Update to IdentityModel v5 (DuendeArchive#127)

leastprivilege · web-flow · commit 5053d30c0abd · 2021-01-15T14:20:20.000+01:00
* update IdentityModel

* replace Json.Net specific plumbing

* cleanup
diff --git a/src/IdentityModel.AspNetCore.OAuth2Introspection.csproj b/src/IdentityModel.AspNetCore.OAuth2Introspection.csproj
@@ -35,7 +35,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="IdentityModel" Version="4.6.0" />
+    <PackageReference Include="IdentityModel" Version="5.0.0" />
 
     <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.0.0" PrivateAssets="All" />
     <PackageReference Include="minver" Version="2.4.0" PrivateAssets="All" />
diff --git a/src/Infrastructure/CacheExtensions.cs b/src/Infrastructure/CacheExtensions.cs
@@ -3,24 +3,30 @@
 
 using Microsoft.Extensions.Caching.Distributed;
 using Microsoft.Extensions.Logging;
-using Newtonsoft.Json;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Security.Claims;
 using System.Text;
+using System.Text.Json;
 using System.Threading.Tasks;
 
 namespace IdentityModel.AspNetCore.OAuth2Introspection
 {
     internal static class CacheExtensions
     {
-        internal readonly static JsonSerializerSettings Settings;
+        internal readonly static JsonSerializerOptions Options;
 
         static CacheExtensions()
         {
-            Settings = new JsonSerializerSettings();
-            Settings.Converters.Add(new ClaimConverter());
+            Options = new JsonSerializerOptions
+            {
+                IgnoreReadOnlyFields = true,
+                IgnoreReadOnlyProperties = true,
+                IgnoreNullValues = true
+            };
+            
+            Options.Converters.Add(new ClaimConverter());
         }
 
         public static async Task<IEnumerable<Claim>> GetClaimsAsync(this IDistributedCache cache, string cacheKeyPrefix, string token)
@@ -33,7 +39,7 @@ public static async Task<IEnumerable<Claim>> GetClaimsAsync(this IDistributedCac
             }
 
             var json = Encoding.UTF8.GetString(bytes);
-            return JsonConvert.DeserializeObject<IEnumerable<Claim>>(json, Settings);
+            return JsonSerializer.Deserialize<IEnumerable<Claim>>(json, Options);
         }
 
         public static async Task SetClaimsAsync(this IDistributedCache cache, string cacheKeyPrefix, string token, IEnumerable<Claim> claims, TimeSpan duration, ILogger logger)
@@ -66,7 +72,7 @@ public static async Task SetClaimsAsync(this IDistributedCache cache, string cac
                 absoluteLifetime = now.Add(duration);
             }
 
-            var json = JsonConvert.SerializeObject(claims, Settings);
+            var json = JsonSerializer.Serialize(claims, Options);
             var bytes = Encoding.UTF8.GetBytes(json);
 
             logger.LogDebug("Setting cache item expiration to {expiration}", absoluteLifetime);
diff --git a/src/Infrastructure/ClaimConverter.cs b/src/Infrastructure/ClaimConverter.cs
@@ -1,44 +1,35 @@
-﻿// Copyright (c) Dominick Baier & Brock Allen. All rights reserved.
-// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+// Copyright (c) Duende Software. All rights reserved.
+// See LICENSE in the project root for license information.
+
 
-using Newtonsoft.Json;
 using System;
 using System.Security.Claims;
+using System.Text.Json;
+using System.Text.Json.Serialization;
+
+#pragma warning disable 1591
 
 namespace IdentityModel.AspNetCore.OAuth2Introspection
 {
-    internal class ClaimConverter : JsonConverter
+    public class ClaimConverter : JsonConverter<Claim>
     {
-        public override bool CanConvert(Type objectType)
-        {
-            return typeof(Claim) == objectType;
-        }
-
-        public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
+        public override Claim Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
         {
-            var source = serializer.Deserialize<ClaimLite>(reader);
+            var source = JsonSerializer.Deserialize<ClaimLite>(ref reader, options);
             var target = new Claim(source.Type, source.Value);
-
+            
             return target;
         }
 
-        public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer)
+        public override void Write(Utf8JsonWriter writer, Claim value, JsonSerializerOptions options)
         {
-            Claim source = (Claim)value;
-
             var target = new ClaimLite
             {
-                Type = source.Type,
-                Value = source.Value
+                Type = value.Type,
+                Value = value.Value
             };
 
