Clean build with .NET8

Sustainsys.Saml2.sln

@@ -12,6 +12,7 @@ EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{67939779-582A-4972-9393-280BB0A6678B}"
 	ProjectSection(SolutionItems) = preProject
 		CONTRIBUTING.md = CONTRIBUTING.md
+		src\exclusion.dic = src\exclusion.dic
 		LICENSE = LICENSE
 		README.md = README.md
 		SECURITY.md = SECURITY.md

src/.editorconfig

@@ -217,3 +217,6 @@ dotnet_naming_style.begins_with_i.required_prefix = I
 dotnet_naming_style.begins_with_i.required_suffix = 
 dotnet_naming_style.begins_with_i.word_separator = 
 dotnet_naming_style.begins_with_i.capitalization = pascal_case
+
+# Spelling
+spelling_exclusion_path = .\exclusion.dic

src/Sustainsys.Saml2.AspNetCore/Saml2Handler.cs

@@ -16,27 +16,37 @@ namespace Sustainsys.Saml2.AspNetCore;
 /// </summary>
 public class Saml2Handler : RemoteAuthenticationHandler<Saml2Options>
 {
+#if NET8_0_OR_GREATER
     /// <summary>
     /// Constructor
     /// </summary>
     /// <param name="options">Options</param>
     /// <param name="logger">Logger factory</param>
     /// <param name="encoder">Url encoder</param>
-    /// <param name="clock">System Clock</param>
     public Saml2Handler(
         IOptionsMonitor<Saml2Options> options,
         ILoggerFactory logger,
         UrlEncoder encoder
-#if NET8_0_OR_GREATER
         )
         : base(options, logger, encoder)
+    {}
 #else
-        ,
+
+    /// <summary>
+    /// Constructor
+    /// </summary>
+    /// <param name="options">Options</param>
+    /// <param name="logger">Logger factory</param>
+    /// <param name="encoder">Url encoder</param>
+    /// <param name="clock">System Clock</param>
+    public Saml2Handler(
+        IOptionsMonitor<Saml2Options> options,
+        ILoggerFactory logger,
+        UrlEncoder encoder,
         ISystemClock clock)
         : base(options, logger, encoder, clock)
+    { }
 #endif
-    {
-    }
 
     /// <summary>
     /// Create events by invoking Options.ServiceResolver.CreateEventsAsync()
@@ -95,7 +105,11 @@ protected override async Task HandleChallengeAsync(AuthenticationProperties prop
         var authnRequest = new AuthnRequest()
         {
             Issuer = Options.EntityId,
+#if NET8_0_OR_GREATER
+            IssueInstant = TimeProvider.GetUtcNow().DateTime,
+#else
             IssueInstant = Clock.UtcNow.DateTime,
+#endif
             AssertionConsumerServiceUrl = BuildRedirectUri(Options.CallbackPath)
         };
 

src/Sustainsys.Saml2.AspNetCore/Sustainsys.Saml2.AspNetCore.csproj

@@ -16,4 +16,9 @@
 		<ProjectReference Include="..\Sustainsys.Saml2\Sustainsys.Saml2.csproj" />
 	</ItemGroup>
 
+	<PropertyGroup>
+		<!--Restrict warning level to what is supported in .Net 6-->
+		<WarningLevel>6</WarningLevel>
+	</PropertyGroup>
+
 </Project>

src/Sustainsys.Saml2/Serialization/ISamlXmlReader.cs

@@ -42,9 +42,9 @@ public interface ISamlXmlReader
     SamlResponse ReadSamlResponse(XmlTraverser source);
 
     /// <summary>
-    /// Read an AuthnReqeust
+    /// Read an <see cref="AuthnRequest"/>
     /// </summary>
     /// <param name="source">Xml Traverser to read from</param>
-    /// <returns>AutnnRequest</returns>
+    /// <returns><see cref="AuthnRequest"/></returns>
     AuthnRequest ReadAuthnRequest(XmlTraverser source);
 }

src/Sustainsys.Saml2/Sustainsys.Saml2.csproj

@@ -18,4 +18,9 @@
 		<PackageReference Include="System.Security.Cryptography.Xml" Version="7.0.1" />	
 	</ItemGroup>
 
