullName) ?? throw new InvalidOperationException(SR.GetResourceString(SR.ID1165)); - var context = transaction.GetProperty(typeof(ProcessRequestContext).FullName) ?? + var context = transaction.GetProperty(typeof(ProcessRequestContext).FullName!) ?? throw new InvalidOperationException(SR.GetResourceString(SR.ID1165)); if (context.IsRequestHandled) @@ -115,7 +117,8 @@ namespace OpenIddict.Validation.Owin return false; } - protected override async Task AuthenticateCoreAsync() + /// + protected override async Task AuthenticateCoreAsync() { var transaction = Context.Get(typeof(OpenIddictValidationTransaction).FullName) ?? throw new InvalidOperationException(SR.GetResourceString(SR.ID1165)); @@ -123,7 +126,7 @@ namespace OpenIddict.Validation.Owin // Note: in many cases, the authentication token was already validated by the time this action is called // (generally later in the pipeline, when using the pass-through mode). To avoid having to re-validate it, // the authentication context is resolved from the transaction. If it's not available, a new one is created. - var context = transaction.GetProperty(typeof(ProcessAuthenticationContext).FullName); + var context = transaction.GetProperty(typeof(ProcessAuthenticationContext).FullName!); if (context == null) { context = new ProcessAuthenticationContext(transaction); @@ -131,7 +134,7 @@ namespace OpenIddict.Validation.Owin // Store the context object in the transaction so it can be later retrieved by handlers // that want to access the authentication result without triggering a new authentication flow. - transaction.SetProperty(typeof(ProcessAuthenticationContext).FullName, context); + transaction.SetProperty(typeof(ProcessAuthenticationContext).FullName!, context); } if (context.IsRequestHandled || context.IsRequestSkipped) @@ -149,7 +152,7 @@ namespace OpenIddict.Validation.Owin return null; } - var properties = new AuthenticationProperties(new Dictionary + var properties = new AuthenticationProperties(new Dictionary { [OpenIddictValidationOwinConstants.Properties.Error] = context.Error, [OpenIddictValidationOwinConstants.Properties.ErrorDescription] = context.ErrorDescription, @@ -161,17 +164,22 @@ namespace OpenIddict.Validation.Owin else { + Debug.Assert(context.Principal != null, SR.GetResourceString(SR.ID5006)); + Debug.Assert(!string.IsNullOrEmpty(context.Principal.GetTokenType()), SR.GetResourceString(SR.ID5009)); + Debug.Assert(!string.IsNullOrEmpty(context.Token), SR.GetResourceString(SR.ID5010)); + // Store the token to allow any OWIN/Katana component (e.g a controller) // to retrieve it (e.g to make an API request to another application). - var properties = new AuthenticationProperties(new Dictionary + var properties = new AuthenticationProperties(new Dictionary { - [context.TokenType] = context.Token + [context.Principal.GetTokenType()!] = context.Token }); return new AuthenticationTicket((ClaimsIdentity) context.Principal.Identity, properties); } } + /// protected override async Task TeardownCoreAsync() { // Note: OWIN authentication handlers cannot reliabily write to the response stream @@ -195,7 +203,7 @@ namespace OpenIddict.Validation.Owin var transaction = Context.Get(typeof(OpenIddictValidationTransaction).FullName) ?? throw new InvalidOperationException(SR.GetResourceString(SR.ID1165)); - transaction.Properties[typeof(AuthenticationProperties).FullName] = challenge.Properties ?? new AuthenticationProperties(); + transaction.Properties[typeof(AuthenticationProperties).FullName!] = challenge.Properties ?? new AuthenticationProperties(); var context = new ProcessChallengeContext(transaction) { diff --git a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlerFilters.cs b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlerFilters.cs index 148821a1..935f8d4e 100644 --- a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlerFilters.cs +++ b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlerFilters.cs @@ -6,7 +6,6 @@ using System; using System.Threading.Tasks; -using JetBrains.Annotations; using Owin; using static OpenIddict.Validation.OpenIddictValidationEvents; @@ -22,7 +21,7 @@ namespace OpenIddict.Validation.Owin /// public class RequireOwinRequest : IOpenIddictValidationHandlerFilter { - public ValueTask IsActiveAsync([NotNull] BaseContext context) + public ValueTask IsActiveAsync(BaseContext context) { if (context == null) { diff --git a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlers.cs b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlers.cs index 503e9c58..e2572b16 100644 --- a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlers.cs +++ b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlers.cs @@ -8,12 +8,12 @@ using System; using System.Collections.Generic; using System.Collections.Immutable; using System.ComponentModel; +using System.Diagnostics; using System.IO; using System.Text; using System.Text.Encodings.Web; using System.Text.Json; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using Microsoft.Owin.Security; @@ -79,14 +79,8 @@ namespace OpenIddict.Validation.Owin .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessRequestContext context) + /// + public ValueTask HandleAsync(ProcessRequestContext context) { if (context == null) { @@ -117,7 +111,7 @@ namespace OpenIddict.Validation.Owin return default; } - if (!Uri.TryCreate(request.Scheme + "://" + request.Host + request.PathBase, UriKind.Absolute, out Uri issuer) || + if (!Uri.TryCreate(request.Scheme + "://" + request.Host + request.PathBase, UriKind.Absolute, out Uri? issuer) || !issuer.IsWellFormedOriginalString()) { context.Reject( @@ -150,14 +144,8 @@ namespace OpenIddict.Validation.Owin .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -210,14 +198,8 @@ namespace OpenIddict.Validation.Owin .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public async ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public async ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -275,14 +257,8 @@ namespace OpenIddict.Validation.Owin .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -335,21 +311,15 @@ namespace OpenIddict.Validation.Owin .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessChallengeContext context) + /// + public ValueTask HandleAsync(ProcessChallengeContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } - var properties = context.Transaction.GetProperty(typeof(AuthenticationProperties).FullName); + var properties = context.Transaction.GetProperty(typeof(AuthenticationProperties).FullName!); if (properties != null) { context.Response.Error = GetProperty(properties, Properties.Error); @@ -360,8 +330,8 @@ namespace OpenIddict.Validation.Owin return default; - static string GetProperty(AuthenticationProperties properties, string name) - => properties.Dictionary.TryGetValue(name, out string value) ? value : null; + static string? GetProperty(AuthenticationProperties properties, string name) + => properties.Dictionary.TryGetValue(name, out string? value) ? value : null; } } @@ -382,20 +352,16 @@ namespace OpenIddict.Validation.Owin .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } + Debug.Assert(context.Transaction.Response != null, SR.GetResourceString(SR.ID5007)); + // This handler only applies to OWIN requests. If The OWIN request cannot be resolved, // this may indicate that the request was incorrectly processed by another server stack. var response = context.Transaction.GetOwinRequest()?.Context.Response; @@ -404,7 +370,7 @@ namespace OpenIddict.Validation.Owin throw new InvalidOperationException(SR.GetResourceString(SR.ID1119)); } - response.StatusCode = context.Response.Error switch + response.StatusCode = context.Transaction.Response.Error switch { null => 200, @@ -438,14 +404,8 @@ namespace OpenIddict.Validation.Owin .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { @@ -477,7 +437,7 @@ namespace OpenIddict.Validation.Owin { private readonly IOptionsMonitor _options; - public AttachWwwAuthenticateHeader([NotNull] IOptionsMonitor options) + public AttachWwwAuthenticateHeader(IOptionsMonitor options) => _options = options; /// @@ -491,20 +451,16 @@ namespace OpenIddict.Validation.Owin .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } + Debug.Assert(context.Transaction.Response != null, SR.GetResourceString(SR.ID5007)); + // This handler only applies to OWIN requests. If The OWIN request cannot be resolved, // this may indicate that the request was incorrectly processed by another server stack. var response = context.Transaction.GetOwinRequest()?.Context.Response; @@ -513,12 +469,12 @@ namespace OpenIddict.Validation.Owin throw new InvalidOperationException(SR.GetResourceString(SR.ID1119)); } - if (string.IsNullOrEmpty(context.Response.Error)) + if (string.IsNullOrEmpty(context.Transaction.Response.Error)) { return default; } - var scheme = context.Response.Error switch + var scheme = context.Transaction.Response.Error switch { Errors.InvalidToken => Schemes.Bearer, Errors.MissingToken => Schemes.Bearer, @@ -541,11 +497,11 @@ namespace OpenIddict.Validation.Owin parameters[Parameters.Realm] = _options.CurrentValue.Realm; } - foreach (var parameter in context.Response.GetParameters()) + foreach (var parameter in context.Transaction.Response.GetParameters()) { // Note: the error details are only included if the error was not caused by a missing token, as recommended // by the OAuth 2.0 bearer specification: https://tools.ietf.org/html/rfc6750#section-3.1. - if (string.Equals(context.Response.Error, Errors.MissingToken, StringComparison.Ordinal) && + if (string.Equals(context.Transaction.Response.Error, Errors.MissingToken, StringComparison.Ordinal) && (string.Equals(parameter.Key, Parameters.Error, StringComparison.Ordinal) || string.Equals(parameter.Key, Parameters.ErrorDescription, StringComparison.Ordinal) || string.Equals(parameter.Key, Parameters.ErrorUri, StringComparison.Ordinal))) @@ -554,7 +510,7 @@ namespace OpenIddict.Validation.Owin } // Ignore values that can't be represented as unique strings. - var value = (string) parameter.Value; + var value = (string?) parameter.Value; if (string.IsNullOrEmpty(value)) { continue; @@ -605,14 +561,8 @@ namespace OpenIddict.Validation.Owin .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { @@ -633,7 +583,7 @@ namespace OpenIddict.Validation.Owin return default; } - context.Logger.LogInformation(SR.GetResourceString(SR.ID7141), context.Response); + context.Logger.LogInformation(SR.GetResourceString(SR.ID7141), context.Transaction.Response); context.HandleRequest(); return default; @@ -657,14 +607,8 @@ namespace OpenIddict.Validation.Owin .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public async ValueTask HandleAsync([NotNull] TContext context) + /// + public async ValueTask HandleAsync(TContext context) { if (context == null) { @@ -679,10 +623,10 @@ namespace OpenIddict.Validation.Owin throw new InvalidOperationException(SR.GetResourceString(SR.ID1119)); } - context.Logger.LogInformation(SR.GetResourceString(SR.ID7142), context.Response); + context.Logger.LogInformation(SR.GetResourceString(SR.ID7142), context.Transaction.Response); using var stream = new MemoryStream(); - await JsonSerializer.SerializeAsync(stream, context.Response, new JsonSerializerOptions + await JsonSerializer.SerializeAsync(stream, context.Transaction.Response, new JsonSerializerOptions { Encoder = JavaScriptEncoder.UnsafeRelaxedJsonEscaping, WriteIndented = false diff --git a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHelpers.cs b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHelpers.cs index da604a0c..cb5274e4 100644 --- a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHelpers.cs +++ b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHelpers.cs @@ -5,7 +5,6 @@ */ using System; -using JetBrains.Annotations; using Microsoft.Owin; using OpenIddict.Abstractions; using OpenIddict.Validation; @@ -26,7 +25,7 @@ namespace Owin /// /// The application builder used to register middleware instances. /// The . - public static IAppBuilder UseOpenIddictValidation([NotNull] this IAppBuilder app) + public static IAppBuilder UseOpenIddictValidation(this IAppBuilder app) { if (app == null) { @@ -41,19 +40,19 @@ namespace Owin /// /// The transaction instance. /// The instance or null if it couldn't be found. - public static IOwinRequest GetOwinRequest([NotNull] this OpenIddictValidationTransaction transaction) + public static IOwinRequest? GetOwinRequest(this OpenIddictValidationTransaction transaction) { if (transaction == null) { throw new ArgumentNullException(nameof(transaction)); } - if (!transaction.Properties.TryGetValue(typeof(IOwinRequest).FullName, out object property)) + if (!transaction.Properties.TryGetValue(typeof(IOwinRequest).FullName!, out object? property)) { return null; } - if (property is WeakReference reference && reference.TryGetTarget(out IOwinRequest request)) + if (property is WeakReference reference && reference.TryGetTarget(out IOwinRequest? request)) { return request; } @@ -66,7 +65,7 @@ namespace Owin /// /// The context instance. /// The . - public static OpenIddictValidationEndpointType GetOpenIddictValidationEndpointType([NotNull] this IOwinContext context) + public static OpenIddictValidationEndpointType GetOpenIddictValidationEndpointType(this IOwinContext context) { if (context == null) { @@ -81,7 +80,7 @@ namespace Owin /// /// The context instance. /// The instance or null if it couldn't be found. - public static OpenIddictRequest GetOpenIddictValidationRequest([NotNull] this IOwinContext context) + public static OpenIddictRequest? GetOpenIddictValidationRequest(this IOwinContext context) { if (context == null) { @@ -96,7 +95,7 @@ namespace Owin /// /// The context instance. /// The instance or null if it couldn't be found. - public static OpenIddictResponse GetOpenIddictValidationResponse([NotNull] this IOwinContext context) + public static OpenIddictResponse? GetOpenIddictValidationResponse(this IOwinContext context) { if (context == null) { diff --git a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinMiddleware.cs b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinMiddleware.cs index c48b4ed2..4b9e23ba 100644 --- a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinMiddleware.cs +++ b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinMiddleware.cs @@ -4,7 +4,6 @@ * the license and the contributors participating to this project. */ -using JetBrains.Annotations; using Microsoft.Extensions.Options; using Microsoft.Owin; using Microsoft.Owin.Security.Infrastructure; @@ -30,10 +29,10 @@ namespace OpenIddict.Validation.Owin /// The OpenIddict validation dispatcher. /// The OpenIddict validation factory. public OpenIddictValidationOwinMiddleware( - [CanBeNull] OwinMiddleware next, - [NotNull] IOptionsMonitor options, - [NotNull] IOpenIddictValidationDispatcher dispatcher, - [NotNull] IOpenIddictValidationFactory factory) + OwinMiddleware? next, + IOptionsMonitor options, + IOpenIddictValidationDispatcher dispatcher, + IOpenIddictValidationFactory factory) : base(next, options.CurrentValue) { _dispatcher = dispatcher; diff --git a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinMiddlewareFactory.cs b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinMiddlewareFactory.cs index baff616a..ef530e53 100644 --- a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinMiddlewareFactory.cs +++ b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinMiddlewareFactory.cs @@ -6,7 +6,6 @@ using System; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Options; using Microsoft.Owin; @@ -24,7 +23,7 @@ namespace OpenIddict.Validation.Owin /// Creates a new instance of the class. /// /// The next middleware in the pipeline, if applicable. - public OpenIddictValidationOwinMiddlewareFactory([CanBeNull] OwinMiddleware next) + public OpenIddictValidationOwinMiddlewareFactory(OwinMiddleware? next) : base(next) { } @@ -38,7 +37,7 @@ namespace OpenIddict.Validation.Owin /// /// A that can be used to monitor the asynchronous operation. /// - public override Task Invoke([NotNull] IOwinContext context) + public override Task Invoke(IOwinContext context) { if (context == null) { diff --git a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinOptions.cs b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinOptions.cs index f7b86f39..4f4336ba 100644 --- a/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinOptions.cs +++ b/src/OpenIddict.Validation.Owin/OpenIddictValidationOwinOptions.cs @@ -21,9 +21,8 @@ namespace OpenIddict.Validation.Owin => AuthenticationMode = AuthenticationMode.Passive; /// - /// Gets or sets the optional "realm" value returned to - /// the caller as part of the WWW-Authenticate header. + /// Gets or sets the optional "realm" value returned to the caller as part of the WWW-Authenticate header. /// - public string Realm { get; set; } + public string? Realm { get; set; } } } diff --git a/src/OpenIddict.Validation.ServerIntegration/OpenIddict.Validation.ServerIntegration.csproj b/src/OpenIddict.Validation.ServerIntegration/OpenIddict.Validation.ServerIntegration.csproj index 2328cadd..e4b47b23 100644 --- a/src/OpenIddict.Validation.ServerIntegration/OpenIddict.Validation.ServerIntegration.csproj +++ b/src/OpenIddict.Validation.ServerIntegration/OpenIddict.Validation.ServerIntegration.csproj @@ -2,6 +2,7 @@ net461;netstandard2.0;netstandard2.1 + enable diff --git a/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationBuilder.cs b/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationBuilder.cs index 908c7000..9a2b065e 100644 --- a/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationBuilder.cs +++ b/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationBuilder.cs @@ -6,7 +6,6 @@ using System; using System.ComponentModel; -using JetBrains.Annotations; using OpenIddict.Validation.ServerIntegration; namespace Microsoft.Extensions.DependencyInjection @@ -20,7 +19,7 @@ namespace Microsoft.Extensions.DependencyInjection /// Initializes a new instance of . /// /// The services collection. - public OpenIddictValidationServerIntegrationBuilder([NotNull] IServiceCollection services) + public OpenIddictValidationServerIntegrationBuilder(IServiceCollection services) => Services = services ?? throw new ArgumentNullException(nameof(services)); /// @@ -35,7 +34,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The delegate used to configure the OpenIddict options. /// This extension can be safely called multiple times. /// The . - public OpenIddictValidationServerIntegrationBuilder Configure([NotNull] Action configuration) + public OpenIddictValidationServerIntegrationBuilder Configure(Action configuration) { if (configuration == null) { @@ -53,7 +52,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The object to compare with the current object. /// true if the specified object is equal to the current object; otherwise, false. [EditorBrowsable(EditorBrowsableState.Never)] - public override bool Equals([CanBeNull] object obj) => base.Equals(obj); + public override bool Equals(object? obj) => base.Equals(obj); /// /// Serves as the default hash function. @@ -67,6 +66,6 @@ namespace Microsoft.Extensions.DependencyInjection /// /// A string that represents the current object. [EditorBrowsable(EditorBrowsableState.Never)] - public override string ToString() => base.ToString(); + public override string? ToString() => base.ToString(); } } diff --git a/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationConfiguration.cs b/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationConfiguration.cs index 57003ebb..770c35c7 100644 --- a/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationConfiguration.cs +++ b/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationConfiguration.cs @@ -5,7 +5,6 @@ */ using System; -using JetBrains.Annotations; using Microsoft.Extensions.Options; using Microsoft.IdentityModel.Protocols.OpenIdConnect; using OpenIddict.Server; @@ -25,7 +24,7 @@ namespace OpenIddict.Validation.ServerIntegration /// Creates a new instance of the class. /// /// The OpenIddict server options. - public OpenIddictValidationServerIntegrationConfiguration([NotNull] IOptionsMonitor options) + public OpenIddictValidationServerIntegrationConfiguration(IOptionsMonitor options) => _options = options; /// @@ -33,7 +32,7 @@ namespace OpenIddict.Validation.ServerIntegration /// and ensures that the configuration is in a consistent and valid state. /// /// The options instance to initialize. - public void Configure([NotNull] OpenIddictValidationOptions options) + public void Configure(OpenIddictValidationOptions options) { if (options == null) { @@ -66,7 +65,7 @@ namespace OpenIddict.Validation.ServerIntegration /// /// The name of the options instance to configure, if applicable. /// The options instance to initialize. - public void PostConfigure([CanBeNull] string name, [NotNull] OpenIddictValidationOptions options) + public void PostConfigure(string name, OpenIddictValidationOptions options) { if (options == null) { diff --git a/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationExtensions.cs b/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationExtensions.cs index 8baeb221..11e3278d 100644 --- a/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationExtensions.cs +++ b/src/OpenIddict.Validation.ServerIntegration/OpenIddictValidationServerIntegrationExtensions.cs @@ -5,7 +5,6 @@ */ using System; -using JetBrains.Annotations; using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.Extensions.Options; using OpenIddict.Validation; @@ -25,7 +24,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The services builder used by OpenIddict to register new services. /// This extension can be safely called multiple times. /// The . - public static OpenIddictValidationServerIntegrationBuilder UseLocalServer([NotNull] this OpenIddictValidationBuilder builder) + public static OpenIddictValidationServerIntegrationBuilder UseLocalServer(this OpenIddictValidationBuilder builder) { if (builder == null) { @@ -51,8 +50,7 @@ namespace Microsoft.Extensions.DependencyInjection /// This extension can be safely called multiple times. /// The . public static OpenIddictValidationBuilder UseLocalServer( - [NotNull] this OpenIddictValidationBuilder builder, - [NotNull] Action configuration) + this OpenIddictValidationBuilder builder, Action configuration) { if (builder == null) { diff --git a/src/OpenIddict.Validation.SystemNetHttp/OpenIddict.Validation.SystemNetHttp.csproj b/src/OpenIddict.Validation.SystemNetHttp/OpenIddict.Validation.SystemNetHttp.csproj index 90dfd21f..7861300c 100644 --- a/src/OpenIddict.Validation.SystemNetHttp/OpenIddict.Validation.SystemNetHttp.csproj +++ b/src/OpenIddict.Validation.SystemNetHttp/OpenIddict.Validation.SystemNetHttp.csproj @@ -2,6 +2,7 @@ net461;netstandard2.0;netstandard2.1 + enable diff --git a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpBuilder.cs b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpBuilder.cs index 44b1845e..2e1fb375 100644 --- a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpBuilder.cs +++ b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpBuilder.cs @@ -7,7 +7,6 @@ using System; using System.ComponentModel; using System.Net.Http; -using JetBrains.Annotations; using OpenIddict.Validation.SystemNetHttp; using Polly; @@ -22,7 +21,7 @@ namespace Microsoft.Extensions.DependencyInjection /// Initializes a new instance of . /// /// The services collection. - public OpenIddictValidationSystemNetHttpBuilder([NotNull] IServiceCollection services) + public OpenIddictValidationSystemNetHttpBuilder(IServiceCollection services) => Services = services ?? throw new ArgumentNullException(nameof(services)); /// @@ -37,7 +36,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The delegate used to configure the OpenIddict options. /// This extension can be safely called multiple times. /// The . - public OpenIddictValidationSystemNetHttpBuilder Configure([NotNull] Action configuration) + public OpenIddictValidationSystemNetHttpBuilder Configure(Action configuration) { if (configuration == null) { @@ -54,7 +53,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The HTTP Polly error policy. /// The . - public OpenIddictValidationSystemNetHttpBuilder SetHttpErrorPolicy([CanBeNull] IAsyncPolicy policy) + public OpenIddictValidationSystemNetHttpBuilder SetHttpErrorPolicy(IAsyncPolicy policy) => Configure(options => options.HttpErrorPolicy = policy); /// @@ -63,7 +62,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The object to compare with the current object. /// true if the specified object is equal to the current object; otherwise, false. [EditorBrowsable(EditorBrowsableState.Never)] - public override bool Equals([CanBeNull] object obj) => base.Equals(obj); + public override bool Equals(object? obj) => base.Equals(obj); /// /// Serves as the default hash function. @@ -77,6 +76,6 @@ namespace Microsoft.Extensions.DependencyInjection /// /// A string that represents the current object. [EditorBrowsable(EditorBrowsableState.Never)] - public override string ToString() => base.ToString(); + public override string? ToString() => base.ToString(); } } diff --git a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpConfiguration.cs b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpConfiguration.cs index fed59a3c..25fff06e 100644 --- a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpConfiguration.cs +++ b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpConfiguration.cs @@ -7,7 +7,6 @@ using System; using System.Diagnostics; using System.Net.Http.Headers; -using