Simplify Web API example projects and fix Newtonsoft.Json vulnerability

ApiVersioning.sln

@@ -36,6 +36,10 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "samples", "samples", "{915B
 	EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "webapi", "webapi", "{F446ED94-368F-4F67-913B-16E82CA80DFC}"
+	ProjectSection(SolutionItems) = preProject
+		samples\webapi\Directory.Build.props = samples\webapi\Directory.Build.props
+		samples\webapi\Startup.Newtonsoft.cs = samples\webapi\Startup.Newtonsoft.cs
+	EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "aspnetcore", "aspnetcore", "{900DD210-8500-4D89-A05D-C9526935A719}"
 EndProject
@@ -148,37 +152,6 @@ EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AdvancedODataSample", "samples\aspnetcore\AdvancedODataSample\AdvancedODataSample.csproj", "{DDC53D03-C461-4477-84E2-4C31DD3C6B13}"
 EndProject
 Global
-	GlobalSection(SharedMSBuildProjectFiles) = preSolution
-		src\Common.OData.ApiExplorer\Common.OData.ApiExplorer.projitems*{0d6519ae-20d2-4c98-97aa-ed3622043936}*SharedItemsImports = 5
-		src\Shared\Shared.projitems*{0d6519ae-20d2-4c98-97aa-ed3622043936}*SharedItemsImports = 5
-		src\Common.OData\Common.OData.projitems*{1599a30d-d37f-443c-b935-290144910be3}*SharedItemsImports = 13
-		src\Common.OData.ApiExplorer\Common.OData.ApiExplorer.projitems*{1b255310-a2b7-437f-804f-6e1d8c940a17}*SharedItemsImports = 5
-		src\Shared\Shared.projitems*{1b255310-a2b7-437f-804f-6e1d8c940a17}*SharedItemsImports = 5
-		test\OData.Test.Shared\OData.Test.Shared.projitems*{23bc896b-a4cc-4c82-b98b-ce71239c2eb8}*SharedItemsImports = 5
-		src\Common.ApiExplorer\Common.ApiExplorer.projitems*{26a67334-f6e6-49b8-8c5a-f88f28770966}*SharedItemsImports = 13
-		src\Common\Common.projitems*{3bac97ed-1a8e-4f5a-a716-db5255f51c81}*SharedItemsImports = 5
-		src\Shared\Shared.projitems*{3bac97ed-1a8e-4f5a-a716-db5255f51c81}*SharedItemsImports = 5
-		src\Common.OData\Common.OData.projitems*{48a2b488-23ab-4c83-ae30-0b8b735c4562}*SharedItemsImports = 5
-		src\Shared\Shared.projitems*{48a2b488-23ab-4c83-ae30-0b8b735c4562}*SharedItemsImports = 5
-		src\Common.OData\Common.OData.projitems*{59d9cec0-f8e5-4a1a-b8dd-5117e6a409d5}*SharedItemsImports = 5
-		src\Shared\Shared.projitems*{59d9cec0-f8e5-4a1a-b8dd-5117e6a409d5}*SharedItemsImports = 5
-		test\Acceptance.Test.Shared\Acceptance.Test.Shared.projitems*{5c31964d-ea8b-420b-9297-5adfefe54962}*SharedItemsImports = 5
-		test\Test.Common\Test.Common.projitems*{69c59656-53d1-4acb-92b5-8b34c8e62175}*SharedItemsImports = 5
-		test\Acceptance.Test.Shared\Acceptance.Test.Shared.projitems*{6cdfb878-2642-4f98-ae35-621bac581181}*SharedItemsImports = 13
-		src\Common\Common.projitems*{6d0e834b-6422-44cd-9a85-e3be9dead1be}*SharedItemsImports = 13
-		src\Common.ApiExplorer\Common.ApiExplorer.projitems*{91e1f0b5-905d-446c-a2dd-4c1edabfaf6c}*SharedItemsImports = 5
-		test\OData.Test.Shared\OData.Test.Shared.projitems*{9a635d55-7547-4df6-b7bd-840e16ebde28}*SharedItemsImports = 13
-		test\Test.Common\Test.Common.projitems*{aeb074e1-e57a-4dd3-a972-3625b367ce5d}*SharedItemsImports = 5
-		src\Shared\Shared.projitems*{b7897873-6757-4684-83c0-39575821ae14}*SharedItemsImports = 13
-		test\OData.Test.Shared\OData.Test.Shared.projitems*{ba0c8652-fef6-4004-a779-cd6dcf2996f7}*SharedItemsImports = 5
-		src\Common.OData.ApiExplorer\Common.OData.ApiExplorer.projitems*{c0c766f3-a2d6-461e-adff-27496600ea9c}*SharedItemsImports = 13
-		src\Common\Common.projitems*{c39cccbc-6b04-406f-96be-ca796eff34c5}*SharedItemsImports = 5
-		src\Shared\Shared.projitems*{c39cccbc-6b04-406f-96be-ca796eff34c5}*SharedItemsImports = 5
-		test\OData.Test.Shared\OData.Test.Shared.projitems*{d87e54cc-c2d6-4ae5-806d-ae825b051c66}*SharedItemsImports = 5
