Enable nullable references support in the ASP.NET Core samples

sandbox/OpenIddict.Sandbox.AspNetCore.Client/Controllers/AuthenticationController.cs

@@ -24,7 +24,7 @@ public class AuthenticationController : Controller
         // the user is directly redirected to GitHub (in this case, no login page is shown).
         if (string.Equals(provider, "Local+GitHub", StringComparison.Ordinal))
         {
-            var properties = new AuthenticationProperties(new Dictionary<string, string>
+            var properties = new AuthenticationProperties(new Dictionary<string, string?>
             {
                 // Note: when only one client is registered in the client options,
                 // specifying the issuer URI or the provider name is not required.
@@ -54,7 +54,7 @@ public class AuthenticationController : Controller
                 return BadRequest();
             }
 
-            var properties = new AuthenticationProperties(new Dictionary<string, string>
+            var properties = new AuthenticationProperties(new Dictionary<string, string?>
             {
                 // Note: when only one client is registered in the client options,
                 // specifying the issuer URI or the provider name is not required.
@@ -96,14 +96,14 @@ public class AuthenticationController : Controller
         if (identity.FindFirst(Claims.Private.RegistrationId)?.Value is string identifier &&
             await _service.GetServerConfigurationByRegistrationIdAsync(identifier) is { EndSessionEndpoint: Uri })
         {
-            var properties = new AuthenticationProperties(new Dictionary<string, string>
+            var properties = new AuthenticationProperties(new Dictionary<string, string?>
             {
                 [OpenIddictClientAspNetCoreConstants.Properties.RegistrationId] = identifier,
 
                 // While not required, the specification encourages sending an id_token_hint
                 // parameter containing an identity token returned by the server for this user.
                 [OpenIddictClientAspNetCoreConstants.Properties.IdentityTokenHint] =
-                    result.Properties.GetTokenValue(OpenIddictClientAspNetCoreConstants.Tokens.BackchannelIdentityToken)
+                    result.Properties?.GetTokenValue(OpenIddictClientAspNetCoreConstants.Tokens.BackchannelIdentityToken)
             })
             {
                 // Only allow local return URLs to prevent open redirect attacks.
@@ -154,7 +154,7 @@ public class AuthenticationController : Controller
         // Such identities cannot be used as-is to build an authentication cookie in ASP.NET Core (as the
         // antiforgery stack requires at least a name claim to bind CSRF cookies to the user's identity) but
         // the access/refresh tokens can be retrieved using result.Properties.GetTokens() to make API calls.
-        if (result.Principal is not ClaimsPrincipal { Identity.IsAuthenticated: true })
+        if (result is not { Succeeded: true, Principal: ClaimsPrincipal { Identity.IsAuthenticated: true } })
         {
             throw new InvalidOperationException("The external authorization data cannot be used for authentication.");
         }

sandbox/OpenIddict.Sandbox.AspNetCore.Client/Controllers/HomeController.cs

@@ -63,7 +63,12 @@ public class HomeController : Controller
         // For scenarios where the default authentication handler configured in the ASP.NET Core
         // authentication options shouldn't be used, a specific scheme can be specified here.
         var ticket = await HttpContext.AuthenticateAsync();
-        var token = ticket?.Properties.GetTokenValue(Tokens.RefreshToken);
+        if (ticket is not { Succeeded: true })
+        {
+            return BadRequest();
+        }
+
+        var token = ticket.Properties.GetTokenValue(Tokens.RefreshToken);
         if (string.IsNullOrEmpty(token))
         {
             return BadRequest();

sandbox/OpenIddict.Sandbox.AspNetCore.Client/OpenIddict.Sandbox.AspNetCore.Client.csproj

@@ -2,7 +2,6 @@
 
   <PropertyGroup>
     <TargetFrameworks>net48;net9.0</TargetFrameworks>
-    <Nullable>disable</Nullable>
   </PropertyGroup>
 
