diff options
author | Pranav K <prkrishn@hotmail.com> | 2020-07-31 03:09:14 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-07-31 03:09:14 +0300 |
commit | 3e1e69eccef4ea54c46c7e706413a0448abbbec9 (patch) | |
tree | b77d8abd6c2114706c7b1841be2df580f39c0add | |
parent | 799014cfe777885e323c9306b080c61043190b28 (diff) |
Add nullable annotations to Authenticator.Core & Authentication.Cookies (#24307)add
Contributes to https://github.com/dotnet/aspnetcore/issues/5680
42 files changed, 183 insertions, 151 deletions
diff --git a/src/Http/Authentication.Abstractions/src/AuthenticateResult.cs b/src/Http/Authentication.Abstractions/src/AuthenticateResult.cs index f801ce5308..f10b5b9392 100644 --- a/src/Http/Authentication.Abstractions/src/AuthenticateResult.cs +++ b/src/Http/Authentication.Abstractions/src/AuthenticateResult.cs @@ -2,6 +2,7 @@ // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. using System; +using System.Diagnostics.CodeAnalysis; using System.Security.Claims; namespace Microsoft.AspNetCore.Authentication @@ -19,6 +20,7 @@ namespace Microsoft.AspNetCore.Authentication /// <summary> /// If a ticket was produced, authenticate was successful. /// </summary> + [MemberNotNullWhen(true, nameof(Ticket))] public bool Succeeded => Ticket != null; /// <summary> diff --git a/src/Http/Authentication.Abstractions/src/AuthenticationHttpContextExtensions.cs b/src/Http/Authentication.Abstractions/src/AuthenticationHttpContextExtensions.cs index 539f1c74f3..e6d56aa4fa 100644 --- a/src/Http/Authentication.Abstractions/src/AuthenticationHttpContextExtensions.cs +++ b/src/Http/Authentication.Abstractions/src/AuthenticationHttpContextExtensions.cs @@ -36,7 +36,7 @@ namespace Microsoft.AspNetCore.Authentication /// <param name="context">The <see cref="HttpContext"/> context.</param> /// <param name="scheme">The name of the authentication scheme.</param> /// <returns>The result.</returns> - public static Task ChallengeAsync(this HttpContext context, string scheme) => + public static Task ChallengeAsync(this HttpContext context, string? scheme) => context.ChallengeAsync(scheme, properties: null); /// <summary> @@ -72,7 +72,7 @@ namespace Microsoft.AspNetCore.Authentication /// <param name="context">The <see cref="HttpContext"/> context.</param> /// <param name="scheme">The name of the authentication scheme.</param> /// <returns>The task.</returns> - public static Task ForbidAsync(this HttpContext context, string scheme) => + public static Task ForbidAsync(this HttpContext context, string? scheme) => context.ForbidAsync(scheme, properties: null); /// <summary> @@ -109,7 +109,7 @@ namespace Microsoft.AspNetCore.Authentication /// <param name="scheme">The name of the authentication scheme.</param> /// <param name="principal">The user.</param> /// <returns>The task.</returns> - public static Task SignInAsync(this HttpContext context, string scheme, ClaimsPrincipal principal) => + public static Task SignInAsync(this HttpContext context, string? scheme, ClaimsPrincipal principal) => context.SignInAsync(scheme, principal, properties: null); /// <summary> diff --git a/src/Http/Authentication.Abstractions/src/AuthenticationTicket.cs b/src/Http/Authentication.Abstractions/src/AuthenticationTicket.cs index 4960060787..e756566855 100644 --- a/src/Http/Authentication.Abstractions/src/AuthenticationTicket.cs +++ b/src/Http/Authentication.Abstractions/src/AuthenticationTicket.cs @@ -17,7 +17,7 @@ namespace Microsoft.AspNetCore.Authentication /// <param name="principal">the <see cref="ClaimsPrincipal"/> that represents the authenticated user.</param> /// <param name="properties">additional properties that can be consumed by the user or runtime.</param> /// <param name="authenticationScheme">the authentication middleware that was responsible for this ticket.</param> - public AuthenticationTicket(ClaimsPrincipal principal, AuthenticationProperties? properties, string? authenticationScheme) + public AuthenticationTicket(ClaimsPrincipal principal, AuthenticationProperties? properties, string authenticationScheme) { if (principal == null) { @@ -41,17 +41,17 @@ namespace Microsoft.AspNetCore.Authentication /// <summary> /// Gets the authentication type. /// </summary> - public string? AuthenticationScheme { get; private set; } + public string AuthenticationScheme { get; } /// <summary> /// Gets the claims-principal with authenticated user identities. /// </summary> - public ClaimsPrincipal Principal { get; private set; } + public ClaimsPrincipal Principal { get; } /// <summary> /// Additional state values for the authentication session. /// </summary> - public AuthenticationProperties Properties { get; private set; } + public AuthenticationProperties Properties { get; } /// <summary> /// Returns a copy of the ticket. diff --git a/src/Http/Http.Abstractions/src/PathString.cs b/src/Http/Http.Abstractions/src/PathString.cs index 79f82ddd1a..48eb14c015 100644 --- a/src/Http/Http.Abstractions/src/PathString.cs +++ b/src/Http/Http.Abstractions/src/PathString.cs @@ -424,7 +424,7 @@ namespace Microsoft.AspNetCore.Http /// <param name="left">The left parameter</param> /// <param name="right">The right parameter</param> /// <returns>The ToString combination of both values</returns> - public static string operator +(PathString left, string right) + public static string operator +(PathString left, string? right) { // This overload exists to prevent the implicit string<->PathString converter from // trying to call the PathString+PathString operator for things that are not path strings. diff --git a/src/Security/Authentication/Cookies/src/CookieAuthenticationHandler.cs b/src/Security/Authentication/Cookies/src/CookieAuthenticationHandler.cs index 7ca9348595..f10e6114cd 100644 --- a/src/Security/Authentication/Cookies/src/CookieAuthenticationHandler.cs +++ b/src/Security/Authentication/Cookies/src/CookieAuthenticationHandler.cs @@ -2,6 +2,7 @@ // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. using System; +using System.Diagnostics; using System.Linq; using System.Security.Claims; using System.Text.Encodings.Web; @@ -27,9 +28,9 @@ namespace Microsoft.AspNetCore.Authentication.Cookies private DateTimeOffset? _refreshIssuedUtc; private DateTimeOffset? _refreshExpiresUtc; - private string _sessionKey; - private Task<AuthenticateResult> _readCookieTask; - private AuthenticationTicket _refreshTicket; + private string? _sessionKey; + private Task<AuthenticateResult>? _readCookieTask; + private AuthenticationTicket? _refreshTicket; public CookieAuthenticationHandler(IOptionsMonitor<CookieAuthenticationOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock) @@ -41,7 +42,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies /// </summary> protected new CookieAuthenticationEvents Events { - get { return (CookieAuthenticationEvents)base.Events; } + get { return (CookieAuthenticationEvents)base.Events!; } set { base.Events = value; } } @@ -86,7 +87,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies } } - private void RequestRefresh(AuthenticationTicket ticket, ClaimsPrincipal replacedPrincipal = null) + private void RequestRefresh(AuthenticationTicket ticket, ClaimsPrincipal? replacedPrincipal = null) { var issuedUtc = ticket.Properties.IssuedUtc; var expiresUtc = ticket.Properties.ExpiresUtc; @@ -102,7 +103,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies } } - private AuthenticationTicket CloneTicket(AuthenticationTicket ticket, ClaimsPrincipal replacedPrincipal) + private AuthenticationTicket CloneTicket(AuthenticationTicket ticket, ClaimsPrincipal? replacedPrincipal) { var principal = replacedPrincipal ?? ticket.Principal; var newPrincipal = new ClaimsPrincipal(); @@ -122,7 +123,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies private async Task<AuthenticateResult> ReadCookieTicket() { - var