Identity

src/Identity/ApiAuthorization.IdentityServer/src/Authentication/IdentityServerJwtBearerOptionsConfiguration.cs

@@ -1,4 +1,4 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
 using Duende.IdentityServer.Extensions;
@@ -11,7 +11,7 @@
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class IdentityServerJwtBearerOptionsConfiguration : IConfigureNamedOptions<JwtBearerOptions>
+internal sealed class IdentityServerJwtBearerOptionsConfiguration : IConfigureNamedOptions<JwtBearerOptions>
 {
     private readonly string _scheme;
     private readonly string _apiName;

src/Identity/ApiAuthorization.IdentityServer/src/Authentication/IdentityServerJwtPolicySchemeForwardSelector.cs

@@ -1,12 +1,12 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Identity;
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer.Authentication;
 
-internal class IdentityServerJwtPolicySchemeForwardSelector
+internal sealed class IdentityServerJwtPolicySchemeForwardSelector
 {
     private readonly PathString _identityPath;
     private readonly string _IdentityServerJwtScheme;

src/Identity/ApiAuthorization.IdentityServer/src/Authentication/StaticConfigurationManager.cs

@@ -1,12 +1,12 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
 using Microsoft.IdentityModel.Protocols;
 using Microsoft.IdentityModel.Protocols.OpenIdConnect;
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class StaticConfigurationManager : IConfigurationManager<OpenIdConnectConfiguration>
+internal sealed class StaticConfigurationManager : IConfigurationManager<OpenIdConnectConfiguration>
 {
     private readonly Task<OpenIdConnectConfiguration> _configuration;
 

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/AspNetConventionsConfigureOptions.cs

@@ -7,7 +7,7 @@
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class AspNetConventionsConfigureOptions : IConfigureOptions<IdentityServerOptions>
+internal sealed class AspNetConventionsConfigureOptions : IConfigureOptions<IdentityServerOptions>
 {
     public void Configure(IdentityServerOptions options)
     {

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/ClientDefinition.cs

@@ -1,9 +1,9 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class ClientDefinition : ServiceDefinition
+internal sealed class ClientDefinition : ServiceDefinition
 {
     public string RedirectUri { get; set; }
     public string LogoutUri { get; set; }

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/ConfigureApiResources.cs

@@ -10,7 +10,7 @@
 
 namespace Microsoft.Extensions.DependencyInjection;
 
-internal class ConfigureApiResources : IConfigureOptions<ApiAuthorizationOptions>
+internal sealed class ConfigureApiResources : IConfigureOptions<ApiAuthorizationOptions>
 {
     private const char ScopesSeparator = ' ';
 

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/ConfigureApiScopes.cs

@@ -6,7 +6,7 @@
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer.Configuration;
 
-internal class ConfigureApiScopes : IPostConfigureOptions<ApiAuthorizationOptions>
+internal sealed class ConfigureApiScopes : IPostConfigureOptions<ApiAuthorizationOptions>
 {
     public void PostConfigure(string name, ApiAuthorizationOptions options)
     {

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/ConfigureClientScopes.cs

@@ -8,7 +8,7 @@
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer.Configuration;
 
-internal class ConfigureClientScopes : IPostConfigureOptions<ApiAuthorizationOptions>
+internal sealed class ConfigureClientScopes : IPostConfigureOptions<ApiAuthorizationOptions>
 {
     private const char DefaultClientListSeparator = ' ';
     private readonly ILogger<ConfigureClientScopes> _logger;

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/ConfigureClients.cs

@@ -8,7 +8,7 @@
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class ConfigureClients : IConfigureOptions<ApiAuthorizationOptions>
+internal sealed class ConfigureClients : IConfigureOptions<ApiAuthorizationOptions>
 {
     private const string DefaultLocalSPARelativeRedirectUri = "/authentication/login-callback";
     private const string DefaultLocalSPARelativePostLogoutRedirectUri = "/authentication/logout-callback";

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/ConfigureIdentityResources.cs

@@ -1,12 +1,12 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.Options;
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class ConfigureIdentityResources : IConfigureOptions<ApiAuthorizationOptions>
+internal sealed class ConfigureIdentityResources : IConfigureOptions<ApiAuthorizationOptions>
 {
     private readonly IConfiguration _configuration;
     private const char ScopesSeparator = ' ';

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/ConfigureSigningCredentials.cs