   <ItemGroup>

sandbox/OpenIddict.Sandbox.AspNetCore.Client/ViewModels/Home/IndexViewModel.cs

@@ -6,8 +6,8 @@ namespace OpenIddict.Sandbox.AspNetCore.Client.ViewModels.Home;
 public class IndexViewModel
 {
     [BindNever]
-    public string Message { get; set; }
+    public string? Message { get; set; }
 
     [BindNever]
-    public IEnumerable<OpenIddictClientRegistration> Providers { get; set; }
+    public IEnumerable<OpenIddictClientRegistration> Providers { get; set; } = [];
 }

sandbox/OpenIddict.Sandbox.AspNetCore.Client/ViewModels/Shared/ErrorViewModel.cs

@@ -5,8 +5,8 @@ namespace OpenIddict.Sandbox.AspNetCore.Client.ViewModels.Shared;
 public class ErrorViewModel
 {
     [Display(Name = "Error")]
-    public string Error { get; set; }
+    public string? Error { get; set; }
 
     [Display(Name = "Description")]
-    public string ErrorDescription { get; set; }
+    public string? ErrorDescription { get; set; }
 }

sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/AccountController.cs

@@ -1,4 +1,6 @@
-using System.Security.Claims;
+#nullable disable
+
+using System.Security.Claims;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;

sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/AuthenticationController.cs

@@ -45,7 +45,7 @@ public class AuthenticationController : Controller
         // Such identities cannot be used as-is to build an authentication cookie in ASP.NET Core (as the
         // antiforgery stack requires at least a name claim to bind CSRF cookies to the user's identity) but
         // the access/refresh tokens can be retrieved using result.Properties.GetTokens() to make API calls.
-        if (result.Principal is not ClaimsPrincipal { Identity.IsAuthenticated: true })
+        if (result is not { Succeeded: true, Principal: ClaimsPrincipal { Identity.IsAuthenticated: true } })
         {
             throw new InvalidOperationException("The external authorization data cannot be used for authentication.");
         }

sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/AuthorizationController.cs

@@ -87,7 +87,7 @@ public class AuthorizationController : Controller
             {
                 return Forbid(
                     authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
-                    properties: new AuthenticationProperties(new Dictionary<string, string>
+                    properties: new AuthenticationProperties(new Dictionary<string, string?>
                     {
                         [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.LoginRequired,
                         [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = "The user is not logged in."
@@ -113,7 +113,7 @@ public class AuthorizationController : Controller
                 {
                     return Forbid(
                         authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
-                        properties: new AuthenticationProperties(new Dictionary<string, string>
+                        properties: new AuthenticationProperties(new Dictionary<string, string?>
                         {
                             [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.InvalidRequest,
                             [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] =
@@ -151,7 +151,7 @@ public class AuthorizationController : Controller
             throw new InvalidOperationException("The user details cannot be retrieved.");
 
         // Retrieve the application details from the database.
-        var application = await _applicationManager.FindByClientIdAsync(request.ClientId) ??
+        var application = await _applicationManager.FindByClientIdAsync(request.ClientId!) ??
             throw new InvalidOperationException("Details concerning the calling client application cannot be found.");
 
         // Retrieve the permanent authorizations associated with the user and the calling client application.
@@ -169,7 +169,7 @@ public class AuthorizationController : Controller
             case ConsentTypes.External when authorizations.Count is 0:
                 return Forbid(
                     authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
-                    properties: new AuthenticationProperties(new Dictionary<string, string>
+                    properties: new AuthenticationProperties(new Dictionary<string, string?>
                     {
                         [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.ConsentRequired,
                         [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] =
@@ -206,7 +206,7 @@ public class AuthorizationController : Controller
                 authorization ??= await _authorizationManager.CreateAsync(
                     identity: identity,
                     subject : await _userManager.GetUserIdAsync(user),
-                    client  : await _applicationManager.GetIdAsync(application),
+                    client  : (await _applicationManager.GetIdAsync(application))!,
                     type    : AuthorizationTypes.Permanent,
                     scopes  : identity.GetScopes());
 