cookie = Options.CookieManager.GetRequestCookie(Context, Options.Cookie.Name); + var cookie = Options.CookieManager.GetRequestCookie(Context, Options.Cookie.Name!); if (string.IsNullOrEmpty(cookie)) { return AuthenticateResult.NoResult(); @@ -157,7 +158,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies { if (Options.SessionStore != null) { - await Options.SessionStore.RemoveAsync(_sessionKey); + await Options.SessionStore.RemoveAsync(_sessionKey!); } return AuthenticateResult.Fail("Ticket expired"); } @@ -176,6 +177,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies return result; } + Debug.Assert(result.Ticket != null); var context = new CookieValidatePrincipalContext(Context, Scheme, Options, result.Ticket); await Events.ValidatePrincipal(context); @@ -244,7 +246,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies Options.CookieManager.AppendResponseCookie( Context, - Options.Cookie.Name, + Options.Cookie.Name!, cookieValue, cookieOptions); @@ -252,7 +254,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies } } - protected async override Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties properties) + protected async override Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties) { if (user == null) { @@ -299,7 +301,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime(); } - var ticket = new AuthenticationTicket(signInContext.Principal, signInContext.Properties, signInContext.Scheme.Name); + var ticket = new AuthenticationTicket(signInContext.Principal!, signInContext.Properties, signInContext.Scheme.Name); if (Options.SessionStore != null) { @@ -324,14 +326,14 @@ namespace Microsoft.AspNetCore.Authentication.Cookies Options.CookieManager.AppendResponseCookie( Context, - Options.Cookie.Name, + Options.Cookie.Name!, cookieValue, signInContext.CookieOptions); var signedInContext = new CookieSignedInContext( Context, Scheme, - signInContext.Principal, + signInContext.Principal!, signInContext.Properties, Options); @@ -344,7 +346,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies Logger.AuthenticationSchemeSignedIn(Scheme.Name); } - protected async override Task HandleSignOutAsync(AuthenticationProperties properties) + protected async override Task HandleSignOutAsync(AuthenticationProperties? properties) { properties = properties ?? new AuthenticationProperties(); @@ -369,7 +371,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies Options.CookieManager.DeleteCookie( Context, - Options.Cookie.Name, + Options.Cookie.Name!, context.CookieOptions); // Only redirect on the logout path @@ -449,7 +451,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies await Events.RedirectToLogin(redirectContext); } - private string GetTlsTokenBinding() + private string? GetTlsTokenBinding() { var binding = Context.Features.Get<ITlsTokenBindingFeature>()?.GetProvidedTokenBindingId(); return binding == null ? null : Convert.ToBase64String(binding); diff --git a/src/Security/Authentication/Cookies/src/CookieAuthenticationOptions.cs b/src/Security/Authentication/Cookies/src/CookieAuthenticationOptions.cs index 0248669979..49e7092b76 100644 --- a/src/Security/Authentication/Cookies/src/CookieAuthenticationOptions.cs +++ b/src/Security/Authentication/Cookies/src/CookieAuthenticationOptions.cs @@ -71,7 +71,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies /// <summary> /// If set this will be used by the CookieAuthenticationHandler for data protection. /// </summary> - public IDataProtectionProvider DataProtectionProvider { get; set; } + public IDataProtectionProvider? DataProtectionProvider { get; set; } /// <summary> /// The SlidingExpiration is set to true to instruct the handler to re-issue a new cookie with a new @@ -111,7 +111,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies /// </summary> public new CookieAuthenticationEvents Events { - get => (CookieAuthenticationEvents)base.Events; + get => (CookieAuthenticationEvents)base.Events!; set => base.Events = value; } @@ -119,20 +119,20 @@ namespace Microsoft.AspNetCore.Authentication.Cookies /// The TicketDataFormat is used to protect and unprotect the identity and other properties which are stored in the /// cookie value. If not provided one will be created using <see cref="DataProtectionProvider"/>. /// </summary> - public ISecureDataFormat<AuthenticationTicket> TicketDataFormat { get; set; } + public ISecureDataFormat<AuthenticationTicket> TicketDataFormat { get; set; } = default!; /// <summary> /// The component used to get cookies from the request or set them on the response. /// /// ChunkingCookieManager will be used by default. /// </summary> - public ICookieManager CookieManager { get; set; } + public ICookieManager CookieManager { get; set; } = default!; /// <summary> /// An optional container in which to store the identity across requests. When used, only a session identifier is sent /// to the client. This can be used to mitigate potential problems with very large identities. /// </summary> - public ITicketStore SessionStore { get; set; } + public ITicketStore? SessionStore { get; set; } /// <summary> /// <para> diff --git a/src/Security/Authentication/Cookies/src/CookieExtensions.cs b/src/Security/Authentication/Cookies/src/CookieExtensions.cs index 7763e6a624..7787ad8094 100644 --- a/src/Security/Authentication/Cookies/src/CookieExtensions.cs +++ b/src/Security/Authentication/Cookies/src/CookieExtensions.cs @@ -17,13 +17,13 @@ namespace Microsoft.Extensions.DependencyInjection public static AuthenticationBuilder AddCookie(this AuthenticationBuilder builder, string authenticationScheme) => builder.AddCookie(authenticationScheme, configureOptions: null); - public static AuthenticationBuilder AddCookie(this AuthenticationBuilder builder, Action<CookieAuthenticationOptions> configureOptions) + public static AuthenticationBuilder AddCookie(this AuthenticationBuilder builder, Action<CookieAuthenticationOptions>? configureOptions) => builder.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, configureOptions); - public static AuthenticationBuilder AddCookie(this AuthenticationBuilder builder, string authenticationScheme, Action<CookieAuthenticationOptions> configureOptions) + public static AuthenticationBuilder AddCookie(this AuthenticationBuilder builder, string authenticationScheme, Action<CookieAuthenticationOptions>? configureOptions) => builder.AddCookie(authenticationScheme, displayName: null, configureOptions: configureOptions); - public static AuthenticationBuilder AddCookie(this AuthenticationBuilder builder, string authenticationScheme, string displayName, Action<CookieAuthenticationOptions> configureOptions) + public static AuthenticationBuilder AddCookie(this AuthenticationBuilder builder, string authenticationScheme, string? displayName, Action<CookieAuthenticationOptions>? configureOptions) { builder.Services.TryAddEnumerable(ServiceDescriptor.Singleton<IPostConfigureOptions<CookieAuthenticationOptions>, PostConfigureCookieAuthenticationOptions>()); builder.Services.AddOptions<CookieAuthenticationOptions>(authenticationScheme).Validate(o => o.Cookie.Expiration == null, "Cookie.Expiration is ignored, use ExpireTimeSpan instead."); diff --git a/src/Security/Authentication/Cookies/src/CookieSignedInContext.cs b/src/Security/Authentication/Cookies/src/CookieSignedInContext.cs index 98c31dd190..d0d1dde8b7 100644 --- a/src/Security/Authentication/Cookies/src/CookieSignedInContext.cs +++ b/src/Security/Authentication/Cookies/src/CookieSignedInContext.cs @@ -23,7 +23,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies HttpContext context, AuthenticationScheme scheme, ClaimsPrincipal principal, - AuthenticationProperties properties, + AuthenticationProperties? properties, CookieAuthenticationOptions options) : base(context, scheme, options, properties) { diff --git