From d37cb32be017b62b923461a69dd35b53b7db66a5 Mon Sep 17 00:00:00 2001 From: Westin Musser Date: Fri, 2 Jun 2023 14:46:38 -0700 Subject: [PATCH] add net8.0 target Put CustomKey and a custom converter for SecurityKey in TestUtils, transition aot test to net8.0 --- build/common.props | 7 +- build/commonTest.props | 9 ++- build/dependencies.props | 12 ++- build/targets.props | 2 +- build/targetsTest.props | 2 +- .../JsonWebTokenHandler.cs | 16 ++-- .../JwtTokenUtilities.cs | 2 +- ...crosoft.IdentityModel.JsonWebTokens.csproj | 2 +- ...ft.IdentityModel.KeyVaultExtensions.csproj | 4 +- .../IdentityModelTelemetryUtil.cs | 2 + ...tyModel.Protocols.SignedHttpRequest.csproj | 6 +- .../GlobalSuppressions.cs | 2 +- ...dentityModel.Protocols.WsFederation.csproj | 2 +- .../GlobalSuppressions.cs | 2 +- .../Exceptions/SamlSecurityTokenException.cs | 12 ++- .../Exceptions/Saml2SecurityTokenException.cs | 12 ++- .../AsymmetricAdapter.cs | 12 +-- .../AsymmetricSignatureProvider.cs | 2 +- .../CryptoProviderFactory.cs | 6 +- .../ECDsaAdapter.cs | 6 +- .../ECDsaSecurityKey.cs | 4 +- .../Encryption/EcdhKeyExchangeProvider.cs | 2 +- .../Exceptions/SecurityTokenException.cs | 8 +- .../SecurityTokenExpiredException.cs | 6 ++ .../SecurityTokenInvalidAlgorithmException.cs | 6 ++ .../SecurityTokenInvalidAudienceException.cs | 6 ++ .../SecurityTokenInvalidIssuerException.cs | 6 ++ .../SecurityTokenInvalidLifetimeException.cs | 3 + .../SecurityTokenInvalidTypeException.cs | 5 +- .../SecurityTokenNotYetValidException.cs | 6 ++ .../SecurityTokenUnableToValidateException.cs | 3 + .../GlobalSuppressions.cs | 2 +- .../JsonWebKeyConverter.cs | 6 +- .../Microsoft.IdentityModel.Tokens.csproj | 8 +- .../RsaSecurityKey.cs | 4 +- .../SupportedAlgorithms.cs | 4 +- .../X509SecurityKey.cs | 4 +- .../opensource/json/JsonException.cs | 3 + .../opensource/json/Linq/JContainer.cs | 6 +- .../GlobalSuppressions.cs | 2 +- .../JwtSecurityTokenHandler.cs | 14 ++-- .../CrossVersionTokenValidation.Tests.csproj | 2 +- ...ntityModel.AotCompatibility.TestApp.csproj | 2 +- ...dentityModel.AotCompatibility.Tests.csproj | 2 +- .../OpenIdConnectMessageTests.cs | 14 +++- ...l.Protocols.SignedHttpRequest.Tests.csproj | 8 +- .../CustomSecurityKey.cs | 9 +++ .../DerivedTypes.cs | 8 +- .../KeyingMaterial.cs | 2 +- .../SecurityKeyCustomConverter.cs | 78 +++++++++++++++++++ .../AsymmetricAdapterTests.cs | 8 +- .../EcdhEsTests.cs | 2 +- .../JweUsingEchdTests.cs | 4 +- .../ReferenceTests.cs | 4 +- .../SecurityTokenExceptionTests.cs | 20 +++-- 55 files changed, 289 insertions(+), 102 deletions(-) create mode 100644 test/Microsoft.IdentityModel.TestUtils/CustomSecurityKey.cs create mode 100644 test/Microsoft.IdentityModel.TestUtils/SecurityKeyCustomConverter.cs diff --git a/build/common.props b/build/common.props index 7db1892715..5ef7233ed1 100644 --- a/build/common.props +++ b/build/common.props @@ -37,7 +37,12 @@ true - + + + $(NoWarn);SYSLIB0050 + $(NoWarn);SYSLIB0051 + + diff --git a/build/commonTest.props b/build/commonTest.props index 9d82ef294a..82485826cd 100644 --- a/build/commonTest.props +++ b/build/commonTest.props @@ -18,11 +18,16 @@ $(DotNetCoreAppRuntimeVersion) - + $(DefineConstants);NET_CORE - + + $(NoWarn);SYSLIB0050 + $(NoWarn);SYSLIB0051 + + + diff --git a/build/dependencies.props b/build/dependencies.props index 9cfc6442d7..b44ad1cab3 100644 --- a/build/dependencies.props +++ b/build/dependencies.props @@ -3,7 +3,6 @@ 2.1.1 3.0.5 1.0.3 - 4.5.0 1.0.0 2.0.3 4.3.0 @@ -15,10 +14,19 @@ 4.3.0 4.3.0 4.3.0 - 4.5.0 4.3.0 4.7.2 4.7.2 4.3.0 + + + 6.0.0-preview.4.21253.7 + 4.7.0 + + + + 4.5.0 + 4.5.0 + diff --git a/build/targets.props b/build/targets.props index 4e8f0384cf..eef092fc0b 100644 --- a/build/targets.props +++ b/build/targets.props @@ -1,6 +1,6 @@ - net461;net462;net472;netstandard2.0;net6.0 + net461;net462;net472;netstandard2.0;net6.0;net8.0 netstandard2.0 diff --git a/build/targetsTest.props b/build/targetsTest.props index 8b7d80d09a..4b5bb9a393 100644 --- a/build/targetsTest.props +++ b/build/targetsTest.props @@ -1,6 +1,6 @@ - net461;net462;net472;netcoreapp2.1;net6.0 + net461;net462;net472;netcoreapp2.1;net6.0;net8.0 netcoreapp2.1 diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs index e6d25d7009..8a6d9f75c6 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs +++ b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.cs @@ -98,7 +98,7 @@ public bool MapInboundClaims } set { - if(!_mapInboundClaims && value && _inboundClaimTypeMap.Count == 0) + if (!_mapInboundClaims && value && _inboundClaimTypeMap.Count == 0) _inboundClaimTypeMap = new Dictionary(DefaultInboundClaimTypeMap); _mapInboundClaims = value; } @@ -685,7 +685,7 @@ private string CreateTokenPrivate( } } } - catch(Exception ex) + catch (Exception ex) { LogHelper.LogExceptionMessage(new SecurityTokenException(LogHelper.FormatInvariant(LogMessages.IDX14307, ex, payload))); } @@ -1069,7 +1069,7 @@ private static string EncryptTokenPrivate(string innerJwt, EncryptingCredentials var rawHeader = Base64UrlEncoder.Encode(Encoding.UTF8.GetBytes(header.ToString(Formatting.None))); var encryptionResult = encryptionProvider.Encrypt(plainText, Encoding.ASCII.GetBytes(rawHeader)); return JwtConstants.DirectKeyUseAlg.Equals(encryptingCredentials.Alg) ? - string.Join(".", rawHeader, string.Empty, Base64UrlEncoder.Encode(encryptionResult.IV), Base64UrlEncoder.Encode(encryptionResult.Ciphertext), Base64UrlEncoder.Encode(encryptionResult.AuthenticationTag)): + string.Join(".", rawHeader, string.Empty, Base64UrlEncoder.Encode(encryptionResult.IV), Base64UrlEncoder.Encode(encryptionResult.Ciphertext), Base64UrlEncoder.Encode(encryptionResult.AuthenticationTag)) : string.Join(".", rawHeader, Base64UrlEncoder.Encode(wrappedKey), Base64UrlEncoder.Encode(encryptionResult.IV), Base64UrlEncoder.Encode(encryptionResult.Ciphertext), Base64UrlEncoder.Encode(encryptionResult.AuthenticationTag)); } catch (Exception ex) @@ -1126,16 +1126,16 @@ internal IEnumerable GetContentEncryptionKeys(JsonWebToken jwtToken if (key != null) { LogHelper.LogInformation(TokenLogMessages.IDX10904, key); - } + } else if (configuration != null) { key = ResolveTokenDecryptionKeyFromConfig(jwtToken, configuration); - if ( key != null ) + if (key != null) LogHelper.LogInformation(TokenLogMessages.IDX10905, key); } - + if (key != null) - keys = new List { key }; + keys = new List { key }; } // on decryption for ECDH-ES, we get the public key from the EPK value see: https://datatracker.ietf.org/doc/html/rfc7518#appendix-C @@ -1165,7 +1165,7 @@ internal IEnumerable GetContentEncryptionKeys(JsonWebToken jwtToken { try { -#if NET472 || NET6_0 +#if NET472 || NET6_0 || NET8_0 if (SupportedAlgorithms.EcdsaWrapAlgorithms.Contains(jwtToken.Alg)) { // on decryption we get the public key from the EPK value see: https://datatracker.ietf.org/doc/html/rfc7518#appendix-C diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs index 2e0ab2e469..8b7d70cdc5 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs +++ b/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs @@ -316,7 +316,7 @@ internal static SecurityKey GetSecurityKey( securityKey = encryptingCredentials.Key; } -#if NET472 || NET6_0 +#if NET472 || NET6_0 || NET8_0 else if (SupportedAlgorithms.EcdsaWrapAlgorithms.Contains(encryptingCredentials.Alg)) { // on decryption we get the public key from the EPK value see: https://datatracker.ietf.org/doc/html/rfc7518#appendix-C diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/Microsoft.IdentityModel.JsonWebTokens.csproj b/src/Microsoft.IdentityModel.JsonWebTokens/Microsoft.IdentityModel.JsonWebTokens.csproj index 1dbf9b2bb0..d502da5187 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/Microsoft.IdentityModel.JsonWebTokens.csproj +++ b/src/Microsoft.IdentityModel.JsonWebTokens/Microsoft.IdentityModel.JsonWebTokens.csproj @@ -27,7 +27,7 @@ - + diff --git a/src/Microsoft.IdentityModel.KeyVaultExtensions/Microsoft.IdentityModel.KeyVaultExtensions.csproj b/src/Microsoft.IdentityModel.KeyVaultExtensions/Microsoft.IdentityModel.KeyVaultExtensions.csproj