@@ -11,7 +11,7 @@
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class ConfigureSigningCredentials : IConfigureOptions<ApiAuthorizationOptions>
+internal sealed class ConfigureSigningCredentials : IConfigureOptions<ApiAuthorizationOptions>
 {
     // We need to cast the underlying int value of the EphemeralKeySet to X509KeyStorageFlags
     // due to the fact that is not part of .NET Standard. This value is only used with non-windows
@@ -94,7 +94,7 @@ public SigningCredentials LoadKey()
     }
 
     // for testing purposes only
-    internal virtual DateTimeOffset GetCurrentTime() => DateTimeOffset.UtcNow;
+    internal static DateTimeOffset GetCurrentTime() => DateTimeOffset.UtcNow;
 
     private static X509KeyStorageFlags GetStorageFlags(KeyDefinition key)
     {

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/IdentityResourceDefinition.cs

@@ -1,9 +1,9 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class IdentityResourceDefinition : ResourceDefinition
+internal sealed class IdentityResourceDefinition : ResourceDefinition
 {
     public IdentityResourceDefinition()
     {

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/IdentityServerJwtApiDescriptor.cs

@@ -5,7 +5,7 @@
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer.Configuration;
 
-internal class IdentityServerJwtDescriptor : IIdentityServerJwtDescriptor
+internal sealed class IdentityServerJwtDescriptor : IIdentityServerJwtDescriptor
 {
     public IdentityServerJwtDescriptor(IWebHostEnvironment environment)
     {

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/KeyDefinition.cs

@@ -1,9 +1,9 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer.Configuration;
 
-internal class KeyDefinition
+internal sealed class KeyDefinition
 {
     public string Type { get; set; }
     public bool? Persisted { get; set; }

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/KeySources.cs

@@ -1,9 +1,9 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer.Configuration;
 
-internal class KeySources
+internal sealed class KeySources
 {
     public const string File = nameof(File);
     public const string Development = nameof(Development);

src/Identity/ApiAuthorization.IdentityServer/src/Configuration/SigningKeysLoader.cs

@@ -1,4 +1,4 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
 using System.Linq;
@@ -98,7 +98,7 @@ public static RSA LoadDevelopment(string path, bool createIfMissing)
         }
     }
 
-    private class RSAKeyParameters
+    private sealed class RSAKeyParameters
     {
         public string D { get; set; }
         public string DP { get; set; }

src/Identity/ApiAuthorization.IdentityServer/src/Extensions/AbsoluteUrlFactory.cs

@@ -1,11 +1,11 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
 using Microsoft.AspNetCore.Http;
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class AbsoluteUrlFactory : IAbsoluteUrlFactory
+internal sealed class AbsoluteUrlFactory : IAbsoluteUrlFactory
 {
     public AbsoluteUrlFactory(IHttpContextAccessor httpContextAccessor)
     {

src/Identity/ApiAuthorization.IdentityServer/src/Extensions/AutoRedirectEndSessionEndpoint.cs

@@ -18,7 +18,7 @@
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class AutoRedirectEndSessionEndpoint : IEndpointHandler
+internal sealed class AutoRedirectEndSessionEndpoint : IEndpointHandler
 {
     private readonly ILogger _logger;
     private readonly IUserSession _session;
@@ -111,7 +111,7 @@ private static IEndpointResult ValidateRequest(HttpRequest request)
         return null;
     }
 
-    internal class RedirectResult : IEndpointResult
+    internal sealed class RedirectResult : IEndpointResult
     {
 
         public RedirectResult(string url)

src/Identity/ApiAuthorization.IdentityServer/src/Extensions/DefaultClientRequestParametersProvider.cs

@@ -8,7 +8,7 @@
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class DefaultClientRequestParametersProvider : IClientRequestParametersProvider
+internal sealed class DefaultClientRequestParametersProvider : IClientRequestParametersProvider
 {
     public DefaultClientRequestParametersProvider(
         IAbsoluteUrlFactory urlFactory,

src/Identity/ApiAuthorization.IdentityServer/src/Extensions/RelativeRedirectUriValidator.cs

@@ -1,12 +1,12 @@
-// Licensed to the .NET Foundation under one or more agreements.
+// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
 using Duende.IdentityServer.Models;
 using Duende.IdentityServer.Validation;
 
 namespace Microsoft.AspNetCore.ApiAuthorization.IdentityServer;
 
-internal class RelativeRedirectUriValidator : StrictRedirectUriValidator
+internal sealed class RelativeRedirectUriValidator : StrictRedirectUriValidator
 {
     public RelativeRedirectUriValidator(IAbsoluteUrlFactory absoluteUrlFactory)
     {

src/Identity/EntityFrameworkCore/src/IdentityUserContext.cs

@@ -101,7 +101,7 @@ protected IdentityUserContext() { }
                         ?.GetService<IOptions<IdentityOptions>>()
                         ?.Value?.Stores;
 
