Bump Microsoft.IdentityModel.* from 6.21 to 6.22

Improved code coverage result

src/Abc.IdentityServer4.WsFederation/Abc.IdentityServer4.WsFederation.csproj

@@ -4,9 +4,9 @@
     <PreserveCompilationContext>true</PreserveCompilationContext>
     <AssemblyName>Abc.IdentityServer4.WsFederation</AssemblyName>
     <PackageLicenseFile>LICENSE</PackageLicenseFile>
-    <PackageProjectUrl>https://github.com/IdentityServer/IdentityServer4.WsFederation</PackageProjectUrl>
+    <PackageProjectUrl>https://github.com/abc-software/Abc.IdentityServer4.WsFederation</PackageProjectUrl>
     <PackageTags>identityserver;idsrv;wsfed;wsfederation;authentication;auth</PackageTags>
-    <RepositoryUrl>https://github.com/IdentityServer/IdentityServer4.WsFederation.git</RepositoryUrl>
+    <RepositoryUrl>https://github.com/abc-software/Abc.IdentityServer4.WsFederation.git</RepositoryUrl>
     <RepositoryType>git</RepositoryType>
     <PackageId>Abc.IdentityServer4.WsFederation</PackageId>
     <Version>2.8.0-rc3</Version>
@@ -31,12 +31,16 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.IdentityModel.Protocols.WsFederation" Version="6.21.0" />
-    <PackageReference Include="Microsoft.IdentityModel.Logging" Version="6.21.0" />
-    <PackageReference Include="Microsoft.IdentityModel.Protocols" Version="6.21.0" />
-    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="6.21.0" />
-    <PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="6.21.0" />
-    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="6.21.0" />
+    <PackageReference Include="Microsoft.IdentityModel.Protocols.WsFederation" Version="6.22.0" />
+    <PackageReference Include="Microsoft.IdentityModel.Logging" Version="6.22.0" />
+    <PackageReference Include="Microsoft.IdentityModel.Protocols" Version="6.22.0" />
+    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="6.22.0" />
+    <PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="6.22.0" />
+    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="6.22.0" />
+    <PackageReference Include="Microsoft.VisualStudio.Threading.Analyzers" Version="17.3.44">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
   </ItemGroup>
 
   <ItemGroup>

src/Abc.IdentityServer4.WsFederation/Endpoints/Results/CustomRedirectResult.cs

@@ -52,7 +52,7 @@ public async Task ExecuteAsync(HttpContext context)
             else
             {
                 //returnUrl = returnUrl.AddQueryString(_request.Raw.ToQueryString());
-                returnUrl = returnUrl.AddQueryString(_request.WsFederationMessage.ToQueryString());
+                returnUrl = returnUrl.AddQueryString(_request.WsFederationMessage.Parameters);
             }
 
             if (!_url.IsLocalUrl())

src/Abc.IdentityServer4.WsFederation/Endpoints/Results/LoginPageResult.cs

@@ -52,7 +52,7 @@ public async Task ExecuteAsync(HttpContext context)
             }
             else
             {
-                returnUrl = returnUrl.AddQueryString(_request.WsFederationMessage.ToQueryString());
+                returnUrl = returnUrl.AddQueryString(_request.WsFederationMessage.Parameters);
             }
 
             var loginUrl = _options.UserInteraction.LoginUrl;

src/Abc.IdentityServer4.WsFederation/Endpoints/Results/MetadataResult.cs

@@ -17,17 +17,17 @@ public MetadataResult(WsFederationConfigurationEx configuration)
             _configuration = configuration ?? throw new System.ArgumentNullException(nameof(configuration));
         }
 
-        public Task ExecuteAsync(HttpContext context)
+        public async Task ExecuteAsync(HttpContext context)
         {
             var ser = new WsFederationMetadataSerializer();
             using (var ms = new MemoryStream())
             using (var writer = XmlDictionaryWriter.CreateTextWriter(ms, Encoding.UTF8, false))
             {
                 ser.WriteMetadataEx(writer, _configuration);
-                writer.Flush();
+                await writer.FlushAsync();
                 context.Response.ContentType = "application/xml";
                 var metaAsString = Encoding.UTF8.GetString(ms.ToArray());
-                return context.Response.WriteAsync(metaAsString);
+                await context.Response.WriteAsync(metaAsString);
             }
         }
     }

src/Abc.IdentityServer4.WsFederation/Endpoints/WsFederationCallbackEndpoint.cs

@@ -63,7 +63,7 @@ public override async Task<IEndpointResult> ProcessAsync(HttpContext context)
 
             if (!message.IsSignInMessage)
             {
-                return await CreateSignInErrorResult("WS-Federation message is not sing in message");
+                return await CreateSignInErrorResultAsync("WS-Federation message is not sing in message");
             }
 
