Brightspace · AnaCoda · Jul 25, 2023 · Jul 7, 2023 · Jul 7, 2023 · Jul 7, 2023
@@ -24,5 +24,6 @@
  <PropertyGroup>
  <LangVersion>11.0</LangVersion>
  <ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
+ <WarningsAsErrors>CS8785</WarningsAsErrors>
  </PropertyGroup>
 </Project>
@@ -1,7 +1,7 @@
 <Project>
  <ItemGroup>
  <PackageVersion Include="BenchmarkDotNet" Version="0.13.1" />
- <PackageVersion Include="D2L.CodeStyle.Analyzers" Version="0.189.0" />
+ <PackageVersion Include="D2L.CodeStyle.Analyzers" Version="0.196.0" />
  <PackageVersion Include="D2L.CodeStyle.Annotations" Version="0.31.0" />
  <PackageVersion Include="D2L.Services.Core.Exceptions" Version="2.0.1.15" />
  <PackageVersion Include="FluentAssertions" Version="6.6.0" />

@@ -6,6 +6,7 @@
 using System.Threading.Tasks;
 using D2L.Security.OAuth2.Provisioning;
 using D2L.Security.OAuth2.Scopes;
+using D2L.Security.OAuth2.Utilities;
 using D2L.Services;
 using IAccessToken = D2L.Security.OAuth2.Provisioning.IAccessToken;
 
@@ -31,7 +32,7 @@ public static async Task<string> GetToken( string tokenProvisioningEndpoint, IEn
 
  claims.Add( new Claim( Constants.Claims.ISSUER, DEFAULT_ISSUER ) );
 
- using( var httpClient = new HttpClient() ) {
+ using( var httpClient = new D2LHttpClient() ) {
  IAccessTokenProvider provider = TestAccessTokenProviderFactory.Create( httpClient, tokenProvisioningEndpoint );
  IAccessToken token = await provider.ProvisionAccessTokenAsync( claims, scopes ).ConfigureAwait( false );
  return token.Token;

diff --git a/src/D2L.Security.OAuth2.TestFramework/TestAccessTokenProviderFactory.cs b/src/D2L.Security.OAuth2.TestFramework/TestAccessTokenProviderFactory.cs
@@ -7,6 +7,7 @@
 using D2L.Security.OAuth2.Keys.Development;
 using D2L.Security.OAuth2.Provisioning;
 using D2L.Security.OAuth2.Provisioning.Default;
+using D2L.Security.OAuth2.Utilities;
 
 namespace D2L.Security.OAuth2.TestFramework {
  public static class TestAccessTokenProviderFactory {
@@ -19,7 +20,7 @@ public static class TestAccessTokenProviderFactory {
  /// <param name="httpClient">The httpClient that makes the request to the auth server</param>
  /// <param name="tokenProvisioningEndpoint">The auth server</param>
  /// <returns>An IAccessTokenProvider with test credentials</returns>
- public static IAccessTokenProvider Create( HttpClient httpClient, String tokenProvisioningEndpoint ) {
+ public static IAccessTokenProvider Create( ID2LHttpClient httpClient, String tokenProvisioningEndpoint ) {
  return Create( httpClient, tokenProvisioningEndpoint, TestKeyId, TestStaticKeyProvider.TestRSAParameters );
  }
 
@@ -31,7 +32,7 @@ public static IAccessTokenProvider Create( HttpClient httpClient, String tokenPr
  /// <param name="keyId">The id of the security token</param>
  /// <param name="rsaParameters">The public and private key for the supplied key id</param>
  /// <returns>An IAccessTokenProvider with the supplied test credentials</returns>
- public static IAccessTokenProvider Create( HttpClient httpClient, String tokenProvisioningEndpoint, string keyId, RSAParameters rsaParameters ) {
+ public static IAccessTokenProvider Create( ID2LHttpClient httpClient, String tokenProvisioningEndpoint, string keyId, RSAParameters rsaParameters ) {
 #pragma warning disable 618
  IPrivateKeyProvider privateKeyProvider = new StaticPrivateKeyProvider( keyId, rsaParameters );
 #pragma warning restore 618

@@ -1,8 +1,11 @@
-using System.Threading.Tasks;
+using D2L.CodeStyle.Annotations;
+using System.Threading.Tasks;
 
 namespace D2L.Security.OAuth2.Keys.Default.Data {
- internal interface IJwksProvider {
+ internal partial interface IJwksProvider {
+ [GenerateSync]
  Task<JsonWebKeySet> RequestJwksAsync();
+ [GenerateSync]
  Task<JsonWebKeySet> RequestJwkAsync( string keyId );
  string Namespace { get; }
  }

