Fix nullable errors

Fix compiler errors caused by new nullable annotations.

Author: martincostello

src/AspNet.Security.OAuth.Apple/AppleAuthenticationHandler.cs

@@ -176,7 +176,7 @@ protected virtual IEnumerable<Claim> ExtractClaimsFromUser([NotNull] JsonElement
 
             if (user.TryGetProperty("email", out var email))
             {
-                claims.Add(new Claim(ClaimTypes.Email, email.GetString(), ClaimValueTypes.String, ClaimsIssuer));
+                claims.Add(new Claim(ClaimTypes.Email, email.GetString() ?? string.Empty, ClaimValueTypes.String, ClaimsIssuer));
             }
 
             return claims;

src/AspNet.Security.OAuth.Bitbucket/BitbucketAuthenticationHandler.cs

@@ -63,19 +63,19 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
                 !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) &&
                 Options.Scope.Contains("email"))
             {
-                string address = await GetEmailAsync(tokens);
+                string? address = await GetEmailAsync(tokens);
 
                 if (!string.IsNullOrEmpty(address))
                 {
-                    identity.AddClaim(new Claim(ClaimTypes.Email, address, ClaimValueTypes.String, Options.ClaimsIssuer));
+                    identity.AddClaim(new Claim(ClaimTypes.Email, address!, ClaimValueTypes.String, Options.ClaimsIssuer));
                 }
             }
 
             await Options.Events.CreatingTicket(context);
             return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
-        protected virtual async Task<string> GetEmailAsync([NotNull] OAuthTokenResponse tokens)
+        protected virtual async Task<string?> GetEmailAsync([NotNull] OAuthTokenResponse tokens)
         {
             using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserEmailsEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

src/AspNet.Security.OAuth.Deezer/DeezerAuthenticationHandler.cs

@@ -129,7 +129,7 @@ protected override string BuildChallengeUrl([NotNull] AuthenticationProperties p
                 properties.Items.Add(OAuthConstants.CodeVerifierKey, codeVerifier);
 
                 using var sha256 = HashAlgorithm.Create("SHA256");
-                byte[] challengeBytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(codeVerifier));
+                byte[] challengeBytes = sha256!.ComputeHash(Encoding.UTF8.GetBytes(codeVerifier));
                 parameters[OAuthConstants.CodeChallengeKey] = WebEncoders.Base64UrlEncode(challengeBytes);
                 parameters[OAuthConstants.CodeChallengeMethodKey] = OAuthConstants.CodeChallengeMethodS256;
             }

src/AspNet.Security.OAuth.Fitbit/FitbitAuthenticationHandler.cs

@@ -76,7 +76,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
                 ["code"] = context.Code
             };
 
-            request.Content = new FormUrlEncodedContent(parameters);
+            request.Content = new FormUrlEncodedContent(parameters!);
 
             using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)

src/AspNet.Security.OAuth.GitHub/GitHubAuthenticationHandler.cs

@@ -63,7 +63,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
                 !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) &&
                 Options.Scope.Contains("user:email"))
             {
-                string address = await GetEmailAsync(tokens);
+                string? address = await GetEmailAsync(tokens);
 
                 if (!string.IsNullOrEmpty(address))
                 {
@@ -75,7 +75,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
-        protected virtual async Task<string> GetEmailAsync([NotNull] OAuthTokenResponse tokens)
+        protected virtual async Task<string?> GetEmailAsync([NotNull] OAuthTokenResponse tokens)
         {
             // See https://developer.github.com/v3/users/emails/ for more information about the /user/emails endpoint.
             using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserEmailsEndpoint);

src/AspNet.Security.OAuth.Gitee/GiteeAuthenticationHandler.cs

@@ -27,8 +27,8 @@ public GiteeAuthenticationHandler(
             [NotNull] UrlEncoder encoder,
             [NotNull] ISystemClock clock)
             : base(options, logger, encoder, clock)
-            {
-            }
+        {
+        }
 
         protected override async Task<AuthenticationTicket> CreateTicketAsync(
             [NotNull] ClaimsIdentity identity,
@@ -63,7 +63,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
                 !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) &&
                 Options.Scope.Contains("emails"))
             {
-                string address = await GetEmailAsync(tokens);
+                string? address = await GetEmailAsync(tokens);
 
                 if (!string.IsNullOrEmpty(address))
                 {
@@ -75,7 +75,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
-        protected async Task<string> GetEmailAsync([NotNull] OAuthTokenResponse tokens)
+        protected async Task<string?> GetEmailAsync([NotNull] OAuthTokenResponse tokens)
         {
             using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserEmailsEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

src/AspNet.Security.OAuth.LinkedIn/LinkedInAuthenticationOptions.cs

@@ -72,7 +72,7 @@ public LinkedInAuthenticationOptions()
         /// 3. Returns the first value.
         /// </summary>
         /// <see cref="DefaultMultiLocaleStringResolver(IReadOnlyDictionary{string, string}, string?)"/>
-        public Func<IReadOnlyDictionary<string, string>, string?, string> MultiLocaleStringResolver { get; set; } = DefaultMultiLocaleStringResolver;
+        public Func<IReadOnlyDictionary<string, string?>, string?, string?> MultiLocaleStringResolver { get; set; } = DefaultMultiLocaleStringResolver;
 
