diff --git a/src/OpenIddict.Abstractions/OpenIddictResources.resx b/src/OpenIddict.Abstractions/OpenIddictResources.resx
index 781766e3..3cdfcb4c 100644
--- a/src/OpenIddict.Abstractions/OpenIddictResources.resx
+++ b/src/OpenIddict.Abstractions/OpenIddictResources.resx
@@ -341,9 +341,6 @@ Consider using 'options.AddEncryptionCredentials(EncryptingCredentials)' instead
The resource cannot be null or empty.
-
- The password cannot be null or empty.
-
The certificate was not found in the specified assembly.
diff --git a/src/OpenIddict.Server/OpenIddictServerBuilder.cs b/src/OpenIddict.Server/OpenIddictServerBuilder.cs
index 642f81e0..d136ccb3 100644
--- a/src/OpenIddict.Server/OpenIddictServerBuilder.cs
+++ b/src/OpenIddict.Server/OpenIddictServerBuilder.cs
@@ -401,7 +401,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// The name of the embedded resource.
/// The password used to open the certificate.
/// The .
- public OpenIddictServerBuilder AddEncryptionCertificate(Assembly assembly, string resource, string password)
+ public OpenIddictServerBuilder AddEncryptionCertificate(Assembly assembly, string resource, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS.
=> AddEncryptionCertificate(assembly, resource, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@@ -421,7 +421,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// The .
public OpenIddictServerBuilder AddEncryptionCertificate(
Assembly assembly, string resource,
- string password, X509KeyStorageFlags flags)
+ string? password, X509KeyStorageFlags flags)
{
if (assembly is null)
{
@@ -433,11 +433,6 @@ namespace Microsoft.Extensions.DependencyInjection
throw new ArgumentException(SR.GetResourceString(SR.ID0062), nameof(resource));
}
- if (string.IsNullOrEmpty(password))
- {
- throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
- }
-
using var stream = assembly.GetManifestResourceStream(resource);
if (stream is null)
{
@@ -453,7 +448,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// The stream containing the certificate.
/// The password used to open the certificate.
/// The .
- public OpenIddictServerBuilder AddEncryptionCertificate(Stream stream, string password)
+ public OpenIddictServerBuilder AddEncryptionCertificate(Stream stream, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS.
=> AddEncryptionCertificate(stream, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@@ -475,18 +470,13 @@ namespace Microsoft.Extensions.DependencyInjection
/// The .
[SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
Justification = "The X.509 certificate is attached to the server options.")]
- public OpenIddictServerBuilder AddEncryptionCertificate(Stream stream, string password, X509KeyStorageFlags flags)
+ public OpenIddictServerBuilder AddEncryptionCertificate(Stream stream, string? password, X509KeyStorageFlags flags)
{
if (stream is null)
{
throw new ArgumentNullException(nameof(stream));
}
- if (string.IsNullOrEmpty(password))
- {
- throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
- }
-
using var buffer = new MemoryStream();
stream.CopyTo(buffer);
@@ -851,7 +841,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// The name of the embedded resource.
/// The password used to open the certificate.
/// The .
- public OpenIddictServerBuilder AddSigningCertificate(Assembly assembly, string resource, string password)
+ public OpenIddictServerBuilder AddSigningCertificate(Assembly assembly, string resource, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS.
=> AddSigningCertificate(assembly, resource, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@@ -871,7 +861,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// The .
public OpenIddictServerBuilder AddSigningCertificate(
Assembly assembly, string resource,
- string password, X509KeyStorageFlags flags)
+ string? password, X509KeyStorageFlags flags)
{
if (assembly is null)
{
@@ -883,11 +873,6 @@ namespace Microsoft.Extensions.DependencyInjection
throw new ArgumentException(SR.GetResourceString(SR.ID0062), nameof(resource));
}
- if (string.IsNullOrEmpty(password))
- {
- throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
- }
-
using var stream = assembly.GetManifestResourceStream(resource);
if (stream is null)
{
@@ -903,7 +888,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// The stream containing the certificate.
/// The password used to open the certificate.
/// The .
- public OpenIddictServerBuilder AddSigningCertificate(Stream stream, string password)
+ public OpenIddictServerBuilder AddSigningCertificate(Stream stream, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS.
=> AddSigningCertificate(stream, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@@ -925,18 +910,13 @@ namespace Microsoft.Extensions.DependencyInjection
/// The .
[SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
Justification = "The X.509 certificate is attached to the server options.")]
- public OpenIddictServerBuilder AddSigningCertificate(Stream stream, string password, X509KeyStorageFlags flags)
+ public OpenIddictServerBuilder AddSigningCertificate(Stream stream, string? password, X509KeyStorageFlags flags)
{
if (stream is null)
{
throw new ArgumentNullException(nameof(stream));
}
- if (string.IsNullOrEmpty(password))
- {
- throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
- }
-
using var buffer = new MemoryStream();
stream.CopyTo(buffer);
diff --git a/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs b/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs
index f8d77ef1..f137a398 100644
--- a/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs
+++ b/src/OpenIddict.Validation/OpenIddictValidationBuilder.cs
@@ -217,7 +217,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// The password used to open the certificate.
/// The .
public OpenIddictValidationBuilder AddEncryptionCertificate(
- Assembly assembly, string resource, string password)
+ Assembly assembly, string resource, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS.
=> AddEncryptionCertificate(assembly, resource, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@@ -237,7 +237,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// The .
public OpenIddictValidationBuilder AddEncryptionCertificate(
Assembly assembly, string resource,
- string password, X509KeyStorageFlags flags)
+ string? password, X509KeyStorageFlags flags)
{
if (assembly is null)
{
@@ -249,11 +249,6 @@ namespace Microsoft.Extensions.DependencyInjection
throw new ArgumentException(SR.GetResourceString(SR.ID0062), nameof(resource));
}
- if (string.IsNullOrEmpty(password))
- {
- throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
- }
-
using var stream = assembly.GetManifestResourceStream(resource);
if (stream is null)
{
@@ -269,7 +264,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// The stream containing the certificate.
/// The password used to open the certificate.
/// The .
- public OpenIddictValidationBuilder AddEncryptionCertificate(Stream stream, string password)
+ public OpenIddictValidationBuilder AddEncryptionCertificate(Stream stream, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS.
=> AddEncryptionCertificate(stream, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@@ -292,18 +287,13 @@ namespace Microsoft.Extensions.DependencyInjection
[SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
Justification = "The X.509 certificate is attached to the server options.")]
public OpenIddictValidationBuilder AddEncryptionCertificate(
- Stream stream, string password, X509KeyStorageFlags flags)
+ Stream stream, string? password, X509KeyStorageFlags flags)
{
if (stream is null)
{
throw new ArgumentNullException(nameof(stream));
}
- if (string.IsNullOrEmpty(password))
- {
- throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
- }
-
using var buffer = new MemoryStream();
stream.CopyTo(buffer);