+	<PropertyGroup>
+		<!--Restrict warning level to what is supported in .Net 6-->
+		<WarningLevel>6</WarningLevel>
+	</PropertyGroup>
+
 </Project>

src/Sustainsys.Saml2/Xml/SignedXmlHelper.cs

@@ -17,7 +17,7 @@ namespace Sustainsys.Saml2.Xml;
 public static class SignedXmlHelper
 {
     /// <summary>
-    /// Adds an envoleped signature to the node.
+    /// Adds an enveloped signature to the node.
     /// </summary>
     /// <param name="element">Element to sign</param>
     /// <param name="certificate">Certificate to use to sign</param>
@@ -31,7 +31,7 @@ public static void Sign(
     }
 
     /// <summary>
-    /// Adds an envoleped signature to the node.
+    /// Adds an enveloped signature to the node.
     /// </summary>
     /// <param name="element">Element to sign</param>
     /// <param name="certificate">Certificate to use to sign</param>
@@ -41,10 +41,7 @@ public static void Sign(
         X509Certificate2 certificate,
         XmlNode insertAfter)
     {
-        if(insertAfter == null)
-        {
-            throw new ArgumentNullException(nameof(insertAfter));
-        }
+        ArgumentNullException.ThrowIfNull(insertAfter);
 
         var signedXml = CreateSignedXml(element, certificate);
 
@@ -96,8 +93,10 @@ internal SignedXmlWithStrictIdResolution(XmlDocument xmlDocument)
         /// <param name="idValue">Id value to find</param>
         /// <returns>XmlElement</returns>
         /// <exception cref="CryptographicException">If not exactly one match</exception>
-        public override XmlElement GetIdElement(XmlDocument document, string idValue)
+        public override XmlElement GetIdElement(XmlDocument? document, string idValue)
         {
+            ArgumentNullException.ThrowIfNull(document);
+
             XmlConvert.VerifyNCName(idValue);
 
             var possibleNodes = document.SelectNodes($"//*[@ID=\"{idValue}\" or @Id=\"{idValue}\" or @id=\"{idValue}\"]")!;
@@ -138,14 +137,19 @@ public static (string? Error, SigningKey? WorkingKey) VerifySignature(
         string? error = null;
         SigningKey? workingKey = null;
 
-        if (signedXml.SignedInfo.References.Count != 1)
+        if (signedXml.SignedInfo!.References.Count != 1)
         {
             error += "The Signature should contain exactly one reference. ";
         }
         else
         {
             foreach (var key in keys)
             {
+                if (key.Certificate == null)
+                {
+                    throw new InvalidOperationException("Signing key certificate cannot be null");
+                }
+
                 if (signedXml.CheckSignature(key.Certificate, true))
                 {
                     workingKey = key;
@@ -172,7 +176,7 @@ public static (string? Error, SigningKey? WorkingKey) VerifySignature(
             }
             else
             {
-                var id = reference.Uri[1..]; // Drop off the #
+                var id = reference.Uri![1..]; // Drop off the #
 
                 var signedElement = signedXml.GetIdElement(signatureElement.OwnerDocument, id);
 
@@ -205,7 +209,7 @@ public static (string? Error, SigningKey? WorkingKey) VerifySignature(
         }
 