         /// <summary>
         /// Gets the <c>MultiLocaleString</c> value using the configured resolver.
@@ -100,7 +100,7 @@ public LinkedInAuthenticationOptions()
                 preferredLocaleKey = $"{preferredLocale.GetString("language")}_{preferredLocale.GetString("country")}";
             }
 
-            var preferredLocales = new Dictionary<string, string>();
+            var preferredLocales = new Dictionary<string, string?>();
 
             foreach (var element in propertyLocalized.EnumerateObject())
             {
@@ -164,7 +164,7 @@ private static IEnumerable<string> GetPictureUrls(JsonElement user)
         /// <param name="localizedValues">The localized values with culture keys.</param>
         /// <param name="preferredLocale">The preferred locale, if provided by LinkedIn.</param>
         /// <returns>The localized value.</returns>
-        private static string DefaultMultiLocaleStringResolver(IReadOnlyDictionary<string, string> localizedValues, string? preferredLocale)
+        private static string? DefaultMultiLocaleStringResolver(IReadOnlyDictionary<string, string?> localizedValues, string? preferredLocale)
         {
             if (!string.IsNullOrEmpty(preferredLocale) &&
                 localizedValues.TryGetValue(preferredLocale, out string? preferredLocaleValue))

src/AspNet.Security.OAuth.Odnoklassniki/OdnoklassnikiAuthenticationHandler.cs

@@ -40,8 +40,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             [NotNull] OAuthTokenResponse tokens)
         {
             using var algorithm = HashAlgorithm.Create("MD5");
-            string accessSecret = GetHash(algorithm, tokens.AccessToken + Options.ClientSecret);
-            string sign = GetHash(algorithm, $"application_key={Options.PublicSecret}format=jsonmethod=users.getCurrentUser{accessSecret}");
+            string accessSecret = GetHash(algorithm!, tokens.AccessToken + Options.ClientSecret);
+            string sign = GetHash(algorithm!, $"application_key={Options.PublicSecret}format=jsonmethod=users.getCurrentUser{accessSecret}");
 
             string address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, new Dictionary<string, string>
             {

src/AspNet.Security.OAuth.Reddit/RedditAuthenticationHandler.cs

@@ -108,7 +108,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
                 ["code"] = context.Code
             };
 
-            request.Content = new FormUrlEncodedContent(parameters);
+            request.Content = new FormUrlEncodedContent(parameters!);
 
             using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)

src/AspNet.Security.OAuth.Shopify/ShopifyAuthenticationHandler.cs

@@ -186,7 +186,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
                 ["code"] = context.Code
             };
 
-            request.Content = new FormUrlEncodedContent(parameters);
+            request.Content = new FormUrlEncodedContent(parameters!);
 
             using var response = await Backchannel.SendAsync(request, Context.RequestAborted);
 

src/AspNet.Security.OAuth.StackExchange/StackExchangeAuthenticationHandler.cs

@@ -96,7 +96,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
 
             using var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint)
             {
-                Content = new FormUrlEncodedContent(parameters)
+                Content = new FormUrlEncodedContent(parameters!)
             };
 
             using var response = await Backchannel.SendAsync(request, Context.RequestAborted);

src/AspNet.Security.OAuth.VisualStudio/VisualStudioAuthenticationHandler.cs

@@ -77,7 +77,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
                 ["client_assertion_type"] = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
             };
 
-            request.Content = new FormUrlEncodedContent(parameters);
+            request.Content = new FormUrlEncodedContent(parameters!);
 
             using var response = await Backchannel.SendAsync(request, Context.RequestAborted);
 

src/AspNet.Security.OAuth.Weibo/WeiboAuthenticationHandler.cs

@@ -66,11 +66,11 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
                 !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) &&
                 Options.Scope.Contains("email"))
             {
-                string email = await GetEmailAsync(tokens);
+                string? email = await GetEmailAsync(tokens);
 
                 if (!string.IsNullOrEmpty(address))
                 {
-                    identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
+                    identity.AddClaim(new Claim(ClaimTypes.Email, email!, ClaimValueTypes.String, Options.ClaimsIssuer));
                 }
             }
 