-    private class PersonalDataConverter : ValueConverter<string, string>
+    private sealed class PersonalDataConverter : ValueConverter<string, string>
     {
         public PersonalDataConverter(IPersonalDataProtector protector) : base(s => protector.Protect(s), s => protector.Unprotect(s), default)
         { }

src/Identity/Specification.Tests/src/IdentitySpecificationTestBase.cs

@@ -135,7 +135,7 @@ public async Task CanCreateRoleTest()
         Assert.True(await manager.RoleExistsAsync(roleName));
     }
 
-    private class AlwaysBadValidator : IUserValidator<TUser>, IRoleValidator<TRole>,
+    private sealed class AlwaysBadValidator : IUserValidator<TUser>, IRoleValidator<TRole>,
         IPasswordValidator<TUser>
     {
         public static readonly IdentityError ErrorMessage = new IdentityError { Description = "I'm Bad.", Code = "BadValidator" };

src/Identity/Specification.Tests/src/UserManagerSpecificationTests.cs

@@ -137,7 +137,7 @@ protected abstract TUser CreateTestUser(string namePrefix = "", string email = "
     /// <returns>The query to use.</returns>
     protected abstract Expression<Func<TUser, bool>> UserNameStartsWithPredicate(string userName);
 
-    private class AlwaysBadValidator : IUserValidator<TUser>,
+    private sealed class AlwaysBadValidator : IUserValidator<TUser>,
         IPasswordValidator<TUser>
     {
         public static readonly IdentityError ErrorMessage = new IdentityError { Description = "I'm Bad.", Code = "BadValidator" };
@@ -153,7 +153,7 @@ public Task<IdentityResult> ValidateAsync(UserManager<TUser> manager, TUser user
         }
     }
 
-    private class EmptyBadValidator : IUserValidator<TUser>,
+    private sealed class EmptyBadValidator : IUserValidator<TUser>,
         IPasswordValidator<TUser>
     {
         public Task<IdentityResult> ValidateAsync(UserManager<TUser> manager, TUser user, string password)
@@ -956,7 +956,7 @@ public async Task ConfirmEmailFalseByDefaultTest()
         Assert.False(await manager.IsEmailConfirmedAsync(user));
     }
 
-    private class StaticTokenProvider : IUserTwoFactorTokenProvider<TUser>
+    private sealed class StaticTokenProvider : IUserTwoFactorTokenProvider<TUser>
     {
         public async Task<string> GenerateAsync(string purpose, UserManager<TUser> manager, TUser user)
         {
@@ -1410,7 +1410,7 @@ public async Task ChangePhoneNumberFailsWithWrongToken()
         Assert.Equal(stamp, await manager.GetSecurityStampAsync(user));
     }
 
-    private class YesPhoneNumberProvider : IUserTwoFactorTokenProvider<TUser>
+    private sealed class YesPhoneNumberProvider : IUserTwoFactorTokenProvider<TUser>
     {
         public Task<bool> CanGenerateTwoFactorTokenAsync(UserManager<TUser> manager, TUser user)
             => Task.FromResult(true);

src/Identity/UI/src/Areas/Identity/Filters/ExternalLoginsPageFilter.cs

@@ -8,7 +8,7 @@
 
 namespace Microsoft.AspNetCore.Identity.UI.Areas.Identity.Filters;
 
-internal class ExternalLoginsPageFilter<TUser> : IAsyncPageFilter where TUser : class
+internal sealed class ExternalLoginsPageFilter<TUser> : IAsyncPageFilter where TUser : class
 {
     public async Task OnPageHandlerExecutionAsync(PageHandlerExecutingContext context, PageHandlerExecutionDelegate next)
     {

src/Identity/UI/src/Areas/Identity/Pages/V4/Account/ConfirmEmail.cshtml.cs

@@ -31,7 +31,7 @@ public abstract class ConfirmEmailModel : PageModel
     public virtual Task<IActionResult> OnGetAsync(string userId, string code) => throw new NotImplementedException();
 }
 
-internal class ConfirmEmailModel<TUser> : ConfirmEmailModel where TUser : class
+internal sealed class ConfirmEmailModel<TUser> : ConfirmEmailModel where TUser : class
 {
     private readonly UserManager<TUser> _userManager;
 

src/Identity/UI/src/Areas/Identity/Pages/V4/Account/ConfirmEmailChange.cshtml.cs

@@ -31,7 +31,7 @@ public abstract class ConfirmEmailChangeModel : PageModel
     public virtual Task<IActionResult> OnGetAsync(string userId, string email, string code) => throw new NotImplementedException();
 }
 