-            serializer.Serialize(writer, target);
+            JsonSerializer.Serialize(writer, target, options);
         }
     }
-
-    internal class ClaimLite
-    {
-        public string Type { get; set; }
-        public string Value { get; set; }
-    }
 }
diff --git a/src/Infrastructure/ClaimLite.cs b/src/Infrastructure/ClaimLite.cs
@@ -0,0 +1,14 @@
+﻿// Copyright (c) Duende Software. All rights reserved.
+// See LICENSE in the project root for license information.
+
+
+#pragma warning disable 1591
+
+namespace IdentityModel.AspNetCore.OAuth2Introspection
+{
+    public class ClaimLite
+    {
+        public string Type { get; set; }
+        public string Value { get; set; }
+    }
+}
diff --git a/src/Infrastructure/TokenRetrieval.cs b/src/Infrastructure/TokenRetrieval.cs
@@ -44,7 +44,7 @@ public static Func<HttpRequest, string> FromAuthorizationHeader(string scheme =
         /// <returns></returns>
         public static Func<HttpRequest, string> FromQueryString(string name = "access_token")
         {
-            return (request) => request.Query[name].FirstOrDefault();
+            return request => request.Query[name].FirstOrDefault();
         }
     }
 }
diff --git a/src/OAuth2IntrospectionOptions.cs b/src/OAuth2IntrospectionOptions.cs
@@ -6,7 +6,6 @@
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Http;
 using System;
-using System.Collections.Concurrent;
 
 namespace IdentityModel.AspNetCore.OAuth2Introspection
 {
diff --git a/src/PostConfigureOAuth2IntrospectionOptions.cs b/src/PostConfigureOAuth2IntrospectionOptions.cs
@@ -2,7 +2,6 @@
 // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
 
 using System;
-using System.Collections.Concurrent;
 using System.Net.Http;
 using System.Threading.Tasks;
 using IdentityModel.AspNetCore.OAuth2Introspection.Infrastructure;
@@ -74,17 +73,14 @@ private async Task<string> GetIntrospectionEndpointFromDiscoveryDocument(OAuth2I
             
             if (disco.IsError)
             {
-                if (disco.ErrorType == ResponseErrorType.Http)
+                switch (disco.ErrorType)
                 {
-                    throw new InvalidOperationException($"Discovery endpoint {options.Authority} is unavailable: {disco.Error}");
-                }
-                if (disco.ErrorType == ResponseErrorType.PolicyViolation)
-                {
-                    throw new InvalidOperationException($"Policy error while contacting the discovery endpoint {options.Authority}: {disco.Error}");
-                }
-                if (disco.ErrorType == ResponseErrorType.Exception)
-                {
-                    throw new InvalidOperationException($"Error parsing discovery document from {options.Authority}: {disco.Error}");
+                    case ResponseErrorType.Http:
+                        throw new InvalidOperationException($"Discovery endpoint {options.Authority} is unavailable: {disco.Error}");
+                    case ResponseErrorType.PolicyViolation:
+                        throw new InvalidOperationException($"Policy error while contacting the discovery endpoint {options.Authority}: {disco.Error}");
+                    case ResponseErrorType.Exception:
+                        throw new InvalidOperationException($"Error parsing discovery document from {options.Authority}: {disco.Error}");
                 }
             }
 
diff --git a/test/Tests/Introspection.cs b/test/Tests/Introspection.cs
@@ -12,7 +12,6 @@
 using System;
 using System.Collections.Generic;
 using System.Net;
-using System.Security.Claims;
 using System.Threading.Tasks;
 using Tests.Util;
 using Xunit;
diff --git a/test/Tests/Util/IntrospectionEndpointHandler.cs b/test/Tests/Util/IntrospectionEndpointHandler.cs
@@ -1,7 +1,6 @@
 ﻿// Copyright (c) Dominick Baier & Brock Allen. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
 
-using IdentityModel;
 using System;
 using System.Collections.Generic;
 using System.Net;

Original file line number	Diff line number	Diff line change
`@@ -44,7 +44,7 @@ public static Func<HttpRequest, string> FromAuthorizationHeader(string scheme =`
`44`	`44`	`/// <returns></returns>`
`45`	`45`	`public static Func<HttpRequest, string> FromQueryString(string name = "access_token")`
`46`	`46`	`{`
`47`		`- return (request) => request.Query[name].FirstOrDefault();`
	`47`	`+ return request => request.Query[name].FirstOrDefault();`
`48`	`48`	`}`
`49`	`49`	`}`
`50`	`50`	`}`
Original file line number	Diff line number	Diff line change
`@@ -6,7 +6,6 @@`
`6`	`6`	`using Microsoft.AspNetCore.Authentication;`
`7`	`7`	`using Microsoft.AspNetCore.Http;`
`8`	`8`	`using System;`
`9`		`-using System.Collections.Concurrent;`
`10`	`9`
`11`	`10`	`namespace IdentityModel.AspNetCore.OAuth2Introspection`
`12`	`11`	`{`