@@ -84,7 +84,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
 
         protected override string FormatScope() => string.Join(",", Options.Scope);
 
-        protected virtual async Task<string> GetEmailAsync([NotNull] OAuthTokenResponse tokens)
+        protected virtual async Task<string?> GetEmailAsync([NotNull] OAuthTokenResponse tokens)
         {
             // See http://open.weibo.com/wiki/2/account/profile/email for more information about the /account/profile/email.json endpoint.
             string address = QueryHelpers.AddQueryString(Options.UserEmailsEndpoint, "access_token", tokens.AccessToken);

src/AspNet.Security.OAuth.Yahoo/YahooAuthenticationHandler.cs

@@ -76,7 +76,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
                 ["code"] = context.Code
             };
 
-            request.Content = new FormUrlEncodedContent(parameters);
+            request.Content = new FormUrlEncodedContent(parameters!);
 
             using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)

src/AspNet.Security.OAuth.Yammer/YammerAuthenticationHandler.cs

@@ -77,7 +77,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
                 ["grant_type"] = "authorization_code"
             };
 
-            request.Content = new FormUrlEncodedContent(parameters);
+            request.Content = new FormUrlEncodedContent(parameters!);
 
             using var response = await Backchannel.SendAsync(request, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)

src/AspNet.Security.OAuth.Yandex/YandexAuthenticationHandler.cs

@@ -76,7 +76,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
                 ["code"] = context.Code
             };
 
-            request.Content = new FormUrlEncodedContent(parameters);
+            request.Content = new FormUrlEncodedContent(parameters!);
 
             using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)

test/AspNet.Security.OAuth.Providers.Tests/Infrastructure/ApplicationFactory.cs

@@ -102,7 +102,7 @@ private static void ConfigureApplication<TOptions>(IApplicationBuilder app, OAut
                        "/me",
                        async context =>
                        {
-                           if (context.User.Identity.IsAuthenticated)
+                           if (context.User.Identity?.IsAuthenticated == true)
                            {
                                string xml = IdentityToXmlString(context.User);
                                byte[] buffer = Encoding.UTF8.GetBytes(xml);

test/AspNet.Security.OAuth.Providers.Tests/Infrastructure/LoopbackRedirectHandler.cs

@@ -40,9 +40,9 @@ protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage
                 if (RedirectMethod == HttpMethod.Post)
                 {
                     var queryString = HttpUtility.ParseQueryString(result.Headers.Location!.Query);
-                    string state = queryString["state"];
+                    string? state = queryString["state"];
 
-                    var parameters = new Dictionary<string, string>()
+                    var parameters = new Dictionary<string, string?>()
                     {
                         ["code"] = "a6ed8e7f-471f-44f1-903b-65946475f351",
                         ["state"] = state,
@@ -56,7 +56,7 @@ protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage
                         }
                     }
 
-                    content = new FormUrlEncodedContent(parameters);
+                    content = new FormUrlEncodedContent(parameters!);
                 }
                 else
                 {
@@ -89,17 +89,17 @@ protected virtual Uri BuildLoopbackUri(HttpResponseMessage responseMessage)
         {
             // Rewrite the URI to loop back to the redirected URL to simulate the user having
             // successfully authenticated with the external login page they were redirected to.
-            var queryString = HttpUtility.ParseQueryString(responseMessage.Headers.Location.Query);
+            var queryString = HttpUtility.ParseQueryString(responseMessage.Headers.Location!.Query);
 
             string? location = queryString["redirect_uri"] ?? RedirectUri;
-            string state = queryString["state"];
+            string? state = queryString["state"];
 
             var builder = new UriBuilder(location!);
 
             // Retain the _oauthstate parameter in redirect_uri for WeChat (see #262)
             const string OAuthStateKey = "_oauthstate";
             var redirectQuery = HttpUtility.ParseQueryString(builder.Query);
-            string oauthState = redirectQuery[OAuthStateKey];
+            string? oauthState = redirectQuery[OAuthStateKey];
 
             // Remove any query string parameters we do not explictly need to retain
             queryString.Clear();

test/AspNet.Security.OAuth.Providers.Tests/OAuthTests`1.cs

@@ -170,7 +170,8 @@ protected async Task<IDictionary<string, Claim>> AuthenticateUserAsync(WebApplic
 
                 // Assert
                 result.StatusCode.ShouldBe(HttpStatusCode.OK);
-                result.Content.Headers.ContentType.MediaType.ShouldBe("text/xml");
+                result.Content.Headers.ContentType.ShouldNotBeNull();
+                result.Content.Headers.ContentType!.MediaType.ShouldBe("text/xml");
 
                 string xml = await result.Content.ReadAsStringAsync();