@@ -1,19 +1,22 @@
 using System;
+using System.IO;
 using System.Net;
 using System.Net.Http;
 using System.Threading.Tasks;
 using System.Web;
+using D2L.CodeStyle.Annotations;
+using D2L.Security.OAuth2.Utilities;
 using D2L.Security.OAuth2.Validation.Exceptions;
 using D2L.Services;
 
 namespace D2L.Security.OAuth2.Keys.Default.Data {
- internal sealed class JwksProvider : IJwksProvider {
- private readonly HttpClient m_httpClient;
+ internal sealed partial class JwksProvider : IJwksProvider {
+ private readonly ID2LHttpClient m_httpClient;
  private readonly Uri m_jwksEndpoint;
  private readonly Uri m_jwkEndpoint;
 
  public JwksProvider(
- HttpClient httpClient,
+ ID2LHttpClient httpClient,
  Uri jwksEndpoint,
  Uri jwkEndpoint
  ) {
@@ -22,6 +25,7 @@ Uri jwkEndpoint
  m_jwkEndpoint = jwkEndpoint;
  }
 
+ [GenerateSync]
  async Task<JsonWebKeySet> IJwksProvider.RequestJwksAsync() {
  try {
  using( HttpResponseMessage response = await m_httpClient.GetAsync( m_jwksEndpoint ).ConfigureAwait( false ) ) {
@@ -37,6 +41,7 @@ async Task<JsonWebKeySet> IJwksProvider.RequestJwksAsync() {
  }
  }
 
+ [GenerateSync]
  async Task<JsonWebKeySet> IJwksProvider.RequestJwkAsync( string keyId ) {
  var url = GetJwkEndpoint( m_jwkEndpoint, keyId );
  if( url == null ) {

@@ -2,11 +2,12 @@
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
+using D2L.CodeStyle.Annotations;
 using D2L.Security.OAuth2.Utilities;
 using D2L.Services;
 
 namespace D2L.Security.OAuth2.Keys.Default {
- internal sealed class ExpiringPublicKeyDataProvider : ISanePublicKeyDataProvider {
+ internal sealed partial class ExpiringPublicKeyDataProvider : ISanePublicKeyDataProvider {
  private readonly IPublicKeyDataProvider m_inner;
  private readonly IDateTimeProvider m_dateTimeProvider;
 
@@ -18,6 +19,7 @@ IDateTimeProvider dateTimeProvider
  m_dateTimeProvider = dateTimeProvider ?? throw new ArgumentException( nameof( dateTimeProvider ) );
  }
 
+ [GenerateSync]
  async Task<JsonWebKey> IPublicKeyDataProvider.GetByIdAsync( Guid id ) {
  // We are intentionally fetching *all* public keys from the database
  // here. This allows us to clean up all expired public keys even if
@@ -44,6 +46,7 @@ async Task<JsonWebKey> IPublicKeyDataProvider.GetByIdAsync( Guid id ) {
  return key;
  }
 
+ [GenerateSync]
  async Task<IEnumerable<JsonWebKey>> IPublicKeyDataProvider.GetAllAsync() {
  IEnumerable<JsonWebKey> keys = await m_inner
  .GetAllAsync()
@@ -62,14 +65,17 @@ async Task<IEnumerable<JsonWebKey>> IPublicKeyDataProvider.GetAllAsync() {
  return result;
  }
 
+ [GenerateSync]
  Task IPublicKeyDataProvider.SaveAsync( Guid id, JsonWebKey key ) {
  return m_inner.SaveAsync( id, key );
  }
 
+ [GenerateSync]
  Task IPublicKeyDataProvider.DeleteAsync( Guid id ) {
  return m_inner.DeleteAsync( id );
  }
 
+ [GenerateSync]
  private async Task<bool> KeyExpiryHelperAsync( JsonWebKey key ) {
  if( key == null ) {
  return true;

@@ -1,23 +1,26 @@
-using System;
+using D2L.CodeStyle.Annotations;
+using System;
 using System.Threading.Tasks;
 
 namespace D2L.Security.OAuth2.Keys.Default {
 
  /// <summary>
  /// An abstraction for fetching public keys
  /// </summary>
- internal interface IPublicKeyProvider {
+ internal partial interface IPublicKeyProvider {
 
