Skip to content

Add nullable annotations to Authentication.Core & Authentication.Cookies #24307

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 31, 2020
Merged

Add nullable annotations to Authentication.Core & Authentication.Cookies #24307

merged 1 commit into from
Jul 31, 2020

Conversation

pranavkm
Copy link
Contributor

Contributes to #5680

@pranavkm pranavkm requested a review from HaoK July 25, 2020 00:54
@pranavkm pranavkm added the area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer label Jul 25, 2020
@pranavkm pranavkm added this to the 5.0.0-rc1 milestone Jul 25, 2020
JamesNK
JamesNK reviewed Jul 26, 2020
View reviewed changes
src/Http/Authentication.Abstractions/src/AuthenticationTicket.cs
/// <param name="properties">additional properties that can be consumed by the user or runtime.</param>
/// <param name="authenticationScheme">the authentication middleware that was responsible for this ticket.</param>
public AuthenticationTicket(ClaimsPrincipal principal, AuthenticationProperties? properties, string? authenticationScheme)
public AuthenticationTicket(ClaimsPrincipal principal, AuthenticationProperties? properties, string authenticationScheme)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should authenticationScheme throw ArgumentNullException if null?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We generally haven't added explicit null-checks to our code to express the non-nullness. IIRC, there was one code path that would result in an arg-null \ null-ref if the scheme was null, but I wasn't a 100% certain if this was the right default

src/Security/Authentication/Cookies/src/CookieAuthenticationHandler.cs
private async Task<AuthenticateResult> ReadCookieTicket()
{
var cookie = Options.CookieManager.GetRequestCookie(Context, Options.Cookie.Name);
var cookie = Options.CookieManager.GetRequestCookie(Context, Options.Cookie.Name!);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What happens if Options.Cookie.Name is null?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the default case, this is guaranteed to be non-null. The option configures it to a value and you cannot assign a null value to it.

src/Security/Authentication/Core/src/Events/ResultContext.cs
/// Calls success creating a ticket with the <see cref="Principal"/> and <see cref="Properties"/>.
/// </summary>
public void Success() => Result = HandleRequestResult.Success(new AuthenticationTicket(Principal, Properties, Scheme.Name));
public void Success() => Result = HandleRequestResult.Success(new AuthenticationTicket(Principal!, Properties, Scheme.Name));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What happens if Principal is null? Ok because AuthenticationTicket checks for null?

src/Security/Authentication/Core/src/IDataSerializer.cs
{
byte[] Serialize(TModel model);

[return: MaybeNull]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI dotnet/roslyn#45993

This is fine for now, but we could switch MaybeNull/AllowNull attributes to use ? before .NET 5

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The version of the compiler we have doesn't support this as yet.

@pranavkm pranavkm merged commit 3e1e69e into master Jul 31, 2020
@pranavkm pranavkm deleted the prkrishn/nullable-auth branch July 31, 2020 00:09
@pranavkm pranavkm changed the title Add nullable annotations to Authenticator.Core & Authentication.Cookies Add nullable annotations to Authentication.Core & Authentication.Cookies Jul 31, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JamesNK JamesNK JamesNK left review comments

@Tratcher Tratcher Tratcher approved these changes

@jkotalik jkotalik Awaiting requested review from jkotalik

@HaoK HaoK Awaiting requested review from HaoK

Assignees

No one assigned

Labels

area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer

Projects

None yet

Milestone

5.0.0-rc1

Development

Successfully merging this pull request may close these issues.

3 participants

@pranavkm @JamesNK @Tratcher