-		src\Common.ApiExplorer\Common.ApiExplorer.projitems*{f7784c3a-5569-4590-ae28-b721c0426045}*SharedItemsImports = 5
-		src\Shared\Shared.projitems*{f7784c3a-5569-4590-ae28-b721c0426045}*SharedItemsImports = 5
-		test\Test.Common\Test.Common.projitems*{f9297626-c37c-402b-afd6-712f3e5e4d7c}*SharedItemsImports = 13
-	EndGlobalSection
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
 		Release|Any CPU = Release|Any CPU
@@ -373,4 +346,35 @@ Global
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {5A38B7FA-17BC-4D3C-977F-7379653DC67C}
 	EndGlobalSection
+	GlobalSection(SharedMSBuildProjectFiles) = preSolution
+		src\Common.OData.ApiExplorer\Common.OData.ApiExplorer.projitems*{0d6519ae-20d2-4c98-97aa-ed3622043936}*SharedItemsImports = 5
+		src\Shared\Shared.projitems*{0d6519ae-20d2-4c98-97aa-ed3622043936}*SharedItemsImports = 5
+		src\Common.OData\Common.OData.projitems*{1599a30d-d37f-443c-b935-290144910be3}*SharedItemsImports = 13
+		src\Common.OData.ApiExplorer\Common.OData.ApiExplorer.projitems*{1b255310-a2b7-437f-804f-6e1d8c940a17}*SharedItemsImports = 5
+		src\Shared\Shared.projitems*{1b255310-a2b7-437f-804f-6e1d8c940a17}*SharedItemsImports = 5
+		test\OData.Test.Shared\OData.Test.Shared.projitems*{23bc896b-a4cc-4c82-b98b-ce71239c2eb8}*SharedItemsImports = 5
+		src\Common.ApiExplorer\Common.ApiExplorer.projitems*{26a67334-f6e6-49b8-8c5a-f88f28770966}*SharedItemsImports = 13
+		src\Common\Common.projitems*{3bac97ed-1a8e-4f5a-a716-db5255f51c81}*SharedItemsImports = 5
+		src\Shared\Shared.projitems*{3bac97ed-1a8e-4f5a-a716-db5255f51c81}*SharedItemsImports = 5
+		src\Common.OData\Common.OData.projitems*{48a2b488-23ab-4c83-ae30-0b8b735c4562}*SharedItemsImports = 5
+		src\Shared\Shared.projitems*{48a2b488-23ab-4c83-ae30-0b8b735c4562}*SharedItemsImports = 5
+		src\Common.OData\Common.OData.projitems*{59d9cec0-f8e5-4a1a-b8dd-5117e6a409d5}*SharedItemsImports = 5
+		src\Shared\Shared.projitems*{59d9cec0-f8e5-4a1a-b8dd-5117e6a409d5}*SharedItemsImports = 5
+		test\Acceptance.Test.Shared\Acceptance.Test.Shared.projitems*{5c31964d-ea8b-420b-9297-5adfefe54962}*SharedItemsImports = 5
+		test\Test.Common\Test.Common.projitems*{69c59656-53d1-4acb-92b5-8b34c8e62175}*SharedItemsImports = 5
+		test\Acceptance.Test.Shared\Acceptance.Test.Shared.projitems*{6cdfb878-2642-4f98-ae35-621bac581181}*SharedItemsImports = 13
+		src\Common\Common.projitems*{6d0e834b-6422-44cd-9a85-e3be9dead1be}*SharedItemsImports = 13
+		src\Common.ApiExplorer\Common.ApiExplorer.projitems*{91e1f0b5-905d-446c-a2dd-4c1edabfaf6c}*SharedItemsImports = 5
+		test\OData.Test.Shared\OData.Test.Shared.projitems*{9a635d55-7547-4df6-b7bd-840e16ebde28}*SharedItemsImports = 13
+		test\Test.Common\Test.Common.projitems*{aeb074e1-e57a-4dd3-a972-3625b367ce5d}*SharedItemsImports = 5
+		src\Shared\Shared.projitems*{b7897873-6757-4684-83c0-39575821ae14}*SharedItemsImports = 13
+		test\OData.Test.Shared\OData.Test.Shared.projitems*{ba0c8652-fef6-4004-a779-cd6dcf2996f7}*SharedItemsImports = 5
+		src\Common.OData.ApiExplorer\Common.OData.ApiExplorer.projitems*{c0c766f3-a2d6-461e-adff-27496600ea9c}*SharedItemsImports = 13
+		src\Common\Common.projitems*{c39cccbc-6b04-406f-96be-ca796eff34c5}*SharedItemsImports = 5
+		src\Shared\Shared.projitems*{c39cccbc-6b04-406f-96be-ca796eff34c5}*SharedItemsImports = 5
+		test\OData.Test.Shared\OData.Test.Shared.projitems*{d87e54cc-c2d6-4ae5-806d-ae825b051c66}*SharedItemsImports = 5
+		src\Common.ApiExplorer\Common.ApiExplorer.projitems*{f7784c3a-5569-4590-ae28-b721c0426045}*SharedItemsImports = 5
+		src\Shared\Shared.projitems*{f7784c3a-5569-4590-ae28-b721c0426045}*SharedItemsImports = 5
+		test\Test.Common\Test.Common.projitems*{f9297626-c37c-402b-afd6-712f3e5e4d7c}*SharedItemsImports = 13
+	EndGlobalSection
 EndGlobal