index 918ccdec6b..bf69e0277a 100644 --- a/src/Microsoft.IdentityModel.KeyVaultExtensions/Microsoft.IdentityModel.KeyVaultExtensions.csproj +++ b/src/Microsoft.IdentityModel.KeyVaultExtensions/Microsoft.IdentityModel.KeyVaultExtensions.csproj @@ -8,7 +8,7 @@ true latest Microsoft.IdentityModel.KeyVaultExtensions - netstandard2.0;net6.0 + netstandard2.0;net6.0;net8.0 .NET;Windows;Authentication;Identity;Azure;Key;Vault;Extensions @@ -30,4 +30,4 @@ - \ No newline at end of file + diff --git a/src/Microsoft.IdentityModel.Logging/IdentityModelTelemetryUtil.cs b/src/Microsoft.IdentityModel.Logging/IdentityModelTelemetryUtil.cs index 360f5e7294..487f4df120 100644 --- a/src/Microsoft.IdentityModel.Logging/IdentityModelTelemetryUtil.cs +++ b/src/Microsoft.IdentityModel.Logging/IdentityModelTelemetryUtil.cs @@ -39,6 +39,8 @@ public static class IdentityModelTelemetryUtil "ID_NETSTANDARD2_0"; #elif NET6_0 "ID_NET6_0"; +#elif NET8_0 + "ID_NET8_0"; #endif /// diff --git a/src/Microsoft.IdentityModel.Protocols.SignedHttpRequest/Microsoft.IdentityModel.Protocols.SignedHttpRequest.csproj b/src/Microsoft.IdentityModel.Protocols.SignedHttpRequest/Microsoft.IdentityModel.Protocols.SignedHttpRequest.csproj index 9408791c1f..8fe3e1d469 100644 --- a/src/Microsoft.IdentityModel.Protocols.SignedHttpRequest/Microsoft.IdentityModel.Protocols.SignedHttpRequest.csproj +++ b/src/Microsoft.IdentityModel.Protocols.SignedHttpRequest/Microsoft.IdentityModel.Protocols.SignedHttpRequest.csproj @@ -31,13 +31,13 @@ - + - + - + diff --git a/src/Microsoft.IdentityModel.Protocols.WsFederation/GlobalSuppressions.cs b/src/Microsoft.IdentityModel.Protocols.WsFederation/GlobalSuppressions.cs index 6a35dd1f18..1c658ff8cf 100644 --- a/src/Microsoft.IdentityModel.Protocols.WsFederation/GlobalSuppressions.cs +++ b/src/Microsoft.IdentityModel.Protocols.WsFederation/GlobalSuppressions.cs @@ -31,7 +31,7 @@ [assembly: SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope", Justification = "Doesn't own object", Scope = "member", Target = "~M:Microsoft.IdentityModel.Protocols.WsFederation.WsFederationMetadataSerializer.ReadEntityDescriptor(System.Xml.XmlReader)~Microsoft.IdentityModel.Protocols.WsFederation.WsFederationConfiguration")] [assembly: SuppressMessage("Usage", "CA2227:Collection properties should be read only", Justification = "Breaking change", Scope = "member", Target = "~P:Microsoft.IdentityModel.Protocols.WsFederation.SecurityTokenServiceTypeRoleDescriptor.KeyInfos")] -#if NET6_0 +#if NET6_0 || NET8_0 [assembly: SuppressMessage("Globalization", "CA1307:Specify StringComparison", Justification = "Adding StringComparison.Ordinal adds a performance penalty.", Scope = "member", Target = "~M:Microsoft.IdentityModel.Protocols.WsFederation.QueryHelper.ParseNullableQuery(System.String)~System.Collections.Generic.IDictionary{System.String,System.Collections.Generic.IList{System.String}}")] #endif diff --git a/src/Microsoft.IdentityModel.Protocols.WsFederation/Microsoft.IdentityModel.Protocols.WsFederation.csproj b/src/Microsoft.IdentityModel.Protocols.WsFederation/Microsoft.IdentityModel.Protocols.WsFederation.csproj index 3f01ff1bb5..66f7e921ae 100644 --- a/src/Microsoft.IdentityModel.Protocols.WsFederation/Microsoft.IdentityModel.Protocols.WsFederation.csproj +++ b/src/Microsoft.IdentityModel.Protocols.WsFederation/Microsoft.IdentityModel.Protocols.WsFederation.csproj @@ -28,7 +28,7 @@ - + diff --git a/src/Microsoft.IdentityModel.Protocols/GlobalSuppressions.cs b/src/Microsoft.IdentityModel.Protocols/GlobalSuppressions.cs index 7b5a935521..8b3d5f538c 100644 --- a/src/Microsoft.IdentityModel.Protocols/GlobalSuppressions.cs +++ b/src/Microsoft.IdentityModel.Protocols/GlobalSuppressions.cs @@ -9,6 +9,6 @@ [assembly: SuppressMessage("Performance", "CA1819:Properties should not return arrays", Justification = "Previously released as returning an array", Scope = "member", Target = "~P:Microsoft.IdentityModel.Protocols.HttpRequestData.Body")] [assembly: SuppressMessage("Usage", "CA2227:Collection properties should be read only", Justification = "Previously released read/write", Scope = "member", Target = "~P:Microsoft.IdentityModel.Protocols.HttpRequestData.Headers")] [assembly: SuppressMessage("Usage", "CA2227:Collection properties should be read only", Justification = "Previously released read/write", Scope = "member", Target = "~P:Microsoft.IdentityModel.Protocols.HttpRequestData.PropertyBag")] -#if NET6_0 +#if NET6_0 || NET8_0 [assembly: SuppressMessage("Globalization", "CA1307:Specify StringComparison", Justification = "Adding StringComparison.Ordinal adds a performance penalty.", Scope = "member", Target = "~M:Microsoft.IdentityModel.Protocols.AuthenticationProtocolMessage.BuildRedirectUrl~System.String")] #endif diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/Exceptions/SamlSecurityTokenException.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/Exceptions/SamlSecurityTokenException.cs index 14e3352276..68a2036aa7 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/Exceptions/SamlSecurityTokenException.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/Exceptions/SamlSecurityTokenException.cs @@ -17,7 +17,8 @@ public class SamlSecurityTokenException : SecurityTokenException /// public SamlSecurityTokenException() : base() - {} + { + } /// /// Initializes a new instance of the class. @@ -25,7 +26,8 @@ public SamlSecurityTokenException() /// Addtional information to be included in the exception and displayed to user. public SamlSecurityTokenException(string message) : base(message) - {} + { + } /// /// Initializes a new instance of the class. @@ -34,7 +36,8 @@ public SamlSecurityTokenException(string message) /// A that represents the root cause of the exception. public SamlSecurityTokenException(string message, Exception innerException) : base(message, innerException) - {} + { + } /// /// Initializes a new instance of the class. @@ -43,6 +46,7 @@ public SamlSecurityTokenException(string message, Exception innerException) /// The contextual information about the source or destination. protected SamlSecurityTokenException(SerializationInfo info, StreamingContext context) : base(info, context) - {} + { + } } } diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Exceptions/Saml2SecurityTokenException.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Exceptions/Saml2SecurityTokenException.cs index 758558afd6..8431779d53 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Exceptions/Saml2SecurityTokenException.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Exceptions/Saml2SecurityTokenException.cs @@ -17,7 +17,8 @@ public class Saml2SecurityTokenException : SecurityTokenException /// public Saml2SecurityTokenException() : base() - {} + { + } /// /// Initializes a new instance of the class. @@ -25,7 +26,8 @@ public Saml2SecurityTokenException() /// Addtional information to be included in the exception and displayed to user. public Saml2SecurityTokenException(string message) : base(message) - {} + { + } /// /// Initializes a new instance of the class. @@ -34,7 +36,8 @@ public Saml2SecurityTokenException(string message) /// A that represents the root cause of the exception. public Saml2SecurityTokenException(string message, Exception innerException) : base(message, innerException) - {} + { + } /// /// Initializes a new instance of the class. @@ -43,6 +46,7 @@ public Saml2SecurityTokenException(string message, Exception innerException) /// The contextual information about the source or destination. protected Saml2SecurityTokenException(SerializationInfo info, StreamingContext context) : base(info, context) - {} + { + } } } diff --git a/src/Microsoft.IdentityModel.Tokens/AsymmetricAdapter.cs b/src/Microsoft.IdentityModel.Tokens/AsymmetricAdapter.cs index 6b41df8d92..ed57e56be8 100644 --- a/src/Microsoft.IdentityModel.Tokens/AsymmetricAdapter.cs +++ b/src/Microsoft.IdentityModel.Tokens/AsymmetricAdapter.cs @@ -9,7 +9,7 @@ using System.Reflection; #endif -#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 +#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 using System.Security.Cryptography.X509Certificates; #endif @@ -215,7 +215,7 @@ private void InitializeUsingRsa(RSA rsa, string algorithm) } #endif -#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 +#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 if (algorithm.Equals(SecurityAlgorithms.RsaSsaPssSha256) || algorithm.Equals(SecurityAlgorithms.RsaSsaPssSha256Signature) || algorithm.Equals(SecurityAlgorithms.RsaSsaPssSha384) || @@ -251,7 +251,7 @@ private void InitializeUsingRsaSecurityKey(RsaSecurityKey rsaSecurityKey, string } else { -#if NET472 || NET6_0 +#if NET472 || NET6_0 || NET8_0 var rsa = RSA.Create(rsaSecurityKey.Parameters); #else var rsa = RSA.Create(); @@ -321,7 +321,7 @@ private bool VerifyWithECDsaWithLength(byte[] bytes, int start, int length, byte } #region NET61+ related code -#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 +#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 // HasAlgorithmName was introduced into Net46 internal AsymmetricAdapter(SecurityKey key, string algorithm, HashAlgorithm hashAlgorithm, HashAlgorithmName hashAlgorithmName, bool requirePrivateKey) @@ -387,12 +387,12 @@ private bool VerifyWithRsaCryptoServiceProviderProxy(byte[] bytes, byte[] signat return RsaCryptoServiceProviderProxy.VerifyData(bytes, HashAlgorithm, signature); } - #if NET461_OR_GREATER +#if NET461_OR_GREATER private bool VerifyWithRsaCryptoServiceProviderProxyWithLength(byte[] bytes, int offset, int length, byte[] signature) { return RsaCryptoServiceProviderProxy.VerifyDataWithLength(bytes, offset, length, HashAlgorithm, HashAlgorithmName, signature); } - #endif +#endif #endif #endregion diff --git a/src/Microsoft.IdentityModel.Tokens/AsymmetricSignatureProvider.cs b/src/Microsoft.IdentityModel.Tokens/AsymmetricSignatureProvider.cs index 6331dac42b..ff614e72c3 100644 --- a/src/Microsoft.IdentityModel.Tokens/AsymmetricSignatureProvider.cs +++ b/src/Microsoft.IdentityModel.Tokens/AsymmetricSignatureProvider.cs @@ -162,7 +162,7 @@ private static PrivateKeyStatus FoundPrivateKey(SecurityKey key) return PrivateKeyStatus.Unknown; } -#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 +#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 /// /// Creating a Signature requires the use of a . /// This method returns the diff --git a/src/Microsoft.IdentityModel.Tokens/CryptoProviderFactory.cs b/src/Microsoft.IdentityModel.Tokens/CryptoProviderFactory.cs index 0f07127178..19df75b416 100644 --- a/src/Microsoft.IdentityModel.Tokens/CryptoProviderFactory.cs +++ b/src/Microsoft.IdentityModel.Tokens/CryptoProviderFactory.cs @@ -318,7 +318,7 @@ public virtual SignatureProvider CreateForVerifying(SecurityKey key, string algo return CreateSignatureProvider(key, algorithm, false, cacheProvider); } -#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 +#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 /// /// Creates a for a specific algorithm. /// @@ -552,7 +552,7 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori } } } - catch(Exception ex) + catch (Exception ex) { throw LogHelper.LogExceptionMessage(new InvalidOperationException(LogHelper.FormatInvariant(LogMessages.IDX10694, key, ex), ex)); } @@ -599,7 +599,7 @@ private SignatureProvider CreateSignatureProvider(SecurityKey key, string algori signatureProvider = new AsymmetricSignatureProvider(key, algorithm, willCreateSignatures); } else - { + { signatureProvider = new SymmetricSignatureProvider(key, algorithm, willCreateSignatures); } diff --git a/src/Microsoft.IdentityModel.Tokens/ECDsaAdapter.cs b/src/Microsoft.IdentityModel.Tokens/ECDsaAdapter.cs index f3b91fca75..bf17b76214 100644 --- a/src/Microsoft.IdentityModel.Tokens/ECDsaAdapter.cs +++ b/src/Microsoft.IdentityModel.Tokens/ECDsaAdapter.cs @@ -28,7 +28,7 @@ internal class ECDsaAdapter /// internal ECDsaAdapter() { -#if NET472 || NET6_0 +#if NET472 || NET6_0 || NET8_0 CreateECDsaFunction = CreateECDsaUsingECParams; #elif NETSTANDARD2_0 // Although NETSTANDARD2_0 specifies that ECParameters are supported, we still need to call SupportsECParameters() @@ -256,7 +256,7 @@ private static bool SupportsCNGKey() } } -#if NET472 || NETSTANDARD2_0 || NET6_0 +#if NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 /// /// Creates an ECDsa object using the and . /// 'ECParameters' structure is available in .NET Framework 4.7+, .NET Standard 1.6+, and .NET Core 1.0+. @@ -344,7 +344,7 @@ internal static string GetCrvParameterValue(ECCurve curve) /// True if structure is supported, false otherwise. internal static bool SupportsECParameters() { -#if NET472 || NET6_0 +#if NET472 || NET6_0 || NET8_0 return true; #else try diff --git a/src/Microsoft.IdentityModel.Tokens/ECDsaSecurityKey.cs b/src/Microsoft.IdentityModel.Tokens/ECDsaSecurityKey.cs index e81c9e5ea3..dda23bae2d 100644 --- a/src/Microsoft.IdentityModel.Tokens/ECDsaSecurityKey.cs +++ b/src/Microsoft.IdentityModel.Tokens/ECDsaSecurityKey.cs @@ -92,7 +92,7 @@ public override int KeySize /// https://datatracker.ietf.org/doc/html/rfc7638 public override bool CanComputeJwkThumbprint() { -#if NET472 || NETSTANDARD2_0 || NET6_0 +#if NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 if (ECDsaAdapter.SupportsECParameters()) return true; #endif @@ -106,7 +106,7 @@ public override bool CanComputeJwkThumbprint() /// https://datatracker.ietf.org/doc/html/rfc7638 public override byte[] ComputeJwkThumbprint() { -#if NET472 || NETSTANDARD2_0 || NET6_0 +#if NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 if (ECDsaAdapter.SupportsECParameters()) { ECParameters parameters = ECDsa.ExportParameters(false); diff --git a/src/Microsoft.IdentityModel.Tokens/Encryption/EcdhKeyExchangeProvider.cs b/src/Microsoft.IdentityModel.Tokens/Encryption/EcdhKeyExchangeProvider.cs index 6dd588f6f6..f07953326f 100644 --- a/src/Microsoft.IdentityModel.Tokens/Encryption/EcdhKeyExchangeProvider.cs +++ b/src/Microsoft.IdentityModel.Tokens/Encryption/EcdhKeyExchangeProvider.cs @@ -8,7 +8,7 @@ namespace Microsoft.IdentityModel.Tokens { -#if NET472 || NET6_0 +#if NET472 || NET6_0 || NET8_0 /// /// Provides a Security Key that can be used as Content Encryption Key (CEK) for use with a JWE /// diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs index 046ecba1ed..b3b934de4a 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs @@ -47,12 +47,15 @@ public SecurityTokenException(string message, Exception innerException) /// /// the that holds the serialized object data. /// The contextual information about the source or destination. +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif protected SecurityTokenException(SerializationInfo info, StreamingContext context) : base(info, context) { } -#if NET472 || NETSTANDARD2_0 || NET6_0 +#if NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 /// /// When overridden in a derived class, sets the System.Runtime.Serialization.SerializationInfo /// with information about the exception. @@ -60,6 +63,9 @@ protected SecurityTokenException(SerializationInfo info, StreamingContext contex /// The that holds the serialized object data about the exception being thrown. /// The that contains contextual information about the source or destination. /// thrown if is null. +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public override void GetObjectData(SerializationInfo info, StreamingContext context) { if (info == null) diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenExpiredException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenExpiredException.cs index 308b9756af..6fdd24e4d9 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenExpiredException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenExpiredException.cs @@ -52,6 +52,9 @@ public SecurityTokenExpiredException(string message, Exception inner) /// /// the that holds the serialized object data. /// The contextual information about the source or destination. +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif protected