Update to ASP.NET Core 8 preview 5

- Update to preview 5 of ASP.NET Core 8.
- Remove usage of `ISystemClock` and use `TimeProvider` instead.
- Suppress `CA1861` in tests.
- Apply some style suggestions from Visual Studio.

Directory.Packages.props

@@ -4,9 +4,9 @@
     <PackageVersion Include="JetBrains.Annotations" Version="2022.1.0" />
     <PackageVersion Include="JustEat.HttpClientInterception" Version="3.1.2" />
     <PackageVersion Include="MartinCostello.Logging.XUnit" Version="0.3.0" />
-    <PackageVersion Include="Microsoft.AspNetCore.Authentication.Google" Version="8.0.0-preview.4.23260.4" />
-    <PackageVersion Include="Microsoft.AspNetCore.Mvc.Testing" Version="8.0.0-preview.4.23260.4" />
-    <PackageVersion Include="Microsoft.AspNetCore.TestHost" Version="8.0.0-preview.4.23260.4" />
+    <PackageVersion Include="Microsoft.AspNetCore.Authentication.Google" Version="8.0.0-preview.5.23302.2" />
+    <PackageVersion Include="Microsoft.AspNetCore.Mvc.Testing" Version="8.0.0-preview.5.23302.2" />
+    <PackageVersion Include="Microsoft.AspNetCore.TestHost" Version="8.0.0-preview.5.23302.2" />
     <PackageVersion Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="6.16.0" />
     <PackageVersion Include="Moq" Version="4.18.2" />
     <PackageVersion Include="Shouldly" Version="4.1.0" />

eng/Versions.props

@@ -10,7 +10,7 @@
     -->
     <PackageValidationBaselineVersion Condition="'$(PackageValidationBaselineVersion)' == ''">7.0.0</PackageValidationBaselineVersion>
     <PreReleaseVersionLabel>preview</PreReleaseVersionLabel>
-    <PreReleaseVersionIteration>3</PreReleaseVersionIteration>
+    <PreReleaseVersionIteration>5</PreReleaseVersionIteration>
     <PreReleaseBrandingLabel>Preview $(PreReleaseVersionIteration)</PreReleaseBrandingLabel>
     <StabilizePackageVersion Condition="'$(StabilizePackageVersion)' == ''">false</StabilizePackageVersion>
     <DotNetFinalVersionKind Condition="'$(StabilizePackageVersion)' == 'true'">release</DotNetFinalVersionKind>

global.json

@@ -1,10 +1,10 @@
 {
   "sdk": {
-    "version": "8.0.100-preview.4.23260.5"
+    "version": "8.0.100-preview.5.23303.2"
   },
 
   "tools": {
-    "dotnet": "8.0.100-preview.4.23260.5"
+    "dotnet": "8.0.100-preview.5.23303.2"
   },
 
   "msbuild-sdks": {

src/AspNet.Security.OAuth.AdobeIO/AdobeIOAuthenticationHandler.cs

@@ -19,9 +19,8 @@ public partial class AdobeIOAuthenticationHandler : OAuthHandler<AdobeIOAuthenti
     public AdobeIOAuthenticationHandler(
         [NotNull] IOptionsMonitor<AdobeIOAuthenticationOptions> options,
         [NotNull] ILoggerFactory logger,
-        [NotNull] UrlEncoder encoder,
-        [NotNull] ISystemClock clock)
-        : base(options, logger, encoder, clock)
+        [NotNull] UrlEncoder encoder)
+        : base(options, logger, encoder)
     {
     }
 

src/AspNet.Security.OAuth.Alipay/AlipayAuthenticationHandler.cs

@@ -27,9 +27,8 @@ public partial class AlipayAuthenticationHandler : OAuthHandler<AlipayAuthentica
     public AlipayAuthenticationHandler(
         [NotNull] IOptionsMonitor<AlipayAuthenticationOptions> options,
         [NotNull] ILoggerFactory logger,
-        [NotNull] UrlEncoder encoder,
-        [NotNull] ISystemClock clock)
-        : base(options, logger, encoder, clock)
+        [NotNull] UrlEncoder encoder)
+        : base(options, logger, encoder)
     {
     }
 