samples/webapi/AdvancedODataWebApiSample/AdvancedODataWebApiSample.csproj

@@ -1,21 +1,14 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
  <PropertyGroup>
-  <OutputType>Exe</OutputType>
   <TargetFramework>net472</TargetFramework>
   <RootNamespace>Microsoft.Examples</RootNamespace>
  </PropertyGroup>
 
  <ItemGroup>
-  <Reference Include="Microsoft.CSharp" />
-  <Reference Include="System" />
   <Reference Include="System.ComponentModel.DataAnnotations" />
  </ItemGroup>
 
- <ItemGroup>
-  <PackageReference Include="Microsoft.AspNet.WebApi.OwinSelfHost" Version="5.2.7" />
- </ItemGroup>
-
  <ItemGroup>
   <ProjectReference Include="..\..\..\src\Microsoft.AspNet.OData.Versioning\Microsoft.AspNet.OData.Versioning.csproj" />
  </ItemGroup>

samples/webapi/AdvancedODataWebApiSample/Startup.cs

@@ -1,6 +1,4 @@
-[assembly: Microsoft.Owin.OwinStartup( typeof( Microsoft.Examples.Startup ) )]
-
-namespace Microsoft.Examples
+namespace Microsoft.Examples
 {
     using global::Owin;
     using Microsoft.AspNet.OData.Builder;
@@ -11,7 +9,7 @@ namespace Microsoft.Examples
     using System.Web.Http;
     using static System.Web.Http.RouteParameter;
 
-    public class Startup
+    public partial class Startup
     {
         public void Configuration( IAppBuilder appBuilder )
         {

samples/webapi/BasicODataWebApiSample/BasicODataWebApiSample.csproj

@@ -1,21 +1,14 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
  <PropertyGroup>
-  <OutputType>Exe</OutputType>
   <TargetFramework>net472</TargetFramework>
   <RootNamespace>Microsoft.Examples</RootNamespace>
  </PropertyGroup>
 
  <ItemGroup>
-  <Reference Include="Microsoft.CSharp" />
-  <Reference Include="System" />
   <Reference Include="System.ComponentModel.DataAnnotations" />
  </ItemGroup>
 
- <ItemGroup>
-  <PackageReference Include="Microsoft.AspNet.WebApi.OwinSelfHost" Version="5.2.7" />
- </ItemGroup>
-
  <ItemGroup>
   <ProjectReference Include="..\..\..\src\Microsoft.AspNet.OData.Versioning\Microsoft.AspNet.OData.Versioning.csproj" />
  </ItemGroup>

samples/webapi/BasicODataWebApiSample/Startup.cs

@@ -1,6 +1,4 @@
-[assembly: Microsoft.Owin.OwinStartup( typeof( Microsoft.Examples.Startup ) )]
-
-namespace Microsoft.Examples
+namespace Microsoft.Examples
 {
     using global::Owin;
     using Microsoft.AspNet.OData.Builder;
@@ -9,7 +7,7 @@ namespace Microsoft.Examples
     using System;
     using System.Web.Http;
 