JetBrains.Annotations; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Http; using Microsoft.Extensions.Options; @@ -23,11 +22,11 @@ namespace OpenIddict.Validation.SystemNetHttp #if !SUPPORTS_SERVICE_PROVIDER_IN_HTTP_MESSAGE_HANDLER_BUILDER private readonly IServiceProvider _provider; - public OpenIddictValidationSystemNetHttpConfiguration([NotNull] IServiceProvider provider) + public OpenIddictValidationSystemNetHttpConfiguration(IServiceProvider provider) => _provider = provider; #endif - public void Configure([NotNull] OpenIddictValidationOptions options) + public void Configure(OpenIddictValidationOptions options) { if (options == null) { @@ -38,10 +37,10 @@ namespace OpenIddict.Validation.SystemNetHttp options.Handlers.AddRange(OpenIddictValidationSystemNetHttpHandlers.DefaultHandlers); } - public void Configure([NotNull] HttpClientFactoryOptions options) + public void Configure(HttpClientFactoryOptions options) => Debug.Fail("This infrastructure method shouldn't be called."); - public void Configure([CanBeNull] string name, [NotNull] HttpClientFactoryOptions options) + public void Configure(string name, HttpClientFactoryOptions options) { if (options == null) { @@ -58,8 +57,8 @@ namespace OpenIddict.Validation.SystemNetHttp options.HttpClientActions.Add(client => { client.DefaultRequestHeaders.UserAgent.Add(new ProductInfoHeaderValue( - productName: assembly.Name, - productVersion: assembly.Version.ToString())); + productName: assembly.Name!, + productVersion: assembly.Version!.ToString())); }); options.HttpMessageHandlerBuilderActions.Add(builder => diff --git a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpExtensions.cs b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpExtensions.cs index 344c9941..be5599ab 100644 --- a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpExtensions.cs +++ b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpExtensions.cs @@ -6,7 +6,6 @@ using System; using System.Linq; -using JetBrains.Annotations; using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.Extensions.Http; using Microsoft.Extensions.Options; @@ -28,7 +27,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The services builder used by OpenIddict to register new services. /// This extension can be safely called multiple times. /// The . - public static OpenIddictValidationSystemNetHttpBuilder UseSystemNetHttp([NotNull] this OpenIddictValidationBuilder builder) + public static OpenIddictValidationSystemNetHttpBuilder UseSystemNetHttp(this OpenIddictValidationBuilder builder) { if (builder == null) { @@ -62,8 +61,7 @@ namespace Microsoft.Extensions.DependencyInjection /// This extension can be safely called multiple times. /// The . public static OpenIddictValidationBuilder UseSystemNetHttp( - [NotNull] this OpenIddictValidationBuilder builder, - [NotNull] Action configuration) + this OpenIddictValidationBuilder builder, Action configuration) { if (builder == null) { diff --git a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlerFilters.cs b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlerFilters.cs index 50a5d3ee..f0dd5735 100644 --- a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlerFilters.cs +++ b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlerFilters.cs @@ -7,7 +7,6 @@ using System; using System.ComponentModel; using System.Threading.Tasks; -using JetBrains.Annotations; using static OpenIddict.Validation.OpenIddictValidationEvents; namespace OpenIddict.Validation.SystemNetHttp @@ -20,7 +19,7 @@ namespace OpenIddict.Validation.SystemNetHttp /// public class RequireHttpMetadataAddress : IOpenIddictValidationHandlerFilter { - public ValueTask IsActiveAsync([NotNull] BaseContext context) + public ValueTask IsActiveAsync(BaseContext context) { if (context == null) { diff --git a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlers.Introspection.cs b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlers.Introspection.cs index 8587a097..f2369b44 100644 --- a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlers.Introspection.cs +++ b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlers.Introspection.cs @@ -6,11 +6,11 @@ using System; using System.Collections.Immutable; +using System.Diagnostics; using System.Net.Http; using System.Net.Http.Headers; using System.Text; using System.Threading.Tasks; -using JetBrains.Annotations; using static OpenIddict.Abstractions.OpenIddictConstants; using static OpenIddict.Validation.OpenIddictValidationEvents; using static OpenIddict.Validation.SystemNetHttp.OpenIddictValidationSystemNetHttpHandlerFilters; @@ -52,13 +52,16 @@ namespace OpenIddict.Validation.SystemNetHttp .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - public async ValueTask HandleAsync([NotNull] PrepareIntrospectionRequestContext context) + /// + public async ValueTask HandleAsync(PrepareIntrospectionRequestContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } + Debug.Assert(context.Request != null, SR.GetResourceString(SR.ID5008)); + // This handler only applies to System.Net.Http requests. If the HTTP request cannot be resolved, // this may indicate that the request was incorrectly processed by another client stack. var request = context.Transaction.GetHttpRequestMessage(); @@ -97,7 +100,7 @@ namespace OpenIddict.Validation.SystemNetHttp context.Request.ClientId = context.Request.ClientSecret = null; } - static string EscapeDataString(string value) + static string? EscapeDataString(string? value) { if (string.IsNullOrEmpty(value)) { diff --git a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlers.cs b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlers.cs index a63b1f58..840ec67f 100644 --- a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlers.cs +++ b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHandlers.cs @@ -8,12 +8,12 @@ using System; using System.Collections.Generic; using System.Collections.Immutable; using System.ComponentModel; +using System.Diagnostics; using System.Linq; using System.Net.Http; using System.Net.Http.Headers; using System.Net.Http.Json; using System.Threading.Tasks; -using JetBrains.Annotations; using OpenIddict.Abstractions; using static OpenIddict.Validation.OpenIddictValidationEvents; using static OpenIddict.Validation.SystemNetHttp.OpenIddictValidationSystemNetHttpHandlerFilters; @@ -45,7 +45,8 @@ namespace OpenIddict.Validation.SystemNetHttp .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { @@ -57,7 +58,7 @@ namespace OpenIddict.Validation.SystemNetHttp request.Headers.AcceptCharset.Add(new StringWithQualityHeaderValue("utf-8")); // Store the HttpRequestMessage in the transaction properties. - context.Transaction.Properties[typeof(HttpRequestMessage).FullName] = request; + context.Transaction.Properties[typeof(HttpRequestMessage).FullName!] = request; return default; } @@ -79,7 +80,8 @@ namespace OpenIddict.Validation.SystemNetHttp .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { @@ -91,7 +93,7 @@ namespace OpenIddict.Validation.SystemNetHttp request.Headers.AcceptCharset.Add(new StringWithQualityHeaderValue("utf-8")); // Store the HttpRequestMessage in the transaction properties. - context.Transaction.Properties[typeof(HttpRequestMessage).FullName] = request; + context.Transaction.Properties[typeof(HttpRequestMessage).FullName!] = request; return default; } @@ -113,13 +115,16 @@ namespace OpenIddict.Validation.SystemNetHttp .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - public async ValueTask HandleAsync([NotNull] TContext context) + /// + public async ValueTask HandleAsync(TContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } + Debug.Assert(context.Transaction.Request != null, SR.GetResourceString(SR.ID5008)); + // This handler only applies to System.Net.Http requests. If the HTTP request cannot be resolved, // this may indicate that the request was incorrectly processed by another client stack. var request = context.Transaction.GetHttpRequestMessage(); @@ -132,8 +137,8 @@ namespace OpenIddict.Validation.SystemNetHttp // query strings from existing key/value pairs. To work around this limitation, // a FormUrlEncodedContent is instantiated and used to manually create the URL. using var content = new FormUrlEncodedContent( - from parameter in context.Request.GetParameters() - let values = (string[]) parameter.Value + from parameter in context.Transaction.Request.GetParameters() + let values = (string[]?) parameter.Value where values != null from value in values select new KeyValuePair(parameter.Key, value)); @@ -163,13 +168,16 @@ namespace OpenIddict.Validation.SystemNetHttp .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } + Debug.Assert(context.Transaction.Request != null, SR.GetResourceString(SR.ID5008)); + // This handler only applies to System.Net.Http requests. If the HTTP request cannot be resolved, // this may indicate that the request was incorrectly processed by another client stack. var request = context.Transaction.GetHttpRequestMessage(); @@ -179,8 +187,8 @@ namespace OpenIddict.Validation.SystemNetHttp } request.Content = new FormUrlEncodedContent( - from parameter in context.Request.GetParameters() - let values = (string[]) parameter.Value + from parameter in context.Transaction.Request.GetParameters() + let values = (string[]?) parameter.Value where values != null from value in values select new KeyValuePair(parameter.Key, value)); @@ -196,7 +204,7 @@ namespace OpenIddict.Validation.SystemNetHttp { private readonly IHttpClientFactory _factory; - public SendHttpRequest([NotNull] IHttpClientFactory factory) + public SendHttpRequest(IHttpClientFactory factory) => _factory = factory; /// @@ -210,7 +218,8 @@ namespace OpenIddict.Validation.SystemNetHttp .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - public async ValueTask HandleAsync([NotNull] TContext context) + /// + public async ValueTask HandleAsync(TContext context) { if (context == null) { @@ -239,7 +248,7 @@ namespace OpenIddict.Validation.SystemNetHttp } // Store the HttpResponseMessage in the transaction properties. - context.Transaction.Properties[typeof(HttpResponseMessage).FullName] = response; + context.Transaction.Properties[typeof(HttpResponseMessage).FullName!] = response; } } @@ -259,7 +268,8 @@ namespace OpenIddict.Validation.SystemNetHttp .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - public async ValueTask HandleAsync([NotNull] TContext context) + /// + public async ValueTask HandleAsync(TContext context) { if (context == null) { @@ -279,7 +289,7 @@ namespace OpenIddict.Validation.SystemNetHttp // Note: ReadFromJsonAsync() automatically validates the content type and the content encoding // and transcode the response stream if a non-UTF-8 response is returned by the remote server. - context.Response = await response.Content.ReadFromJsonAsync(); + context.Transaction.Response = await response.Content.ReadFromJsonAsync(); } } } diff --git a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHelpers.cs b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHelpers.cs index 2cce2434..40bbbd1f 100644 --- a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHelpers.cs +++ b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpHelpers.cs @@ -4,7 +4,6 @@ * the license and the contributors participating to this project. */ -using JetBrains.Annotations; using OpenIddict.Validation; namespace System.Net.Http @@ -19,15 +18,15 @@ namespace System.Net.Http /// /// The transaction instance. /// The instance or null if it couldn't be found. - public static HttpRequestMessage GetHttpRequestMessage([NotNull] this OpenIddictValidationTransaction transaction) - => transaction.GetProperty(typeof(HttpRequestMessage).FullName); + public static HttpRequestMessage? GetHttpRequestMessage(this OpenIddictValidationTransaction transaction) + => transaction.GetProperty(typeof(HttpRequestMessage).FullName!); /// /// Gets the associated with the current context. /// /// The transaction instance. /// The instance or null if it couldn't be found. - public static HttpResponseMessage GetHttpResponseMessage([NotNull] this OpenIddictValidationTransaction transaction) - => transaction.GetProperty(typeof(HttpResponseMessage).FullName); + public static HttpResponseMessage? GetHttpResponseMessage(this OpenIddictValidationTransaction transaction) + => transaction.GetProperty(typeof(HttpResponseMessage).FullName!); } } diff --git a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpOptions.cs b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpOptions.cs index 475ca159..aded41f7 100644 --- a/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpOptions.cs +++ b/src/OpenIddict.Validation.SystemNetHttp/OpenIddictValidationSystemNetHttpOptions.cs @@ -20,7 +20,7 @@ namespace OpenIddict.Validation.SystemNetHttp /// /// Gets or sets the HTTP Polly error policy used by the internal OpenIddict