Implemented C# 8 Nullable Reference Type standard. #231
Conversation
| @@ -10,8 +10,8 @@ internal static class AuthorityHelpers | |||
| { | |||
| internal static string BuildAuthority(MicrosoftIdentityOptions options) | |||
| { | |||
| var baseUri = new Uri(options.Instance); | |||
| var pathBase = baseUri.PathAndQuery.TrimEnd('/'); | |||
| Uri baseUri = new Uri(options.Instance); | |||
There was a problem hiding this comment.
By default, var becomes the nullable reference type (Uri? in this case). So in some cases I used explicit type instead.
| @@ -27,19 +27,19 @@ public void LoadIfNeeded(CertificateDescription certificateDescription) | |||
| switch (certificateDescription.SourceType) | |||
| { | |||
| case CertificateSource.KeyVault: | |||
| certificateDescription.Certificate = LoadFromKeyVault(certificateDescription.Container, certificateDescription.ReferenceOrValue); | |||
| certificateDescription.Certificate = LoadFromKeyVault(certificateDescription.Container!, certificateDescription.ReferenceOrValue!); | |||
There was a problem hiding this comment.
! overrides the conversion from nullable to non-nullable type, which otherwise would throw an exception. In this case, the properties shouldn't be null.
src/Microsoft.Identity.Web/CertificateManagement/DefaultCertificateLoader.cs
Show resolved
Hide resolved
| @@ -203,7 +199,7 @@ private static void ParseStoreLocationAndName(string storeDescription, ref Store | |||
| DefaultCertificateLoader defaultCertificateLoader = new DefaultCertificateLoader(); | |||
| CertificateDescription certDescription = certificateDescription.First(); | |||
| defaultCertificateLoader.LoadIfNeeded(certDescription); | |||
| return certDescription?.Certificate; | |||
| return certDescription.Certificate!; | |||
There was a problem hiding this comment.
Certificate here, I assume, should never be null. But if it's not found in the cert store, it will be null. I think this will result in passing null to MSAL and to Wilson.
There was a problem hiding this comment.
MSAL will handle the cert being null and throw an ArgumentNullException, we catch the exception
In reply to: 444031657 [](ancestors = 444031657)
There was a problem hiding this comment.
-
We do get an uncaught NPE when trying to set token decryption cert.
-
Yes, we do catch the NPE from MSAL. But the exception is kind of general. Also, FromBase64 gives
Cannot find the requested object.; FromDisk givesThe system cannot find the file specified.Similar to my other comment, maybe we can update this to give better messaging and user experience when we implement cert rotation stuff.
There was a problem hiding this comment.
That's fine, but maybe something for a separate PR w/a new issue.
src/Microsoft.Identity.Web/InstanceDiscovery/IssuerConfigurationRetriever.cs
Outdated
Show resolved
Hide resolved
| @@ -16,17 +16,17 @@ public class MicrosoftIdentityOptions : OpenIdConnectOptions | |||
| /// <summary> | |||
| /// Gets or sets the Azure Active Directory instance, e.g. "https://login.microsoftonline.com". | |||
| /// </summary> | |||
| public string Instance { get; set; } | |||
| public string Instance { get; set; } = null!; | |||
There was a problem hiding this comment.
This is a workaround for properties that are really non-nullable, except in once instance when the Data Transfer Objects are not yet initialized.
| # SA0001: XML comment analysis disabled | ||
| dotnet_diagnostic.SA0001.severity = none |
There was a problem hiding this comment.
This removes 4 warnings from the build pipeline related to disabled comment analysis.
src/Microsoft.Identity.Web/WebAppCallsWebApiAuthenticationBuilderExtensions.cs
Show resolved
Hide resolved
| { | ||
| events = new JwtBearerEvents(); | ||
| } | ||
| events ??= new JwtBearerEvents(); |
There was a problem hiding this comment.
Where? Looks right.
| @@ -80,6 +80,8 @@ public OpenIdConnectMiddlewareDiagnostics(ILogger<OpenIdConnectMiddlewareDiagnos | |||
| /// <param name="events">Events to subscribe to.</param> | |||
| public void Subscribe(OpenIdConnectEvents events) | |||
| { | |||
| events ??= new OpenIdConnectEvents(); | |||
| if (token == null) | ||
| { | ||
| throw new SecurityTokenValidationException("Token is not JWT token."); | ||
| } |
There was a problem hiding this comment.
is that the right error message? when would the casting fail in this case and result in a null token value? the message should have some customer value, so how can they resolve or understand the issue to fix it.
There was a problem hiding this comment.
I am not sure if it's always JwtSecurityToken. Is it? If it is, I can just explicitly cast it.
There was a problem hiding this comment.
might be something to look into. the error message is misleading.
|
some comments. it's hard to review w/so many xml and spelling changes. in the future, can you do those in a separate PR, especially when you have so many? it tends to create noise and slows down the review. thank you. |
@jennyf19 Will do. |
pmaytak
force-pushed
the
pmaytak/nullableReferences
branch
3 times, most recently
from
ef1a6ca to
9a9fb77
Compare
…l null checks for public method parameters. Minor comment fixes.
pmaytak
force-pushed
the
pmaytak/nullableReferences
branch
from
9a9fb77 to
3fc2f23
Compare
Issue #15
Original branch #183
Note 1:
Created a separate branch because rebasing #183 had some conflicts. Work from #183 is included here.
Note 2:
Analyzers had some funky behavior. Some code didn't have squiggly underlines. Error list had some weird warning types. Perhaps something to do with preview .NET build?
References:
Nullable reference types
Reserved attributes contribute to the compiler's null state static analysis
Try out Nullable Reference Types
Update libraries to use nullable reference types and communicate nullable rules to callers