@@ -221,7 +221,7 @@ public class AuthorizationController : Controller
             case ConsentTypes.Systematic when request.HasPromptValue(PromptValues.None):
                 return Forbid(
                     authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
-                    properties: new AuthenticationProperties(new Dictionary<string, string>
+                    properties: new AuthenticationProperties(new Dictionary<string, string?>
                     {
                         [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.ConsentRequired,
                         [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] =
@@ -254,7 +254,7 @@ public class AuthorizationController : Controller
             throw new InvalidOperationException("The user details cannot be retrieved.");
 
         // Retrieve the application details from the database.
-        var application = await _applicationManager.FindByClientIdAsync(request.ClientId) ??
+        var application = await _applicationManager.FindByClientIdAsync(request.ClientId!) ??
             throw new InvalidOperationException("Details concerning the calling client application cannot be found.");
 
         // Retrieve the permanent authorizations associated with the user and the calling client application.
@@ -272,7 +272,7 @@ public class AuthorizationController : Controller
         {
             return Forbid(
                 authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
-                properties: new AuthenticationProperties(new Dictionary<string, string>
+                properties: new AuthenticationProperties(new Dictionary<string, string?>
                 {
                     [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.ConsentRequired,
                     [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] =
@@ -305,7 +305,7 @@ public class AuthorizationController : Controller
         authorization ??= await _authorizationManager.CreateAsync(
             identity: identity,
             subject : await _userManager.GetUserIdAsync(user),
-            client  : await _applicationManager.GetIdAsync(application),
+            client  : (await _applicationManager.GetIdAsync(application))!,
             type    : AuthorizationTypes.Permanent,
             scopes  : identity.GetScopes());
 
@@ -333,7 +333,7 @@ public class AuthorizationController : Controller
         if (result.Succeeded && !string.IsNullOrEmpty(result.Principal.GetClaim(Claims.ClientId)))
         {
             // Retrieve the application details from the database using the client_id stored in the principal.
-            var application = await _applicationManager.FindByClientIdAsync(result.Principal.GetClaim(Claims.ClientId)) ??
+            var application = await _applicationManager.FindByClientIdAsync(result.Principal.GetClaim(Claims.ClientId)!) ??
                 throw new InvalidOperationException("Details concerning the calling client application cannot be found.");
 
             // Render a form asking the user to confirm the authorization demand.
@@ -347,7 +347,7 @@ public class AuthorizationController : Controller
 
         // If a user code was specified (e.g as part of the verification_uri_complete)
         // but is not valid, render a form asking the user to enter the user code manually.
-        else if (!string.IsNullOrEmpty(result.Properties.GetTokenValue(OpenIddictServerAspNetCoreConstants.Tokens.UserCode)))
+        else if (!string.IsNullOrEmpty(result.Properties?.GetTokenValue(OpenIddictServerAspNetCoreConstants.Tokens.UserCode)))
         {
             return View(new VerifyViewModel
             {
@@ -462,12 +462,12 @@ public class AuthorizationController : Controller
 
         if (request.IsPasswordGrantType())
         {
-            var user = await _userManager.FindByNameAsync(request.Username);
+            var user = await _userManager.FindByNameAsync(request.Username!);
             if (user is null)
             {
                 return Forbid(
                     authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
-                    properties: new AuthenticationProperties(new Dictionary<string, string>
+                    properties: new AuthenticationProperties(new Dictionary<string, string?>
                     {
                         [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.InvalidGrant,
                         [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = "The username/password couple is invalid."
@@ -475,12 +475,12 @@ public class AuthorizationController : Controller
             }
 
             // Validate the username/password parameters and ensure the account is not locked out.
-            var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, lockoutOnFailure: true);
+            var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password!, lockoutOnFailure: true);
             if (!result.Succeeded)
             {
                 return Forbid(
                     authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
-                    properties: new AuthenticationProperties(new Dictionary<string, string>
+                    properties: new AuthenticationProperties(new Dictionary<string, string?>
                     {
                         [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.InvalidGrant,
                         [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = "The username/password couple is invalid."
@@ -517,12 +517,12 @@ public class AuthorizationController : Controller
             var result = await HttpContext.AuthenticateAsync(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme);
 