a/src/Security/Authentication/Cookies/src/CookieSigningInContext.cs b/src/Security/Authentication/Cookies/src/CookieSigningInContext.cs index 41d7b4f6ae..b85429f0cf 100644 --- a/src/Security/Authentication/Cookies/src/CookieSigningInContext.cs +++ b/src/Security/Authentication/Cookies/src/CookieSigningInContext.cs @@ -25,7 +25,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies AuthenticationScheme scheme, CookieAuthenticationOptions options, ClaimsPrincipal principal, - AuthenticationProperties properties, + AuthenticationProperties? properties, CookieOptions cookieOptions) : base(context, scheme, options, properties) { diff --git a/src/Security/Authentication/Cookies/src/CookieSigningOutContext.cs b/src/Security/Authentication/Cookies/src/CookieSigningOutContext.cs index 34f6e49ab6..fd0e9712b1 100644 --- a/src/Security/Authentication/Cookies/src/CookieSigningOutContext.cs +++ b/src/Security/Authentication/Cookies/src/CookieSigningOutContext.cs @@ -22,7 +22,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies HttpContext context, AuthenticationScheme scheme, CookieAuthenticationOptions options, - AuthenticationProperties properties, + AuthenticationProperties? properties, CookieOptions cookieOptions) : base(context, scheme, options, properties) => CookieOptions = cookieOptions; diff --git a/src/Security/Authentication/Cookies/src/ICookieManager.cs b/src/Security/Authentication/Cookies/src/ICookieManager.cs index 4514fefa97..5db41d7223 100644 --- a/src/Security/Authentication/Cookies/src/ICookieManager.cs +++ b/src/Security/Authentication/Cookies/src/ICookieManager.cs @@ -17,7 +17,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies /// <param name="context"></param> /// <param name="key"></param> /// <returns></returns> - string GetRequestCookie(HttpContext context, string key); + string? GetRequestCookie(HttpContext context, string key); /// <summary> /// Append the given cookie to the response. @@ -26,7 +26,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies /// <param name="key"></param> /// <param name="value"></param> /// <param name="options"></param> - void AppendResponseCookie(HttpContext context, string key, string value, CookieOptions options); + void AppendResponseCookie(HttpContext context, string key, string? value, CookieOptions options); /// <summary> /// Append a delete cookie to the response. diff --git a/src/Security/Authentication/Cookies/src/LoggingExtensions.cs b/src/Security/Authentication/Cookies/src/LoggingExtensions.cs index a8a59f29dd..340fb04a29 100644 --- a/src/Security/Authentication/Cookies/src/LoggingExtensions.cs +++ b/src/Security/Authentication/Cookies/src/LoggingExtensions.cs @@ -7,8 +7,8 @@ namespace Microsoft.Extensions.Logging { internal static class LoggingExtensions { - private static Action<ILogger, string, Exception> _authenticationSchemeSignedIn; - private static Action<ILogger, string, Exception> _authenticationSchemeSignedOut; + private static Action<ILogger, string, Exception?> _authenticationSchemeSignedIn; + private static Action<ILogger, string, Exception?> _authenticationSchemeSignedOut; static LoggingExtensions() { diff --git a/src/Security/Authentication/Cookies/src/Microsoft.AspNetCore.Authentication.Cookies.csproj b/src/Security/Authentication/Cookies/src/Microsoft.AspNetCore.Authentication.Cookies.csproj index 803c58f408..af13015b04 100644 --- a/src/Security/Authentication/Cookies/src/Microsoft.AspNetCore.Authentication.Cookies.csproj +++ b/src/Security/Authentication/Cookies/src/Microsoft.AspNetCore.Authentication.Cookies.csproj @@ -1,4 +1,4 @@ -<Project Sdk="Microsoft.NET.Sdk"> +<Project Sdk="Microsoft.NET.Sdk"> <PropertyGroup> <Description>ASP.NET Core middleware that enables an application to use cookie based authentication.</Description> @@ -9,6 +9,7 @@ <GenerateDocumentationFile>true</GenerateDocumentationFile> <PackageTags>aspnetcore;authentication;security</PackageTags> <IsPackable>false</IsPackable> + <Nullable>enable</Nullable> </PropertyGroup> <ItemGroup> diff --git a/src/Security/Authentication/Cookies/src/PostConfigureCookieAuthenticationOptions.cs b/src/Security/Authentication/Cookies/src/PostConfigureCookieAuthenticationOptions.cs index 48895072e9..5881098800 100644 --- a/src/Security/Authentication/Cookies/src/PostConfigureCookieAuthenticationOptions.cs +++ b/src/Security/Authentication/Cookies/src/PostConfigureCookieAuthenticationOptions.cs @@ -26,7 +26,7 @@ namespace Microsoft.AspNetCore.Authentication.Cookies /// <param name="options">The options instance to configure.</param> public void PostConfigure(string name, CookieAuthenticationOptions options) { - options.DataProtectionProvider = options.DataProtectionProvider ?? _dp; + options.DataProtectionProvider ??= _dp; if (string.IsNullOrEmpty(options.Cookie.Name)) { diff --git a/src/Security/Authentication/Core/src/AuthenticationBuilder.cs b/src/Security/Authentication/Core/src/AuthenticationBuilder.cs index d4efd0c847..c89c153003 100644 --- a/src/Security/Authentication/Core/src/AuthenticationBuilder.cs +++ b/src/Security/Authentication/Core/src/AuthenticationBuilder.cs @@ -25,7 +25,7 @@ namespace Microsoft.AspNetCore.Authentication /// </summary> public virtual IServiceCollection Services { get; } - private AuthenticationBuilder AddSchemeHelper<TOptions, THandler>(string authenticationScheme, string displayName, Action<TOptions> configureOptions) + private AuthenticationBuilder AddSchemeHelper<TOptions, THandler>(string authenticationScheme, string? displayName, Action<TOptions>? configureOptions) where TOptions : AuthenticationSchemeOptions, new() where THandler : class, IAuthenticationHandler { @@ -57,7 +57,7 @@ namespace Microsoft.AspNetCore.Authentication /// <param name="displayName">The display name of this scheme.</param> /// <param name="configureOptions">Used to configure the scheme options.</param> /// <returns>The builder.</returns> - public virtual AuthenticationBuilder AddScheme<TOptions, THandler>(string authenticationScheme, string displayName, Action<TOptions> configureOptions) + public virtual AuthenticationBuilder AddScheme<TOptions, THandler>(string authenticationScheme, string? displayName, Action<TOptions>? configureOptions) where TOptions : AuthenticationSchemeOptions, new() where THandler : AuthenticationHandler<TOptions> => AddSchemeHelper<TOptions, THandler>(authenticationScheme, displayName, configureOptions); @@ -70,7 +70,7 @@ namespace Microsoft.AspNetCore.Authentication /// <param name="authenticationScheme">The name of this scheme.</param> /// <param name="configureOptions">Used to configure the scheme options.</param> /// <returns>The builder.</returns> - public virtual AuthenticationBuilder AddScheme<TOptions, THandler>(string authenticationScheme, Action<TOptions> configureOptions) + public virtual AuthenticationBuilder AddScheme<TOptions, THandler>(string authenticationScheme, Action<TOptions>? configureOptions) where TOptions : AuthenticationSchemeOptions, new() where THandler : AuthenticationHandler<TOptions> => AddScheme<TOptions, THandler>(authenticationScheme, displayName: null, configureOptions: configureOptions); @@ -85,7 +85,7 @@ namespace Microsoft.AspNetCore.Authentication /// <param name="displayName">The display name of this scheme.</param> /// <param name="configureOptions">Used to configure the scheme options.</param> /// <returns>The builder.</returns> - public virtual AuthenticationBuilder AddRemoteScheme<TOptions, THandler>(string authenticationScheme, string displayName, Action<TOptions> configureOptions) + public virtual AuthenticationBuilder AddRemoteScheme<TOptions, THandler>(string authenticationScheme, string? displayName, Action<TOptions>? configureOptions) where TOptions : RemoteAuthenticationOptions, new() where THandler : RemoteAuthenticationHandler<TOptions> { @@ -101,7 +101,7 @@ namespace Microsoft.AspNetCore.Authentication /// <param name="displayName">The display name of this scheme.