add null checks for collections

Author: philasmar

src/Amazon.Extensions.CognitoAuthentication/CognitoAuthenticationClasses.cs

@@ -39,8 +39,8 @@ public AuthFlowResponse(string sessionId, AuthenticationResultType authenticatio
             SessionID = sessionId;
             ChallengeName = challengeName;
             AuthenticationResult = authenticationResult;
-            ChallengeParameters = challengeParameters;
-            ClientMetadata = clientMetadata;
+            ChallengeParameters = challengeParameters ?? new Dictionary<string, string>();
+            ClientMetadata = clientMetadata ?? new Dictionary<string, string>();
         }
 
         /// <summary>
@@ -69,9 +69,9 @@ public AuthFlowResponse(string sessionId, AuthenticationResultType authenticatio
         /// </summary>
         public IDictionary<string, string> ClientMetadata { get; }
 
-        /// <summary>
-        /// The analytics metadata for collecting Amazon Pinpoint metrics.
-        /// </summary>
+        /// <summary>
+        /// The analytics metadata for collecting Amazon Pinpoint metrics.
+        /// </summary>
         public AnalyticsMetadataType AnalyticsMetadata { get; set; }
     }
 
@@ -83,30 +83,30 @@ public class InitiateSrpAuthRequest
         /// <summary>
         /// The password for the corresponding CognitoUser.
         /// </summary>
-        public string Password { get; set; }
-        /// <summary>
-        /// The password for the device associated with the corresponding CognitoUser 
-        /// </summary>
-        public string DevicePass { get; set; }
-        /// <summary>
-        /// The device password verifier for the device associated with the corresponding CognitoUser
-        /// </summary>
-        public string DeviceVerifier { get; set; }
-        /// <summary>
-        /// The Device Key Group for the device associated with the corresponding CognitoUser
-        /// </summary>
-        public string DeviceGroupKey { get; set; }
+        public string Password { get; set; }
+        /// <summary>
+        /// The password for the device associated with the corresponding CognitoUser 
+        /// </summary>
+        public string DevicePass { get; set; }
+        /// <summary>
+        /// The device password verifier for the device associated with the corresponding CognitoUser
+        /// </summary>
+        public string DeviceVerifier { get; set; }
+        /// <summary>
+        /// The Device Key Group for the device associated with the corresponding CognitoUser
+        /// </summary>
+        public string DeviceGroupKey { get; set; }
         /// <summary>
         /// The client metadata for the current authentication flow.
         /// </summary>
-        public IDictionary<string, string> ClientMetadata { get; set; }
-        /// <summary>
-        /// The analytics metadata for collecting Amazon Pinpoint metrics.
-        /// </summary>
+        public IDictionary<string, string> ClientMetadata { get; set; }
+        /// <summary>
+        /// The analytics metadata for collecting Amazon Pinpoint metrics.
+        /// </summary>
         public AnalyticsMetadataType AnalyticsMetadata { get; set; }
-        /// <summary>
-        /// Enable custom auth flow
-        /// https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow.html#Using-SRP-password-verification-in-custom-authentication-flow
+        /// <summary>
+        /// Enable custom auth flow
+        /// https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow.html#Using-SRP-password-verification-in-custom-authentication-flow
         /// </summary>
         public bool IsCustomAuthFlow { get; set; }
     }
@@ -124,11 +124,11 @@ public class InitiateCustomAuthRequest
         /// <summary>
         /// The client metadata for the current authentication flow.
         /// </summary>
-        public IDictionary<string, string> ClientMetadata { get; set; }
-
-        /// <summary>
-        /// The analytics metadata for collecting Amazon Pinpoint metrics.
-        /// </summary>
+        public IDictionary<string, string> ClientMetadata { get; set; }
+
+        /// <summary>
+        /// The analytics metadata for collecting Amazon Pinpoint metrics.
+        /// </summary>
         public AnalyticsMetadataType AnalyticsMetadata { get; set; }
     }
 
@@ -208,9 +208,9 @@ public class RespondToCustomChallengeRequest
         /// </summary>
         public IDictionary<string, string> ClientMetadata { get; set; } = new Dictionary<string, string>();
 
-        /// <summary>
-        /// The analytics metadata for collecting Amazon Pinpoint metrics.
-        /// </summary>
+        /// <summary>
+        /// The analytics metadata for collecting Amazon Pinpoint metrics.
+        /// </summary>
         public AnalyticsMetadataType AnalyticsMetadata { get; set; }
 