             // Retrieve the user profile corresponding to the authorization code/refresh token.
-            var user = await _userManager.FindByIdAsync(result.Principal.GetClaim(Claims.Subject));
+            var user = await _userManager.FindByIdAsync(result.Principal!.GetClaim(Claims.Subject)!);
             if (user is null)
             {
                 return Forbid(
                     authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
-                    properties: new AuthenticationProperties(new Dictionary<string, string>
+                    properties: new AuthenticationProperties(new Dictionary<string, string?>
                     {
                         [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.InvalidGrant,
                         [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = "The token is no longer valid."
@@ -534,14 +534,14 @@ public class AuthorizationController : Controller
             {
                 return Forbid(
                     authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
-                    properties: new AuthenticationProperties(new Dictionary<string, string>
+                    properties: new AuthenticationProperties(new Dictionary<string, string?>
                     {
                         [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.InvalidGrant,
                         [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = "The user is no longer allowed to sign in."
                     }));
             }
 
-            var identity = new ClaimsIdentity(result.Principal.Claims,
+            var identity = new ClaimsIdentity(result.Principal!.Claims,
                 authenticationType: TokenValidationParameters.DefaultAuthenticationType,
                 nameType: Claims.Name,
                 roleType: Claims.Role);
@@ -575,7 +575,7 @@ public class AuthorizationController : Controller
             case Claims.Name or Claims.PreferredUsername:
                 yield return Destinations.AccessToken;
 
-                if (claim.Subject.HasScope(Scopes.Profile))
+                if (claim.Subject!.HasScope(Scopes.Profile))
                     yield return Destinations.IdentityToken;
 
                 yield break;
@@ -583,7 +583,7 @@ public class AuthorizationController : Controller
             case Claims.Email:
                 yield return Destinations.AccessToken;
 
-                if (claim.Subject.HasScope(Scopes.Email))
+                if (claim.Subject!.HasScope(Scopes.Email))
                     yield return Destinations.IdentityToken;
 
                 yield break;
@@ -591,7 +591,7 @@ public class AuthorizationController : Controller
             case Claims.Role:
                 yield return Destinations.AccessToken;
 
-                if (claim.Subject.HasScope(Scopes.Roles))
+                if (claim.Subject!.HasScope(Scopes.Roles))
                     yield return Destinations.IdentityToken;
 
                 yield break;

sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/ManageController.cs

@@ -1,4 +1,6 @@
-using Microsoft.AspNetCore.Authorization;
+#nullable disable
+
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using OpenIddict.Sandbox.AspNetCore.Server.Models;

sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/ResourceController.cs

@@ -28,7 +28,7 @@ public class ResourceController : Controller
         {
             return Forbid(
                 authenticationSchemes: OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme,
-                properties: new AuthenticationProperties(new Dictionary<string, string>
+                properties: new AuthenticationProperties(new Dictionary<string, string?>
                 {
                     [OpenIddictValidationAspNetCoreConstants.Properties.Scope] = "demo_api",
                     [OpenIddictValidationAspNetCoreConstants.Properties.Error] = Errors.InsufficientScope,
@@ -37,12 +37,12 @@ public class ResourceController : Controller
                 }));
         }
 
-        var user = await _userManager.FindByIdAsync(User.GetClaim(Claims.Subject));
+        var user = await _userManager.FindByIdAsync(User.GetClaim(Claims.Subject)!);
         if (user is null)
         {
             return Challenge(
                 authenticationSchemes: OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme,
-                properties: new AuthenticationProperties(new Dictionary<string, string>
+                properties: new AuthenticationProperties(new Dictionary<string, string?>
                 {
                     [OpenIddictValidationAspNetCoreConstants.Properties.Error] = Errors.InvalidToken,
                     [OpenIddictValidationAspNetCoreConstants.Properties.ErrorDescription] =

sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/UserinfoController.cs

@@ -21,12 +21,12 @@ public class UserInfoController : Controller
     [IgnoreAntiforgeryToken, Produces("application/json")]
     public async Task<IActionResult> UserInfo()
     {
-        var user = await _userManager.FindByIdAsync(User.GetClaim(Claims.Subject));
+        var user = await _userManager.FindByIdAsync(User.GetClaim(Claims.Subject)!);
         if (user is null)
         {
             return Challenge(
                 authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
-                properties: new AuthenticationProperties(new Dictionary<string, string>
+                properties: new AuthenticationProperties(new Dictionary<string, string?>
                 {
                     [OpenIddictServerAspNetCoreConstants.Properties.Error] = Errors.InvalidToken,
                     [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] =
@@ -34,7 +34,7 @@ public class UserInfoController : Controller
                 }));
         }
 
-        var claims = new Dictionary<string, object>(StringComparer.Ordinal)
+        var claims = new Dictionary<string, object?>(StringComparer.Ordinal)
         {
             // Note: the "sub" claim is a mandatory claim and must be included in the JSON response.
             [Claims.Subject] = await _userManager.GetUserIdAsync(user)

sandbox/OpenIddict.Sandbox.AspNetCore.Server/OpenIddict.Sandbox.AspNetCore.Server.csproj

@@ -3,7 +3,6 @@
   <PropertyGroup>
     <TargetFrameworks>net48;net9.0</TargetFrameworks>
     <TypeScriptEnabled>false</TypeScriptEnabled>
-    <Nullable>disable</Nullable>
   </PropertyGroup>
 
   <ItemGroup>

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Account/ExternalLoginConfirmationViewModel.cs

@@ -1,4 +1,6 @@
-using System.ComponentModel.DataAnnotations;
+#nullable disable
+
+using System.ComponentModel.DataAnnotations;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Account;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Account/ForgotPasswordViewModel.cs

@@ -1,4 +1,6 @@
-using System.ComponentModel.DataAnnotations;
+#nullable disable
+
+using System.ComponentModel.DataAnnotations;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Account;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Account/LoginViewModel.cs

@@ -1,4 +1,6 @@
-using System.ComponentModel.DataAnnotations;
+#nullable disable
+
+using System.ComponentModel.DataAnnotations;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Account;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Account/RegisterViewModel.cs

@@ -1,4 +1,6 @@
-using System.ComponentModel.DataAnnotations;
+#nullable disable
+
+using System.ComponentModel.DataAnnotations;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Account;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Account/ResetPasswordViewModel.cs

@@ -1,4 +1,6 @@
-using System.ComponentModel.DataAnnotations;
+#nullable disable
+
+using System.ComponentModel.DataAnnotations;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Account;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Account/SendCodeViewModel.cs

@@ -1,4 +1,6 @@
-using Microsoft.AspNetCore.Mvc.Rendering;
+#nullable disable
+
+using Microsoft.AspNetCore.Mvc.Rendering;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Account;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Account/VerifyCodeViewModel.cs

@@ -1,4 +1,6 @@
-using System.ComponentModel.DataAnnotations;
+#nullable disable
+
+using System.ComponentModel.DataAnnotations;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Account;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Authorization/AuthorizeViewModel.cs

@@ -5,8 +5,8 @@ namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Authorization;
 public class AuthorizeViewModel
 {
     [Display(Name = "Application")]
-    public string ApplicationName { get; set; }
+    public string? ApplicationName { get; set; }
 
     [Display(Name = "Scope")]
-    public string Scope { get; set; }
+    public string? Scope { get; set; }
 }

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Authorization/VerifyViewModel.cs

@@ -8,18 +8,18 @@ namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Authorization;
 public class VerifyViewModel
 {
     [Display(Name = "Application")]
-    public string ApplicationName { get; set; }
+    public string? ApplicationName { get; set; }
 
     [BindNever, Display(Name = "Error")]
-    public string Error { get; set; }
+    public string? Error { get; set; }
 
     [BindNever, Display(Name = "Error description")]
-    public string ErrorDescription { get; set; }
+    public string? ErrorDescription { get; set; }
 