</param> /// <param name="configureOptions">Used to configure the scheme options.</param> /// <returns>The builder.</returns> - public virtual AuthenticationBuilder AddPolicyScheme(string authenticationScheme, string displayName, Action<PolicySchemeOptions> configureOptions) + public virtual AuthenticationBuilder AddPolicyScheme(string authenticationScheme, string? displayName, Action<PolicySchemeOptions> configureOptions) => AddSchemeHelper<PolicySchemeOptions, PolicySchemeHandler>(authenticationScheme, displayName, configureOptions); // Used to ensure that there's always a default sign in scheme that's not itself @@ -116,7 +116,7 @@ namespace Microsoft.AspNetCore.Authentication public void PostConfigure(string name, TOptions options) { - options.SignInScheme = options.SignInScheme ?? _authOptions.DefaultSignInScheme ?? _authOptions.DefaultScheme; + options.SignInScheme ??= _authOptions.DefaultSignInScheme ?? _authOptions.DefaultScheme; } } } diff --git a/src/Security/Authentication/Core/src/AuthenticationHandler.cs b/src/Security/Authentication/Core/src/AuthenticationHandler.cs index 5f8a8d588f..d19286d030 100644 --- a/src/Security/Authentication/Core/src/AuthenticationHandler.cs +++ b/src/Security/Authentication/Core/src/AuthenticationHandler.cs @@ -13,11 +13,11 @@ namespace Microsoft.AspNetCore.Authentication { public abstract class AuthenticationHandler<TOptions> : IAuthenticationHandler where TOptions : AuthenticationSchemeOptions, new() { - private Task<AuthenticateResult> _authenticateTask; + private Task<AuthenticateResult>? _authenticateTask; - public AuthenticationScheme Scheme { get; private set; } - public TOptions Options { get; private set; } - protected HttpContext Context { get; private set; } + public AuthenticationScheme Scheme { get; private set; } = default!; + public TOptions Options { get; private set; } = default!; + protected HttpContext Context { get; private set; } = default!; protected HttpRequest Request { @@ -45,7 +45,7 @@ namespace Microsoft.AspNetCore.Authentication /// The handler calls methods on the events which give the application control at certain points where processing is occurring. /// If it is not provided a default instance is supplied which does nothing when the methods are called. /// </summary> - protected virtual object Events { get; set; } + protected virtual object? Events { get; set; } protected virtual string ClaimsIssuer => Options.ClaimsIssuer ?? Scheme.Name; @@ -116,7 +116,7 @@ namespace Microsoft.AspNetCore.Authentication protected string BuildRedirectUri(string targetPath) => Request.Scheme + "://" + Request.Host + OriginalPathBase + targetPath; - protected virtual string ResolveTarget(string scheme) + protected virtual string? ResolveTarget(string? scheme) { var target = scheme ?? Options.ForwardDefaultSelector?.Invoke(Context) ?? Options.ForwardDefault; @@ -135,10 +135,10 @@ namespace Microsoft.AspNetCore.Authentication } // Calling Authenticate more than once should always return the original value. - var result = await HandleAuthenticateOnceAsync(); - if (result?.Failure == null) + var result = await HandleAuthenticateOnceAsync() ?? AuthenticateResult.NoResult(); + if (result.Failure == null) { - var ticket = result?.Ticket; + var ticket = result.Ticket; if (ticket?.Principal != null) { Logger.AuthenticationSchemeAuthenticated(Scheme.Name); @@ -212,7 +212,7 @@ namespace Microsoft.AspNetCore.Authentication return Task.CompletedTask; } - public async Task ChallengeAsync(AuthenticationProperties properties) + public async Task ChallengeAsync(AuthenticationProperties? properties) { var target = ResolveTarget(Options.ForwardChallenge); if (target != null) @@ -221,12 +221,12 @@ namespace Microsoft.AspNetCore.Authentication return; } - properties = properties ?? new AuthenticationProperties(); + properties ??= new AuthenticationProperties(); await HandleChallengeAsync(properties); Logger.AuthenticationSchemeChallenged(Scheme.Name); } - public async Task ForbidAsync(AuthenticationProperties properties) + public async Task ForbidAsync(AuthenticationProperties? properties) { var target = ResolveTarget(Options.ForwardForbid); if (target != null) @@ -235,7 +235,7 @@ namespace Microsoft.AspNetCore.Authentication return; } - properties = properties ?? new AuthenticationProperties(); + properties ??= new AuthenticationProperties(); await HandleForbiddenAsync(properties); Logger.AuthenticationSchemeForbidden(Scheme.Name); } diff --git a/src/Security/Authentication/Core/src/AuthenticationSchemeOptions.cs b/src/Security/Authentication/Core/src/AuthenticationSchemeOptions.cs index 0f1e1b9814..1cfe428cf5 100644 --- a/src/Security/Authentication/Core/src/AuthenticationSchemeOptions.cs +++ b/src/Security/Authentication/Core/src/AuthenticationSchemeOptions.cs @@ -26,17 +26,17 @@ namespace Microsoft.AspNetCore.Authentication /// <summary> /// Gets or sets the issuer that should be used for any claims that are created /// </summary> - public string ClaimsIssuer { get; set; } + public string? ClaimsIssuer { get; set; } /// <summary> /// Instance used for events /// </summary> - public object Events { get; set; } + public object? Events { get; set; } /// <summary> /// If set, will be used as the service type to get the Events instance instead of the property. /// </summary> - public Type EventsType { get; set; } + public Type? EventsType { get; set; } /// <summary> /// If set, this specifies a default scheme that authentication handlers should forward all authentication operations to @@ -44,42 +44,42 @@ namespace Microsoft.AspNetCore.Authentication /// setting first, followed by checking the ForwardDefaultSelector, followed by ForwardDefault. The first non null result /// will be used as the target scheme to forward to. /// </summary> - public string ForwardDefault { get; set; } + public string? ForwardDefault { get; set; } /// <summary> /// If set, this specifies the target scheme that this scheme should forward AuthenticateAsync calls to. /// For example Context.AuthenticateAsync("ThisScheme") => Context.AuthenticateAsync("ForwardAuthenticateValue"); /// Set the target to the current scheme to disable forwarding and allow normal processing. /// </summary> - public string ForwardAuthenticate { get; set; } + public string? ForwardAuthenticate { get; set; } /// <summary> /// If set, this specifies the target scheme that this scheme should forward ChallengeAsync calls to. /// For example Context.ChallengeAsync("ThisScheme") => Context.ChallengeAsync("ForwardChallengeValue"); /// Set the target to the current scheme to disable forwarding and allow normal processing. /// </summary> - public string ForwardChallenge { get; set; } + public string? ForwardChallenge { get; set; } /// <summary> /// If set, this specifies the target scheme that this scheme should forward ForbidAsync calls to. /// For example Context.ForbidAsync("ThisScheme") => Context.ForbidAsync("ForwardForbidValue"); /// Set the target to the current scheme to disable forwarding and allow normal processing. /// </summary> - public string ForwardForbid { get; set; } + public string? ForwardForbid { get; set; } /// <summary> /// If set, this specifies the target scheme that this scheme should forward SignInAsync calls to. /// For example Context.SignInAsync("ThisScheme") => Context.SignInAsync("ForwardSignInValue"); /// Set the target to the current scheme to disable forwarding and allow normal processing. /// </summary> - public string ForwardSignIn { get; set; } + public string? ForwardSignIn { get; set; } /// <summary> /// If set, this specifies the target scheme that this scheme should forward SignOutAsync calls to. /// For example