HTTP clients. /// - public IAsyncPolicy HttpErrorPolicy { get; set; } + public IAsyncPolicy? HttpErrorPolicy { get; set; } = HttpPolicyExtensions.HandleTransientHttpError() .OrResult(response => response.StatusCode == HttpStatusCode.NotFound) .WaitAndRetryAsync(4, attempt => TimeSpan.FromSeconds(Math.Pow(2, attempt))); diff --git a/src/OpenIddict.Validation/IOpenIddictValidationDispatcher.cs b/src/OpenIddict.Validation/IOpenIddictValidationDispatcher.cs index 2439c955..82189d05 100644 --- a/src/OpenIddict.Validation/IOpenIddictValidationDispatcher.cs +++ b/src/OpenIddict.Validation/IOpenIddictValidationDispatcher.cs @@ -5,13 +5,12 @@ */ using System.Threading.Tasks; -using JetBrains.Annotations; using static OpenIddict.Validation.OpenIddictValidationEvents; namespace OpenIddict.Validation { public interface IOpenIddictValidationDispatcher { - ValueTask DispatchAsync([NotNull] TContext context) where TContext : BaseContext; + ValueTask DispatchAsync(TContext context) where TContext : BaseContext; } } \ No newline at end of file diff --git a/src/OpenIddict.Validation/IOpenIddictValidationHandler.cs b/src/OpenIddict.Validation/IOpenIddictValidationHandler.cs index 9963329e..ab78fef9 100644 --- a/src/OpenIddict.Validation/IOpenIddictValidationHandler.cs +++ b/src/OpenIddict.Validation/IOpenIddictValidationHandler.cs @@ -5,7 +5,6 @@ */ using System.Threading.Tasks; -using JetBrains.Annotations; using static OpenIddict.Validation.OpenIddictValidationEvents; namespace OpenIddict.Validation @@ -23,6 +22,6 @@ namespace OpenIddict.Validation /// /// A that can be used to monitor the asynchronous operation. /// - ValueTask HandleAsync([NotNull] TContext context); + ValueTask HandleAsync(TContext context); } } diff --git a/src/OpenIddict.Validation/IOpenIddictValidationHandlerFilter.cs b/src/OpenIddict.Validation/IOpenIddictValidationHandlerFilter.cs index fb1f1fd8..28a71bff 100644 --- a/src/OpenIddict.Validation/IOpenIddictValidationHandlerFilter.cs +++ b/src/OpenIddict.Validation/IOpenIddictValidationHandlerFilter.cs @@ -5,13 +5,12 @@ */ using System.Threading.Tasks; -using JetBrains.Annotations; using static OpenIddict.Validation.OpenIddictValidationEvents; namespace OpenIddict.Validation { public interface IOpenIddictValidationHandlerFilter where TContext : BaseContext { - ValueTask IsActiveAsync([NotNull] TContext context); + ValueTask IsActiveAsync(TContext context); } } diff --git a/src/OpenIddict.Validation/OpenIddict.Validation.csproj b/src/OpenIddict.Validation/OpenIddict.Validation.csproj index a4a2a411..23968348 100644 --- a/src/OpenIddict.Validation/OpenIddict.Validation.csproj +++ b/src/OpenIddict.Validation/OpenIddict.Validation.csproj @@ -2,6 +2,7 @@ net461;net472;netcoreapp2.1;netcoreapp3.1;netstandard2.0;netstandard2.1 + enable diff --git a/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs b/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs index b5cec2d2..4db921b1 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs @@ -11,7 +11,6 @@ using System.Linq; using System.Reflection; using System.Runtime.InteropServices; using System.Security.Cryptography.X509Certificates; -using JetBrains.Annotations; using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.Tokens; @@ -30,7 +29,7 @@ namespace Microsoft.Extensions.DependencyInjection /// Initializes a new instance of . /// /// The services collection. - public OpenIddictValidationBuilder([NotNull] IServiceCollection services) + public OpenIddictValidationBuilder(IServiceCollection services) => Services = services ?? throw new ArgumentNullException(nameof(services)); /// @@ -47,7 +46,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The . [EditorBrowsable(EditorBrowsableState.Advanced)] public OpenIddictValidationBuilder AddEventHandler( - [NotNull] Action> configuration) + Action> configuration) where TContext : OpenIddictValidationEvents.BaseContext { if (configuration == null) @@ -70,7 +69,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The handler descriptor. /// The . [EditorBrowsable(EditorBrowsableState.Advanced)] - public OpenIddictValidationBuilder AddEventHandler([NotNull] OpenIddictValidationHandlerDescriptor descriptor) + public OpenIddictValidationBuilder AddEventHandler(OpenIddictValidationHandlerDescriptor descriptor) { if (descriptor == null) { @@ -89,7 +88,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The descriptor corresponding to the handler to remove. /// The . [EditorBrowsable(EditorBrowsableState.Advanced)] - public OpenIddictValidationBuilder RemoveEventHandler([NotNull] OpenIddictValidationHandlerDescriptor descriptor) + public OpenIddictValidationBuilder RemoveEventHandler(OpenIddictValidationHandlerDescriptor descriptor) { if (descriptor == null) { @@ -118,7 +117,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The delegate used to configure the OpenIddict options. /// This extension can be safely called multiple times. /// The . - public OpenIddictValidationBuilder Configure([NotNull] Action configuration) + public OpenIddictValidationBuilder Configure(Action configuration) { if (configuration == null) { @@ -135,7 +134,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The encrypting credentials. /// The . - public OpenIddictValidationBuilder AddEncryptionCredentials([NotNull] EncryptingCredentials credentials) + public OpenIddictValidationBuilder AddEncryptionCredentials(EncryptingCredentials credentials) { if (credentials == null) { @@ -150,7 +149,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The security key. /// The . - public OpenIddictValidationBuilder AddEncryptionKey([NotNull] SecurityKey key) + public OpenIddictValidationBuilder AddEncryptionKey(SecurityKey key) { if (key == null) { @@ -184,7 +183,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The encryption certificate. /// The . - public OpenIddictValidationBuilder AddEncryptionCertificate([NotNull] X509Certificate2 certificate) + public OpenIddictValidationBuilder AddEncryptionCertificate(X509Certificate2 certificate) { if (certificate == null) { @@ -218,7 +217,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The password used to open the certificate. /// The . public OpenIddictValidationBuilder AddEncryptionCertificate( - [NotNull] Assembly assembly, [NotNull] string resource, [NotNull] string password) + Assembly assembly, string resource, string password) #if SUPPORTS_EPHEMERAL_KEY_SETS // Note: ephemeral key sets are currently not supported on macOS. => AddEncryptionCertificate(assembly, resource, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ? @@ -237,8 +236,8 @@ namespace Microsoft.Extensions.DependencyInjection /// An enumeration of flags indicating how and where to store the private key of the certificate. /// The . public OpenIddictValidationBuilder AddEncryptionCertificate( - [NotNull] Assembly assembly, [NotNull] string resource, - [NotNull] string password, X509KeyStorageFlags flags) + Assembly assembly, string resource, + string password, X509KeyStorageFlags flags) { if (assembly == null) { @@ -270,7 +269,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The stream containing the certificate. /// The password used to open the certificate. /// The . - public OpenIddictValidationBuilder AddEncryptionCertificate([NotNull] Stream stream, [NotNull] string password) + public OpenIddictValidationBuilder AddEncryptionCertificate(Stream stream, string password) #if SUPPORTS_EPHEMERAL_KEY_SETS // Note: ephemeral key sets are currently not supported on macOS. => AddEncryptionCertificate(stream, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ? @@ -293,7 +292,7 @@ namespace Microsoft.Extensions.DependencyInjection [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope", Justification = "The X.509 certificate is attached to the server options.")] public OpenIddictValidationBuilder AddEncryptionCertificate( - [NotNull] Stream stream, [NotNull] string password, X509KeyStorageFlags flags) + Stream stream, string password, X509KeyStorageFlags flags) { if (stream == null) { @@ -316,7 +315,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The thumbprint of the certificate used to identify it in the X.509 store. /// The . - public OpenIddictValidationBuilder AddEncryptionCertificate([NotNull] string thumbprint) + public OpenIddictValidationBuilder AddEncryptionCertificate(string thumbprint) { if (string.IsNullOrEmpty(thumbprint)) { @@ -350,7 +349,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The location of the X.509 store. /// The . public OpenIddictValidationBuilder AddEncryptionCertificate( - [NotNull] string thumbprint, StoreName name, StoreLocation location) + string thumbprint, StoreName name, StoreLocation location) { if (string.IsNullOrEmpty(thumbprint)) { @@ -378,7 +377,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The audiences valid for this resource server. /// The . - public OpenIddictValidationBuilder AddAudiences([NotNull] params string[] audiences) + public OpenIddictValidationBuilder AddAudiences(params string[] audiences) { if (audiences == null) { @@ -419,7 +418,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The server configuration. /// The . - public OpenIddictValidationBuilder SetConfiguration([NotNull] OpenIdConnectConfiguration configuration) + public OpenIddictValidationBuilder SetConfiguration(OpenIdConnectConfiguration configuration) { if (configuration == null) { @@ -435,7 +434,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The client identifier. /// The . - public OpenIddictValidationBuilder SetClientId([NotNull] string identifier) + public OpenIddictValidationBuilder SetClientId(string identifier) { if (string.IsNullOrEmpty(identifier)) { @@ -451,7 +450,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The client secret. /// The . - public OpenIddictValidationBuilder SetClientSecret([NotNull] string secret) + public OpenIddictValidationBuilder SetClientSecret(string secret) { if (string.IsNullOrEmpty(secret)) { @@ -467,7 +466,7 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The issuer address. /// The . - public OpenIddictValidationBuilder SetIssuer([NotNull] Uri address) + public OpenIddictValidationBuilder SetIssuer(Uri address) { if (address == null) { @@ -483,14 +482,14 @@ namespace Microsoft.Extensions.DependencyInjection /// /// The issuer address. /// The . - public OpenIddictValidationBuilder SetIssuer([NotNull] string address) + public OpenIddictValidationBuilder SetIssuer(string address) { if (string.IsNullOrEmpty(address)) { throw new ArgumentException(SR.GetResourceString(SR.ID1125), nameof(address)); } - if (!Uri.TryCreate(address, UriKind.Absolute, out Uri uri) || !uri.IsWellFormedOriginalString()) + if (!Uri.TryCreate(address, UriKind.Absolute, out Uri? uri) || !uri.IsWellFormedOriginalString()) { throw new ArgumentException(SR.GetResourceString(SR.ID1126), nameof(address)); } @@ -511,7 +510,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The object to compare with the current object. /// true if the specified object is equal to the current object; otherwise, false. [EditorBrowsable(EditorBrowsableState.Never)] - public override bool Equals([CanBeNull] object obj) => base.Equals(obj); + public override bool Equals(object? obj) => base.Equals(obj); /// /// Serves as the default hash function. @@ -525,6 +524,6 @@ namespace Microsoft.Extensions.DependencyInjection /// /// A string that represents the current object. [EditorBrowsable(EditorBrowsableState.Never)] - public override string ToString() => base.ToString(); + public override string? ToString() => base.ToString(); } } diff --git a/src/OpenIddict.Validation/OpenIddictValidationConfiguration.cs b/src/OpenIddict.Validation/OpenIddictValidationConfiguration.cs index 6f325df3..97d4d53b 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationConfiguration.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationConfiguration.cs @@ -6,7 +6,6 @@ using System; using System.Linq; -using JetBrains.Annotations; using Microsoft.Extensions.Options; using Microsoft.IdentityModel.Protocols; using Microsoft.IdentityModel.Protocols.OpenIdConnect; @@ -23,7 +22,7 @@ namespace OpenIddict.Validation { private readonly OpenIddictValidationService _service; - public OpenIddictValidationConfiguration([NotNull] OpenIddictValidationService service) + public OpenIddictValidationConfiguration(OpenIddictValidationService service) => _service = service; /// @@ -32,7 +31,7 @@ namespace OpenIddict.Validation /// /// The name of the options instance to configure, if applicable. /// The options instance to initialize. - public void PostConfigure([CanBeNull] string name, [NotNull] OpenIddictValidationOptions options) + public void PostConfigure(string name, OpenIddictValidationOptions options) { if (options == null) { @@ -91,55 +90,52 @@ namespace OpenIddict.Validation throw new InvalidOperationException(SR.GetResourceString(SR.ID1086)); } - if (options.Configuration == null && options.ConfigurationManager == null) + if (options.ConfigurationManager == null) { - if (!options.Handlers.Any(descriptor => descriptor.ContextType == typeof(ApplyConfigurationRequestContext)) || - !options.Handlers.Any(descriptor => descriptor.ContextType == typeof(ApplyCryptographyRequestContext))) - { - throw new InvalidOperationException(SR.GetResourceString(SR.ID1134)); - } - - if (options.MetadataAddress == null) + if (options.Configuration != null) { - options.MetadataAddress = new Uri(".well-known/openid-configuration", UriKind.Relative); + options.ConfigurationManager = new StaticConfigurationManager(options.Configuration); } - if (!options.MetadataAddress.IsAbsoluteUri) + else { - if (options.Issuer == null || !options.Issuer.IsAbsoluteUri) + if (!options.Handlers.Any(descriptor => descriptor.ContextType == typeof(ApplyConfigurationRequestContext)) || + !options.Handlers.Any(descriptor => descriptor.ContextType == typeof(ApplyCryptographyRequestContext))) { - throw new InvalidOperationException(SR.GetResourceString(SR.ID1135)); + throw new InvalidOperationException(SR.GetResourceString(SR.ID1134)); } - if (!string.IsNullOrEmpty(options.Issuer.Fragment) || !string.IsNullOrEmpty(options.Issuer.Query)) + if (options.MetadataAddress == null) { - throw new InvalidOperationException(SR.GetResourceString(SR.ID1136)); + options.MetadataAddress = new Uri(".well-known/openid-configuration", UriKind.Relative); } - if (!options.Issuer.OriginalString.EndsWith("/")) + if (!options.MetadataAddress.IsAbsoluteUri) { - options.Issuer = new Uri(options.Issuer.OriginalString + "/", UriKind.Absolute); + if (options.Issuer == null || !options.Issuer.IsAbsoluteUri) + { + throw new InvalidOperationException(SR.GetResourceString(SR.ID1135)); + } + + if (!string.IsNullOrEmpty(options.Issuer.Fragment) || !string.IsNullOrEmpty(options.Issuer.Query)) + { + throw new InvalidOperationException(SR.GetResourceString(SR.ID1136)); + } + + if (!options.Issuer.OriginalString.EndsWith("/")) + { + options.Issuer = new Uri(options.Issuer.OriginalString + "/", UriKind.Absolute); + } + + if (options.MetadataAddress.OriginalString.StartsWith("/")) + { + options.MetadataAddress = new Uri(options.MetadataAddress.OriginalString.Substring( + 1, options.MetadataAddress.OriginalString.Length - 1), UriKind.Relative); + } + + options.MetadataAddress = new Uri(options.Issuer, options.MetadataAddress); } - if (options.MetadataAddress.OriginalString.StartsWith("/")) - { - options.MetadataAddress = new Uri(options.MetadataAddress.OriginalString.Substring( - 1, options.MetadataAddress.OriginalString.Length - 1), UriKind.Relative); - } - - options.MetadataAddress = new Uri(options.Issuer, options.MetadataAddress); - } - } - - if (options.ConfigurationManager == null) - { - if (options.Configuration != null) - { - options.ConfigurationManager = new StaticConfigurationManager(options.Configuration); - } - - else - { options.ConfigurationManager = new ConfigurationManager( options.MetadataAddress.AbsoluteUri, new OpenIddictValidationRetriever(_service)) { diff --git a/src/OpenIddict.Validation/OpenIddictValidationDispatcher.cs b/src/OpenIddict.Validation/OpenIddictValidationDispatcher.cs index 4b84bff8..d5c2ec3e 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationDispatcher.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationDispatcher.cs @@ -7,7 +7,6 @@ using System; using System.Collections.Generic; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using static OpenIddict.Validation.OpenIddictValidationEvents; @@ -25,16 +24,16 @@ namespace OpenIddict.Validation /// Creates a new instance of the class. /// public OpenIddictValidationDispatcher( - [NotNull] ILogger logger, - [NotNull] IOptionsMonitor options, - [NotNull] IServiceProvider provider) + ILogger logger, + IOptionsMonitor options, + IServiceProvider provider) { _logger = logger; _options = options; _provider = provider; } - public async ValueTask DispatchAsync([NotNull] TContext context) where TContext : BaseContext + public async ValueTask DispatchAsync(TContext context) where TContext : BaseContext { if (context == null) { diff --git a/src/OpenIddict.Validation/OpenIddictValidationEvents.Discovery.cs b/src/OpenIddict.Validation/OpenIddictValidationEvents.Discovery.cs index d97eedd1..2a551b46 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationEvents.Discovery.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationEvents.Discovery.cs @@ -4,9 +4,9 @@ * the license and the contributors participating to this project. */ -using JetBrains.Annotations; using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.Tokens; +using OpenIddict.Abstractions; namespace OpenIddict.Validation { @@ -21,10 +21,19 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public PrepareConfigurationRequestContext([NotNull] OpenIddictValidationTransaction transaction) + public PrepareConfigurationRequestContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } } /// @@ -36,10 +45,19 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public ApplyConfigurationRequestContext([NotNull] OpenIddictValidationTransaction transaction) + public ApplyConfigurationRequestContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } } /// @@ -51,10 +69,28 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public ExtractConfigurationResponseContext([NotNull] OpenIddictValidationTransaction transaction) + public ExtractConfigurationResponseContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } + + /// + /// Gets or sets the response, or null if it wasn't extracted yet. + /// + public OpenIddictResponse? Response + { + get => Transaction.Response; + set => Transaction.Response = value; + } } /// @@ -65,11 +101,29 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public HandleConfigurationResponseContext([NotNull] OpenIddictValidationTransaction transaction) + public HandleConfigurationResponseContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } + + /// + /// Gets or sets the response. + /// + public OpenIddictResponse Response + { + get => Transaction.Response!; + set => Transaction.Response = value; + } + /// /// Gets the OpenID Connect configuration. /// @@ -85,10 +139,19 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public PrepareCryptographyRequestContext([NotNull] OpenIddictValidationTransaction transaction) + public PrepareCryptographyRequestContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } } /// @@ -100,10 +163,19 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public ApplyCryptographyRequestContext([NotNull] OpenIddictValidationTransaction transaction) + public ApplyCryptographyRequestContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } } /// @@ -115,10 +187,28 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public ExtractCryptographyResponseContext([NotNull] OpenIddictValidationTransaction transaction) + public ExtractCryptographyResponseContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } + + /// + /// Gets or sets the response, or null if it wasn't extracted yet. + /// + public OpenIddictResponse? Response + { + get => Transaction.Response; + set => Transaction.Response = value; + } } /// @@ -129,11 +219,29 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public HandleCryptographyResponseContext([NotNull] OpenIddictValidationTransaction transaction) + public HandleCryptographyResponseContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } + + /// + /// Gets or sets the response. + /// + public OpenIddictResponse Response + { + get => Transaction.Response!; + set => Transaction.Response = value; + } + /// /// Gets the security keys. /// diff --git a/src/OpenIddict.Validation/OpenIddictValidationEvents.Introspection.cs b/src/OpenIddict.Validation/OpenIddictValidationEvents.Introspection.cs index eace68cd..6bfcbeb3 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationEvents.Introspection.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationEvents.Introspection.cs @@ -5,7 +5,7 @@ */ using System.Security.Claims; -using JetBrains.Annotations; +using OpenIddict.Abstractions; namespace OpenIddict.Validation { @@ -20,20 +20,29 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public PrepareIntrospectionRequestContext([NotNull] OpenIddictValidationTransaction transaction) + public PrepareIntrospectionRequestContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } + /// /// Gets or sets the token sent to the introspection endpoint. /// - public string Token { get; set; } + public string? Token { get; set; } /// /// Gets or sets the token type sent to the introspection endpoint. /// - public string TokenType { get; set; } + public string? TokenType { get; set; } } /// @@ -45,10 +54,19 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public ApplyIntrospectionRequestContext([NotNull] OpenIddictValidationTransaction transaction) + public ApplyIntrospectionRequestContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } } /// @@ -60,10 +78,28 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public ExtractIntrospectionResponseContext([NotNull] OpenIddictValidationTransaction transaction) + public ExtractIntrospectionResponseContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } + + /// + /// Gets or sets the response, or null if it wasn't extracted yet. + /// + public OpenIddictResponse? Response + { + get => Transaction.Response; + set => Transaction.Response = value; + } } /// @@ -74,25 +110,43 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public HandleIntrospectionResponseContext([NotNull] OpenIddictValidationTransaction transaction) + public HandleIntrospectionResponseContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } + + /// + /// Gets or sets the response. + /// + public OpenIddictResponse Response + { + get => Transaction.Response!; + set => Transaction.Response = value; + } + /// /// Gets or sets the token sent to the introspection endpoint. /// - public string Token { get; set; } + public string? Token { get; set; } /// /// Gets or sets the token type sent to the introspection endpoint. /// - public string TokenType { get; set; } + public string? TokenType { get; set; } /// /// Gets or sets the principal containing the claims resolved from the introspection response. /// - public ClaimsPrincipal Principal { get; set; } + public ClaimsPrincipal? Principal { get; set; } } } } diff --git a/src/OpenIddict.Validation/OpenIddictValidationEvents.cs b/src/OpenIddict.Validation/OpenIddictValidationEvents.cs index a4982784..d5926c4c 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationEvents.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationEvents.cs @@ -7,7 +7,6 @@ using System; using System.ComponentModel; using System.Security.Claims; -using JetBrains.Annotations; using Microsoft.Extensions.Localization; using Microsoft.Extensions.Logging; using OpenIddict.Abstractions; @@ -25,7 +24,7 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - protected BaseContext([NotNull] OpenIddictValidationTransaction transaction) + protected BaseContext(OpenIddictValidationTransaction transaction) => Transaction = transaction ?? throw new ArgumentNullException(nameof(transaction)); /// @@ -45,7 +44,7 @@ namespace OpenIddict.Validation /// /// Gets or sets the issuer address associated with the current transaction, if available. /// - public Uri Issuer + public Uri? Issuer { get => Transaction.Issuer; set => Transaction.Issuer = value; @@ -65,24 +64,6 @@ namespace OpenIddict.Validation /// Gets the OpenIddict validation options. /// public OpenIddictValidationOptions Options => Transaction.Options; - - /// - /// Gets or sets the OpenIddict request or null if it couldn't be extracted. - /// - public OpenIddictRequest Request - { - get => Transaction.Request; - set => Transaction.Request = value; - } - - /// - /// Gets or sets the OpenIddict response, if applicable. - /// - public OpenIddictResponse Response - { - get => Transaction.Response; - set => Transaction.Response = value; - } } /// @@ -94,7 +75,7 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - protected BaseRequestContext([NotNull] OpenIddictValidationTransaction transaction) + protected BaseRequestContext(OpenIddictValidationTransaction transaction) : base(transaction) { } @@ -133,7 +114,7 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - protected BaseExternalContext([NotNull] OpenIddictValidationTransaction transaction) + protected BaseExternalContext(OpenIddictValidationTransaction transaction) : base(transaction) { } @@ -141,7 +122,7 @@ namespace OpenIddict.Validation /// /// Gets or sets the address of the external endpoint to communicate with. /// - public Uri Address { get; set; } + public Uri? Address { get; set; } } /// @@ -153,7 +134,7 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - protected BaseValidatingContext([NotNull] OpenIddictValidationTransaction transaction) + protected BaseValidatingContext(OpenIddictValidationTransaction transaction) : base(transaction) { } @@ -166,17 +147,17 @@ namespace OpenIddict.Validation /// /// Gets or sets the "error" parameter returned to the client application. /// - public string Error { get; private set; } + public string? Error { get; private set; } /// /// Gets or sets the "error_description" parameter returned to the client application. /// - public string ErrorDescription { get; private set; } + public string? ErrorDescription { get; private set; } /// /// Gets or sets the "error_uri" parameter returned to the client application. /// - public string ErrorUri { get; private set; } + public string? ErrorUri { get; private set; } /// /// Rejects the request. @@ -187,7 +168,7 @@ namespace OpenIddict.Validation /// Rejects the request. /// /// The "error" parameter returned to the client application. - public virtual void Reject(string error) + public virtual void Reject(string? error) { Error = error; @@ -199,7 +180,7 @@ namespace OpenIddict.Validation /// /// The "error" parameter returned to the client application. /// The "error_description" parameter returned to the client application. - public virtual void Reject(string error, string description) + public virtual void Reject(string? error, string? description) { Error = error; ErrorDescription = description; @@ -213,7 +194,7 @@ namespace OpenIddict.Validation /// The "error" parameter returned to the client application. /// The "error_description" parameter returned to the client application. /// The "error_uri" parameter returned to the client application. - public virtual void Reject(string error, string description, string uri) + public virtual void Reject(string? error, string? description, string? uri) { Error = error; ErrorDescription = description; @@ -231,7 +212,7 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public ProcessRequestContext([NotNull] OpenIddictValidationTransaction transaction) + public ProcessRequestContext(OpenIddictValidationTransaction transaction) : base(transaction) { } @@ -245,10 +226,28 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public ProcessErrorContext([NotNull] OpenIddictValidationTransaction transaction) + public ProcessErrorContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + + /// + /// Gets or sets the request, or null if it couldn't be extracted. + /// + public OpenIddictRequest? Request + { + get => Transaction.Request; + set => Transaction.Request = value; + } + + /// + /// Gets or sets the response. + /// + public OpenIddictResponse Response + { + get => Transaction.Response!; + set => Transaction.Response = value; + } } /// @@ -259,25 +258,34 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public ProcessAuthenticationContext([NotNull] OpenIddictValidationTransaction transaction) + public ProcessAuthenticationContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } + /// /// Gets or sets the security principal. /// - public ClaimsPrincipal Principal { get; set; } + public ClaimsPrincipal? Principal { get; set; } /// /// Gets or sets the token to validate. /// - public string Token { get; set; } + public string? Token { get; set; } /// /// Gets or sets the expected type of the token. /// - public string TokenType { get; set; } + public string? TokenType { get; set; } } /// @@ -288,10 +296,28 @@ namespace OpenIddict.Validation /// /// Creates a new instance of the class. /// - public ProcessChallengeContext([NotNull] OpenIddictValidationTransaction transaction) + public ProcessChallengeContext(OpenIddictValidationTransaction transaction) : base(transaction) { } + + /// + /// Gets or sets the request. + /// + public OpenIddictRequest Request + { + get => Transaction.Request!; + set => Transaction.Request = value; + } + + /// + /// Gets or sets the response. + /// + public OpenIddictResponse Response + { + get => Transaction.Response!; + set => Transaction.Response = value; + } } } } diff --git a/src/OpenIddict.Validation/OpenIddictValidationExtensions.cs b/src/OpenIddict.Validation/OpenIddictValidationExtensions.cs index 66f6b792..3fb8cf4e 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationExtensions.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationExtensions.cs @@ -6,7 +6,6 @@ using System; using System.Linq; -using JetBrains.Annotations; using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.Extensions.Localization; using Microsoft.Extensions.Logging.Abstractions; @@ -30,7 +29,7 @@ namespace Microsoft.Extensions.DependencyInjection /// The services builder used by OpenIddict to register new services. /// This extension can be safely called multiple times. /// The . - public static OpenIddictValidationBuilder AddValidation([NotNull] this OpenIddictBuilder builder) + public static OpenIddictValidationBuilder AddValidation(this OpenIddictBuilder builder) { if (builder == null) { @@ -81,8 +80,8 @@ namespace Microsoft.Extensions.DependencyInjection /// This extension can be safely called multiple times. /// The . public static OpenIddictBuilder AddValidation( - [NotNull] this OpenIddictBuilder builder, - [NotNull] Action configuration) + this OpenIddictBuilder builder, + Action configuration) { if (builder == null) { diff --git a/src/OpenIddict.Validation/OpenIddictValidationFactory.cs b/src/OpenIddict.Validation/OpenIddictValidationFactory.cs index 4e5704cf..ce9c4757 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationFactory.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationFactory.cs @@ -5,7 +5,6 @@ */ using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.Extensions.Localization; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; @@ -23,9 +22,9 @@ namespace OpenIddict.Validation /// Creates a new instance of the class. /// public OpenIddictValidationFactory( - [NotNull] IStringLocalizer localizer, - [NotNull] ILogger logger, - [NotNull] IOptionsMonitor options) + IStringLocalizer localizer, + ILogger logger, + IOptionsMonitor options) { _localizer = localizer; _logger = logger; diff --git a/src/OpenIddict.Validation/OpenIddictValidationHandler.cs b/src/OpenIddict.Validation/OpenIddictValidationHandler.cs index 0092103d..de7ad89f 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationHandler.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationHandler.cs @@ -6,7 +6,6 @@ using System; using System.Threading.Tasks; -using JetBrains.Annotations; using static OpenIddict.Validation.OpenIddictValidationEvents; namespace OpenIddict.Validation @@ -23,7 +22,7 @@ namespace OpenIddict.Validation /// Creates a new event using the specified handler delegate. /// /// The event handler delegate. - public OpenIddictValidationHandler([NotNull] Func handler) + public OpenIddictValidationHandler(Func handler) => _handler = handler ?? throw new ArgumentNullException(nameof(handler)); /// @@ -33,7 +32,7 @@ namespace OpenIddict.Validation /// /// A that can be used to monitor the asynchronous operation. /// - public ValueTask HandleAsync([NotNull] TContext context) + public ValueTask HandleAsync(TContext context) => _handler(context ?? throw new ArgumentNullException(nameof(context))); } } diff --git a/src/OpenIddict.Validation/OpenIddictValidationHandlerDescriptor.cs b/src/OpenIddict.Validation/OpenIddictValidationHandlerDescriptor.cs index f283b2ef..2a538d2e 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationHandlerDescriptor.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationHandlerDescriptor.cs @@ -10,7 +10,6 @@ using System.Collections.Immutable; using System.ComponentModel; using System.Diagnostics; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.Extensions.DependencyInjection; using static OpenIddict.Validation.OpenIddictValidationEvents; using SR = OpenIddict.Abstractions.OpenIddictResources; @@ -31,7 +30,7 @@ namespace OpenIddict.Validation /// /// Gets the context type associated with the event. /// - public Type ContextType { get; private set; } + public Type ContextType { get; private set; } = default!; /// /// Gets the list of filters responsible of excluding the handler @@ -47,7 +46,7 @@ namespace OpenIddict.Validation /// /// Gets the service descriptor associated with the handler. /// - public ServiceDescriptor ServiceDescriptor { get; private set; } + public ServiceDescriptor ServiceDescriptor { get; private set; } = default!; /// /// Gets the type associated with the handler. @@ -68,7 +67,7 @@ namespace OpenIddict.Validation /// The event context type. public class Builder where TContext : BaseContext { - private ServiceDescriptor _descriptor; + private ServiceDescriptor? _descriptor; private readonly List _filterTypes = new List(); private int _order; private OpenIddictValidationHandlerType _type; @@ -78,7 +77,7 @@ namespace OpenIddict.Validation /// /// The event handler filter type. /// The builder instance, so that calls can be easily chained. - public Builder AddFilter([NotNull] Type type) + public Builder AddFilter(Type type) { if (type == null) { @@ -109,7 +108,7 @@ namespace OpenIddict.Validation /// /// The service descriptor. /// The builder instance, so that calls can be easily chained. - public Builder SetServiceDescriptor([NotNull] ServiceDescriptor descriptor) + public Builder SetServiceDescriptor(ServiceDescriptor descriptor) { if (descriptor == null) { @@ -161,7 +160,7 @@ namespace OpenIddict.Validation /// /// The handler instance. /// The builder instance, so that calls can be easily chained. - public Builder UseInlineHandler([NotNull] Func handler) + public Builder UseInlineHandler(Func handler) { if (handler == null) { @@ -197,7 +196,7 @@ namespace OpenIddict.Validation /// The handler type. /// The handler instance. /// The builder instance, so that calls can be easily chained. - public Builder UseSingletonHandler([NotNull] THandler handler) + public Builder UseSingletonHandler(THandler handler) where THandler : IOpenIddictValidationHandler { if (handler == null) diff --git a/src/OpenIddict.Validation/OpenIddictValidationHandlerFilters.cs b/src/OpenIddict.Validation/OpenIddictValidationHandlerFilters.cs index 338c1737..3b645916 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationHandlerFilters.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationHandlerFilters.cs @@ -7,7 +7,6 @@ using System; using System.ComponentModel; using System.Threading.Tasks; -using JetBrains.Annotations; using static OpenIddict.Validation.OpenIddictValidationEvents; namespace OpenIddict.Validation @@ -20,7 +19,7 @@ namespace OpenIddict.Validation /// public class RequireAuthorizationEntryValidationEnabled : IOpenIddictValidationHandlerFilter { - public ValueTask IsActiveAsync([NotNull] BaseContext context) + public ValueTask IsActiveAsync(BaseContext context) { if (context == null) { @@ -36,7 +35,7 @@ namespace OpenIddict.Validation /// public class RequireLocalValidation : IOpenIddictValidationHandlerFilter { - public ValueTask IsActiveAsync([NotNull] BaseContext context) + public ValueTask IsActiveAsync(BaseContext context) { if (context == null) { @@ -52,7 +51,7 @@ namespace OpenIddict.Validation /// public class RequireIntrospectionValidation : IOpenIddictValidationHandlerFilter { - public ValueTask IsActiveAsync([NotNull] BaseContext context) + public ValueTask IsActiveAsync(BaseContext context) { if (context == null) { @@ -68,7 +67,7 @@ namespace OpenIddict.Validation /// public class RequireTokenEntryValidationEnabled : IOpenIddictValidationHandlerFilter { - public ValueTask IsActiveAsync([NotNull] BaseContext context) + public ValueTask IsActiveAsync(BaseContext context) { if (context == null) { diff --git a/src/OpenIddict.Validation/OpenIddictValidationHandlers.Discovery.cs b/src/OpenIddict.Validation/OpenIddictValidationHandlers.Discovery.cs index 4ed60560..46b8f2bd 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationHandlers.Discovery.