             // user can be null here (this differs from HttpContext.User where the anonymous user is filled in)
@@ -78,7 +78,7 @@ public override async Task<IEndpointResult> ProcessAsync(HttpContext context)
             var consent = await _consentResponseStore.ReadAsync(consentRequest.Id);
             if (consent != null && consent.Data == null)
             {
-                return await CreateSignInErrorResult("consent message is missing data");
+                return await CreateSignInErrorResultAsync("consent message is missing data");
             }
 
             try

src/Abc.IdentityServer4.WsFederation/Endpoints/WsFederationEndpointBase.cs

@@ -55,7 +55,7 @@ internal async Task<IEndpointResult> ProcessSignInRequestAsync(WsFederationMessa
             var validationResult = await _validator.ValidateSignInRequestAsync(signin, user);
             if (validationResult.IsError)
             {
-                return await CreateSignInErrorResult(
+                return await CreateSignInErrorResultAsync(
                     "WS-Federation sign in request validation failed", 
                     validationResult.ValidatedRequest, 
                     validationResult.Error, 
@@ -65,7 +65,7 @@ internal async Task<IEndpointResult> ProcessSignInRequestAsync(WsFederationMessa
             var interactionResult = await _interaction.ProcessInteractionAsync(validationResult.ValidatedRequest, consent);
             if (interactionResult.IsError)
             {
-                return await CreateSignInErrorResult(
+                return await CreateSignInErrorResultAsync(
                     "WS-Federation interaction generator error", 
                     validationResult.ValidatedRequest, 
                     interactionResult.Error, 
@@ -86,7 +86,7 @@ internal async Task<IEndpointResult> ProcessSignInRequestAsync(WsFederationMessa
             var responseMessage = await _generator.GenerateResponseAsync(validationResult);
             await UserSession.AddClientIdAsync(validationResult.ValidatedRequest.ClientId);
 
-            await _events.RaiseAsync(new Events.SignInTokenIssuedSuccessEvent(responseMessage, validationResult));
+            await _events.RaiseAsync(new Events.SignInTokenIssuedSuccessEvent(responseMessage, validationResult.ValidatedRequest));
 
             return new Results.SignInResult(responseMessage);
         }
@@ -102,7 +102,7 @@ internal async Task<IEndpointResult> ProcessSignOutRequestAsync(WsFederationMess
             var validationResult = await _validator.ValidateSignOutRequestAsync(message);
             if (validationResult.IsError)
             {
-                return await CreateSignOutErrorResult(
+                return await CreateSignOutErrorResultAsync(
                     "WS-Federation sign out request validation failed", 
                     validationResult.ValidatedRequest, 
                     validationResult.Error, 
@@ -112,7 +112,7 @@ internal async Task<IEndpointResult> ProcessSignOutRequestAsync(WsFederationMess
             return new Results.SignOutResult(validationResult.ValidatedRequest);
         }
 
-        protected async Task<IEndpointResult> CreateSignInErrorResult(
+        protected async Task<IEndpointResult> CreateSignInErrorResultAsync(
             string logMessage, 
             ValidatedWsFederationRequest request = null, 
             string error = "Server", 
@@ -134,7 +134,7 @@ protected async Task<IEndpointResult> CreateSignInErrorResult(
             return new Results.ErrorPageResult(error, errorDescription);
         }
 