@@ -57,7 +56,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
             ["grant_type"] = "authorization_code",
             ["method"] = "alipay.system.oauth.token",
             ["sign_type"] = "RSA2",
-            ["timestamp"] = Clock.UtcNow.ToString("yyyy-MM-dd HH:mm:ss", CultureInfo.InvariantCulture),
+            ["timestamp"] = TimeProvider.GetUtcNow().ToString("yyyy-MM-dd HH:mm:ss", CultureInfo.InvariantCulture),
             ["version"] = "1.0",
         };
         tokenRequestParameters.Add("sign", GetRSA2Signature(tokenRequestParameters));
@@ -105,7 +104,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             ["format"] = "JSON",
             ["method"] = "alipay.user.info.share",
             ["sign_type"] = "RSA2",
-            ["timestamp"] = Clock.UtcNow.ToString("yyyy-MM-dd HH:mm:ss", CultureInfo.InvariantCulture),
+            ["timestamp"] = TimeProvider.GetUtcNow().ToString("yyyy-MM-dd HH:mm:ss", CultureInfo.InvariantCulture),
             ["version"] = "1.0",
         };
         parameters.Add("sign", GetRSA2Signature(parameters));

src/AspNet.Security.OAuth.Amazon/AmazonAuthenticationHandler.cs

@@ -25,13 +25,11 @@ public partial class AmazonAuthenticationHandler : OAuthHandler<AmazonAuthentica
     /// <param name="options">The authentication options.</param>
     /// <param name="logger">The logger to use.</param>
     /// <param name="encoder">The URL encoder to use.</param>
-    /// <param name="clock">The system clock to use.</param>
     public AmazonAuthenticationHandler(
         [NotNull] IOptionsMonitor<AmazonAuthenticationOptions> options,
         [NotNull] ILoggerFactory logger,
-        [NotNull] UrlEncoder encoder,
-        [NotNull] ISystemClock clock)
-        : base(options, logger, encoder, clock)
+        [NotNull] UrlEncoder encoder)
+        : base(options, logger, encoder)
     {
     }
 

src/AspNet.Security.OAuth.AmoCrm/AmoCrmAuthenticationHandler.cs

@@ -24,13 +24,11 @@ public partial class AmoCrmAuthenticationHandler : OAuthHandler<AmoCrmAuthentica
     /// <param name="options">The authentication options.</param>
     /// <param name="logger">The logger to use.</param>
     /// <param name="encoder">The URL encoder to use.</param>
-    /// <param name="clock">The system clock to use.</param>
     public AmoCrmAuthenticationHandler(
         [NotNull] IOptionsMonitor<AmoCrmAuthenticationOptions> options,
         [NotNull] ILoggerFactory logger,
-        [NotNull] UrlEncoder encoder,
-        [NotNull] ISystemClock clock)
-        : base(options, logger, encoder, clock)
+        [NotNull] UrlEncoder encoder)
+        : base(options, logger, encoder)
     {
     }
 

src/AspNet.Security.OAuth.Apple/AppleAuthenticationHandler.cs

@@ -27,13 +27,11 @@ public partial class AppleAuthenticationHandler : OAuthHandler<AppleAuthenticati
     /// <param name="options">The authentication options.</param>
     /// <param name="logger">The logger to use.</param>
     /// <param name="encoder">The URL encoder to use.</param>
-    /// <param name="clock">The system clock to use.</param>
     public AppleAuthenticationHandler(
         [NotNull] IOptionsMonitor<AppleAuthenticationOptions> options,
         [NotNull] ILoggerFactory logger,
-        [NotNull] UrlEncoder encoder,
-        [NotNull] ISystemClock clock)
-        : base(options, logger, encoder, clock)
+        [NotNull] UrlEncoder encoder)
+        : base(options, logger, encoder)
     {
     }
 
@@ -52,7 +50,7 @@ protected override string BuildChallengeUrl(
         [NotNull] AuthenticationProperties properties,
         [NotNull] string redirectUri)
     {
-        string challengeUrl = base.BuildChallengeUrl(properties, redirectUri);
+        var challengeUrl = base.BuildChallengeUrl(properties, redirectUri);
 