SecurityTokenExpiredException(SerializationInfo info, StreamingContext context) : base(info, context) { @@ -72,6 +75,9 @@ protected SecurityTokenExpiredException(SerializationInfo info, StreamingContext } /// +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public override void GetObjectData(SerializationInfo info, StreamingContext context) { base.GetObjectData(info, context); diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidAlgorithmException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidAlgorithmException.cs index 4dee4e87d5..0eb76c59c2 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidAlgorithmException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidAlgorithmException.cs @@ -55,6 +55,9 @@ public SecurityTokenInvalidAlgorithmException(string message, Exception innerExc /// /// the that holds the serialized object data. /// The contextual information about the source or destination. +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif protected SecurityTokenInvalidAlgorithmException(SerializationInfo info, StreamingContext context) : base(info, context) { @@ -75,6 +78,9 @@ protected SecurityTokenInvalidAlgorithmException(SerializationInfo info, Streami } /// +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public override void GetObjectData(SerializationInfo info, StreamingContext context) { base.GetObjectData(info, context); diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidAudienceException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidAudienceException.cs index c4c492aafd..25bf7c7abb 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidAudienceException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidAudienceException.cs @@ -55,6 +55,9 @@ public SecurityTokenInvalidAudienceException(string message, Exception innerExce /// /// the that holds the serialized object data. /// The contextual information about the source or destination. +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif protected SecurityTokenInvalidAudienceException(SerializationInfo info, StreamingContext context) : base(info, context) { @@ -75,6 +78,9 @@ protected SecurityTokenInvalidAudienceException(SerializationInfo info, Streamin } /// +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public override void GetObjectData(SerializationInfo info, StreamingContext context) { base.GetObjectData(info, context); diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidIssuerException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidIssuerException.cs index 26173cfb9b..c1232df09b 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidIssuerException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidIssuerException.cs @@ -55,6 +55,9 @@ public SecurityTokenInvalidIssuerException(string message, Exception innerExcept /// /// the that holds the serialized object data. /// The contextual information about the source or destination. +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif protected SecurityTokenInvalidIssuerException(SerializationInfo info, StreamingContext context) : base(info, context) { @@ -75,6 +78,9 @@ protected SecurityTokenInvalidIssuerException(SerializationInfo info, StreamingC } /// +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public override void GetObjectData(SerializationInfo info, StreamingContext context) { base.GetObjectData(info, context); diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidLifetimeException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidLifetimeException.cs index cc3c3e8fb9..3868f3470e 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidLifetimeException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidLifetimeException.cs @@ -87,6 +87,9 @@ protected SecurityTokenInvalidLifetimeException(SerializationInfo info, Streamin } /// +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public override void GetObjectData(SerializationInfo info, StreamingContext context) { base.GetObjectData(info, context); diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidTypeException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidTypeException.cs index 07f43a3a41..0b70e9cf9b 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidTypeException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidTypeException.cs @@ -13,7 +13,7 @@ namespace Microsoft.IdentityModel.Tokens public class SecurityTokenInvalidTypeException : SecurityTokenValidationException { [NonSerialized] - const string _Prefix = "Microsoft.IdentityModel." + nameof(SecurityTokenInvalidTypeException) +"."; + const string _Prefix = "Microsoft.IdentityModel." + nameof(SecurityTokenInvalidTypeException) + "."; [NonSerialized] const string _InvalidTypeKey = _Prefix + nameof(InvalidType); @@ -75,6 +75,9 @@ protected SecurityTokenInvalidTypeException(SerializationInfo info, StreamingCon } /// +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public override void GetObjectData(SerializationInfo info, StreamingContext context) { base.GetObjectData(info, context); diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenNotYetValidException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenNotYetValidException.cs index 7c87f86481..e379e56265 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenNotYetValidException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenNotYetValidException.cs @@ -53,6 +53,9 @@ public SecurityTokenNotYetValidException(string message, Exception inner) /// /// the that holds the serialized object data. /// The contextual information about the source or destination. +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif protected SecurityTokenNotYetValidException(SerializationInfo info, StreamingContext context) : base(info, context) { @@ -73,6 +76,9 @@ protected SecurityTokenNotYetValidException(SerializationInfo info, StreamingCon } /// +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public override void GetObjectData(SerializationInfo info, StreamingContext context) { base.GetObjectData(info, context); diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenUnableToValidateException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenUnableToValidateException.cs index 6ee0c4d18f..285cf40a0b 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenUnableToValidateException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenUnableToValidateException.cs @@ -95,6 +95,9 @@ protected SecurityTokenUnableToValidateException(SerializationInfo info, Streami } /// +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public override void GetObjectData(SerializationInfo info, StreamingContext context) { base.GetObjectData(info, context); diff --git a/src/Microsoft.IdentityModel.Tokens/GlobalSuppressions.cs b/src/Microsoft.IdentityModel.Tokens/GlobalSuppressions.cs index 86381917d7..5cdba0eecf 100644 --- a/src/Microsoft.IdentityModel.Tokens/GlobalSuppressions.cs +++ b/src/Microsoft.IdentityModel.Tokens/GlobalSuppressions.cs @@ -55,7 +55,7 @@ [assembly: SuppressMessage("Design", "CA1001:Types That own disposable fields should be disposable", Justification = "Exceptions can occurr if disposed of", Scope = "type", Target = "~T:Microsoft.IdentityModel.Tokens.EventBasedLRUCache`2")] [assembly: SuppressMessage("Usage", "CA2227:Collection properties should be read only", Justification = "Consistency", Scope = "member", Target = "~P:Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor.AdditionalInnerHeaderClaims")] [assembly: SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "Used as validation", Scope = "member", Target = "~M:Microsoft.IdentityModel.Tokens.InternalValidators.ValidateLifetimeAndIssuerAfterSignatureNotValidatedJwt(Microsoft.IdentityModel.Tokens.SecurityToken,System.Nullable{System.DateTime},System.Nullable{System.DateTime},System.String,Microsoft.IdentityModel.Tokens.TokenValidationParameters,Microsoft.IdentityModel.Tokens.BaseConfiguration,System.Text.StringBuilder,System.Int32,System.Int32)")] -#if NET472 || NETSTANDARD2_0 || NET6_0 +#if NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 [assembly: SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "Used to determine appropriate code path to take.", Scope = "member", Target = "~M:Microsoft.IdentityModel.Tokens.JsonWebKeyConverter.ConvertFromECDsaSecurityKey(Microsoft.IdentityModel.Tokens.ECDsaSecurityKey)~Microsoft.IdentityModel.Tokens.JsonWebKey")] [assembly: SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "Used to determine appropriate code path to take.", Scope = "member", Target = "~P:Microsoft.IdentityModel.Tokens.EcdhSecurityKey.PrivateKeyStatus")] [assembly: SuppressMessage("Globalization", "CA1307:Specify StringComparison", Justification = "Adding StringComparison.Ordinal adds a performance penalty.", Scope = "member", Target = "~M:Microsoft.IdentityModel.Tokens.EcdhKeyExchangeProvider.GenerateKdf(System.String,System.String)~Microsoft.IdentityModel.Tokens.SecurityKey")] diff --git a/src/Microsoft.IdentityModel.Tokens/JsonWebKeyConverter.cs b/src/Microsoft.IdentityModel.Tokens/JsonWebKeyConverter.cs index ab677cc1d4..f4f8b878a9 100644 --- a/src/Microsoft.IdentityModel.Tokens/JsonWebKeyConverter.cs +++ b/src/Microsoft.IdentityModel.Tokens/JsonWebKeyConverter.cs @@ -33,7 +33,7 @@ public static JsonWebKey ConvertFromSecurityKey(SecurityKey key) return ConvertFromSymmetricSecurityKey(symmetricKey); else if (key is X509SecurityKey x509Key) return ConvertFromX509SecurityKey(x509Key); -#if NET472 || NETSTANDARD2_0 || NET6_0 +#if NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 else if (key is ECDsaSecurityKey ecdsaSecurityKey) return ConvertFromECDsaSecurityKey(ecdsaSecurityKey); #endif @@ -157,7 +157,7 @@ public static JsonWebKey ConvertFromSymmetricSecurityKey(SymmetricSecurityKey ke }; } -#if NET472 || NETSTANDARD2_0 || NET6_0 +#if NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 /// /// Converts a into a /// @@ -253,7 +253,7 @@ internal static bool TryConvertToSymmetricSecurityKey(JsonWebKey webKey, out Sec key = new SymmetricSecurityKey(webKey); return true; } - catch(Exception ex) + catch (Exception ex) { LogHelper.LogExceptionMessage(new InvalidOperationException(LogHelper.FormatInvariant(LogMessages.IDX10813, LogHelper.MarkAsNonPII(typeof(SymmetricSecurityKey)), webKey, ex), ex)); } diff --git a/src/Microsoft.IdentityModel.Tokens/Microsoft.IdentityModel.Tokens.csproj b/src/Microsoft.IdentityModel.Tokens/Microsoft.IdentityModel.Tokens.csproj index 25a9f84ab7..1010bd075d 100644 --- a/src/Microsoft.IdentityModel.Tokens/Microsoft.IdentityModel.Tokens.csproj +++ b/src/Microsoft.IdentityModel.Tokens/Microsoft.IdentityModel.Tokens.csproj @@ -20,8 +20,8 @@ $(DefineConstants);TRACE;HAVE_ADO_NET;HAVE_APP_DOMAIN;HAVE_ASYNC;HAVE_BIG_INTEGER;HAVE_BINARY_FORMATTER;HAVE_BINARY_SERIALIZATION;HAVE_BINARY_EXCEPTION_SERIALIZATION;HAVE_CHAR_TO_LOWER_WITH_CULTURE;HAVE_CHAR_TO_STRING_WITH_CULTURE;HAVE_COM_ATTRIBUTES;HAVE_COMPONENT_MODEL;HAVE_CONCURRENT_COLLECTIONS;HAVE_COVARIANT_GENERICS;HAVE_DATA_CONTRACTS;HAVE_DATE_TIME_OFFSET;HAVE_DB_NULL_TYPE_CODE;HAVE_DYNAMIC;HAVE_EMPTY_TYPES;HAVE_ENTITY_FRAMEWORK;HAVE_EXPRESSIONS;HAVE_FAST_REVERSE;HAVE_FSHARP_TYPES;HAVE_FULL_REFLECTION;HAVE_GUID_TRY_PARSE;HAVE_HASH_SET;HAVE_ICLONEABLE;HAVE_ICONVERTIBLE;HAVE_IGNORE_DATA_MEMBER_ATTRIBUTE;HAVE_INOTIFY_COLLECTION_CHANGED;HAVE_INOTIFY_PROPERTY_CHANGING;HAVE_ISET;HAVE_LINQ;HAVE_MEMORY_BARRIER;HAVE_METHOD_IMPL_ATTRIBUTE;HAVE_NON_SERIALIZED_ATTRIBUTE;HAVE_READ_ONLY_COLLECTIONS;HAVE_SECURITY_SAFE_CRITICAL_ATTRIBUTE;HAVE_SERIALIZATION_BINDER_BIND_TO_NAME;HAVE_STREAM_READER_WRITER_CLOSE;HAVE_STRING_JOIN_WITH_ENUMERABLE;HAVE_TIME_SPAN_PARSE_WITH_CULTURE;HAVE_TIME_SPAN_TO_STRING_WITH_CULTURE;HAVE_TIME_ZONE_INFO;HAVE_TRACE_WRITER;HAVE_TYPE_DESCRIPTOR;HAVE_UNICODE_SURROGATE_DETECTION;HAVE_VARIANT_TYPE_PARAMETERS;HAVE_VERSION_TRY_PARSE;HAVE_XLINQ;HAVE_XML_DOCUMENT;HAVE_XML_DOCUMENT_TYPE;HAVE_CONCURRENT_DICTIONARY;HAVE_REGEX_TIMEOUTS;$(AdditionalConstants) - - $(DefineConstants);HAVE_ADO_NET;HAVE_APP_DOMAIN;HAVE_ASYNC;HAVE_ASYNC_DISPOSABLE;HAVE_BIG_INTEGER;HAVE_BINARY_FORMATTER;HAVE_BINARY_SERIALIZATION;HAVE_BINARY_EXCEPTION_SERIALIZATION;HAVE_CHAR_TO_LOWER_WITH_CULTURE;HAVE_CHAR_TO_STRING_WITH_CULTURE;HAVE_COM_ATTRIBUTES;HAVE_COMPONENT_MODEL;HAVE_CONCURRENT_COLLECTIONS;HAVE_COVARIANT_GENERICS;HAVE_DATA_CONTRACTS;HAVE_DATE_TIME_OFFSET;HAVE_DB_NULL_TYPE_CODE;HAVE_DYNAMIC;HAVE_EMPTY_TYPES;HAVE_ENTITY_FRAMEWORK;HAVE_EXPRESSIONS;HAVE_FAST_REVERSE;HAVE_FSHARP_TYPES;HAVE_FULL_REFLECTION;HAVE_GUID_TRY_PARSE;HAVE_HASH_SET;HAVE_ICLONEABLE;HAVE_ICONVERTIBLE;HAVE_IGNORE_DATA_MEMBER_ATTRIBUTE;HAVE_INOTIFY_COLLECTION_CHANGED;HAVE_INOTIFY_PROPERTY_CHANGING;HAVE_ISET;HAVE_LINQ;HAVE_MEMORY_BARRIER;HAVE_METHOD_IMPL_ATTRIBUTE;HAVE_NON_SERIALIZED_ATTRIBUTE;HAVE_READ_ONLY_COLLECTIONS;HAVE_REFLECTION_EMIT;HAVE_REGEX_TIMEOUTS;HAVE_SECURITY_SAFE_CRITICAL_ATTRIBUTE;HAVE_SERIALIZATION_BINDER_BIND_TO_NAME;HAVE_STREAM_READER_WRITER_CLOSE;HAVE_STRING_JOIN_WITH_ENUMERABLE;HAVE_TIME_SPAN_PARSE_WITH_CULTURE;HAVE_TIME_SPAN_TO_STRING_WITH_CULTURE;HAVE_TIME_ZONE_INFO;HAVE_TRACE_WRITER;HAVE_TYPE_DESCRIPTOR;HAVE_UNICODE_SURROGATE_DETECTION;HAVE_VARIANT_TYPE_PARAMETERS;HAVE_VERSION_TRY_PARSE;HAVE_XLINQ;HAVE_XML_DOCUMENT;HAVE_XML_DOCUMENT_TYPE;HAVE_CONCURRENT_DICTIONARY;HAVE_INDEXOF_STRING_COMPARISON;HAVE_REPLACE_STRING_COMPARISON;HAVE_REPLACE_STRING_COMPARISON;HAVE_GETHASHCODE_STRING_COMPARISON;HAVE_NULLABLE_ATTRIBUTES;HAVE_DYNAMIC_CODE_COMPILED;HAS_ARRAY_EMPTY;HAVE_DATE_ONLY;$(AdditionalConstants) + + $(DefineConstants);HAVE_ADO_NET;HAVE_APP_DOMAIN;HAVE_ASYNC;HAVE_ASYNC_DISPOSABLE;HAVE_BIG_INTEGER;HAVE_BINARY_FORMATTER;HAVE_BINARY_SERIALIZATION;HAVE_BINARY_EXCEPTION_SERIALIZATION;HAVE_CHAR_TO_LOWER_WITH_CULTURE;HAVE_CHAR_TO_STRING_WITH_CULTURE;HAVE_COM_ATTRIBUTES;HAVE_COMPONENT_MODEL;HAVE_CONCURRENT_COLLECTIONS;HAVE_COVARIANT_GENERICS;HAVE_DATA_CONTRACTS;HAVE_DATE_TIME_OFFSET;HAVE_DB_NULL_TYPE_CODE;HAVE_DYNAMIC;HAVE_EMPTY_TYPES;HAVE_ENTITY_FRAMEWORK;HAVE_EXPRESSIONS;HAVE_FAST_REVERSE;HAVE_FSHARP_TYPES;HAVE_FULL_REFLECTION;HAVE_GUID_TRY_PARSE;HAVE_HASH_SET;HAVE_ICLONEABLE;HAVE_ICONVERTIBLE;HAVE_IGNORE_DATA_MEMBER_ATTRIBUTE;HAVE_INOTIFY_COLLECTION_CHANGED;HAVE_INOTIFY_PROPERTY_CHANGING;HAVE_ISET;HAVE_LINQ;HAVE_MEMORY_BARRIER;HAVE_METHOD_IMPL_ATTRIBUTE;HAVE_NON_SERIALIZED_ATTRIBUTE;HAVE_READ_ONLY_COLLECTIONS;HAVE_REFLECTION_EMIT;HAVE_REGEX_TIMEOUTS;HAVE_SECURITY_SAFE_CRITICAL_ATTRIBUTE;HAVE_SERIALIZATION_BINDER_BIND_TO_NAME;HAVE_STREAM_READER_WRITER_CLOSE;HAVE_STRING_JOIN_WITH_ENUMERABLE;HAVE_TIME_SPAN_PARSE_WITH_CULTURE;HAVE_TIME_SPAN_TO_STRING_WITH_CULTURE;HAVE_TIME_ZONE_INFO;HAVE_TRACE_WRITER;HAVE_TYPE_DESCRIPTOR;HAVE_UNICODE_SURROGATE_DETECTION;HAVE_VARIANT_TYPE_PARAMETERS;HAVE_VERSION_TRY_PARSE;HAVE_XLINQ;HAVE_XML_DOCUMENT;HAVE_XML_DOCUMENT_TYPE;HAVE_CONCURRENT_DICTIONARY;HAVE_INDEXOF_STRING_COMPARISON;HAVE_REPLACE_STRING_COMPARISON;HAVE_REPLACE_STRING_COMPARISON;HAVE_GETHASHCODE_STRING_COMPARISON;HAVE_NULLABLE_ATTRIBUTES;HAVE_DYNAMIC_CODE_COMPILED;HAS_ARRAY_EMPTY;HAVE_DATE_ONLY;$(AdditionalConstants) @@ -34,7 +34,7 @@ - + @@ -47,7 +47,7 @@ - + diff --git a/src/Microsoft.IdentityModel.Tokens/RsaSecurityKey.cs b/src/Microsoft.IdentityModel.Tokens/RsaSecurityKey.cs index 6a24e4c358..3745430415 100644 --- a/src/Microsoft.IdentityModel.Tokens/RsaSecurityKey.cs +++ b/src/Microsoft.IdentityModel.Tokens/RsaSecurityKey.cs @@ -76,7 +76,7 @@ public override bool HasPrivateKey { // imitate signing byte[] hash = new byte[20]; -#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 +#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 Rsa.SignData(hash, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); #else if (Rsa is RSACryptoServiceProvider rsaCryptoServiceProvider) @@ -135,7 +135,7 @@ public override PrivateKeyStatus PrivateKeyStatus } return _foundPrivateKey; - } + } } /// diff --git a/src/Microsoft.IdentityModel.Tokens/SupportedAlgorithms.cs b/src/Microsoft.IdentityModel.Tokens/SupportedAlgorithms.cs index b75be47896..2d4d2d3aef 100644 --- a/src/Microsoft.IdentityModel.Tokens/SupportedAlgorithms.cs +++ b/src/Microsoft.IdentityModel.Tokens/SupportedAlgorithms.cs @@ -104,7 +104,7 @@ internal static class SupportedAlgorithms SecurityAlgorithms.EcdhEsA256kw }; -#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 +#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 /// /// Creating a Signature requires the use of a . /// This method returns the @@ -339,7 +339,7 @@ private static bool IsSupportedRsaPss(SecurityKey key) // RSA-PSS is not available on .NET 4.5 LogHelper.LogInformation(LogMessages.IDX10692); return false; -#elif NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 +#elif NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 // RSACryptoServiceProvider doesn't support RSA-PSS if (key is RsaSecurityKey rsa && rsa.Rsa is RSACryptoServiceProvider) { diff --git a/src/Microsoft.IdentityModel.Tokens/X509SecurityKey.cs b/src/Microsoft.IdentityModel.Tokens/X509SecurityKey.cs index 5de03fb1d9..0166ef3005 100644 --- a/src/Microsoft.IdentityModel.Tokens/X509SecurityKey.cs +++ b/src/Microsoft.IdentityModel.Tokens/X509SecurityKey.cs @@ -78,7 +78,7 @@ public AsymmetricAlgorithm PrivateKey { if (!