Context.SignOutAsync("ThisScheme") => Context.SignOutAsync("ForwardSignOutValue"); /// Set the target to the current scheme to disable forwarding and allow normal processing. /// </summary> - public string ForwardSignOut { get; set; } + public string? ForwardSignOut { get; set; } /// <summary> /// Used to select a default scheme for the current request that authentication handlers should forward all authentication operations to @@ -87,7 +87,7 @@ namespace Microsoft.AspNetCore.Authentication /// setting first, followed by checking the ForwardDefaultSelector, followed by ForwardDefault. The first non null result /// will be used as the target scheme to forward to. /// </summary> - public Func<HttpContext, string> ForwardDefaultSelector { get; set; } + public Func<HttpContext, string>? ForwardDefaultSelector { get; set; } } } diff --git a/src/Security/Authentication/Core/src/AuthenticationServiceCollectionExtensions.cs b/src/Security/Authentication/Core/src/AuthenticationServiceCollectionExtensions.cs index 6c381b84ab..70e707f34d 100644 --- a/src/Security/Authentication/Core/src/AuthenticationServiceCollectionExtensions.cs +++ b/src/Security/Authentication/Core/src/AuthenticationServiceCollectionExtensions.cs @@ -58,7 +58,7 @@ namespace Microsoft.Extensions.DependencyInjection public void PostConfigure(string name, TOptions options) { - options.SignInScheme = options.SignInScheme ?? _authOptions.DefaultSignInScheme; + options.SignInScheme ??= _authOptions.DefaultSignInScheme; } } diff --git a/src/Security/Authentication/Core/src/Events/AccessDeniedContext.cs b/src/Security/Authentication/Core/src/Events/AccessDeniedContext.cs index f01d69453b..30cfee4e69 100644 --- a/src/Security/Authentication/Core/src/Events/AccessDeniedContext.cs +++ b/src/Security/Authentication/Core/src/Events/AccessDeniedContext.cs @@ -27,18 +27,18 @@ namespace Microsoft.AspNetCore.Authentication /// <summary> /// Additional state values for the authentication session. /// </summary> - public AuthenticationProperties Properties { get; set; } + public AuthenticationProperties? Properties { get; set; } /// <summary> /// Gets or sets the return URL that will be flowed up to the access denied page. /// If <see cref="ReturnUrlParameter"/> is not set, this property is not used. /// </summary> - public string ReturnUrl { get; set; } + public string? ReturnUrl { get; set; } /// <summary> /// Gets or sets the parameter name that will be used to flow the return URL. /// By default, this property is set to <see cref="RemoteAuthenticationOptions.ReturnUrlParameter"/>. /// </summary> - public string ReturnUrlParameter { get; set; } + public string ReturnUrlParameter { get; set; } = default!; } } diff --git a/src/Security/Authentication/Core/src/Events/HandleRequestContext.cs b/src/Security/Authentication/Core/src/Events/HandleRequestContext.cs index 52dd9ce12f..d31cc921e2 100644 --- a/src/Security/Authentication/Core/src/Events/HandleRequestContext.cs +++ b/src/Security/Authentication/Core/src/Events/HandleRequestContext.cs @@ -16,7 +16,7 @@ namespace Microsoft.AspNetCore.Authentication /// <summary> /// The <see cref="HandleRequestResult"/> which is used by the handler. /// </summary> - public HandleRequestResult Result { get; protected set; } + public HandleRequestResult Result { get; protected set; } = default!; /// <summary> /// Discontinue all processing for this request and return to the client. @@ -29,4 +29,4 @@ namespace Microsoft.AspNetCore.Authentication /// </summary> public void SkipHandler() => Result = HandleRequestResult.SkipHandler(); } -}
\ No newline at end of file +} diff --git a/src/Security/Authentication/Core/src/Events/PrincipalContext.cs b/src/Security/Authentication/Core/src/Events/PrincipalContext.cs index 8bf40760a1..f2585fdfbc 100644 --- a/src/Security/Authentication/Core/src/Events/PrincipalContext.cs +++ b/src/Security/Authentication/Core/src/Events/PrincipalContext.cs @@ -19,12 +19,12 @@ namespace Microsoft.AspNetCore.Authentication /// <param name="scheme">The authentication scheme.</param> /// <param name="options">The authentication options associated with the scheme.</param> /// <param name="properties">The authentication properties.</param> - protected PrincipalContext(HttpContext context, AuthenticationScheme scheme, TOptions options, AuthenticationProperties properties) + protected PrincipalContext(HttpContext context, AuthenticationScheme scheme, TOptions options, AuthenticationProperties? properties) : base(context, scheme, options, properties) { } /// <summary> /// Gets the <see cref="ClaimsPrincipal"/> containing the user claims. /// </summary> - public virtual ClaimsPrincipal Principal { get; set; } + public virtual ClaimsPrincipal? Principal { get; set; } } } diff --git a/src/Security/Authentication/Core/src/Events/PropertiesContext.cs b/src/Security/Authentication/Core/src/Events/PropertiesContext.cs index f1730d0d7f..f803d248b5 100644 --- a/src/Security/Authentication/Core/src/Events/PropertiesContext.cs +++ b/src/Security/Authentication/Core/src/Events/PropertiesContext.cs @@ -17,7 +17,7 @@ namespace Microsoft.AspNetCore.Authentication /// <param name="scheme">The authentication scheme.</param> /// <param name="options">The authentication options associated with the scheme.</param> /// <param name="properties">The authentication properties.</param> - protected PropertiesContext(HttpContext context, AuthenticationScheme scheme, TOptions options, AuthenticationProperties properties) + protected PropertiesContext(HttpContext context, AuthenticationScheme scheme, TOptions options, AuthenticationProperties? properties) : base(context, scheme, options) { Properties = properties ?? new AuthenticationProperties(); diff --git a/src/Security/Authentication/Core/src/Events/RemoteAuthenticationContext.cs b/src/Security/Authentication/Core/src/Events/RemoteAuthenticationContext.cs index b7a0168798..76b42239bc 100644 --- a/src/Security/Authentication/Core/src/Events/RemoteAuthenticationContext.cs +++ b/src/Security/Authentication/Core/src/Events/RemoteAuthenticationContext.cs @@ -23,14 +23,14 @@ namespace Microsoft.AspNetCore.Authentication HttpContext context, AuthenticationScheme scheme, TOptions options, - AuthenticationProperties properties) + AuthenticationProperties? properties) : base(context, scheme, options) => Properties = properties ?? new AuthenticationProperties(); /// <summary> /// Gets the <see cref="ClaimsPrincipal"/> containing the user claims. /// </summary> - public ClaimsPrincipal Principal { get; set; } + public ClaimsPrincipal? Principal { get; set; } /// <summary> /// Gets or sets the <see cref="AuthenticationProperties"/>. @@ -40,10 +40,10 @@ namespace Microsoft.AspNetCore.Authentication /// <summary> /// Calls success creating a ticket with the <see cref="Principal"/> and <see cref="Properties"/>. /// </summary> - public void Success() => Result = HandleRequestResult.Success(new AuthenticationTicket(Principal, Properties, Scheme.Name)); + public void Success() => Result = HandleRequestResult.Success(new AuthenticationTicket(Principal!, Properties, Scheme.Name)); public void Fail(Exception failure) => Result = HandleRequestResult.Fail(failure); public void Fail(string failureMessage) => Result = HandleRequestResult.Fail(failureMessage); } -}