         // Apple requires the response mode to be form_post when the email or name scopes are requested
         return QueryHelpers.AddQueryString(challengeUrl, "response_mode", "form_post");
@@ -67,7 +65,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
         [NotNull] AuthenticationProperties properties,
         [NotNull] OAuthTokenResponse tokens)
     {
-        string? idToken = tokens.Response!.RootElement.GetString("id_token");
+        var idToken = tokens.Response!.RootElement.GetString("id_token");
 
         Log.CreatingTicket(Logger);
 
@@ -186,7 +184,7 @@ private async Task<HandleRequestResult> HandleRemoteAuthenticateAsync(
 
         if (properties == null)
         {
-            return HandleRequestResult.Fail("The oauth state was missing or invalid.");
+            return HandleRequestResult.Fail("The OAuth state was missing or invalid.");
         }
 
         // OAuth2 10.12 CSRF
@@ -302,11 +300,11 @@ private async Task<HandleRequestResult> HandleRemoteAuthenticateAsync(
 
             if (!string.IsNullOrEmpty(tokens.ExpiresIn))
             {
-                if (int.TryParse(tokens.ExpiresIn, NumberStyles.Integer, CultureInfo.InvariantCulture, out int value))
+                if (int.TryParse(tokens.ExpiresIn, NumberStyles.Integer, CultureInfo.InvariantCulture, out var value))
                 {
                     // https://www.w3.org/TR/xmlschema-2/#dateTime
                     // https://msdn.microsoft.com/en-us/library/az4se3k1(v=vs.110).aspx
-                    var expiresAt = Clock.UtcNow + TimeSpan.FromSeconds(value);
+                    var expiresAt = TimeProvider.GetUtcNow().AddSeconds(value);
 
                     authTokens.Add(new AuthenticationToken()
                     {
@@ -316,7 +314,7 @@ private async Task<HandleRequestResult> HandleRemoteAuthenticateAsync(
                 }
             }
 
-            string? idToken = tokens.Response?.RootElement.GetString("id_token");
+            var idToken = tokens.Response?.RootElement.GetString("id_token");
 
             if (!string.IsNullOrEmpty(idToken))
             {

src/AspNet.Security.OAuth.Apple/ApplePostConfigureOptions.cs

@@ -22,22 +22,22 @@ namespace AspNet.Security.OAuth.Apple;
 public class ApplePostConfigureOptions : IPostConfigureOptions<AppleAuthenticationOptions>
 {
     private readonly IMemoryCache _cache;
-    private readonly ISystemClock _clock;
+    private readonly TimeProvider _timeProvider;
     private readonly ILoggerFactory _loggerFactory;
 
     /// <summary>
     /// Initializes a new instance of the <see cref="ApplePostConfigureOptions"/> class.
     /// </summary>
     /// <param name="cache">The <see cref="IMemoryCache"/> to use.</param>
-    /// <param name="clock">The <see cref="ISystemClock"/> to use.</param>
+    /// <param name="timeProvider">The <see cref="TimeProvider"/> to use.</param>
     /// <param name="loggerFactory">The <see cref="ILoggerFactory"/> to use.</param>
     public ApplePostConfigureOptions(
         IMemoryCache cache,
-        ISystemClock clock,
+        TimeProvider timeProvider,
         ILoggerFactory loggerFactory)
     {
         _cache = cache;
-        _clock = clock;
+        _timeProvider = timeProvider;
         _loggerFactory = loggerFactory ?? NullLoggerFactory.Instance;
     }
 
@@ -50,20 +50,14 @@ public void PostConfigure(
         // https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/1302
         var cryptoProviderFactory = new CryptoProviderFactory() { CacheSignatureProviders = false };
 
-        if (options.ClientSecretGenerator is null)
-        {
-            options.ClientSecretGenerator = new DefaultAppleClientSecretGenerator(
-                _cache,
-                _clock,
-                cryptoProviderFactory,
-                _loggerFactory.CreateLogger<DefaultAppleClientSecretGenerator>());
-        }
+        options.ClientSecretGenerator ??= new DefaultAppleClientSecretGenerator(
+            _cache,
+            _timeProvider,
+            cryptoProviderFactory,
+            _loggerFactory.CreateLogger<DefaultAppleClientSecretGenerator>());
 