_privateKeyAvailabilityDetermined) { -#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 +#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 _privateKey = RSACertificateExtensions.GetRSAPrivateKey(Certificate); #else _privateKey = Certificate.PrivateKey; @@ -105,7 +105,7 @@ public AsymmetricAlgorithm PublicKey { if (_publicKey == null) { -#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 +#if NET461 || NET462 || NET472 || NETSTANDARD2_0 || NET6_0 || NET8_0 _publicKey = RSACertificateExtensions.GetRSAPublicKey(Certificate); #else _publicKey = Certificate.PublicKey.Key; diff --git a/src/Microsoft.IdentityModel.Tokens/opensource/json/JsonException.cs b/src/Microsoft.IdentityModel.Tokens/opensource/json/JsonException.cs index 20f23dc9e7..c1f65f0325 100644 --- a/src/Microsoft.IdentityModel.Tokens/opensource/json/JsonException.cs +++ b/src/Microsoft.IdentityModel.Tokens/opensource/json/JsonException.cs @@ -77,6 +77,9 @@ public JsonException(string message, Exception? innerException) /// The that contains contextual information about the source or destination. /// The parameter is null. /// The class name is null or is zero (0). +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public JsonException(SerializationInfo info, StreamingContext context) : base(info, context) { diff --git a/src/Microsoft.IdentityModel.Tokens/opensource/json/Linq/JContainer.cs b/src/Microsoft.IdentityModel.Tokens/opensource/json/Linq/JContainer.cs index 4f64973c53..8b0fac24f8 100644 --- a/src/Microsoft.IdentityModel.Tokens/opensource/json/Linq/JContainer.cs +++ b/src/Microsoft.IdentityModel.Tokens/opensource/json/Linq/JContainer.cs @@ -319,7 +319,7 @@ internal IEnumerable GetDescendants(bool self) } } - internal bool IsMultiContent([NotNullWhen(true)]object? content) + internal bool IsMultiContent([NotNullWhen(true)] object? content) { return (content is IEnumerable && !(content is string) && !(content is JToken) && !(content is byte[])); } @@ -943,12 +943,16 @@ internal int ContentsHashCode() } #if HAVE_COMPONENT_MODEL +#pragma warning disable CS8769 // Nullability of reference types in type of parameter doesn't match implemented member (possibly because of nullability attributes). string ITypedList.GetListName(PropertyDescriptor[] listAccessors) +#pragma warning restore CS8769 // Nullability of reference types in type of parameter doesn't match implemented member (possibly because of nullability attributes). { return string.Empty; } +#pragma warning disable CS8769 // Nullability of reference types in type of parameter doesn't match implemented member (possibly because of nullability attributes). PropertyDescriptorCollection ITypedList.GetItemProperties(PropertyDescriptor[] listAccessors) +#pragma warning restore CS8769 // Nullability of reference types in type of parameter doesn't match implemented member (possibly because of nullability attributes). { ICustomTypeDescriptor? d = First as ICustomTypeDescriptor; diff --git a/src/Microsoft.IdentityModel.Validators/GlobalSuppressions.cs b/src/Microsoft.IdentityModel.Validators/GlobalSuppressions.cs index 0ef7cebb58..5e664474b6 100644 --- a/src/Microsoft.IdentityModel.Validators/GlobalSuppressions.cs +++ b/src/Microsoft.IdentityModel.Validators/GlobalSuppressions.cs @@ -6,7 +6,7 @@ using System.Diagnostics.CodeAnalysis; [assembly: SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "Needs to be ignored", Scope = "member", Target = "~M:Microsoft.IdentityModel.Validators.AadIssuerValidator.IsValidIssuer(System.String,System.String,System.String)~System.Boolean")] -#if NET6_0 +#if NET6_0_OR_GREATER [assembly: SuppressMessage("Globalization", "CA1307:Specify StringComparison", Justification = "Adding StringComparison.Ordinal adds a performance penalty.", Scope = "member", Target = "~M:Microsoft.IdentityModel.Validators.AadIssuerValidator.CreateV1Authority(System.String)~System.String")] [assembly: SuppressMessage("Globalization", "CA1307:Specify StringComparison", Justification = "Adding StringComparison.Ordinal adds a performance penalty.", Scope = "member", Target = "~M:Microsoft.IdentityModel.Validators.AadIssuerValidator.IsValidIssuer(System.String,System.String,System.String)~System.Boolean")] [assembly: SuppressMessage("Globalization", "CA1307:Specify StringComparison", Justification = "Adding StringComparison.Ordinal adds a performance penalty.", Scope = "member", Target = "~M:Microsoft.IdentityModel.Validators.AadIssuerValidator.#ctor(System.Net.Http.HttpClient,System.String)")] diff --git a/src/System.IdentityModel.Tokens.Jwt/JwtSecurityTokenHandler.cs b/src/System.IdentityModel.Tokens.Jwt/JwtSecurityTokenHandler.cs index 0321893c3f..bfdd87f10f 100644 --- a/src/System.IdentityModel.Tokens.Jwt/JwtSecurityTokenHandler.cs +++ b/src/System.IdentityModel.Tokens.Jwt/JwtSecurityTokenHandler.cs @@ -111,9 +111,9 @@ public bool MapInboundClaims if (!_mapInboundClaims && value && _inboundClaimTypeMap.Count == 0) _inboundClaimTypeMap = new Dictionary(DefaultInboundClaimTypeMap); - _mapInboundClaims = value; + _mapInboundClaims = value; } - } + } /// /// Gets or sets the which is used when setting the for claims in the extracted when validating a . @@ -790,7 +790,7 @@ public override SecurityToken ReadToken(string token) { return ReadJwtToken(token); } - + /// /// Deserializes token with the provided . /// @@ -1212,7 +1212,7 @@ public override string WriteToken(SecurityToken token) var header = jwtToken.EncryptingCredentials == null ? jwtToken.Header : new JwtHeader(jwtToken.SigningCredentials); encodedHeader = header.Base64UrlEncode(); if (jwtToken.SigningCredentials != null) - encodedSignature = JwtTokenUtilities.CreateEncodedSignature(string.Concat(encodedHeader, ".", encodedPayload), jwtToken.SigningCredentials); + encodedSignature = JwtTokenUtilities.CreateEncodedSignature(string.Concat(encodedHeader, ".", encodedPayload), jwtToken.SigningCredentials); if (jwtToken.EncryptingCredentials != null) return EncryptToken( @@ -1445,7 +1445,7 @@ protected virtual ClaimsIdentity CreateClaimsIdentity(JwtSecurityToken jwtToken, LogHelper.LogVerbose(TokenLogMessages.IDX10244, LogHelper.MarkAsNonPII(ClaimsIdentity.DefaultIssuer)); actualIssuer = ClaimsIdentity.DefaultIssuer; } - + return MapInboundClaims ? CreateClaimsIdentityWithMapping(jwtToken, actualIssuer, validationParameters) : CreateClaimsIdentityWithoutMapping(jwtToken, actualIssuer, validationParameters); } @@ -1665,7 +1665,7 @@ protected virtual SecurityKey ResolveTokenDecryptionKey(string token, JwtSecurit if (!string.IsNullOrEmpty(jwtToken.Header.Kid)) { - if (validationParameters.TokenDecryptionKey != null + if (validationParameters.TokenDecryptionKey != null && string.Equals(validationParameters.TokenDecryptionKey.KeyId, jwtToken.Header.Kid, validationParameters.TokenDecryptionKey is X509SecurityKey ? StringComparison.OrdinalIgnoreCase : StringComparison.Ordinal)) return validationParameters.TokenDecryptionKey; @@ -1778,7 +1778,7 @@ internal IEnumerable