         /// <summary>
@@ -232,11 +232,11 @@ public class InitiateAdminNoSrpAuthRequest
         /// <summary>
         /// Optional client metadata to provide in the Initiate Admin Authentication API call
         /// </summary>
-        public IDictionary<string, string> ClientMetadata { get; set; }
-
-        /// <summary>
-        /// Optional analytics metadata for collecting Amazon Pinpoint metrics.
-        /// </summary>
+        public IDictionary<string, string> ClientMetadata { get; set; }
+
+        /// <summary>
+        /// Optional analytics metadata for collecting Amazon Pinpoint metrics.
+        /// </summary>
         public AnalyticsMetadataType AnalyticsMetadata { get; set; }
     }
 }

src/Amazon.Extensions.CognitoAuthentication/CognitoDevice.cs

@@ -314,7 +314,7 @@ private Dictionary<string,string> CreateDictionaryFromAttributeList(IList<Attrib
         {
             Dictionary<string, string> attributesDict = new Dictionary<string, string>();
 
-            foreach(AttributeType attribute in attributes)
+            foreach(AttributeType attribute in attributes ?? new List<AttributeType>())
             {
                 attributesDict.Add(attribute.Name, attribute.Value);
             }

src/Amazon.Extensions.CognitoAuthentication/CognitoUser.cs

@@ -424,7 +424,7 @@ public virtual async Task UpdateAttributesAsync(IDictionary<string, string> attr
             await Provider.UpdateUserAttributesAsync(updateUserAttributesRequest, cancellationToken).ConfigureAwait(false);
 
             //Update the local Attributes property
-            foreach (KeyValuePair<string, string> entry in attributes)
+            foreach (KeyValuePair<string, string> entry in attributes ?? new Dictionary<string, string>())
             {
                 Attributes[entry.Key] = entry.Value;
             }
@@ -454,7 +454,7 @@ public virtual async Task DeleteAttributesAsync(IList<string> attributeNamesToDe
             await Provider.DeleteUserAttributesAsync(deleteUserAttributesRequest, cancellationToken).ConfigureAwait(false);
 
             //Update the local Attributes property
-            foreach (string attribute in attributeNamesToDelete)
+            foreach (string attribute in attributeNamesToDelete ?? new List<string>())
             {
                 if (Attributes.ContainsKey(attribute))
                 {
@@ -486,7 +486,7 @@ public virtual async Task SetUserSettingsAsync(IDictionary<string, string> userS
             await Provider.SetUserSettingsAsync(setUserSettingsRequest, cancellationToken).ConfigureAwait(false);
 
             //Update the local Settings property
-            foreach (KeyValuePair<string, string> entry in userSettings)
+            foreach (KeyValuePair<string, string> entry in userSettings ?? new Dictionary<string, string>())
             {
                 Settings[entry.Key] = entry.Value;
             }
@@ -518,7 +518,7 @@ public virtual async Task<List<CognitoDevice>> ListDevicesAsync(int limit, strin
             ListDevicesResponse listDevicesReponse = await Provider.ListDevicesAsync(listDevicesRequest, cancellationToken).ConfigureAwait(false);
             List<CognitoDevice> devicesList = new List<CognitoDevice>();
 
-            foreach (DeviceType device in listDevicesReponse.Devices)
+            foreach (DeviceType device in listDevicesReponse.Devices ?? new List<DeviceType>())
             {
                 devicesList.Add(new CognitoDevice(device, this));
             }