-    public class Startup
+    public partial class Startup
     {
         public void Configuration( IAppBuilder appBuilder )
         {

samples/webapi/BasicWebApiSample/BasicWebApiSample.csproj

@@ -1,20 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
  <PropertyGroup>
-  <OutputType>Exe</OutputType>
   <TargetFramework>net472</TargetFramework>
   <RootNamespace>Microsoft.Examples</RootNamespace>
  </PropertyGroup>
 
- <ItemGroup>
-  <Reference Include="Microsoft.CSharp" />
-  <Reference Include="System" />
- </ItemGroup>
-
- <ItemGroup>
-  <PackageReference Include="Microsoft.AspNet.WebApi.OwinSelfHost" Version="5.2.7" />
- </ItemGroup>
-
  <ItemGroup>
   <ProjectReference Include="..\..\..\src\Microsoft.AspNet.WebApi.Versioning\Microsoft.AspNet.WebApi.Versioning.csproj" />
  </ItemGroup>

samples/webapi/BasicWebApiSample/Startup.cs

@@ -1,14 +1,12 @@
-[assembly: Microsoft.Owin.OwinStartup( typeof( Microsoft.Examples.Startup ) )]
-
-namespace Microsoft.Examples
+namespace Microsoft.Examples
 {
     using global::Owin;
     using Microsoft.Web.Http.Routing;
     using System;
     using System.Web.Http;
     using System.Web.Http.Routing;
 
-    public class Startup
+    public partial class Startup
     {
         public void Configuration( IAppBuilder builder )
         {

samples/webapi/ByNamespaceWebApiSample/ByNamespaceWebApiSample.csproj

@@ -1,20 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
  <PropertyGroup>
-  <OutputType>Exe</OutputType>
   <TargetFramework>net472</TargetFramework>
   <RootNamespace>Microsoft.Examples</RootNamespace>
  </PropertyGroup>
 
- <ItemGroup>
-  <Reference Include="Microsoft.CSharp" />
-  <Reference Include="System" />
- </ItemGroup>
-
- <ItemGroup>
-  <PackageReference Include="Microsoft.AspNet.WebApi.OwinSelfHost" Version="5.2.7" />
- </ItemGroup>
-
  <ItemGroup>
   <ProjectReference Include="..\..\..\src\Microsoft.AspNet.WebApi.Versioning\Microsoft.AspNet.WebApi.Versioning.csproj" />
  </ItemGroup>

samples/webapi/ByNamespaceWebApiSample/Startup.cs

@@ -1,14 +1,12 @@
-[assembly: Microsoft.Owin.OwinStartup( typeof( Microsoft.Examples.Startup ) )]
-
-namespace Microsoft.Examples
+namespace Microsoft.Examples
 {
     using global::Owin;
     using Microsoft.Web.Http.Routing;
     using Microsoft.Web.Http.Versioning.Conventions;
     using System;
     using System.Web.Http;
 
-    public class Startup
+    public partial class Startup
     {
         public void Configuration( IAppBuilder builder )
         {

samples/webapi/ConventionsODataWebApiSample/ConventionsODataWebApiSample.csproj

@@ -1,21 +1,14 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
  <PropertyGroup>
-  <OutputType>Exe</OutputType>
   <TargetFramework>net472</TargetFramework>
   <RootNamespace>Microsoft.Examples</RootNamespace>
  </PropertyGroup>
 
  <ItemGroup>
-  <Reference Include="Microsoft.CSharp" />
-  <Reference Include="System" />
   <Reference Include="System.ComponentModel.DataAnnotations" />
  </ItemGroup>
 
- <ItemGroup>
-  <PackageReference Include="Microsoft.AspNet.WebApi.OwinSelfHost" Version="5.2.7" />
- </ItemGroup>
-
  <ItemGroup>
   <ProjectReference Include="..\..\..\src\Microsoft.AspNet.OData.Versioning\Microsoft.AspNet.OData.Versioning.csproj" />
  </ItemGroup>

samples/webapi/ConventionsODataWebApiSample/Startup.cs

@@ -1,6 +1,4 @@
-[assembly: Microsoft.Owin.OwinStartup( typeof( Microsoft.Examples.Startup ) )]
-
-namespace Microsoft.Examples
+namespace Microsoft.Examples
 {
     using global::Owin;
     using Microsoft.AspNet.OData.Builder;
@@ -11,7 +9,7 @@ namespace Microsoft.Examples
     using System;
     using System.Web.Http;
 