-        if (options.TokenValidator is null)
-        {
-            options.TokenValidator = new DefaultAppleIdTokenValidator(
-                _loggerFactory.CreateLogger<DefaultAppleIdTokenValidator>());
-        }
+        options.TokenValidator ??= new DefaultAppleIdTokenValidator(
+            _loggerFactory.CreateLogger<DefaultAppleIdTokenValidator>());
 
         if (options.ConfigurationManager is null)
         {
@@ -73,7 +67,7 @@ public void PostConfigure(
             }
 
             // As seen in:
-            // github.com/dotnet/aspnetcore/blob/master/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectPostConfigureOptions.cs#L71-L102
+            // https://github.com/dotnet/aspnetcore/blob/master/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectPostConfigureOptions.cs#L71-L102
             // need this now to successfully instantiate ConfigurationManager below.
             if (options.Backchannel is null)
             {
@@ -91,21 +85,14 @@ public void PostConfigure(
                 new HttpDocumentRetriever(options.Backchannel));
         }
 
-        if (options.SecurityTokenHandler is null)
+        options.SecurityTokenHandler ??= new JsonWebTokenHandler();
+        options.TokenValidationParameters ??= new TokenValidationParameters()
         {
-            options.SecurityTokenHandler = new JsonWebTokenHandler();
-        }
-
-        if (options.TokenValidationParameters is null)
-        {
-            options.TokenValidationParameters = new TokenValidationParameters()
-            {
-                CryptoProviderFactory = cryptoProviderFactory,
-                ValidateAudience = true,
-                ValidateIssuer = true,
-                ValidAudience = options.ClientId,
-                ValidIssuer = options.TokenAudience
-            };
-        }
+            CryptoProviderFactory = cryptoProviderFactory,
+            ValidateAudience = true,
+            ValidateIssuer = true,
+            ValidAudience = options.ClientId,
+            ValidIssuer = options.TokenAudience
+        };
     }
 }

src/AspNet.Security.OAuth.Apple/Internal/DefaultAppleClientSecretGenerator.cs

@@ -15,33 +15,32 @@ namespace AspNet.Security.OAuth.Apple.Internal;
 internal sealed partial class DefaultAppleClientSecretGenerator : AppleClientSecretGenerator
 {
     private readonly IMemoryCache _cache;
-    private readonly ISystemClock _clock;
+    private readonly TimeProvider _timeProvider;
     private readonly ILogger _logger;
     private readonly CryptoProviderFactory _cryptoProviderFactory;
 
     public DefaultAppleClientSecretGenerator(
         [NotNull] IMemoryCache cache,
-        [NotNull] ISystemClock clock,
+        [NotNull] TimeProvider clock,
         [NotNull] CryptoProviderFactory cryptoProviderFactory,
         [NotNull] ILogger<DefaultAppleClientSecretGenerator> logger)
     {
         _cache = cache;
-        _clock = clock;
+        _timeProvider = clock;
         _cryptoProviderFactory = cryptoProviderFactory;
         _logger = logger;
     }
 
     /// <inheritdoc />
     public override async Task<string> GenerateAsync([NotNull] AppleGenerateClientSecretContext context)
     {
-        string key = CreateCacheKey(context.Options);
+        var key = CreateCacheKey(context.Options);
 
         var clientSecret = await _cache.GetOrCreateAsync(key, async (entry) =>
         {
             try
             {
-                (string clientSecret, DateTimeOffset expiresAt) = await GenerateNewSecretAsync(context);
-                entry.AbsoluteExpiration = expiresAt;
+                (var clientSecret, entry.AbsoluteExpiration) = await GenerateNewSecretAsync(context);
                 return clientSecret;
             }
             catch (Exception ex)
@@ -71,7 +70,7 @@ private static string CreateCacheKey(AppleAuthenticationOptions options)
     private async Task<(string ClientSecret, DateTimeOffset ExpiresAt)> GenerateNewSecretAsync(
         [NotNull] AppleGenerateClientSecretContext context)
     {
-        var expiresAt = _clock.UtcNow.Add(context.Options.ClientSecretExpiresAfter).UtcDateTime;
+        var expiresAt = _timeProvider.GetUtcNow().Add(context.Options.ClientSecretExpiresAfter).UtcDateTime;
         var subject = new Claim("sub", context.Options.ClientId);
 