\ No newline at end of file +} diff --git a/src/Security/Authentication/Core/src/Events/RemoteFailureContext.cs b/src/Security/Authentication/Core/src/Events/RemoteFailureContext.cs index 6b3598f40a..c39956aa3f 100644 --- a/src/Security/Authentication/Core/src/Events/RemoteFailureContext.cs +++ b/src/Security/Authentication/Core/src/Events/RemoteFailureContext.cs @@ -24,11 +24,11 @@ namespace Microsoft.AspNetCore.Authentication /// <summary> /// User friendly error message for the error. /// </summary> - public Exception Failure { get; set; } + public Exception? Failure { get; set; } /// <summary> /// Additional state values for the authentication session. /// </summary> - public AuthenticationProperties Properties { get; set; } + public AuthenticationProperties? Properties { get; set; } } } diff --git a/src/Security/Authentication/Core/src/Events/ResultContext.cs b/src/Security/Authentication/Core/src/Events/ResultContext.cs index 12b21f4bf6..b8ca95b43e 100644 --- a/src/Security/Authentication/Core/src/Events/ResultContext.cs +++ b/src/Security/Authentication/Core/src/Events/ResultContext.cs @@ -12,6 +12,8 @@ namespace Microsoft.AspNetCore.Authentication /// </summary> public abstract class ResultContext<TOptions> : BaseContext<TOptions> where TOptions : AuthenticationSchemeOptions { + private AuthenticationProperties? _properties; + /// <summary> /// Constructor. /// </summary> @@ -24,26 +26,30 @@ namespace Microsoft.AspNetCore.Authentication /// <summary> /// Gets or sets the <see cref="ClaimsPrincipal"/> containing the user claims. /// </summary> - public ClaimsPrincipal Principal { get; set; } + public ClaimsPrincipal? Principal { get; set; } - private AuthenticationProperties _properties; /// <summary> /// Gets or sets the <see cref="AuthenticationProperties"/>. /// </summary> - public AuthenticationProperties Properties { - get => _properties ?? (_properties = new AuthenticationProperties()); + public AuthenticationProperties Properties + { + get + { + _properties ??= new AuthenticationProperties(); + return _properties; + } set => _properties = value; } /// <summary> /// Gets the <see cref="AuthenticateResult"/> result. /// </summary> - public AuthenticateResult Result { get; private set; } + public AuthenticateResult Result { get; private set; } = default!; /// <summary> /// Calls success creating a ticket with the <see cref="Principal"/> and <see cref="Properties"/>. /// </summary> - public void Success() => Result = HandleRequestResult.Success(new AuthenticationTicket(Principal, Properties, Scheme.Name)); + public void Success() => Result = HandleRequestResult.Success(new AuthenticationTicket(Principal!, Properties, Scheme.Name)); /// <summary> /// Indicates that there was no information returned for this authentication scheme. diff --git a/src/Security/Authentication/Core/src/Events/TicketReceivedContext.cs b/src/Security/Authentication/Core/src/Events/TicketReceivedContext.cs index 51b77a37fa..665cb2769a 100644 --- a/src/Security/Authentication/Core/src/Events/TicketReceivedContext.cs +++ b/src/Security/Authentication/Core/src/Events/TicketReceivedContext.cs @@ -19,6 +19,6 @@ namespace Microsoft.AspNetCore.Authentication : base(context, scheme, options, ticket?.Properties) => Principal = ticket?.Principal; - public string ReturnUri { get; set; } + public string? ReturnUri { get; set; } } } diff --git a/src/Security/Authentication/Core/src/IDataSerializer.cs b/src/Security/Authentication/Core/src/IDataSerializer.cs index ad9c523005..be1367600c 100644 --- a/src/Security/Authentication/Core/src/IDataSerializer.cs +++ b/src/Security/Authentication/Core/src/IDataSerializer.cs @@ -1,11 +1,15 @@ // Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. +using System.Diagnostics.CodeAnalysis; + namespace Microsoft.AspNetCore.Authentication { public interface IDataSerializer<TModel> { byte[] Serialize(TModel model); + + [return: MaybeNull] TModel Deserialize(byte[] data); } } diff --git a/src/Security/Authentication/Core/src/ISecureDataFormat.cs b/src/Security/Authentication/Core/src/ISecureDataFormat.cs index 73b1b882b5..56b815440b 100644 --- a/src/Security/Authentication/Core/src/ISecureDataFormat.cs +++ b/src/Security/Authentication/Core/src/ISecureDataFormat.cs @@ -1,13 +1,20 @@ // Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. +using System.Diagnostics.CodeAnalysis; + namespace Microsoft.AspNetCore.Authentication { public interface ISecureDataFormat<TData> { string Protect(TData data); - string Protect(TData data, string purpose); + + string Protect(TData data, string? purpose); + + [return: MaybeNull] TData Unprotect(string protectedText); - TData Unprotect(string protectedText, string purpose); + + [return: MaybeNull] + TData Unprotect(string protectedText, string? purpose); } } diff --git a/src/Security/Authentication/Core/src/JsonDocumentAuthExtensions.cs b/src/Security/Authentication/Core/src/JsonDocumentAuthExtensions.cs index 83784ddfd3..eaa3ea5c30 100644 --- a/src/Security/Authentication/Core/src/JsonDocumentAuthExtensions.cs +++ b/src/Security/Authentication/Core/src/JsonDocumentAuthExtensions.cs @@ -7,7 +7,7 @@ namespace Microsoft.AspNetCore.Authentication { public static class JsonDocumentAuthExtensions { - public static string GetString(this JsonElement element, string key) + public static string? GetString(this JsonElement element, string key) { if (element.TryGetProperty(key, out var property) && property.ValueKind != JsonValueKind.Null) { diff --git a/src/Security/Authentication/Core/src/LoggingExtensions.cs b/src/Security/Authentication/Core/src/LoggingExtensions.cs index 75a1e3e6e3..d8a9d3ef64 100644 --- a/src/Security/Authentication/Core/src/LoggingExtensions.cs +++ b/src/Security/Authentication/Core/src/LoggingExtensions.cs @@ -7,20 +7,20 @@ namespace Microsoft.Extensions.Logging { internal static class LoggingExtensions { - private static readonly Action<ILogger, string, Exception> _authenticationSchemeAuthenticated; - private static readonly Action<ILogger, string, Exception> _authenticationSchemeNotAuthenticated; - private static readonly Action<ILogger, string, string, Exception> _authenticationSchemeNotAuthenticatedWithFailure; - private static readonly Action<ILogger, string, Exception> _authenticationSchemeChallenged; - private static readonly Action<ILogger, string, Exception> _authenticationSchemeForbidden; - private static readonly Action<ILogger, string, Exception> _remoteAuthenticationError; - private static readonly Action<ILogger, Exception> _signInHandled; - private static readonly Action<ILogger, Exception> _signInSkipped; - private static readonly Action<ILogger, string, Exception> _correlationPropertyNotFound; - private static readonly Action<ILogger, string, Exception> _correlationCookieNotFound; - private static readonly Action<ILogger, string, string, Exception> _unexpectedCorrelationCookieValue; - private static readonly Action<ILogger, Exception> _accessDeniedError; - private static readonly Action<ILogger, Exception> _accessDeniedContextHandled; - private static readonly Action<ILogger, Exception> _accessDeniedContextSkipped; + private static readonly Action<ILogger, string, Exception?> _authenticationSchemeAuthenticated; + private static readonly Action<ILogger, string, Exception?> _authenticationSchemeNotAuthenticated; + private static readonly Action<ILogger, string, string, Exception?> _authenticationSchemeNotAuthenticatedWithFailure; + private static readonly Action<ILogger, string, Exception?> _authenticationSchemeChallenged; + private static readonly Action<ILogger, string, Exception?> _authenticationSchemeForbidden; + private static readonly Action<ILogger, string, Exception?> _remoteAuthenticationError; + private static readonly Action<ILogger, Exception?> _signInHandled; + private static readonly Action<ILogger, Exception?> _signInSkipped; + private static readonly Action<ILogger, string, Exception?> _correlationPropertyNotFound; + private static readonly Action<ILogger, string, Exception?> _correlationCookieNotFound; + private static readonly Action<ILogger, string, string, Exception?> _unexpectedCorrelationCookieValue; + private static readonly Action<ILogger, Exception?> _accessDeniedError; + private static readonly Action<ILogger, Exception?> _accessDeniedContextHandled; + private static readonly Action<ILogger, Exception?