tsai
/
openiddict-core
mirror of https://github.com/openiddict/openiddict-core.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Allow null/empty passwords in the AddEncryptionCertificate()/AddSigningCertificate() helpers

pull/1306/head
Kévin Chalet 5 years ago
parent
8004a82c1d
commit
b88ba18459
3 changed files with 12 additions and 45 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      src/OpenIddict.Abstractions/OpenIddictResources.resx
  2. 36
      src/OpenIddict.Server/OpenIddictServerBuilder.cs
  3. 18
      src/OpenIddict.Validation/OpenIddictValidationBuilder.cs

3
src/OpenIddict.Abstractions/OpenIddictResources.resx
View File

@ -341,9 +341,6 @@ Consider using 'options.AddEncryptionCredentials(EncryptingCredentials)' instead
<data name="ID0062" xml:space="preserve"> <data name="ID0062" xml:space="preserve">
<value>The resource cannot be null or empty.</value> <value>The resource cannot be null or empty.</value>
</data> </data>
<data name="ID0063" xml:space="preserve">
<value>The password cannot be null or empty.</value>
</data>
<data name="ID0064" xml:space="preserve"> <data name="ID0064" xml:space="preserve">
<value>The certificate was not found in the specified assembly.</value> <value>The certificate was not found in the specified assembly.</value>
</data> </data>

36
src/OpenIddict.Server/OpenIddictServerBuilder.cs
View File

@ -401,7 +401,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// <param name="resource">The name of the embedded resource.</param> /// <param name="resource">The name of the embedded resource.</param>
/// <param name="password">The password used to open the certificate.</param> /// <param name="password">The password used to open the certificate.</param>
/// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns> /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
public OpenIddictServerBuilder AddEncryptionCertificate(Assembly assembly, string resource, string password) public OpenIddictServerBuilder AddEncryptionCertificate(Assembly assembly, string resource, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS #if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS. // Note: ephemeral key sets are currently not supported on macOS.
=> AddEncryptionCertificate(assembly, resource, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ? => AddEncryptionCertificate(assembly, resource, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@ -421,7 +421,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns> /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
public OpenIddictServerBuilder AddEncryptionCertificate( public OpenIddictServerBuilder AddEncryptionCertificate(
Assembly assembly, string resource, Assembly assembly, string resource,
string password, X509KeyStorageFlags flags) string? password, X509KeyStorageFlags flags)
{ {
if (assembly is null) if (assembly is null)
{ {
@ -433,11 +433,6 @@ namespace Microsoft.Extensions.DependencyInjection
throw new ArgumentException(SR.GetResourceString(SR.ID0062), nameof(resource)); throw new ArgumentException(SR.GetResourceString(SR.ID0062), nameof(resource));
} }
if (string.IsNullOrEmpty(password))
{
throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
}
using var stream = assembly.GetManifestResourceStream(resource); using var stream = assembly.GetManifestResourceStream(resource);
if (stream is null) if (stream is null)
{ {
@ -453,7 +448,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// <param name="stream">The stream containing the certificate.</param> /// <param name="stream">The stream containing the certificate.</param>
/// <param name="password">The password used to open the certificate.</param> /// <param name="password">The password used to open the certificate.</param>
/// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns> /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
public OpenIddictServerBuilder AddEncryptionCertificate(Stream stream, string password) public OpenIddictServerBuilder AddEncryptionCertificate(Stream stream, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS #if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS. // Note: ephemeral key sets are currently not supported on macOS.
=> AddEncryptionCertificate(stream, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ? => AddEncryptionCertificate(stream, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@ -475,18 +470,13 @@ namespace Microsoft.Extensions.DependencyInjection
/// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns> /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
[SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope", [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
Justification = "The X.509 certificate is attached to the server options.")] Justification = "The X.509 certificate is attached to the server options.")]
public OpenIddictServerBuilder AddEncryptionCertificate(Stream stream, string password, X509KeyStorageFlags flags) public OpenIddictServerBuilder AddEncryptionCertificate(Stream stream, string? password, X509KeyStorageFlags flags)
{ {
if (stream is null) if (stream is null)
{ {
throw new ArgumentNullException(nameof(stream)); throw new ArgumentNullException(nameof(stream));
} }
if (string.IsNullOrEmpty(password))
{
throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
}
using var buffer = new MemoryStream(); using var buffer = new MemoryStream();
stream.CopyTo(buffer); stream.CopyTo(buffer);
@ -851,7 +841,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// <param name="resource">The name of the embedded resource.</param> /// <param name="resource">The name of the embedded resource.</param>
/// <param name="password">The password used to open the certificate.</param> /// <param name="password">The password used to open the certificate.</param>
/// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns> /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
public OpenIddictServerBuilder AddSigningCertificate(Assembly assembly, string resource, string password) public OpenIddictServerBuilder AddSigningCertificate(Assembly assembly, string resource, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS #if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS. // Note: ephemeral key sets are currently not supported on macOS.
=> AddSigningCertificate(assembly, resource, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ? => AddSigningCertificate(assembly, resource, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@ -871,7 +861,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns> /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
public OpenIddictServerBuilder AddSigningCertificate( public OpenIddictServerBuilder AddSigningCertificate(
Assembly assembly, string resource, Assembly assembly, string resource,
string password, X509KeyStorageFlags flags) string? password, X509KeyStorageFlags flags)
{ {
if (assembly is null) if (assembly is null)
{ {
@ -883,11 +873,6 @@ namespace Microsoft.Extensions.DependencyInjection
throw new ArgumentException(SR.GetResourceString(SR.ID0062), nameof(resource)); throw new ArgumentException(SR.GetResourceString(SR.ID0062), nameof(resource));
} }
if (string.IsNullOrEmpty(password))
{
throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
}
using var stream = assembly.GetManifestResourceStream(resource); using var stream = assembly.GetManifestResourceStream(resource);
if (stream is null) if (stream is null)
{ {
@ -903,7 +888,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// <param name="stream">The stream containing the certificate.</param> /// <param name="stream">The stream containing the certificate.</param>
/// <param name="password">The password used to open the certificate.</param> /// <param name="password">The password used to open the certificate.</param>
/// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns> /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
public OpenIddictServerBuilder AddSigningCertificate(Stream stream, string password) public OpenIddictServerBuilder AddSigningCertificate(Stream stream, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS #if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS. // Note: ephemeral key sets are currently not supported on macOS.
=> AddSigningCertificate(stream, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ? => AddSigningCertificate(stream, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@ -925,18 +910,13 @@ namespace Microsoft.Extensions.DependencyInjection
/// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns> /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
[SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope", [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
Justification = "The X.509 certificate is attached to the server options.")] Justification = "The X.509 certificate is attached to the server options.")]
public OpenIddictServerBuilder AddSigningCertificate(Stream stream, string password, X509KeyStorageFlags flags) public OpenIddictServerBuilder AddSigningCertificate(Stream stream, string? password, X509KeyStorageFlags flags)
{ {
if (stream is null) if (stream is null)
{ {
throw new ArgumentNullException(nameof(stream)); throw new ArgumentNullException(nameof(stream));
} }
if (string.IsNullOrEmpty(password))
{
throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
}
using var buffer = new MemoryStream(); using var buffer = new MemoryStream();
stream.CopyTo(buffer); stream.CopyTo(buffer);