         Log.GeneratingNewClientSecret(_logger, subject.Value, expiresAt);

src/AspNet.Security.OAuth.ArcGIS/ArcGISAuthenticationHandler.cs

@@ -19,9 +19,8 @@ public partial class ArcGISAuthenticationHandler : OAuthHandler<ArcGISAuthentica
     public ArcGISAuthenticationHandler(
         [NotNull] IOptionsMonitor<ArcGISAuthenticationOptions> options,
         [NotNull] ILoggerFactory logger,
-        [NotNull] UrlEncoder encoder,
-        [NotNull] ISystemClock clock)
-        : base(options, logger, encoder, clock)
+        [NotNull] UrlEncoder encoder)
+        : base(options, logger, encoder)
     {
     }
 

src/AspNet.Security.OAuth.Asana/AsanaAuthenticationHandler.cs

@@ -18,9 +18,8 @@ public partial class AsanaAuthenticationHandler : OAuthHandler<AsanaAuthenticati
     public AsanaAuthenticationHandler(
         [NotNull] IOptionsMonitor<AsanaAuthenticationOptions> options,
         [NotNull] ILoggerFactory logger,
-        [NotNull] UrlEncoder encoder,
-        [NotNull] ISystemClock clock)
-        : base(options, logger, encoder, clock)
+        [NotNull] UrlEncoder encoder)
+        : base(options, logger, encoder)
     {
     }
 

src/AspNet.Security.OAuth.Autodesk/AutodeskAuthenticationHandler.cs

@@ -18,9 +18,8 @@ public partial class AutodeskAuthenticationHandler : OAuthHandler<AutodeskAuthen
     public AutodeskAuthenticationHandler(
         [NotNull] IOptionsMonitor<AutodeskAuthenticationOptions> options,
         [NotNull] ILoggerFactory logger,
-        [NotNull] UrlEncoder encoder,
-        [NotNull] ISystemClock clock)
-        : base(options, logger, encoder, clock)
+        [NotNull] UrlEncoder encoder)
+        : base(options, logger, encoder)
     {
     }
 

src/AspNet.Security.OAuth.Baidu/BaiduAuthenticationHandler.cs

@@ -19,9 +19,8 @@ public partial class BaiduAuthenticationHandler : OAuthHandler<BaiduAuthenticati
     public BaiduAuthenticationHandler(
         [NotNull] IOptionsMonitor<BaiduAuthenticationOptions> options,
         [NotNull] ILoggerFactory logger,
-        [NotNull] UrlEncoder encoder,
-        [NotNull] ISystemClock clock)
-        : base(options, logger, encoder, clock)
+        [NotNull] UrlEncoder encoder)
+        : base(options, logger, encoder)
     {
     }
 

src/AspNet.Security.OAuth.Basecamp/BasecampAuthenticationHandler.cs

@@ -18,9 +18,8 @@ public partial class BasecampAuthenticationHandler : OAuthHandler<BasecampAuthen
     public BasecampAuthenticationHandler(
         [NotNull] IOptionsMonitor<BasecampAuthenticationOptions> options,
         [NotNull] ILoggerFactory logger,
-        [NotNull] UrlEncoder encoder,
-        [NotNull] ISystemClock clock)
-        : base(options, logger, encoder, clock)
+        [NotNull] UrlEncoder encoder)
+        : base(options, logger, encoder)
     {
     }
 

src/AspNet.Security.OAuth.BattleNet/BattleNetAuthenticationHandler.cs

@@ -19,9 +19,8 @@ public partial class BattleNetAuthenticationHandler : OAuthHandler<BattleNetAuth
     public BattleNetAuthenticationHandler(
         [NotNull] IOptionsMonitor<BattleNetAuthenticationOptions> options,
         [NotNull] ILoggerFactory logger,
-        [NotNull] UrlEncoder encoder,
-        [NotNull] ISystemClock clock)
-        : base(options, logger, encoder, clock)
+        [NotNull] UrlEncoder encoder)
+        : base(options, logger, encoder)
     {
     }