-    public class Startup
+    public partial class Startup
     {
         public void Configuration( IAppBuilder appBuilder )
         {

samples/webapi/ConventionsWebApiSample/ConventionsWebApiSample.csproj

@@ -1,20 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
  <PropertyGroup>
-  <OutputType>Exe</OutputType>
   <TargetFramework>net472</TargetFramework>
   <RootNamespace>Microsoft.Examples</RootNamespace>
  </PropertyGroup>
 
- <ItemGroup>
-  <Reference Include="Microsoft.CSharp" />
-  <Reference Include="System" />
- </ItemGroup>
-
- <ItemGroup>
-  <PackageReference Include="Microsoft.AspNet.WebApi.OwinSelfHost" Version="5.2.7" />
- </ItemGroup>
-
  <ItemGroup>
   <ProjectReference Include="..\..\..\src\Microsoft.AspNet.WebApi.Versioning\Microsoft.AspNet.WebApi.Versioning.csproj" />
  </ItemGroup>

samples/webapi/ConventionsWebApiSample/Startup.cs

@@ -1,6 +1,4 @@
-[assembly: Microsoft.Owin.OwinStartup( typeof( Microsoft.Examples.Startup ) )]
-
-namespace Microsoft.Examples
+namespace Microsoft.Examples
 {
     using Controllers;
     using global::Owin;
@@ -10,7 +8,7 @@ namespace Microsoft.Examples
     using System.Web.Http;
     using System.Web.Http.Routing;
 
-    public class Startup
+    public partial class Startup
     {
         public void Configuration( IAppBuilder builder )
         {

samples/webapi/Directory.Build.props

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+
+ <Import Project="$([MSBuild]::GetPathOfFileAbove('$(MSBuildThisFile)','$(MSBuildThisFileDirectory)../'))" />
+
+ <PropertyGroup>
+  <OutputType>Exe</OutputType>
+ </PropertyGroup>
+
+ <ItemGroup>
+  <PackageReference Include="Microsoft.AspNet.WebApi.OwinSelfHost" Version="5.2.9" />
+ </ItemGroup>
+
+ <ItemGroup>
+  <AssemblyAttribute Include="Microsoft.Owin.OwinStartupAttribute">
+   <_Parameter1>Microsoft.Examples.Startup</_Parameter1>
+   <_Parameter1_TypeName>System.Type</_Parameter1_TypeName>
+  </AssemblyAttribute>
+ </ItemGroup>
+
+ <ItemGroup>
+  <Compile Include="$(MSBuildThisFileDirectory)Startup.Newtonsoft.cs" DependentUpon="Startup.cs" />
+ </ItemGroup>
+
+</Project>

samples/webapi/Startup.Newtonsoft.cs

@@ -0,0 +1,10 @@
+namespace Microsoft.Examples
+{
+    using Newtonsoft.Json;
+
+    public partial class Startup
+    {
+        // REF: https://github.com/advisories/GHSA-5crp-9r3c-p9vr
+        static Startup() => JsonConvert.DefaultSettings = () => new() { MaxDepth = 128 };
+    }
+}

samples/webapi/SwaggerODataWebApiSample/Startup.cs

@@ -1,6 +1,4 @@
-[assembly: Microsoft.Owin.OwinStartup( typeof( Microsoft.Examples.Startup ) )]
-
-namespace Microsoft.Examples
+namespace Microsoft.Examples
 {
     using global::Owin;
     using Microsoft.AspNet.OData.Builder;
@@ -19,7 +17,7 @@ namespace Microsoft.Examples
     /// <summary>
     /// Represents the startup process for the application.
     /// </summary>
-    public class Startup
+    public partial class Startup
     {
         /// <summary>
         /// Configures the application using the provided builder.

samples/webapi/SwaggerODataWebApiSample/SwaggerODataWebApiSample.csproj

@@ -1,20 +1,16 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
  <PropertyGroup>
-  <OutputType>Exe</OutputType>
   <TargetFramework>net472</TargetFramework>
   <RootNamespace>Microsoft.Examples</RootNamespace>
   <DocumentationFile>bin\$(Configuration)\$(TargetFramework)\$(MSBuildThisFileName).xml</DocumentationFile>
  </PropertyGroup>
 
  <ItemGroup>
-  <Reference Include="Microsoft.CSharp" />
-  <Reference Include="System" />
   <Reference Include="System.ComponentModel.DataAnnotations" />
  </ItemGroup>
 
  <ItemGroup>
-  <PackageReference Include="Microsoft.AspNet.WebApi.OwinSelfHost" Version="5.2.7" />
   <PackageReference Include="Swashbuckle.Core" Version="5.6.0" />
  </ItemGroup>