  /// <summary>
  /// Gets an individual <see cref="D2LSecurityToken"/> by its <paramref name="id"/>
  /// </summary>
  /// <param name="id">The key id (kid)</param>
  /// <returns>The <see cref="D2LSecurityToken"/> or null if the key doesn't exist or has expired</returns>
+ [GenerateSync]
  Task<D2LSecurityToken> GetByIdAsync( string id );
 
  /// <summary>
  /// Perform steps to potentially make future key fetches faster.
  /// </summary>
+ [GenerateSync]
  Task PrefetchAsync();
 
  }

@@ -1,12 +1,13 @@
 using System;
 using System.Collections.Generic;
 using System.Threading.Tasks;
+using D2L.CodeStyle.Annotations;
 using D2L.Security.OAuth2.Keys.Caching;
 using D2L.Security.OAuth2.Validation.Exceptions;
 using D2L.Services;
 
 namespace D2L.Security.OAuth2.Keys.Default {
- internal sealed class LocalPublicKeyProvider : IPublicKeyProvider {
+ internal sealed partial class LocalPublicKeyProvider : IPublicKeyProvider {
 
  private const string PUBLIC_KEY_SOURCE = "Local DB";
 
@@ -21,6 +22,7 @@ IInMemoryPublicKeyCache cache
  m_cache = cache ?? throw new ArgumentNullException( nameof( cache ) );
  }
 
+ [GenerateSync]
  async Task IPublicKeyProvider.PrefetchAsync() {
  IEnumerable<JsonWebKey> jwks = await m_publicKeyDataProvider
  .GetAllAsync()
@@ -42,6 +44,7 @@ async Task IPublicKeyProvider.PrefetchAsync() {
  }
  }
 
+ [GenerateSync]
  async Task<D2LSecurityToken> IPublicKeyProvider.GetByIdAsync( string id ) {
  D2LSecurityToken result = m_cache.Get( PUBLIC_KEY_SOURCE, id );
  if( result != null ) {

@@ -1,12 +1,13 @@
 using System;
 using System.Threading.Tasks;
+using D2L.CodeStyle.Annotations;
 using D2L.Security.OAuth2.Keys.Caching;
 using D2L.Security.OAuth2.Keys.Default.Data;
 using D2L.Security.OAuth2.Validation.Exceptions;
 using D2L.Services;
 
 namespace D2L.Security.OAuth2.Keys.Default {
- internal sealed class RemotePublicKeyProvider : IPublicKeyProvider {
+ internal sealed partial class RemotePublicKeyProvider : IPublicKeyProvider {
  private readonly IJwksProvider m_jwksProvider;
  private readonly IInMemoryPublicKeyCache m_cache;
 
@@ -18,6 +19,7 @@ IInMemoryPublicKeyCache cache
  m_cache = cache;
  }
 
+ [GenerateSync]
  async Task<D2LSecurityToken> IPublicKeyProvider.GetByIdAsync( string id ) {
  D2LSecurityToken result = m_cache.Get( m_jwksProvider.Namespace, id );
  if( result != null ) {
@@ -38,6 +40,7 @@ async Task<D2LSecurityToken> IPublicKeyProvider.GetByIdAsync( string id ) {
  throw new PublicKeyNotFoundException( id, jwks.Source.AbsoluteUri );
  }
 
+ [GenerateSync]
  async Task IPublicKeyProvider.PrefetchAsync() {
  JsonWebKeySet jwks = await m_jwksProvider
  .RequestJwksAsync()

@@ -1,4 +1,5 @@
-using System;
+using D2L.CodeStyle.Annotations;
+using System;
 using System.Collections.Concurrent;
 using System.Collections.Generic;
 using System.Collections.ObjectModel;
@@ -11,30 +12,34 @@ namespace D2L.Security.OAuth2.Keys.Development {
  /// A simple in-memory key data provider to be used only for testing and prototyping purposes.
  /// </summary>
  [Obsolete( "Only use this in tests and for prototyping without a db" )]
- public sealed class InMemoryPublicKeyDataProvider : IPublicKeyDataProvider {
+ public sealed partial class InMemoryPublicKeyDataProvider : IPublicKeyDataProvider {
  private readonly ConcurrentDictionary<Guid, JsonWebKey> m_keys = new ConcurrentDictionary<Guid, JsonWebKey>();
 
+ [GenerateSync]
  Task<JsonWebKey> IPublicKeyDataProvider.GetByIdAsync( Guid id ) {
  if( !m_keys.TryGetValue( id, out JsonWebKey key ) ) {
  return Task.FromResult<JsonWebKey>( null );
  }
  return Task.FromResult( key );
  }
 