18
src/OpenIddict.Validation/OpenIddictValidationBuilder.cs
View File

@ -217,7 +217,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// <param name="password">The password used to open the certificate.</param> /// <param name="password">The password used to open the certificate.</param>
/// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns> /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
public OpenIddictValidationBuilder AddEncryptionCertificate( public OpenIddictValidationBuilder AddEncryptionCertificate(
Assembly assembly, string resource, string password) Assembly assembly, string resource, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS #if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS. // Note: ephemeral key sets are currently not supported on macOS.
=> AddEncryptionCertificate(assembly, resource, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ? => AddEncryptionCertificate(assembly, resource, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@ -237,7 +237,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns> /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
public OpenIddictValidationBuilder AddEncryptionCertificate( public OpenIddictValidationBuilder AddEncryptionCertificate(
Assembly assembly, string resource, Assembly assembly, string resource,
string password, X509KeyStorageFlags flags) string? password, X509KeyStorageFlags flags)
{ {
if (assembly is null) if (assembly is null)
{ {
@ -249,11 +249,6 @@ namespace Microsoft.Extensions.DependencyInjection
throw new ArgumentException(SR.GetResourceString(SR.ID0062), nameof(resource)); throw new ArgumentException(SR.GetResourceString(SR.ID0062), nameof(resource));
} }
if (string.IsNullOrEmpty(password))
{
throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
}
using var stream = assembly.GetManifestResourceStream(resource); using var stream = assembly.GetManifestResourceStream(resource);
if (stream is null) if (stream is null)
{ {
@ -269,7 +264,7 @@ namespace Microsoft.Extensions.DependencyInjection
/// <param name="stream">The stream containing the certificate.</param> /// <param name="stream">The stream containing the certificate.</param>
/// <param name="password">The password used to open the certificate.</param> /// <param name="password">The password used to open the certificate.</param>
/// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns> /// <returns>The <see cref="OpenIddictValidationBuilder"/>.</returns>
public OpenIddictValidationBuilder AddEncryptionCertificate(Stream stream, string password) public OpenIddictValidationBuilder AddEncryptionCertificate(Stream stream, string? password)
#if SUPPORTS_EPHEMERAL_KEY_SETS #if SUPPORTS_EPHEMERAL_KEY_SETS
// Note: ephemeral key sets are currently not supported on macOS. // Note: ephemeral key sets are currently not supported on macOS.
=> AddEncryptionCertificate(stream, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ? => AddEncryptionCertificate(stream, password, RuntimeInformation.IsOSPlatform(OSPlatform.OSX) ?
@ -292,18 +287,13 @@ namespace Microsoft.Extensions.DependencyInjection
[SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope", [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",
Justification = "The X.509 certificate is attached to the server options.")] Justification = "The X.509 certificate is attached to the server options.")]
public OpenIddictValidationBuilder AddEncryptionCertificate( public OpenIddictValidationBuilder AddEncryptionCertificate(
Stream stream, string password, X509KeyStorageFlags flags) Stream stream, string? password, X509KeyStorageFlags flags)
{ {
if (stream is null) if (stream is null)
{ {
throw new ArgumentNullException(nameof(stream)); throw new ArgumentNullException(nameof(stream));
} }
if (string.IsNullOrEmpty(password))
{
throw new ArgumentException(SR.GetResourceString(SR.ID0063), nameof(password));
}
using var buffer = new MemoryStream(); using var buffer = new MemoryStream();
stream.CopyTo(buffer); stream.CopyTo(buffer);

Write Preview
Loading…
Cancel
Save