-internal class ConfirmEmailChangeModel<TUser> : ConfirmEmailChangeModel where TUser : class
+internal sealed class ConfirmEmailChangeModel<TUser> : ConfirmEmailChangeModel where TUser : class
 {
     private readonly UserManager<TUser> _userManager;
     private readonly SignInManager<TUser> _signInManager;

src/Identity/UI/src/Areas/Identity/Pages/V4/Account/ExternalLogin.cshtml.cs

@@ -88,7 +88,7 @@ public class InputModel
     public virtual Task<IActionResult> OnPostConfirmationAsync(string? returnUrl = null) => throw new NotImplementedException();
 }
 
-internal class ExternalLoginModel<TUser> : ExternalLoginModel where TUser : class
+internal sealed class ExternalLoginModel<TUser> : ExternalLoginModel where TUser : class
 {
     private readonly SignInManager<TUser> _signInManager;
     private readonly UserManager<TUser> _userManager;

src/Identity/UI/src/Areas/Identity/Pages/V4/Account/ForgotPassword.cshtml.cs

@@ -49,7 +49,7 @@ public class InputModel
     public virtual Task<IActionResult> OnPostAsync() => throw new NotImplementedException();
 }
 
-internal class ForgotPasswordModel<TUser> : ForgotPasswordModel where TUser : class
+internal sealed class ForgotPasswordModel<TUser> : ForgotPasswordModel where TUser : class
 {
     private readonly UserManager<TUser> _userManager;
     private readonly IEmailSender _emailSender;

src/Identity/UI/src/Areas/Identity/Pages/V4/Account/Login.cshtml.cs

@@ -88,7 +88,7 @@ public class InputModel
     public virtual Task<IActionResult> OnPostAsync(string? returnUrl = null) => throw new NotImplementedException();
 }
 
-internal class LoginModel<TUser> : LoginModel where TUser : class
+internal sealed class LoginModel<TUser> : LoginModel where TUser : class
 {
     private readonly SignInManager<TUser> _signInManager;
     private readonly ILogger<LoginModel> _logger;

src/Identity/UI/src/Areas/Identity/Pages/V4/Account/LoginWith2fa.cshtml.cs

@@ -73,7 +73,7 @@ public class InputModel
     public virtual Task<IActionResult> OnPostAsync(bool rememberMe, string? returnUrl = null) => throw new NotImplementedException();
 }
 
-internal class LoginWith2faModel<TUser> : LoginWith2faModel where TUser : class
+internal sealed class LoginWith2faModel<TUser> : LoginWith2faModel where TUser : class
 {
     private readonly SignInManager<TUser> _signInManager;
     private readonly UserManager<TUser> _userManager;

src/Identity/UI/src/Areas/Identity/Pages/V4/Account/LoginWithRecoveryCode.cshtml.cs

@@ -60,7 +60,7 @@ public class InputModel
     public virtual Task<IActionResult> OnPostAsync(string? returnUrl = null) => throw new NotImplementedException();
 }
 
-internal class LoginWithRecoveryCodeModel<TUser> : LoginWithRecoveryCodeModel where TUser : class
+internal sealed class LoginWithRecoveryCodeModel<TUser> : LoginWithRecoveryCodeModel where TUser : class
 {
     private readonly SignInManager<TUser> _signInManager;
     private readonly UserManager<TUser> _userManager;

src/Identity/UI/src/Areas/Identity/Pages/V4/Account/Logout.cshtml.cs

@@ -31,7 +31,7 @@ public void OnGet()
     public virtual Task<IActionResult> OnPost(string? returnUrl = null) => throw new NotImplementedException();
 }
 
-internal class LogoutModel<TUser> : LogoutModel where TUser : class
+internal sealed class LogoutModel<TUser> : LogoutModel where TUser : class
 {
     private readonly SignInManager<TUser> _signInManager;
     private readonly ILogger<LogoutModel> _logger;

src/Identity/UI/src/Areas/Identity/Pages/V4/Account/Manage/ChangePassword.cshtml.cs

@@ -77,7 +77,7 @@ public class InputModel
     public virtual Task<IActionResult> OnPostAsync() => throw new NotImplementedException();
 }
 
-internal class ChangePasswordModel<TUser> : ChangePasswordModel where TUser : class
+internal sealed class ChangePasswordModel<TUser> : ChangePasswordModel where TUser : class
 {
     private readonly UserManager<TUser> _userManager;
     private readonly SignInManager<TUser> _signInManager;