src/Amazon.Extensions.CognitoAuthentication/CognitoUserAuthentication.cs

@@ -73,7 +73,7 @@ public virtual async Task<AuthFlowResponse> StartWithSrpAuthAsync(InitiateSrpAut
             if (srpRequest.IsCustomAuthFlow)
             {
                 initiateRequest.AuthFlow = AuthFlowType.CUSTOM_AUTH;
-                initiateRequest.AuthParameters.Add(CognitoConstants.ChlgParamChallengeName, CognitoConstants.ChlgParamSrpA);
+                initiateRequest.AuthParameters?.Add(CognitoConstants.ChlgParamChallengeName, CognitoConstants.ChlgParamSrpA);
             }
             InitiateAuthResponse initiateResponse = await Provider.InitiateAuthAsync(initiateRequest, cancellationToken).ConfigureAwait(false);
             UpdateUsernameAndSecretHash(initiateResponse.ChallengeParameters);
@@ -172,6 +172,10 @@ private RespondToAuthChallengeRequest CreateDevicePasswordVerifierAuthRequest(Re
                                                                                    string devicePassword,
                                                                                    Tuple<BigInteger, BigInteger> tupleAa)
         {
+            if (challenge == null)
+                throw new ArgumentNullException(nameof(challenge), $"{nameof(challenge)} cannot be null");
+            if (challenge.ChallengeParameters == null)
+                throw new ArgumentNullException(nameof(challenge.ChallengeParameters), $"{nameof(challenge.ChallengeParameters)} cannot be null");
             string deviceKey = challenge.ChallengeParameters[CognitoConstants.ChlgParamDeviceKey];
             string username = challenge.ChallengeParameters[CognitoConstants.ChlgParamUsername];
             string secretBlock = challenge.ChallengeParameters[CognitoConstants.ChlgParamSecretBlock];
@@ -255,7 +259,7 @@ public virtual async Task<AuthFlowResponse> StartWithCustomAuthAsync(InitiateCus
                 initiateResponse.AuthenticationResult,
                 initiateResponse.ChallengeName,
                 initiateResponse.ChallengeParameters,
-                new Dictionary<string, string>(initiateResponse.ResponseMetadata.Metadata));
+                new Dictionary<string, string>(initiateResponse.ResponseMetadata.Metadata ?? new Dictionary<string, string>()));
         }
 
         /// <summary>
@@ -286,8 +290,8 @@ public virtual async Task<AuthFlowResponse> RespondToCustomAuthAsync(RespondToCu
             {
                 ChallengeName = ChallengeNameType.CUSTOM_CHALLENGE,
                 ClientId = ClientID,
-                ChallengeResponses = new Dictionary<string, string>(customRequest.ChallengeParameters),
-                ClientMetadata = new Dictionary<string, string>(customRequest.ClientMetadata),
+                ChallengeResponses = new Dictionary<string, string>(customRequest.ChallengeParameters ?? new Dictionary<string, string>()),
+                ClientMetadata = new Dictionary<string, string>(customRequest.ClientMetadata ?? new Dictionary<string, string>()),
                 AnalyticsMetadata = customRequest.AnalyticsMetadata,
                 Session = customRequest.SessionID
             };
@@ -300,8 +304,8 @@ public virtual async Task<AuthFlowResponse> RespondToCustomAuthAsync(RespondToCu
             return new AuthFlowResponse(authResponse.Session,
                 authResponse.AuthenticationResult,
                 authResponse.ChallengeName,
-                authResponse.ChallengeParameters,
-                new Dictionary<string, string>(authResponse.ResponseMetadata.Metadata));
+                authResponse.ChallengeParameters ?? new Dictionary<string, string>(),
+                new Dictionary<string, string>(authResponse.ResponseMetadata.Metadata ?? new Dictionary<string, string>()));
         }
 
         /// <summary>
@@ -469,8 +473,8 @@ public async Task<AuthFlowResponse> RespondToMfaAuthAsync(RespondToMfaRequest mf
             return new AuthFlowResponse(challengeResponse.Session,
                 challengeResponse.AuthenticationResult,
                 challengeResponse.ChallengeName,
-                challengeResponse.ChallengeParameters,
-                new Dictionary<string, string>(challengeResponse.ResponseMetadata.Metadata));
+                challengeResponse.ChallengeParameters ?? new Dictionary<string, string>(),
+                new Dictionary<string, string>(challengeResponse.ResponseMetadata.Metadata ?? new Dictionary<string, string>()));
         }
 
         /// <summary>
@@ -577,8 +581,8 @@ public virtual async Task<AuthFlowResponse> RespondToNewPasswordRequiredAsync(Re
             return new AuthFlowResponse(challengeResponse.Session,
                 challengeResponse.AuthenticationResult,
                 challengeResponse.ChallengeName,
-                challengeResponse.ChallengeParameters,
-                new Dictionary<string, string>(challengeResponse.ResponseMetadata.Metadata));
+                challengeResponse.ChallengeParameters ?? new Dictionary<string, string>(),
+                new Dictionary<string, string>(challengeResponse.ResponseMetadata.Metadata ?? new Dictionary<string, string>()));
         }
 