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationHandlers.Discovery.cs @@ -7,7 +7,6 @@ using System; using System.Collections.Immutable; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.IdentityModel.Tokens; using static OpenIddict.Abstractions.OpenIddictConstants; using static OpenIddict.Validation.OpenIddictValidationEvents; @@ -49,14 +48,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] HandleConfigurationResponseContext context) + /// + public ValueTask HandleAsync(HandleConfigurationResponseContext context) { if (context == null) { @@ -65,7 +58,7 @@ namespace OpenIddict.Validation // The issuer returned in the discovery document must exactly match the URL used to access it. // See https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationValidation. - var issuer = (string) context.Response[Metadata.Issuer]; + var issuer = (string?) context.Response[Metadata.Issuer]; if (string.IsNullOrEmpty(issuer)) { context.Reject( @@ -75,7 +68,7 @@ namespace OpenIddict.Validation return default; } - if (!Uri.TryCreate(issuer, UriKind.Absolute, out Uri address)) + if (!Uri.TryCreate(issuer, UriKind.Absolute, out Uri? address)) { context.Reject( error: Errors.ServerError, @@ -114,14 +107,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] HandleConfigurationResponseContext context) + /// + public ValueTask HandleAsync(HandleConfigurationResponseContext context) { if (context == null) { @@ -130,7 +117,7 @@ namespace OpenIddict.Validation // Note: the jwks_uri node is required by the OpenID Connect discovery specification. // See https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationValidation. - var address = (string) context.Response[Metadata.JwksUri]; + var address = (string?) context.Response[Metadata.JwksUri]; if (string.IsNullOrEmpty(address)) { context.Reject( @@ -170,21 +157,15 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] HandleConfigurationResponseContext context) + /// + public ValueTask HandleAsync(HandleConfigurationResponseContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } - var address = (string) context.Response[Metadata.IntrospectionEndpoint]; + var address = (string?) context.Response[Metadata.IntrospectionEndpoint]; if (!string.IsNullOrEmpty(address) && !Uri.IsWellFormedUriString(address, UriKind.Absolute)) { context.Reject( @@ -201,7 +182,7 @@ namespace OpenIddict.Validation { foreach (var method in methods.GetUnnamedParameters()) { - var value = (string) method; + var value = (string?) method; if (string.IsNullOrEmpty(value)) { continue; @@ -230,14 +211,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] HandleCryptographyResponseContext context) + /// + public ValueTask HandleAsync(HandleCryptographyResponseContext context) { if (context == null) { @@ -259,7 +234,7 @@ namespace OpenIddict.Validation // Note: the "use" parameter is defined as optional by the specification. // To prevent key swapping attacks, OpenIddict requires that this parameter // be present and will ignore keys that don't include a "use" parameter. - var use = (string) keys[index][JsonWebKeyParameterNames.Use]; + var use = (string?) keys[index][JsonWebKeyParameterNames.Use]; if (string.IsNullOrEmpty(use)) { continue; @@ -271,21 +246,21 @@ namespace OpenIddict.Validation continue; } - var key = (string) keys[index][JsonWebKeyParameterNames.Kty] switch + var key = (string?) keys[index][JsonWebKeyParameterNames.Kty] switch { JsonWebAlgorithmsKeyTypes.RSA => new JsonWebKey { Kty = JsonWebAlgorithmsKeyTypes.RSA, - E = (string) keys[index][JsonWebKeyParameterNames.E], - N = (string) keys[index][JsonWebKeyParameterNames.N] + E = (string?) keys[index][JsonWebKeyParameterNames.E], + N = (string?) keys[index][JsonWebKeyParameterNames.N] }, JsonWebAlgorithmsKeyTypes.EllipticCurve => new JsonWebKey { Kty = JsonWebAlgorithmsKeyTypes.EllipticCurve, - Crv = (string) keys[index][JsonWebKeyParameterNames.Crv], - X = (string) keys[index][JsonWebKeyParameterNames.X], - Y = (string) keys[index][JsonWebKeyParameterNames.Y] + Crv = (string?) keys[index][JsonWebKeyParameterNames.Crv], + X = (string?) keys[index][JsonWebKeyParameterNames.X], + Y = (string?) keys[index][JsonWebKeyParameterNames.Y] }, _ => null @@ -300,15 +275,15 @@ namespace OpenIddict.Validation return default; } - key.KeyId = (string) keys[index][JsonWebKeyParameterNames.Kid]; - key.X5t = (string) keys[index][JsonWebKeyParameterNames.X5t]; - key.X5tS256 = (string) keys[index][JsonWebKeyParameterNames.X5tS256]; + key.KeyId = (string?) keys[index][JsonWebKeyParameterNames.Kid]; + key.X5t = (string?) keys[index][JsonWebKeyParameterNames.X5t]; + key.X5tS256 = (string?) keys[index][JsonWebKeyParameterNames.X5tS256]; if (keys[index].TryGetNamedParameter(JsonWebKeyParameterNames.X5c, out var chain)) { foreach (var certificate in chain.GetNamedParameters()) { - var value = (string) certificate.Value; + var value = (string?) certificate.Value; if (string.IsNullOrEmpty(value)) { context.Reject( diff --git a/src/OpenIddict.Validation/OpenIddictValidationHandlers.Introspection.cs b/src/OpenIddict.Validation/OpenIddictValidationHandlers.Introspection.cs index 34691bfe..4ec8b9cc 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationHandlers.Introspection.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationHandlers.Introspection.cs @@ -10,7 +10,6 @@ using System.Globalization; using System.Security.Claims; using System.Text.Json; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.IdentityModel.JsonWebTokens; using OpenIddict.Abstractions; using static OpenIddict.Abstractions.OpenIddictConstants; @@ -55,14 +54,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] PrepareIntrospectionRequestContext context) + /// + public ValueTask HandleAsync(PrepareIntrospectionRequestContext context) { if (context == null) { @@ -91,14 +84,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] PrepareIntrospectionRequestContext context) + /// + public ValueTask HandleAsync(PrepareIntrospectionRequestContext context) { if (context == null) { @@ -127,14 +114,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] HandleIntrospectionResponseContext context) + /// + public ValueTask HandleAsync(HandleIntrospectionResponseContext context) { if (context == null) { @@ -185,14 +166,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] HandleIntrospectionResponseContext context) + /// + public ValueTask HandleAsync(HandleIntrospectionResponseContext context) { if (context == null) { @@ -306,14 +281,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] HandleIntrospectionResponseContext context) + /// + public ValueTask HandleAsync(HandleIntrospectionResponseContext context) { if (context == null) { @@ -322,10 +291,10 @@ namespace OpenIddict.Validation // The issuer claim is optional. If it's not null or empty, validate it to // ensure it matches the issuer registered in the server configuration. - var issuer = (string) context.Response[Claims.Issuer]; + var issuer = (string?) context.Response[Claims.Issuer]; if (!string.IsNullOrEmpty(issuer)) { - if (!Uri.TryCreate(issuer, UriKind.Absolute, out Uri uri)) + if (!Uri.TryCreate(issuer, UriKind.Absolute, out Uri? uri)) { context.Reject( error: Errors.ServerError, @@ -363,14 +332,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] HandleIntrospectionResponseContext context) + /// + public ValueTask HandleAsync(HandleIntrospectionResponseContext context) { if (context == null) { @@ -382,7 +345,7 @@ namespace OpenIddict.Validation // introspected token is of the expected type and prevent token substitution attacks. if (!string.IsNullOrEmpty(context.TokenType)) { - var usage = (string) context.Response[Claims.TokenUsage]; + var usage = (string?) context.Response[Claims.TokenUsage]; if (!string.IsNullOrEmpty(usage) && !string.Equals(usage, context.TokenType, StringComparison.OrdinalIgnoreCase)) { @@ -413,14 +376,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] HandleIntrospectionResponseContext context) + /// + public ValueTask HandleAsync(HandleIntrospectionResponseContext context) { if (context == null) { @@ -437,7 +394,7 @@ namespace OpenIddict.Validation // Resolve the issuer that will be attached to the claims created by this handler. // Note: at this stage, the optional issuer extracted from the response is assumed // to be valid, as it is guarded against unknown values by the ValidateIssuer handler. - var issuer = (string) context.Response[Claims.Issuer] ?? context.Issuer?.AbsoluteUri ?? ClaimsIdentity.DefaultIssuer; + var issuer = (string?) context.Response[Claims.Issuer] ?? context.Issuer?.AbsoluteUri ?? ClaimsIdentity.DefaultIssuer; foreach (var parameter in context.Response.GetParameters()) { diff --git a/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs b/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs index 462f6716..fadb212c 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationHandlers.cs @@ -7,11 +7,11 @@ using System; using System.Collections.Immutable; using System.ComponentModel; +using System.Diagnostics; using System.Globalization; using System.Linq; using System.Security.Claims; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.Extensions.Logging; using Microsoft.IdentityModel.Tokens; using OpenIddict.Abstractions; @@ -66,14 +66,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -110,7 +104,7 @@ namespace OpenIddict.Validation public ValidateReferenceTokenIdentifier() => throw new InvalidOperationException(SR.GetResourceString(SR.ID1138)); - public ValidateReferenceTokenIdentifier([NotNull] IOpenIddictTokenManager tokenManager) + public ValidateReferenceTokenIdentifier(IOpenIddictTokenManager tokenManager) => _tokenManager = tokenManager; /// @@ -125,7 +119,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - public async ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public async ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -187,14 +182,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public async ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public async ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -295,7 +284,7 @@ namespace OpenIddict.Validation { private readonly OpenIddictValidationService _service; - public IntrospectToken([NotNull] OpenIddictValidationService service) + public IntrospectToken(OpenIddictValidationService service) => _service = service; /// @@ -309,14 +298,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public async ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public async ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -329,11 +312,13 @@ namespace OpenIddict.Validation return; } + Debug.Assert(!string.IsNullOrEmpty(context.Token), SR.GetResourceString(SR.ID5010)); + var configuration = await context.Options.ConfigurationManager.GetConfigurationAsync(default) ?? throw new InvalidOperationException(SR.GetResourceString(SR.ID1139)); if (string.IsNullOrEmpty(configuration.IntrospectionEndpoint) || - !Uri.TryCreate(configuration.IntrospectionEndpoint, UriKind.Absolute, out Uri address) || + !Uri.TryCreate(configuration.IntrospectionEndpoint, UriKind.Absolute, out Uri? address) || !address.IsWellFormedOriginalString()) { context.Reject( @@ -385,14 +370,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -436,14 +415,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -540,7 +513,7 @@ namespace OpenIddict.Validation public RestoreReferenceTokenProperties() => throw new InvalidOperationException(SR.GetResourceString(SR.ID1138)); - public RestoreReferenceTokenProperties([NotNull] IOpenIddictTokenManager tokenManager) + public RestoreReferenceTokenProperties(IOpenIddictTokenManager tokenManager) => _tokenManager = tokenManager; /// @@ -555,7 +528,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - public async ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public async ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -567,12 +541,13 @@ namespace OpenIddict.Validation return; } - if (!context.Transaction.Properties.TryGetValue(Properties.ReferenceTokenIdentifier, out var identifier)) + var identifier = context.Transaction.GetProperty(Properties.ReferenceTokenIdentifier); + if (string.IsNullOrEmpty(identifier)) { return; } - var token = await _tokenManager.FindByIdAsync((string) identifier); + var token = await _tokenManager.FindByIdAsync(identifier); if (token == null) { throw new InvalidOperationException(SR.GetResourceString(SR.ID1020)); @@ -603,14 +578,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { @@ -663,20 +632,16 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } + Debug.Assert(context.Principal != null, SR.GetResourceString(SR.ID5006)); + var date = context.Principal.GetExpirationDate(); if (date.HasValue && date.Value < DateTimeOffset.UtcNow) { @@ -709,20 +674,16 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } + Debug.Assert(context.Principal != null, SR.GetResourceString(SR.ID5006)); + // If no explicit audience has been configured, // skip the default audience validation. if (context.Options.Audiences.Count == 0) @@ -770,7 +731,7 @@ namespace OpenIddict.Validation public ValidateTokenEntry() => throw new InvalidOperationException(SR.GetResourceString(SR.ID1138)); - public ValidateTokenEntry([NotNull] IOpenIddictTokenManager tokenManager) + public ValidateTokenEntry(IOpenIddictTokenManager tokenManager) => _tokenManager = tokenManager; /// @@ -785,13 +746,16 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - public async ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public async ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } + Debug.Assert(context.Principal != null, SR.GetResourceString(SR.ID5006)); + var identifier = context.Principal.GetTokenId(); if (string.IsNullOrEmpty(identifier)) { @@ -830,7 +794,7 @@ namespace OpenIddict.Validation public ValidateAuthorizationEntry() => throw new InvalidOperationException(SR.GetResourceString(SR.ID1141)); - public ValidateAuthorizationEntry([NotNull] IOpenIddictAuthorizationManager authorizationManager) + public ValidateAuthorizationEntry(IOpenIddictAuthorizationManager authorizationManager) => _authorizationManager = authorizationManager; /// @@ -845,13 +809,16 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - public async ValueTask HandleAsync([NotNull] ProcessAuthenticationContext context) + /// + public async ValueTask HandleAsync(ProcessAuthenticationContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } + Debug.Assert(context.Principal != null, SR.GetResourceString(SR.ID5006)); + var identifier = context.Principal.GetAuthorizationId(); if (string.IsNullOrEmpty(identifier)) { @@ -887,14 +854,8 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] ProcessChallengeContext context) + /// + public ValueTask HandleAsync(ProcessChallengeContext context) { if (context == null) { @@ -917,7 +878,7 @@ namespace OpenIddict.Validation // to inform the client that the user is not allowed to perform the requested action. var notification = context.Transaction.GetProperty( - typeof(ProcessAuthenticationContext).FullName); + typeof(ProcessAuthenticationContext).FullName!); if (!string.IsNullOrEmpty(notification?.Error)) { @@ -951,26 +912,20 @@ namespace OpenIddict.Validation .SetType(OpenIddictValidationHandlerType.BuiltIn) .Build(); - /// - /// Processes the event. - /// - /// The context associated with the event to process. - /// - /// A that can be used to monitor the asynchronous operation. - /// - public ValueTask HandleAsync([NotNull] TContext context) + /// + public ValueTask HandleAsync(TContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } - if (!string.IsNullOrEmpty(context.Response.Error)) + if (!string.IsNullOrEmpty(context.Transaction.Response?.Error)) { context.Reject( - error: context.Response.Error, - description: context.Response.ErrorDescription, - uri: context.Response.ErrorUri); + error: context.Transaction.Response.Error, + description: context.Transaction.Response.ErrorDescription, + uri: context.Transaction.Response.ErrorUri); return default; } diff --git a/src/OpenIddict.Validation/OpenIddictValidationHelpers.cs b/src/OpenIddict.Validation/OpenIddictValidationHelpers.cs index 431d90ab..d658b75b 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationHelpers.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationHelpers.cs @@ -5,7 +5,6 @@ */ using System; -using JetBrains.Annotations; using SR = OpenIddict.Abstractions.OpenIddictResources; namespace OpenIddict.Validation @@ -22,8 +21,8 @@ namespace OpenIddict.Validation /// The validation transaction. /// The property name. /// The property value or null if it couldn't be found. - public static TProperty GetProperty( - [NotNull] this OpenIddictValidationTransaction transaction, [NotNull] string name) where TProperty : class + public static TProperty? GetProperty( + this OpenIddictValidationTransaction transaction, string name) where TProperty : class { if (transaction == null) { @@ -52,8 +51,8 @@ namespace OpenIddict.Validation /// The property value. /// The validation transaction, so that calls can be easily chained. public static OpenIddictValidationTransaction SetProperty( - [NotNull] this OpenIddictValidationTransaction transaction, - [NotNull] string name, [CanBeNull] TProperty value) where TProperty : class + this OpenIddictValidationTransaction transaction, + string name, TProperty? value) where TProperty : class { if (transaction == null) { diff --git a/src/OpenIddict.Validation/OpenIddictValidationOptions.cs b/src/OpenIddict.Validation/OpenIddictValidationOptions.cs index 373efe0b..d56e0f35 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationOptions.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationOptions.cs @@ -60,12 +60,12 @@ namespace OpenIddict.Validation /// /// Gets or sets the client identifier sent to the authorization server when using remote validation. /// - public string ClientId { get; set; } + public string? ClientId { get; set; } /// /// Gets or sets the client secret sent to the authorization server when using remote validation. /// - public string ClientSecret { get; set; } + public string? ClientSecret { get; set; } /// /// Gets or sets a boolean indicating whether a database call is made @@ -86,24 +86,24 @@ namespace OpenIddict.Validation /// /// Gets or sets the absolute URL of the OAuth 2.0/OpenID Connect server. /// - public Uri Issuer { get; set; } + public Uri? Issuer { get; set; } /// /// Gets or sets the URL of the OAuth 2.0/OpenID Connect server discovery endpoint. /// When the URL is relative, must be set and absolute. /// - public Uri MetadataAddress { get; set; } + public Uri? MetadataAddress { get; set; } /// /// Gets or sets the OAuth 2.0/OpenID Connect static server configuration, if applicable. /// - public OpenIdConnectConfiguration Configuration { get; set; } + public OpenIdConnectConfiguration? Configuration { get; set; } /// /// Gets or sets the configuration manager used to retrieve /// and cache the OAuth 2.0/OpenID Connect server configuration. /// - public IConfigurationManager ConfigurationManager { get; set; } + public IConfigurationManager ConfigurationManager { get; set; } = default!; /// /// Gets the intended audiences of this resource server. diff --git a/src/OpenIddict.Validation/OpenIddictValidationRetriever.cs b/src/OpenIddict.Validation/OpenIddictValidationRetriever.cs index f2bf030f..5269cc09 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationRetriever.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationRetriever.cs @@ -7,7 +7,6 @@ using System; using System.Threading; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.IdentityModel.Protocols; using Microsoft.IdentityModel.Protocols.OpenIdConnect; using SR = OpenIddict.Abstractions.OpenIddictResources; @@ -22,7 +21,7 @@ namespace OpenIddict.Validation /// Creates a new instance of the class. /// /// The validation service. - public OpenIddictValidationRetriever([NotNull] OpenIddictValidationService service) + public OpenIddictValidationRetriever(OpenIddictValidationService service) => _service = service; /// @@ -39,7 +38,7 @@ namespace OpenIddict.Validation throw new ArgumentException(SR.GetResourceString(SR.ID1142), nameof(address)); } - if (!Uri.TryCreate(address, UriKind.Absolute, out Uri uri) || !uri.IsWellFormedOriginalString()) + if (!Uri.TryCreate(address, UriKind.Absolute, out Uri? uri) || !uri.IsWellFormedOriginalString()) { throw new ArgumentException(SR.GetResourceString(SR.ID1143), nameof(address)); } diff --git a/src/OpenIddict.Validation/OpenIddictValidationService.cs b/src/OpenIddict.Validation/OpenIddictValidationService.cs index b65e24e4..a0567719 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationService.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationService.cs @@ -5,10 +5,10 @@ */ using System; +using System.Diagnostics; using System.Security.Claims; using System.Threading; using System.Threading.Tasks; -using JetBrains.Annotations; using Microsoft.Extensions.DependencyInjection; using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.Tokens; @@ -27,7 +27,7 @@ namespace OpenIddict.Validation /// Creates a new instance of the class. /// /// The service provider. - public OpenIddictValidationService([NotNull] IServiceProvider provider) + public OpenIddictValidationService(IServiceProvider provider) => _provider = provider; /// @@ -36,8 +36,7 @@ namespace OpenIddict.Validation /// The address of the remote metadata endpoint. /// The that can be used to abort the operation. /// The OpenID Connect server configuration retrieved from the remote server. - public async ValueTask GetConfigurationAsync( - [NotNull] Uri address, CancellationToken cancellationToken = default) + public async ValueTask GetConfigurationAsync(Uri address, CancellationToken cancellationToken = default) { if (address == null) { @@ -132,6 +131,8 @@ namespace OpenIddict.Validation context.Error, context.ErrorDescription, context.ErrorUri); } + Debug.Assert(context.Response != null, SR.GetResourceString(SR.ID5007)); + return context.Response; } @@ -176,8 +177,7 @@ namespace OpenIddict.Validation /// The address of the remote metadata endpoint. /// The that can be used to abort the operation. /// The security keys retrieved from the remote server. - public async ValueTask GetSecurityKeysAsync( - [NotNull] Uri address, CancellationToken cancellationToken = default) + public async ValueTask GetSecurityKeysAsync(Uri address, CancellationToken cancellationToken = default) { if (address == null) { @@ -273,6 +273,8 @@ namespace OpenIddict.Validation context.Error, context.ErrorDescription, context.ErrorUri); } + Debug.Assert(context.Response != null, SR.GetResourceString(SR.ID5007)); + return context.Response; } @@ -318,8 +320,7 @@ namespace OpenIddict.Validation /// The token to introspect. /// The that can be used to abort the operation. /// The claims principal created from the claim retrieved from the remote server. - public ValueTask IntrospectTokenAsync( - [NotNull] Uri address, [NotNull] string token, CancellationToken cancellationToken = default) + public ValueTask IntrospectTokenAsync(Uri address, string token, CancellationToken cancellationToken = default) => IntrospectTokenAsync(address, token, type: null, cancellationToken); /// @@ -331,8 +332,7 @@ namespace OpenIddict.Validation /// The that can be used to abort the operation. /// The claims principal created from the claim retrieved from the remote server. public async ValueTask IntrospectTokenAsync( - [NotNull] Uri address, [NotNull] string token, - [CanBeNull] string type, CancellationToken cancellationToken = default) + Uri address, string token, string? type, CancellationToken cancellationToken = default) { if (address == null) { @@ -434,6 +434,8 @@ namespace OpenIddict.Validation context.Error, context.ErrorDescription, context.ErrorUri); } + Debug.Assert(context.Response != null, SR.GetResourceString(SR.ID5007)); + return context.Response; } @@ -456,6 +458,8 @@ namespace OpenIddict.Validation context.Error, context.ErrorDescription, context.ErrorUri); } + Debug.Assert(context.Principal != null, SR.GetResourceString(SR.ID5006)); + return context.Principal; } } @@ -480,8 +484,7 @@ namespace OpenIddict.Validation /// The access token to validate. /// The that can be used to abort the operation. /// The principal containing the claims extracted from the token. - public async ValueTask ValidateAccessTokenAsync( - [NotNull] string token, CancellationToken cancellationToken = default) + public async ValueTask ValidateAccessTokenAsync(string token, CancellationToken cancellationToken = default) { if (string.IsNullOrEmpty(token)) { @@ -518,6 +521,8 @@ namespace OpenIddict.Validation context.Error, context.ErrorDescription, context.ErrorUri); } + Debug.Assert(context.Principal != null, SR.GetResourceString(SR.ID5006)); + return context.Principal; } diff --git a/src/OpenIddict.Validation/OpenIddictValidationTransaction.cs b/src/OpenIddict.Validation/OpenIddictValidationTransaction.cs index 9a289b62..cf547ccd 100644 --- a/src/OpenIddict.Validation/OpenIddictValidationTransaction.cs +++ b/src/OpenIddict.Validation/OpenIddictValidationTransaction.cs @@ -25,37 +25,37 @@ namespace OpenIddict.Validation /// /// Gets or sets the issuer address associated with the current transaction, if available. /// - public Uri Issuer { get; set; } + public Uri? Issuer { get; set; } /// /// Gets or sets the localizer associated with the current request. /// - public IStringLocalizer Localizer { get; set; } + public IStringLocalizer Localizer { get; set; } = default!; /// /// Gets or sets the logger associated with the current request. /// - public ILogger Logger { get; set; } + public ILogger Logger { get; set; } = default!; /// /// Gets or sets the options associated with the current request. /// - public OpenIddictValidationOptions Options { get; set; } + public OpenIddictValidationOptions Options { get; set; } = default!; /// /// Gets the additional properties associated with the current request. /// - public IDictionary Properties { get; } - = new Dictionary(StringComparer.OrdinalIgnoreCase); + public IDictionary Properties { get; } + = new Dictionary(StringComparer.OrdinalIgnoreCase); /// /// Gets or sets the current OpenID Connect request. /// - public OpenIddictRequest Request { get; set; } + public OpenIddictRequest? Request { get; set; } /// /// Gets or sets the current OpenID Connect response being returned. /// - public OpenIddictResponse Response { get; set; } + public OpenIddictResponse? Response { get; set; } } }