+ [GenerateSync]
  Task<IEnumerable<JsonWebKey>> IPublicKeyDataProvider.GetAllAsync() {
  IEnumerable<JsonWebKey> result =
  new ReadOnlyCollection<JsonWebKey>( m_keys.Values.ToList() );
 
  return Task.FromResult( result );
  }
 
+ [GenerateSync]
  Task IPublicKeyDataProvider.SaveAsync( Guid id, JsonWebKey key ) {
  if( !m_keys.TryAdd( id, key ) ) {
  throw new InvalidOperationException( "Attempted to add a key twice" );
  }
  return Task.CompletedTask;
  }
 
+ [GenerateSync]
  Task IPublicKeyDataProvider.DeleteAsync( Guid id ) {
  m_keys.TryRemove( id, out JsonWebKey removedKey );
  return Task.CompletedTask;

@@ -1,4 +1,5 @@
-using System;
+using D2L.CodeStyle.Annotations;
+using System;
 using System.Collections.Generic;
 using System.Threading.Tasks;
 
@@ -7,32 +8,36 @@ namespace D2L.Security.OAuth2.Keys {
  /// <summary>
  /// Data provider for public keys that belong to this service
  /// </summary>
- public interface IPublicKeyDataProvider {
+ public partial interface IPublicKeyDataProvider {
 
  /// <summary>
  /// Gets an individual <see cref="JsonWebKey"/> by its <paramref name="id"/>
  /// </summary>
  /// <param name="id">The key id (kid)</param>
  /// <returns>The <see cref="JsonWebKey"/> or null if the key doesn't exist or has expired</returns>
+ [GenerateSync]
  Task<JsonWebKey> GetByIdAsync( Guid id );
 
  /// <summary>
  /// Gets all the <see cref="JsonWebKey"/> instances
  /// </summary>
  /// <returns>All keys which haven't expired</returns>
+ [GenerateSync]
  Task<IEnumerable<JsonWebKey>> GetAllAsync();
 
  /// <summary>
  /// Saves a key
  /// </summary>
  /// <param name="id">The key id (kid) of the key to save</param>
  /// <param name="key">The key to save</param>
+ [GenerateSync]
  Task SaveAsync( Guid id, JsonWebKey key );
 
  /// <summary>
  /// Deletes a key by key <paramref name="id"/> (kid)
  /// </summary>
  /// <param name="id">The key id (kid) of the key to delete</param>
+ [GenerateSync]
  Task DeleteAsync( Guid id );
 
  }

diff --git a/src/D2L.Security.OAuth2/Provisioning/AccessTokenProviderFactory.cs b/src/D2L.Security.OAuth2/Provisioning/AccessTokenProviderFactory.cs
@@ -2,6 +2,7 @@
 using System.Net.Http;
 using D2L.Security.OAuth2.Keys;
 using D2L.Security.OAuth2.Provisioning.Default;
+using D2L.Security.OAuth2.Utilities;
 
 namespace D2L.Security.OAuth2.Provisioning {
 
@@ -16,7 +17,7 @@ public static class AccessTokenProviderFactory {
  /// <returns>A new <see cref="IAccessTokenProvider"/></returns>
  public static IAccessTokenProvider Create(
  ITokenSigner tokenSigner,
- HttpClient httpClient,
+ ID2LHttpClient httpClient,
  Uri authEndpoint,
  TimeSpan tokenRefreshGracePeriod
  ) {

@@ -6,6 +6,7 @@
 using System.Text;
 using System.Threading.Tasks;
 using D2L.Security.OAuth2.Scopes;
+using D2L.Security.OAuth2.Utilities;
 using D2L.Services.Core.Exceptions;
 
 #if NET6_0
@@ -39,7 +40,7 @@ internal sealed class AuthServiceClient : IAuthServiceClient {
  SERIALIZATION_ERROR_MESSAGE_PREFIX +
  "The Auth Service responded with: ";
 
- private readonly HttpClient m_client;
+ private readonly ID2LHttpClient m_client;
  private readonly Uri m_tokenProvisioningEndpoint;
 
  /// <summary>
@@ -48,7 +49,7 @@ internal sealed class AuthServiceClient : IAuthServiceClient {
  /// <param name="httpClient">An http client used to communicate with the auth service.</param>
  /// <param name="authEndpoint">The token provisioning endpoint on the auth service</param>
  public AuthServiceClient(
- HttpClient httpClient,
+ ID2LHttpClient httpClient,
  Uri authEndpoint
  ) {
  if( httpClient == null ) {