         // The algorithm names has the form http://foo/bar/xyz#rsa-sha256
-        var signingHash = signedXml.SignatureMethod[(signedXml.SignatureMethod.LastIndexOf('-') + 1)..];
+        var signingHash = signedXml.SignatureMethod![(signedXml.SignatureMethod!.LastIndexOf('-') + 1)..];
         if (!allowedHashAlgorithms.Contains(signingHash))
         {
             var allowed = string.Join(", ", allowedHashAlgorithms);

src/Sustainsys.Saml2/Xml/XmlHelpers.cs

@@ -32,7 +32,7 @@ internal static string FormatId(byte[] bytes)
     /// Get an Xml traverser for an XmlDocument
     /// </summary>
     /// <param name="xmlElement">Source XmlElement. Typically the document element</param>
-    /// <returns>XmlTraverser locatet at DocumentElement</returns>
+    /// <returns>XmlTraverser located at DocumentElement</returns>
     public static XmlTraverser GetXmlTraverser(this XmlElement xmlElement)
         => new(xmlElement ?? throw new ArgumentException("DocumentElement cannot be null"));
 

src/Sustainsys.Saml2/Xml/XmlTraverser.cs

@@ -250,7 +250,7 @@ public bool EnsureNamespace(string namespaceUri)
         return true;
     }
 
-    // TODO: Reorder params to follow XmlNode convention with localname, namespaceUri
+    // TODO: Reorder params to follow XmlNode convention with localName, namespaceUri
     /// <summary>
     /// Ensure that the current node has a specific localName and namespace.
     /// </summary>
@@ -329,7 +329,6 @@ public bool HasName(string namespaceUri, string localName)
     /// </summary>
     /// <param name="localName">Local name of attribute</param>
     /// <returns>Attribute value</returns>
-    /// <exception cref="SamlXmlException">If no such attribute is found.</exception>
     public string GetRequiredAttribute(string localName)
     {
         if (CurrentNode == null)

src/Tests/Sustainsys.Saml2.AspNetCore.Tests/Saml2HandlerTests.cs

@@ -38,8 +38,7 @@ public class Saml2HandlerTests
 #if NET8_0_OR_GREATER
             );
 #else
-            ,
-            systemClock);
+            ,systemClock);
 #endif
 
         var scheme = new AuthenticationScheme("Saml2", "Saml2", typeof(Saml2Handler));
@@ -192,6 +191,6 @@ public async Task HandleRemoteAuthenticate()
         result.Should().BeTrue();
     }
 
-    // TODO: Use event to resolve IdentityProvider - presense of EntityId indicates if challenge or response processing
+    // TODO: Use event to resolve IdentityProvider - presence of EntityId indicates if challenge or response processing
     // TODO: Event when Xml was created
 }

src/Tests/Sustainsys.Saml2.AspNetCore.Tests/Sustainsys.Saml2.AspNetCore.Tests.csproj

@@ -32,4 +32,9 @@
 		<ProjectReference Include="..\Sustainsys.Saml2.Tests.Helpers\Sustainsys.Saml2.Tests.Helpers.csproj" />
 	</ItemGroup>
 
+	<PropertyGroup>
+		<!--Restrict warning level to what is supported in .Net 6-->
+		<WarningLevel>6</WarningLevel>
+	</PropertyGroup>
+
 </Project>

src/Tests/Sustainsys.Saml2.Tests.Helpers/Sustainsys.Saml2.Tests.Helpers.csproj

@@ -8,6 +8,10 @@
 		<IsPackable>false</IsPackable>
 	</PropertyGroup>
 
+	<PropertyGroup>
+		<NoWarn>1701;1702;IDE0039;IDE0290;IDE0300</NoWarn>
+	</PropertyGroup>
+
 	<ItemGroup>
 		<PackageReference Include="FluentAssertions" Version="6.6.0" />
 	</ItemGroup>
@@ -25,4 +29,9 @@
 		</None>
 	</ItemGroup>
 
+	<PropertyGroup>
+		<!--Restrict warning level to what is supported in .Net 6-->
+		<WarningLevel>6</WarningLevel>
+	</PropertyGroup>
+
 </Project>

src/Tests/Sustainsys.Saml2.Tests.Helpers/TestData.cs

@@ -3,54 +3,53 @@
 using System.Security.Cryptography.X509Certificates;
 using System.Xml;
 