     [Display(Name = "Scope")]
-    public string Scope { get; set; }
+    public string? Scope { get; set; }
 
     [FromQuery(Name = OpenIddictConstants.Parameters.UserCode)]
     [Display(Name = "User code")]
-    public string UserCode { get; set; }
+    public string? UserCode { get; set; }
 }

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Manage/AddPhoneNumberViewModel.cs

@@ -1,4 +1,6 @@
-using System.ComponentModel.DataAnnotations;
+#nullable disable
+
+using System.ComponentModel.DataAnnotations;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Manage;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Manage/ChangePasswordViewModel.cs

@@ -1,4 +1,6 @@
-using System.ComponentModel.DataAnnotations;
+#nullable disable
+
+using System.ComponentModel.DataAnnotations;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Manage;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Manage/ConfigureTwoFactorViewModel.cs

@@ -1,4 +1,6 @@
-using Microsoft.AspNetCore.Mvc.Rendering;
+#nullable disable
+
+using Microsoft.AspNetCore.Mvc.Rendering;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Manage;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Manage/FactorViewModel.cs

@@ -1,4 +1,6 @@
-namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Manage;
+#nullable disable
+
+namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Manage;
 
 public class FactorViewModel
 {

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Manage/IndexViewModel.cs

@@ -1,4 +1,6 @@
-using Microsoft.AspNetCore.Identity;
+#nullable disable
+
+using Microsoft.AspNetCore.Identity;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Manage;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Manage/ManageLoginsViewModel.cs

@@ -1,4 +1,6 @@
-using Microsoft.AspNetCore.Authentication;
+#nullable disable
+
+using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Identity;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Manage;

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Manage/RemoveLoginViewModel.cs

@@ -1,4 +1,6 @@
-namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Manage;
+#nullable disable
+
+namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Manage;
 
 public class RemoveLoginViewModel
 {

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Manage/SetPasswordViewModel.cs

@@ -1,4 +1,6 @@
-using System.ComponentModel.DataAnnotations;
+#nullable disable
+
+using System.ComponentModel.DataAnnotations;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Manage;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Manage/VerifyPhoneNumberViewModel.cs

@@ -1,4 +1,6 @@
-using System.ComponentModel.DataAnnotations;
+#nullable disable
+
+using System.ComponentModel.DataAnnotations;
 
 namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Manage;
 

sandbox/OpenIddict.Sandbox.AspNetCore.Server/ViewModels/Shared/ErrorViewModel.cs

@@ -5,8 +5,8 @@ namespace OpenIddict.Sandbox.AspNetCore.Server.ViewModels.Shared;
 public class ErrorViewModel
 {
     [Display(Name = "Error")]
-    public string Error { get; set; }
+    public string? Error { get; set; }
 
     [Display(Name = "Description")]
-    public string ErrorDescription { get; set; }
+    public string? ErrorDescription { get; set; }
 }

sandbox/OpenIddict.Sandbox.AspNetCore.Server/Views/Manage/ManageLogins.cshtml

@@ -16,7 +16,7 @@
                 <tr>
                     <td>@account.LoginProvider</td>
                     <td>
-                        @if ((bool)ViewData["ShowRemoveButton"])
+                        @if ((bool)ViewData["ShowRemoveButton"]!)
                         {
                             <form asp-controller="Manage" asp-action="RemoveLogin" method="post" class="form-horizontal" role="form">
                                 <div>

sandbox/OpenIddict.Sandbox.AspNetCore.Server/Views/Manage/RemoveLogin.cshtml

@@ -13,7 +13,7 @@
                 <tr>
                     <td>@account.LoginProvider</td>
                     <td>
-                        @if ((bool)ViewData["ShowRemoveButton"])
+                        @if ((bool)ViewData["ShowRemoveButton"]!)
                         {
                             <form asp-controller="Manage" asp-action="RemoveLogin" asp-route-returnurl="@ViewData["ReturnUrl"]" method="post" class="form-horizontal" role="form">
                                 <div>