> _accessDeniedContextSkipped; static LoggingExtensions() { diff --git a/src/Security/Authentication/Core/src/Microsoft.AspNetCore.Authentication.csproj b/src/Security/Authentication/Core/src/Microsoft.AspNetCore.Authentication.csproj index e81a55f314..5d8135751d 100644 --- a/src/Security/Authentication/Core/src/Microsoft.AspNetCore.Authentication.csproj +++ b/src/Security/Authentication/Core/src/Microsoft.AspNetCore.Authentication.csproj @@ -1,4 +1,4 @@ -<Project Sdk="Microsoft.NET.Sdk"> +<Project Sdk="Microsoft.NET.Sdk"> <PropertyGroup> <Description>ASP.NET Core common types used by the various authentication middleware components.</Description> @@ -8,6 +8,7 @@ <GenerateDocumentationFile>true</GenerateDocumentationFile> <PackageTags>aspnetcore;authentication;security</PackageTags> <IsPackable>false</IsPackable> + <Nullable>enable</Nullable> </PropertyGroup> <ItemGroup> diff --git a/src/Security/Authentication/Core/src/PolicySchemeHandler.cs b/src/Security/Authentication/Core/src/PolicySchemeHandler.cs index 4dbbb7de2d..3a171f1cf2 100644 --- a/src/Security/Authentication/Core/src/PolicySchemeHandler.cs +++ b/src/Security/Authentication/Core/src/PolicySchemeHandler.cs @@ -18,19 +18,19 @@ namespace Microsoft.AspNetCore.Authentication public PolicySchemeHandler(IOptionsMonitor<PolicySchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock) { } - protected override Task HandleChallengeAsync(AuthenticationProperties properties) + protected override Task HandleChallengeAsync(AuthenticationProperties? properties) => throw new NotImplementedException(); - protected override Task HandleForbiddenAsync(AuthenticationProperties properties) + protected override Task HandleForbiddenAsync(AuthenticationProperties? properties) => throw new NotImplementedException(); - protected override Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties properties) + protected override Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties) => throw new NotImplementedException(); - protected override Task HandleSignOutAsync(AuthenticationProperties properties) + protected override Task HandleSignOutAsync(AuthenticationProperties? properties) => throw new NotImplementedException(); protected override Task<AuthenticateResult> HandleAuthenticateAsync() => throw new NotImplementedException(); } -}
\ No newline at end of file +} diff --git a/src/Security/Authentication/Core/src/PropertiesSerializer.cs b/src/Security/Authentication/Core/src/PropertiesSerializer.cs index c213bc4f60..0789d1e1a1 100644 --- a/src/Security/Authentication/Core/src/PropertiesSerializer.cs +++ b/src/Security/Authentication/Core/src/PropertiesSerializer.cs @@ -26,7 +26,7 @@ namespace Microsoft.AspNetCore.Authentication } } - public virtual AuthenticationProperties Deserialize(byte[] data) + public virtual AuthenticationProperties? Deserialize(byte[] data) { using (var memory = new MemoryStream(data)) { @@ -59,7 +59,7 @@ namespace Microsoft.AspNetCore.Authentication } } - public virtual AuthenticationProperties Read(BinaryReader reader) + public virtual AuthenticationProperties? Read(BinaryReader reader) { if (reader == null) { @@ -72,12 +72,12 @@ namespace Microsoft.AspNetCore.Authentication } var count = reader.ReadInt32(); - var extra = new Dictionary<string, string>(count); + var extra = new Dictionary<string, string?>(count); for (var index = 0; index != count; ++index) { - string key = reader.ReadString(); - string value = reader.ReadString(); + var key = reader.ReadString(); + var value = reader.ReadString(); extra.Add(key, value); } return new AuthenticationProperties(extra); diff --git a/src/Security/Authentication/Core/src/RemoteAuthenticationHandler.cs b/src/Security/Authentication/Core/src/RemoteAuthenticationHandler.cs index 2f650f0971..ed5e379d66 100644 --- a/src/Security/Authentication/Core/src/RemoteAuthenticationHandler.cs +++ b/src/Security/Authentication/Core/src/RemoteAuthenticationHandler.cs @@ -2,6 +2,7 @@ // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. using System; +using System.Diagnostics; using System.Security.Cryptography; using System.Text.Encodings.Web; using System.Threading.Tasks; @@ -18,7 +19,7 @@ namespace Microsoft.AspNetCore.Authentication private const string CorrelationMarker = "N"; private const string AuthSchemeKey = ".AuthScheme"; - protected string SignInScheme => Options.SignInScheme; + protected string? SignInScheme => Options.SignInScheme; /// <summary> /// The handler calls methods on the events which give the application control at certain points where processing is occurring. @@ -26,7 +27,7 @@ namespace Microsoft.AspNetCore.Authentication /// </summary> protected new RemoteAuthenticationEvents Events { - get { return (RemoteAuthenticationEvents)base.Events; } + get { return (RemoteAuthenticationEvents)base.Events!; } set { base.Events = value; } } @@ -46,9 +47,9 @@ namespace Microsoft.AspNetCore.Authentication return false; } - AuthenticationTicket ticket = null; - Exception exception = null; - AuthenticationProperties properties = null; + AuthenticationTicket? ticket = null; + Exception? exception = null; + AuthenticationProperties? properties = null; try { var authResult = await HandleRemoteAuthenticateAsync(); @@ -109,6 +110,7 @@ namespace Microsoft.AspNetCore.Authentication } // We have a ticket if we get here + Debug.Assert(ticket != null); var ticketContext = new TicketReceivedContext(Context, Scheme, Options, ticket) { ReturnUri = ticket.Properties.RedirectUri @@ -135,7 +137,7 @@ namespace Microsoft.AspNetCore.Authentication } } - await Context.SignInAsync(SignInScheme, ticketContext.Principal, ticketContext.Properties); + await Context.SignInAsync(SignInScheme, ticketContext.Principal!, ticketContext.Properties); // Default redirect path is the base path if (string.IsNullOrEmpty(ticketContext.ReturnUri)) @@ -165,10 +167,9 @@ namespace Microsoft.AspNetCore.Authentication } // The SignInScheme may be shared with multiple providers, make sure this provider issued the identity. - string authenticatedScheme; var ticket = result.Ticket; if (ticket != null && ticket.Principal != null && ticket.Properties != null - && ticket.Properties.Items.TryGetValue(AuthSchemeKey, out authenticatedScheme) + && ticket.Properties.Items.TryGetValue(AuthSchemeKey, out var authenticatedScheme) && string.Equals(Scheme.Name, authenticatedScheme, StringComparison.Ordinal)) { return AuthenticateResult.Success(new AuthenticationTicket(ticket.Principal, @@ -211,9 +212,9 @@ namespace Microsoft.AspNetCore.Authentication throw new ArgumentNullException(nameof(properties)); } - if (!properties.Items.TryGetValue(CorrelationProperty, out string correlationId)) + if (!properties.Items.TryGetValue(CorrelationProperty, out var correlationId)) { - Logger.CorrelationPropertyNotFound(Options.CorrelationCookie.Name); + Logger.CorrelationPropertyNotFound(Options.CorrelationCookie.Name!); return false; } diff --git a/src/Security/Authentication/Core/src/RemoteAuthenticationOptions.cs b/src/Security/Authentication/Core/src/RemoteAuthenticationOptions.cs index 4dd39ca16e..933d6e000d 100644 --- a/src/Security/Authentication/Core/src/RemoteAuthenticationOptions.cs +++ b/src/Security/Authentication/Core/src/RemoteAuthenticationOptions.cs @@ -70,17 +70,17 @@ namespace Microsoft.AspNetCore.Authentication /// This cannot be set at the same time as BackchannelCertificateValidator unless the value /// can be downcast to a WebRequestHandler. /// </summary> - public HttpMessageHandler BackchannelHttpHandler { get; set; } + public HttpMessageHandler? BackchannelHttpHandler { get; set; } /// <summary> /// Used to communicate with the remote identity provider. /// </summary> - public HttpClient Backchannel { get; set; } + public HttpClient Backchannel { get; set; } = default!; /// <summary> /// Gets or sets the type used to secure data. /// </summary> - public