         /// <summary>
@@ -617,8 +621,8 @@ public virtual async Task<AuthFlowResponse> StartWithRefreshTokenAuthAsync(Initi
             return new AuthFlowResponse(initiateResponse.Session,
                 initiateResponse.AuthenticationResult,
                 initiateResponse.ChallengeName,
-                initiateResponse.ChallengeParameters,
-                new Dictionary<string, string>(initiateResponse.ResponseMetadata.Metadata));
+                initiateResponse.ChallengeParameters ?? new Dictionary<string, string>(),
+                new Dictionary<string, string>(initiateResponse.ResponseMetadata.Metadata ?? new Dictionary<string, string>()));
         }
 
         /// <summary>
@@ -653,8 +657,8 @@ public virtual async Task<AuthFlowResponse> StartWithAdminNoSrpAuthAsync(Initiat
             return new AuthFlowResponse(initiateResponse.Session,
                 initiateResponse.AuthenticationResult,
                 initiateResponse.ChallengeName,
-                initiateResponse.ChallengeParameters,
-                new Dictionary<string, string>(initiateResponse.ResponseMetadata.Metadata));
+                initiateResponse.ChallengeParameters ?? new Dictionary<string, string>(),
+                new Dictionary<string, string>(initiateResponse.ResponseMetadata.Metadata ?? new Dictionary<string, string>()));
         }
 
         /// <summary>
@@ -715,7 +719,7 @@ private void UpdateUsernameAndSecretHash(IDictionary<string, string> challengePa
                 return;
             }
 
-            if (challengeParameters.ContainsKey(CognitoConstants.ChlgParamUsername))
+            if (challengeParamIsUsername)
             {
                 Username = challengeParameters[CognitoConstants.ChlgParamUsername];
             }
@@ -802,6 +806,10 @@ private RespondToAuthChallengeRequest CreateSrpPasswordVerifierAuthRequest(Initi
                                                                                    string password,
                                                                                    Tuple<BigInteger, BigInteger> tupleAa)
         {
+            if (challenge == null)
+                throw new ArgumentNullException(nameof(challenge), $"{nameof(challenge)} cannot be null");
+            if (challenge.ChallengeParameters == null)
+                throw new ArgumentNullException(nameof(challenge.ChallengeParameters), $"{nameof(challenge.ChallengeParameters)} cannot be null");
             string username = challenge.ChallengeParameters[CognitoConstants.ChlgParamUsername];
             string poolName = PoolName;
             string secretBlock = challenge.ChallengeParameters[CognitoConstants.ChlgParamSecretBlock];

src/Amazon.Extensions.CognitoAuthentication/CognitoUserPool.cs

@@ -229,7 +229,7 @@ public virtual async Task<CognitoUser> FindByIdAsync(string userID, Cancellation
 
                 return new CognitoUser(response.Username, ClientID, this, Provider, ClientSecret,
                     response.UserStatus.Value, response.Username,
-                    response.UserAttributes.ToDictionary(attribute => attribute.Name, attribute => attribute.Value));
+                    response.UserAttributes?.ToDictionary(attribute => attribute.Name, attribute => attribute.Value) ?? new Dictionary<string, string>());
 
             }
             catch (UserNotFoundException)
@@ -288,7 +288,9 @@ public async Task<CognitoUserPoolClientConfiguration> GetUserPoolClientConfigura
                     UserPoolId = this.PoolID
                 }, cancellationToken).ConfigureAwait(false);
 
-                ClientConfiguration = new CognitoUserPoolClientConfiguration(response.UserPoolClient.ReadAttributes, response.UserPoolClient.WriteAttributes);
+                ClientConfiguration = new CognitoUserPoolClientConfiguration(
+                    response.UserPoolClient.ReadAttributes ?? new List<string>(), 
+                    response.UserPoolClient.WriteAttributes ?? new List<string>());
             }
 
             return ClientConfiguration;

src/Amazon.Extensions.CognitoAuthentication/Util/CognitoAuthHelper.cs

@@ -126,7 +126,7 @@ internal static byte[] StringToByteArray(string hexString)
         internal static List<AttributeType> CreateAttributeList(IDictionary<string, string> attributeDict)
         {
             List<AttributeType> attributeList = new List<AttributeType>();
-            foreach (KeyValuePair<string, string> data in attributeDict)
+            foreach (KeyValuePair<string, string> data in attributeDict ?? new Dictionary<string, string>())
             {
                 AttributeType attribute = new AttributeType()
                 {