-        protected Task<IEndpointResult> CreateSignOutErrorResult(
+        protected Task<IEndpointResult> CreateSignOutErrorResultAsync(
             string logMessage, 
             ValidatedWsFederationRequest request = null, 
             string error = "Server", 

src/Abc.IdentityServer4.WsFederation/Events/SignInTokenIssuedFailureEvent.cs

@@ -11,7 +11,7 @@ public SignInTokenIssuedFailureEvent(ValidatedWsFederationRequest request, strin
         {
             if (request != null)
             {
-                ClientId = request.Client?.ClientId;
+                ClientId = request.ClientId;
                 ClientName = request.Client?.ClientName;
 
                 if (request.Subject.IsAuthenticated())

src/Abc.IdentityServer4.WsFederation/Events/SignInTokenIssuedSuccessEvent.cs

@@ -9,17 +9,25 @@ namespace Abc.IdentityServer4.WsFederation.Events
 {
     public class SignInTokenIssuedSuccessEvent : TokenIssuedSuccessEvent
     {
-        public SignInTokenIssuedSuccessEvent(WsFederationMessage responseMessage, WsFederationValidationResult request)
+        public SignInTokenIssuedSuccessEvent(WsFederationMessage responseMessage, ValidatedWsFederationRequest request)
             : base()
         {
-            ClientId = request.ValidatedRequest.Client.ClientId;
-            ClientName = request.ValidatedRequest.Client.ClientName;
+            if (request != null)
+            {
+                ClientId = request.ClientId;
+                ClientName = request.Client?.ClientName;
+                SubjectId = request.Subject?.GetSubjectId();
+                Scopes = request.ValidatedResources?.RawScopeValues.ToSpaceSeparatedString();
+            }
+
             Endpoint = WsFederationConstants.EndpointNames.WsFederation;
-            SubjectId = request.ValidatedRequest.Subject?.GetSubjectId();
-            Scopes = request.ValidatedRequest.ValidatedResources?.RawScopeValues.ToSpaceSeparatedString();
 
             var tokens = new List<Token>();
-            tokens.Add(new Token("SecurityToken", responseMessage.GetToken()));
+            if (responseMessage != null)
+            {
+                tokens.Add(new Token("SecurityToken", responseMessage.Wresult));
+            }
+
             Tokens = tokens;
         }
     }

src/Abc.IdentityServer4.WsFederation/Extensions/StringExtensions.cs

@@ -1,4 +1,5 @@
-using Microsoft.Extensions.Primitives;
+using Microsoft.AspNetCore.WebUtilities;
+using Microsoft.Extensions.Primitives;
 using System;
 using System.Collections.Generic;
 using System.Collections.Specialized;
@@ -18,7 +19,7 @@ public static string ToSpaceSeparatedString(this IEnumerable<string> list)
                 return string.Empty;
             }
 
-            return string.Join(" ", list);
+            return string.Join(" ", list.Where(i => i.IsPresent()));
         }
 
         [DebuggerStepThrough]
@@ -47,6 +48,7 @@ public static bool IsMissingOrTooLong(this string value, int maxLength)
             {
                 return true;
             }
+
             if (value.Length > maxLength)
             {
                 return true;
@@ -94,27 +96,16 @@ public static string GetOrigin(this string url)
             return null;
         }
 
-        public static string AddQueryString(this string url, string query)
+        [DebuggerStepThrough]
+        public static string AddQueryString(this string url, IDictionary<string, string> queryString)
         {
-            if (!url.Contains("?"))
-            {
-                if (!query.StartsWith("?"))
-                {
-                    url += "?";
-                }
-            }
-            else if (!url.EndsWith("&"))
-            {
-                url += "&";
-            }
-
-            return url + query;
+            return QueryHelpers.AddQueryString(url, queryString);
         }
 
         [DebuggerStepThrough]
         public static string AddQueryString(this string url, string name, string value)
         {
-            return url.AddQueryString(name + "=" + UrlEncoder.Default.Encode(value));
+            return QueryHelpers.AddQueryString(url, name, value);
         }
 
         [DebuggerStepThrough]

src/Abc.IdentityServer4.WsFederation/Services/DefaultClaimsService.cs

@@ -35,8 +35,8 @@ public class DefaultClaimsService : IClaimsService
         /// <param name="logger">The logger.</param>
         public DefaultClaimsService(IProfileService profile, ILogger<DefaultClaimsService> logger)
         {
-            Profile = profile;
-            Logger = logger;
+            Profile = profile ?? throw new System.ArgumentNullException(nameof(profile));
+            Logger = logger ?? throw new System.ArgumentNullException(nameof(logger));
         }
 
         /// <inheritdoc/>

src/Abc.IdentityServer4.WsFederation/WsFederationReturnUrlParser.cs

@@ -60,7 +60,7 @@ public async Task<AuthorizationRequest> ParseAsync(string returnUrl)
                 return null;
             }
 