GetContentEncryptionKeys(JwtSecurityToken jwtT { try { -#if NET472 || NET6_0 +#if NET472 || NET6_0 || NET8_0 if (SupportedAlgorithms.EcdsaWrapAlgorithms.Contains(jwtToken.Header.Alg)) { //// on decryption we get the public key from the EPK value see: https://datatracker.ietf.org/doc/html/rfc7518#appendix-C diff --git a/test/CrossVersionTokenValidation.Tests/CrossVersionTokenValidation.Tests.csproj b/test/CrossVersionTokenValidation.Tests/CrossVersionTokenValidation.Tests.csproj index 86c2256d94..073d137a7a 100644 --- a/test/CrossVersionTokenValidation.Tests/CrossVersionTokenValidation.Tests.csproj +++ b/test/CrossVersionTokenValidation.Tests/CrossVersionTokenValidation.Tests.csproj @@ -43,4 +43,4 @@ - \ No newline at end of file + diff --git a/test/Microsoft.IdentityModel.AotCompatibility.TestApp/Microsoft.IdentityModel.AotCompatibility.TestApp.csproj b/test/Microsoft.IdentityModel.AotCompatibility.TestApp/Microsoft.IdentityModel.AotCompatibility.TestApp.csproj index a4a7f4211d..b8b047c289 100644 --- a/test/Microsoft.IdentityModel.AotCompatibility.TestApp/Microsoft.IdentityModel.AotCompatibility.TestApp.csproj +++ b/test/Microsoft.IdentityModel.AotCompatibility.TestApp/Microsoft.IdentityModel.AotCompatibility.TestApp.csproj @@ -1,7 +1,7 @@ - net6.0 + net8.0 Exe true full diff --git a/test/Microsoft.IdentityModel.AotCompatibility.Tests/Microsoft.IdentityModel.AotCompatibility.Tests.csproj b/test/Microsoft.IdentityModel.AotCompatibility.Tests/Microsoft.IdentityModel.AotCompatibility.Tests.csproj index 2d4cc1811b..f5cedafd52 100644 --- a/test/Microsoft.IdentityModel.AotCompatibility.Tests/Microsoft.IdentityModel.AotCompatibility.Tests.csproj +++ b/test/Microsoft.IdentityModel.AotCompatibility.Tests/Microsoft.IdentityModel.AotCompatibility.Tests.csproj @@ -4,7 +4,7 @@ - net6.0 + net6.0;net8.0 diff --git a/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectMessageTests.cs b/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectMessageTests.cs index f4e9423925..e38afbc4c3 100644 --- a/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectMessageTests.cs +++ b/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectMessageTests.cs @@ -100,7 +100,7 @@ public void Defaults() { List errors = new List(); var message = new OpenIdConnectMessage(); - + if (message.AcrValues != null) errors.Add("message.ArcValues != null"); @@ -217,7 +217,7 @@ public void OidcCreateAuthenticationRequestUrl(string testId, OpenIdConnectMessa { TestUtilities.WriteHeader(testId, "OidcCreateAuthenticationRequestUrl", true); var context = new CompareContext(); -// there is no net452 target, we bind to net45 + // there is no net452 target, we bind to net45 #if NET452 if(!message.SkuTelemetryValue.Equals("ID_NET45")) context.Diffs.Add($"{message.SkuTelemetryValue} != ID_NET45"); @@ -233,6 +233,9 @@ public void OidcCreateAuthenticationRequestUrl(string testId, OpenIdConnectMessa #elif NET6_0 if (!message.SkuTelemetryValue.Equals("ID_NET6_0")) context.Diffs.Add($"{message.SkuTelemetryValue} != ID_NET6_0"); +#elif NET8_0 + if (!message.SkuTelemetryValue.Equals("ID_NET8_0")) + context.Diffs.Add($"{message.SkuTelemetryValue} != ID_NET8_0"); #elif NET_CORE if (!message.SkuTelemetryValue.Equals("ID_NETSTANDARD2_0")) context.Diffs.Add($"{message.SkuTelemetryValue} != ID_NETSTANDARD2_0"); @@ -493,7 +496,7 @@ public void OidcCreateLogoutRequestUrl(string testId, OpenIdConnectMessage messa TestUtilities.WriteHeader("OidcCreateLogoutRequestUrl - " + testId, true); var context = new CompareContext(); -// there is no net452 target, we bind to net45 + // there is no net452 target, we bind to net45 #if NET452 if (!message.SkuTelemetryValue.Equals("ID_NET45")) context.Diffs.Add($"{message.SkuTelemetryValue} != ID_NET45"); @@ -506,6 +509,9 @@ public void OidcCreateLogoutRequestUrl(string testId, OpenIdConnectMessage messa #elif NET6_0 if (!message.SkuTelemetryValue.Equals("ID_NET6_0")) context.Diffs.Add($"{message.SkuTelemetryValue} != ID_NETCOREAPP3_1"); +#elif NET8_0 + if (!message.SkuTelemetryValue.Equals("ID_NET8_0")) + context.Diffs.Add($"{message.SkuTelemetryValue} != ID_NET8_0"); #elif NET_CORE if (!message.SkuTelemetryValue.Equals("ID_NETSTANDARD2_0")) context.Diffs.Add($"{message.SkuTelemetryValue} != ID_NETSTANDARD2_0"); @@ -625,7 +631,7 @@ public override string CreateLogoutRequestUrl() public class OpenIdConnectMessageTheoryData : TheoryDataBase { public OpenIdConnectMessage Message { get; set; } - + public string Json { get; set; } internal JObject JObject { get; set; } diff --git a/test/Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests/Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests.csproj b/test/Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests/Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests.csproj index ef0a471e4e..bd96bfa246 100644 --- a/test/Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests/Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests.csproj +++ b/test/Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests/Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests.csproj @@ -1,7 +1,7 @@ - + - + Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests $(MSBuildThisFileDirectory)..\..\build\35MSSharedLib1024.snk @@ -11,7 +11,7 @@ Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests true - + @@ -22,7 +22,7 @@ - + diff --git a/test/Microsoft.IdentityModel.TestUtils/CustomSecurityKey.cs b/test/Microsoft.IdentityModel.TestUtils/CustomSecurityKey.cs new file mode 100644 index 0000000000..595f4ce6bb --- /dev/null +++ b/test/Microsoft.IdentityModel.TestUtils/CustomSecurityKey.cs @@ -0,0 +1,9 @@ +using Microsoft.IdentityModel.Tokens; + +namespace Microsoft.IdentityModel.TestUtils +{ + public class CustomSecurityKey : SecurityKey + { + public override int KeySize => 1; + } +} diff --git a/test/Microsoft.IdentityModel.TestUtils/DerivedTypes.cs b/test/Microsoft.IdentityModel.TestUtils/DerivedTypes.cs index 745e449c36..1590981f36 100644 --- a/test/Microsoft.IdentityModel.TestUtils/DerivedTypes.cs +++ b/test/Microsoft.IdentityModel.TestUtils/DerivedTypes.cs @@ -226,11 +226,17 @@ public override int KeySize public override string KeyExchangeAlgorithm => throw new NotImplementedException(); +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public override byte[] DecryptValue(byte[] rgb) { throw new NotImplementedException(); } +#if NET8_0_OR_GREATER + [Obsolete("Formatter-based serialization is obsolete", DiagnosticId = "SYSLIB0051")] +#endif public override byte[] EncryptValue(byte[] rgb) { throw new NotImplementedException(); @@ -297,7 +303,7 @@ public DerivedSecurityKey(string keyId, int keySize) _keySize = keySize; } - internal override string InternalId { get =>_keyId; } + internal override string InternalId { get => _keyId; } public Exception ThrowOnGetKeyId { get; set; } diff --git a/test/Microsoft.IdentityModel.TestUtils/KeyingMaterial.cs b/test/Microsoft.IdentityModel.TestUtils/KeyingMaterial.cs index ce44b35a13..19c784d7dd 100644 --- a/test/Microsoft.IdentityModel.TestUtils/KeyingMaterial.cs +++ b/test/Microsoft.IdentityModel.TestUtils/KeyingMaterial.cs @@ -121,7 +121,7 @@ public static X509SecurityKey DefaultX509Key_2048_Public public static X509SecurityKey NotYetValidX509SecurityKey_Public = new X509SecurityKey(NotYetValidX509Cert_Public); public static SigningCredentials NotYetValidX509SigningCreds_Public = new SigningCredentials(NotYetValidX509SecurityKey_Public, SecurityAlgorithms.RsaSha256Signature); -#if NET472 || NET6_0 +#if NET472 || NET6_0 || NET8_0 //encoded strings for "AliceInformation", "BobInformation", "AliceNotMatchingInfo", and "BobNotMatchingInfo" public static string ApuExample1 = "QWxpY2VJbmZvcm1hdGlvbg"; public static string ApvExample1 = "Qm9iSW5mb3JtYXRpb24"; diff --git a/test/Microsoft.IdentityModel.TestUtils/SecurityKeyCustomConverter.cs b/test/Microsoft.IdentityModel.TestUtils/SecurityKeyCustomConverter.cs new file mode 100644 index 0000000000..47a7fd14ab --- /dev/null +++ b/test/Microsoft.IdentityModel.TestUtils/SecurityKeyCustomConverter.cs @@ -0,0 +1,78 @@ +#if NET8_0_OR_GREATER +using System; +using System.Text.Json; +using System.Text.Json.Serialization; +using Microsoft.IdentityModel.Tokens; + +namespace Microsoft.IdentityModel.TestUtils +{ + /// + /// Custom Json converter for . + /// + public class SecurityKeyConverterWithTypeDiscriminator : JsonConverter + { + enum TypeDiscriminator + { + CustomKey = 1 + } + + /// + public override bool CanConvert(Type typeToConvert) => + typeof(SecurityKey).IsAssignableFrom(typeToConvert); + + /// + public override SecurityKey Read( + ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options) + { + Utf8JsonReader readerClone = reader; + + if (readerClone.TokenType != JsonTokenType.StartObject) + { + throw new JsonException(); + } + + readerClone.Read(); + if (readerClone.TokenType != JsonTokenType.PropertyName) + { + throw new JsonException(); + } + + var propertyName = readerClone.GetString(); + if (propertyName != "TypeDiscriminator") + { + throw new JsonException(); + } + + readerClone.Read(); + if (readerClone.TokenType != JsonTokenType.Number) + { + throw new JsonException(); + } + + TypeDiscriminator typeDiscriminator = (TypeDiscriminator)readerClone.GetInt32(); + SecurityKey securityKey = typeDiscriminator switch + { + TypeDiscriminator.CustomKey => JsonSerializer.Deserialize(ref reader)!, + _ => throw new JsonException() + }; + return securityKey; + } + + /// + public override void Write( + Utf8JsonWriter writer, SecurityKey securityKey, JsonSerializerOptions options) + { + writer.WriteStartObject(); + + if (securityKey is CustomSecurityKey customKey) + { + writer.WriteNumber("TypeDiscriminator", (int)TypeDiscriminator.CustomKey); + } + + writer.WriteNumber("KeySize", securityKey.KeySize); + + writer.WriteEndObject(); + } + } +} +#endif diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/AsymmetricAdapterTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/AsymmetricAdapterTests.cs index 9a180a3ce3..41bc6dbb3b 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/AsymmetricAdapterTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/AsymmetricAdapterTests.cs @@ -24,7 +24,7 @@ public void AsymmetricAdapterUsageTests(AsymmetricAdapterTheoryData theoryData) try { -#if NET461 || NET462 || NET472 || NETCOREAPP2_1 || NET6_0 +#if NET461 || NET462 || NET472 || NETCOREAPP2_1 || NET6_0 || NET8_0 AsymmetricAdapter asymmetricdapter = new AsymmetricAdapter(theoryData.SecurityKey, theoryData.Algorithm, hashAlgorithm, SupportedAlgorithms.GetHashAlgorithmName(theoryData.Algorithm), true); #else AsymmetricAdapter asymmetricdapter = new AsymmetricAdapter(theoryData.SecurityKey, theoryData.Algorithm, hashAlgorithm, true); @@ -59,7 +59,7 @@ public static TheoryData AsymmetricAdapterUsageTest // RSA // RSACertificateExtensions.GetRSAPrivateKey - this results in - #if NET461 || NET462 || NET472 || NETCOREAPP2_1 || NET6_0 + #if NET461 || NET462 || NET472 || NETCOREAPP2_1 || NET6_0 || NET8_0 new AsymmetricAdapterTheoryData { Algorithm = SecurityAlgorithms.RsaSha256, @@ -79,7 +79,7 @@ public static TheoryData AsymmetricAdapterUsageTest }, // RSA.Create - #if NET472 || NETCOREAPP2_1 || NET6_0 + #if NET472 || NETCOREAPP2_1 || NET6_0 || NET8_0 new AsymmetricAdapterTheoryData { Algorithm = SecurityAlgorithms.RsaSha256, @@ -117,7 +117,7 @@ public static TheoryData AsymmetricAdapterUsageTest TestId = "KeyingMaterial_Ecdsa256Key" }, - #if NET472 || NETCOREAPP2_1 || NET6_0 + #if NET472 || NETCOREAPP2_1 || NET6_0 || NET8_0 new AsymmetricAdapterTheoryData { Algorithm = SecurityAlgorithms.EcdsaSha256, diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/EcdhEsTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/EcdhEsTests.cs index 02718119cf..c01b078c4c 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/EcdhEsTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/EcdhEsTests.cs @@ -8,7 +8,7 @@ using KEY = Microsoft.IdentityModel.TestUtils.KeyingMaterial; #pragma warning disable CS3016 // Arrays as attribute arguments is not CLS-compliant -#if NET472 || NET6_0 +#if NET472 || NET6_0 || NET8_0 namespace Microsoft.IdentityModel.Tokens.Tests { public class EcdhEsTests diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/JweUsingEchdTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/JweUsingEchdTests.cs index 050a6764d1..81bcba3e19 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/JweUsingEchdTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/JweUsingEchdTests.cs @@ -1,7 +1,7 @@ // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. -#if NET472 || NET6_0 +#if NET472 || NET6_0 || NET8_0 using System; using System.Collections; @@ -92,7 +92,7 @@ public static TheoryData CreateEcdhEsTestcases theoryData.Add(EcdhEsCurveP256AEnc256KWNullApuApv()); theoryData.Add(EcdhEsCurveP384EncA256KW()); theoryData.Add(EcdhEsCurveP512EncA256KW()); - theoryData.Add(EcdhEsCurveP256EncA192KW()); + theoryData.Add(EcdhEsCurveP256EncA192KW()); theoryData.Add(EcdhEsCurveP256EncA128KW()); return theoryData; diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/ReferenceTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/ReferenceTests.cs index f6ed1195f8..4d8e993cf9 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/ReferenceTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/ReferenceTests.cs @@ -22,7 +22,7 @@ namespace Microsoft.IdentityModel.Tokens.Tests public class ReferenceTests { -#if NET472 || NET6_0 +#if NET472 || NET6_0 || NET8_0 [Fact] public void ECDH_ESReferenceTest() { @@ -45,7 +45,7 @@ public void ECDH_ESReferenceTest() // assert // compare KDFs are the same and they're matching with expected - if (!Utility.AreEqual(((SymmetricSecurityKey)aliceCek).Key, ((SymmetricSecurityKey)bobCek).Key)) + if (!Utility.AreEqual(((SymmetricSecurityKey)aliceCek).Key, ((SymmetricSecurityKey)bobCek).Key)) context.AddDiff($"!Utility.AreEqual(aliceCek, bobCek)"); if (!Utility.AreEqual(((SymmetricSecurityKey)aliceCek).Key, ECDH_ES.DerivedKeyBytes)) context.AddDiff($"!Utility.AreEqual(aliceCek, ECDH_ES.DerivedKeyBytes)"); diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/SecurityTokenExceptionTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/SecurityTokenExceptionTests.cs index 39e3302532..da9bddb840 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/SecurityTokenExceptionTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/SecurityTokenExceptionTests.cs @@ -5,7 +5,11 @@ using System.Collections.Generic; using System.IO; using System.Runtime.Serialization; +#if NET8_0_OR_GREATER +using System.Text.Json; +#else using System.Runtime.Serialization.Formatters.Binary; +#endif using Microsoft.IdentityModel.TestUtils; using Xunit; @@ -27,6 +31,14 @@ public void SecurityTokenInvalidIssuerExceptionSerializesValues(SecurityTokenExc var memoryStream = new MemoryStream(); +#if NET8_0_OR_GREATER + var serializerOptions = new JsonSerializerOptions(); + serializerOptions.Converters.Add(new SecurityKeyConverterWithTypeDiscriminator()); + + JsonSerializer.Serialize(memoryStream, exception, theoryData.ExceptionType, serializerOptions); + memoryStream.Seek(0, SeekOrigin.Begin); + var serializedException = JsonSerializer.Deserialize(memoryStream, theoryData.ExceptionType, serializerOptions); +#else BinaryFormatter formatter = new BinaryFormatter(); #pragma warning disable SYSLIB0011 // Type or member is obsolete formatter.Serialize(memoryStream, exception); @@ -39,6 +51,7 @@ public void SecurityTokenInvalidIssuerExceptionSerializesValues(SecurityTokenExc var serializedException = formatter.Deserialize(memoryStream); #pragma warning restore SYSLIB0011 // Type or member is obsolete +#endif theoryData.ExpectedException.ProcessNoException(context); IdentityComparer.AreEqual(exception, serializedException, context); @@ -221,12 +234,7 @@ public static TheoryData ExceptionTestData #pragma warning restore CS0618 // Type or member is obsolete }; } - } - - public class CustomSecurityKey : SecurityKey - { - public override int KeySize => 1; - } + } } public class SecurityTokenExceptionTheoryData : TheoryDataBase