IDataProtectionProvider DataProtectionProvider { get; set; } + public IDataProtectionProvider? DataProtectionProvider { get; set; } /// <summary> /// The request path within the application's base path where the user-agent will be returned. @@ -110,7 +110,7 @@ namespace Microsoft.AspNetCore.Authentication /// This value typically corresponds to a cookie middleware registered in the Startup class. /// When omitted, <see cref="AuthenticationOptions.DefaultSignInScheme"/> is used as a fallback value. /// </summary> - public string SignInScheme { get; set; } + public string? SignInScheme { get; set; } /// <summary> /// Gets or sets the time limit for completing the authentication flow (15 minutes by default). @@ -119,7 +119,7 @@ namespace Microsoft.AspNetCore.Authentication public new RemoteAuthenticationEvents Events { - get => (RemoteAuthenticationEvents)base.Events; + get => (RemoteAuthenticationEvents)base.Events!; set => base.Events = value; } diff --git a/src/Security/Authentication/Core/src/RequestPathBaseCookieBuilder.cs b/src/Security/Authentication/Core/src/RequestPathBaseCookieBuilder.cs index 2efc05c155..d4f81c85ca 100644 --- a/src/Security/Authentication/Core/src/RequestPathBaseCookieBuilder.cs +++ b/src/Security/Authentication/Core/src/RequestPathBaseCookieBuilder.cs @@ -1,4 +1,4 @@ -// Copyright (c) .NET Foundation. All rights reserved. +// Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. using System; @@ -14,7 +14,7 @@ namespace Microsoft.AspNetCore.Authentication /// <summary> /// Gets an optional value that is appended to the request path base. /// </summary> - protected virtual string AdditionalPath { get; } + protected virtual string? AdditionalPath { get; } public override CookieOptions Build(HttpContext context, DateTimeOffset expiresFrom) { diff --git a/src/Security/Authentication/Core/src/SecureDataFormat.cs b/src/Security/Authentication/Core/src/SecureDataFormat.cs index f35025d8bb..e53a51e71a 100644 --- a/src/Security/Authentication/Core/src/SecureDataFormat.cs +++ b/src/Security/Authentication/Core/src/SecureDataFormat.cs @@ -1,6 +1,7 @@ // Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. +using System.Diagnostics.CodeAnalysis; using Microsoft.AspNetCore.DataProtection; namespace Microsoft.AspNetCore.Authentication @@ -21,7 +22,7 @@ namespace Microsoft.AspNetCore.Authentication return Protect(data, purpose: null); } - public string Protect(TData data, string purpose) + public string Protect(TData data, string? purpose) { var userData = _serializer.Serialize(data); @@ -35,12 +36,14 @@ namespace Microsoft.AspNetCore.Authentication return Base64UrlTextEncoder.Encode(protectedData); } + [return: MaybeNull] public TData Unprotect(string protectedText) { return Unprotect(protectedText, purpose: null); } - public TData Unprotect(string protectedText, string purpose) + [return: MaybeNull] + public TData Unprotect(string protectedText, string? purpose) { try { @@ -76,4 +79,4 @@ namespace Microsoft.AspNetCore.Authentication } } } -}
\ No newline at end of file +} diff --git a/src/Security/Authentication/Core/src/SignInAuthenticationHandler.cs b/src/Security/Authentication/Core/src/SignInAuthenticationHandler.cs index dbd612dc10..064ea47ae0 100644 --- a/src/Security/Authentication/Core/src/SignInAuthenticationHandler.cs +++ b/src/Security/Authentication/Core/src/SignInAuthenticationHandler.cs @@ -19,7 +19,7 @@ namespace Microsoft.AspNetCore.Authentication public SignInAuthenticationHandler(IOptionsMonitor<TOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock) { } - public virtual Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties) + public virtual Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties) { var target = ResolveTarget(Options.ForwardSignIn); return (target != null) @@ -33,7 +33,7 @@ namespace Microsoft.AspNetCore.Authentication /// <param name="user"></param> /// <param name="properties"></param> /// <returns>A Task.</returns> - protected abstract Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties properties); + protected abstract Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties); } -}
\ No newline at end of file +} diff --git a/src/Security/Authentication/Core/src/SignOutAuthenticationHandler.cs b/src/Security/Authentication/Core/src/SignOutAuthenticationHandler.cs index 015cb39e05..12b2027fc4 100644 --- a/src/Security/Authentication/Core/src/SignOutAuthenticationHandler.cs +++ b/src/Security/Authentication/Core/src/SignOutAuthenticationHandler.cs @@ -18,7 +18,7 @@ namespace Microsoft.AspNetCore.Authentication public SignOutAuthenticationHandler(IOptionsMonitor<TOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock) { } - public virtual Task SignOutAsync(AuthenticationProperties properties) + public virtual Task SignOutAsync(AuthenticationProperties? properties) { var target = ResolveTarget(Options.ForwardSignOut); return (target != null) @@ -31,6 +31,6 @@ namespace Microsoft.AspNetCore.Authentication /// </summary> /// <param name="properties"></param> /// <returns>A Task.</returns> - protected abstract Task HandleSignOutAsync(AuthenticationProperties properties); + protected abstract Task HandleSignOutAsync(AuthenticationProperties? properties); } -}
\ No newline at end of file +} diff --git a/src/Security/Authentication/Core/src/TicketSerializer.cs b/src/Security/Authentication/Core/src/TicketSerializer.cs index e33ec71725..0ef6664675 100644 --- a/src/Security/Authentication/Core/src/TicketSerializer.cs +++ b/src/Security/Authentication/Core/src/TicketSerializer.cs @@ -28,7 +28,7 @@ namespace Microsoft.AspNetCore.Authentication } } - public virtual AuthenticationTicket Deserialize(byte[] data) + public virtual AuthenticationTicket? Deserialize(byte[] data) { using (var memory = new MemoryStream(data)) { @@ -142,7 +142,7 @@ namespace Microsoft.AspNetCore.Authentication } } - public virtual AuthenticationTicket Read(BinaryReader reader) + public virtual AuthenticationTicket? Read(BinaryReader reader) { if (reader == null) { diff --git a/src/Security/build.cmd b/src/Security/build.cmd new file mode 100644 index 0000000000..2406296662 --- /dev/null +++ b/src/Security/build.cmd @@ -0,0 +1,3 @@ +@ECHO OFF +SET RepoRoot=%~dp0..\.. +%RepoRoot%\build.cmd -projects %~dp0**\*.*proj %* diff --git a/src/Shared/ChunkingCookieManager/ChunkingCookieManager.cs b/src/Shared/ChunkingCookieManager/ChunkingCookieManager.cs index 098e3d6690..395e23d5cc 100644 --- a/src/Shared/ChunkingCookieManager/ChunkingCookieManager.cs +++ b/src/Shared/ChunkingCookieManager/ChunkingCookieManager.cs @@ -1,6 +1,8 @@ // Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. +#nullable enable + using System; using System.Collections.Generic; using System.Globalization; @@ -61,7 +63,7 @@ namespace Microsoft.AspNetCore.Internal public bool ThrowForPartialCookies { get; set; } // Parse the "chunks-XX" to determine how many chunks there should be. - private static int ParseChunksCount(string value) + private static int ParseChunksCount(string? value) { if (value != null && value.StartsWith(ChunkCountPrefix, StringComparison.Ordinal)) { @@ -82,7 +84,7 @@ namespace Microsoft.AspNetCore.Internal /// <param name="context"></param> /// <param name="key"></param> /// <returns>The reassembled cookie, if any, or null.</returns> - public string GetRequestCookie(HttpContext context, string key) + public string? GetRequestCookie(HttpContext context, string key) { if (context == null) { @@ -144,7 +146,7 @@ namespace Microsoft.AspNetCore.Internal /// <param name="key"></param> /// <param name="value"></param> /// <param name="options"></param> - public void AppendResponseCookie(HttpContext context, string key, string value, CookieOptions options) + public void AppendResponseCookie(HttpContext context, string key, string? value, CookieOptions options) { if (context == null) { |