-            var signInMessage = await GetSignInRequestMessage(returnUrl);
+            var signInMessage = await GetSignInRequestMessageAsync(returnUrl);
             if (signInMessage == null)
             {
                 return null;
@@ -92,7 +92,7 @@ public async Task<AuthorizationRequest> ParseAsync(string returnUrl)
             return request;
         }
 
-        private async Task<WsFederationMessage> GetSignInRequestMessage(string returnUrl)
+        private async Task<WsFederationMessage> GetSignInRequestMessageAsync(string returnUrl)
         {
             int index = returnUrl.IndexOf('?');
             if (0 <= index)

src/Abc.IdentityServer4.WsFederationTests/Abc.IdentityServer4.WsFederationTests.csproj

@@ -0,0 +1,18 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net6.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+
+    <IsPackable>false</IsPackable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.1.0" />
+    <PackageReference Include="MSTest.TestAdapter" Version="2.2.8" />
+    <PackageReference Include="MSTest.TestFramework" Version="2.2.8" />
+    <PackageReference Include="coverlet.collector" Version="3.1.2" />
+  </ItemGroup>
+
+</Project>

src/Abc.IdentityServer4.WsFederationTests/Events/SignInTokenIssuedSuccessEventFixture.cs

@@ -0,0 +1,8 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+
+namespace Abc.IdentityServer4.WsFederationTests.Events {
+    internal class SignInTokenIssuedSuccessEventFixture {
+    }
+}

test/Abc.IdentityServer4.WsFederation.UnitTests/Events/SignInTokenIssuedFailureEventFixture.cs

@@ -0,0 +1,82 @@
+using Abc.IdentityServer4.WsFederation.Validation;
+using FluentAssertions;
+using IdentityServer4;
+using IdentityServer4.Events;
+using IdentityServer4.Models;
+using Xunit;
+
+namespace Abc.IdentityServer4.WsFederation.Events.UnitTests
+{
+    public class SignInTokenIssuedFailureEventFixture
+    {
+        private const string Error = "some_error";
+        private const string Description = "some_description";
+
+        [Fact]
+        public void Ctor_SignInTokenIssuedFailureEvent_null_request()
+        {
+            var target = new SignInTokenIssuedFailureEvent(null, Error, Description);
+
+            target.Error.Should().Be(Error);
+            target.ErrorDescription.Should().Be(Description);
+            target.Endpoint.Should().Be("WsFederation");
+            target.SubjectId.Should().BeNull();
+            target.ClientId.Should().BeNull();
+            target.ClientName.Should().BeNull();
+            target.Scopes.Should().BeNull();
+        }
+
+        [Fact]
+        public void Ctor_SignInTokenIssuedFailureEvent_empty_request()
+        {
+            var request = new ValidatedWsFederationRequest()
+            {
+
+            };
+
+            var target = new SignInTokenIssuedFailureEvent(request, Error, Description);
+
+            target.Error.Should().Be(Error);
+            target.ErrorDescription.Should().Be(Description);
+            target.Endpoint.Should().Be("WsFederation");
+            target.SubjectId.Should().BeNull();
+            target.ClientId.Should().BeNull();
+            target.ClientName.Should().BeNull();
+            target.Scopes.Should().BeNull();
+        }
+
+        [Fact]
+        public void Ctor_SignInTokenIssuedFailureEvent_success_request()
+        {
+            var request = new ValidatedWsFederationRequest()
+            {
+                ClientId = "client",
+                Client = new Client()
+                {
+                    ClientId = "client",
+                    ClientName = "clientName",
+                },
+                Subject = new IdentityServerUser("bob").CreatePrincipal(),
+            };
+
+            var target = new SignInTokenIssuedFailureEvent(request, Error, Description);
+
+            target.Error.Should().Be(Error);
+            target.ErrorDescription.Should().Be(Description);
+            target.Endpoint.Should().Be("WsFederation");
+            target.SubjectId.Should().Be("bob");
+            target.ClientId.Should().Be("client");
+            target.ClientName.Should().Be("clientName");
+            target.Scopes.Should().BeNull();
+
+            target.Category.Should().Be("Token");
+            target.Message.Should().BeNull();
+            target.Id.Should().Be(2001);
+            target.Name.Should().Be("Token Issued Failure");
+            target.EventType.Should().Be(EventTypes.Failure);
+
+            target.ActivityId.Should().BeNull();
+            target.GrantType.Should().BeNull();
+        }
+    }
+}