-namespace Sustainsys.Saml2.Tests.Helpers
+namespace Sustainsys.Saml2.Tests.Helpers;
+
+public static class TestData
 {
-    public static class TestData
+    public static XmlTraverser GetXmlTraverser<TDirectory>([CallerMemberName] string? testName = null)
     {
-        public static XmlTraverser GetXmlTraverser<TDirectory>([CallerMemberName] string? testName = null)
-        {
-            var document = GetXmlDocument<TDirectory>(testName);
-
-            return new XmlTraverser(document.DocumentElement ?? throw new InvalidOperationException("XmlDoc contained no DocumentElement"));
-        }
-
-        public static XmlDocument GetXmlDocument<TDirectory>([CallerMemberName] string? testName = null)
-        {
-            ArgumentNullException.ThrowIfNull(testName);
-
-            var assemblyName = typeof(TDirectory).Assembly.GetName().Name!;
-
-            var fileName = "../../.."
-                + typeof(TDirectory).FullName![assemblyName.Length..].Replace('.', '/')
-                + "/" + testName + ".xml";
-
-            var document = new XmlDocument();
-            document.Load(fileName);
-            return document;
-        }
-
-        public static X509Certificate2 Certificate { get; } = new X509Certificate2("Sustainsys.Saml2.Tests.pfx");
-
-        public static SigningKey SigningKey { get; } = new()
-        {
-            Certificate = Certificate,
-            TrustLevel = TrustLevel.ConfiguredKey
-        };
-
-        public static SigningKey[] SingleSigningKey { get; } =
-        {
-            SigningKey
-        };
-
-        public static SigningKey SigningKey2 { get; } = new()
-        {
-            Certificate = new X509Certificate2("Sustainsys.Saml2.Tests2.pfx"),
-            TrustLevel = TrustLevel.TLS
-        };
-
-        public static SigningKey[] SingleSigningKey2 { get; } =
-        {
-            SigningKey2
-        };
+        var document = GetXmlDocument<TDirectory>(testName);
+
+        return new XmlTraverser(document.DocumentElement ?? throw new InvalidOperationException("XmlDoc contained no DocumentElement"));
     }
+
+    public static XmlDocument GetXmlDocument<TDirectory>([CallerMemberName] string? testName = null)
+    {
+        ArgumentNullException.ThrowIfNull(testName);
+
+        var assemblyName = typeof(TDirectory).Assembly.GetName().Name!;
+
+        var fileName = "../../.."
+            + typeof(TDirectory).FullName![assemblyName.Length..].Replace('.', '/')
+            + "/" + testName + ".xml";
+
+        var document = new XmlDocument();
+        document.Load(fileName);
+        return document;
+    }
+
+    public static X509Certificate2 Certificate { get; } = new X509Certificate2("Sustainsys.Saml2.Tests.pfx");
+
+    public static SigningKey SigningKey { get; } = new()
+    {
+        Certificate = Certificate,
+        TrustLevel = TrustLevel.ConfiguredKey
+    };
+
+    public static SigningKey[] SingleSigningKey { get; } =  
+    {
+        SigningKey
+    };
+
+    public static SigningKey SigningKey2 { get; } = new()
+    {
+        Certificate = new X509Certificate2("Sustainsys.Saml2.Tests2.pfx"),
+        TrustLevel = TrustLevel.TLS
+    };
+
+    public static SigningKey[] SingleSigningKey2 { get; } = new[]
+    {
+        SigningKey2
+    };
 }

src/Tests/Sustainsys.Saml2.Tests/Sustainsys.Saml2.Tests.csproj

@@ -10,7 +10,7 @@
 	</PropertyGroup>
 
 	<PropertyGroup>
-	  <NoWarn>1701;1702;IDE0039</NoWarn>
+		<NoWarn>1701;1702;IDE0039;IDE0290;IDE0300</NoWarn>
 	</PropertyGroup>
 
 	<ItemGroup>
@@ -37,9 +37,9 @@
 	</ItemGroup>
 
 	<ItemGroup>
-	  <None Update="stubidp.sustainsys.com.cer">
-	    <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
-	  </None>
+		<None Update="stubidp.sustainsys.com.cer">
+			<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+		</None>
 	</ItemGroup>
 
 </Project>