From c55be01c279f7617654e7a7534836c4a39bfdb24 Mon Sep 17 00:00:00 2001 From: Simon Cropp Date: Wed, 27 Nov 2024 23:16:03 +1100 Subject: [PATCH] use some pattern matching --- .../Configuration/CryptoHelper.cs | 7 ++++--- .../Endpoints/Results/AuthorizeResult.cs | 20 ++++++++++--------- .../Extensions/ClaimsExtensions.cs | 3 +-- .../Extensions/TokenExtensions.cs | 2 +- .../LocalApiAuthenticationHandler.cs | 4 ++-- .../Default/AuthorizeRequestValidator.cs | 5 ++--- .../Default/StrictRedirectUriValidator.cs | 5 +++-- .../Models/ValidatedAuthorizeRequest.cs | 13 ++++++------ 8 files changed, 30 insertions(+), 29 deletions(-) diff --git a/src/IdentityServer/Configuration/CryptoHelper.cs b/src/IdentityServer/Configuration/CryptoHelper.cs index 863feaaf2..92427af2a 100644 --- a/src/IdentityServer/Configuration/CryptoHelper.cs +++ b/src/IdentityServer/Configuration/CryptoHelper.cs @@ -179,9 +179,10 @@ internal static bool IsValidCurveForAlgorithm(ECDsaSecurityKey key, string algor } internal static bool IsValidCrvValueForAlgorithm(string crv) { - return crv == JsonWebKeyECTypes.P256 || - crv == JsonWebKeyECTypes.P384 || - crv == JsonWebKeyECTypes.P521; + return crv is + JsonWebKeyECTypes.P256 or + JsonWebKeyECTypes.P384 or + JsonWebKeyECTypes.P521; } internal static string GetRsaSigningAlgorithmValue(IdentityServerConstants.RsaSigningAlgorithm value) diff --git a/src/IdentityServer/Endpoints/Results/AuthorizeResult.cs b/src/IdentityServer/Endpoints/Results/AuthorizeResult.cs index 1ffb1b974..14e9a3f28 100644 --- a/src/IdentityServer/Endpoints/Results/AuthorizeResult.cs +++ b/src/IdentityServer/Endpoints/Results/AuthorizeResult.cs @@ -98,13 +98,14 @@ private async Task ProcessErrorAsync(AuthorizeResponse response, HttpContext con // these are the conditions where we can send a response // back directly to the client, otherwise we're only showing the error UI var isSafeError = - response.Error == OidcConstants.AuthorizeErrors.AccessDenied || - response.Error == OidcConstants.AuthorizeErrors.AccountSelectionRequired || - response.Error == OidcConstants.AuthorizeErrors.LoginRequired || - response.Error == OidcConstants.AuthorizeErrors.ConsentRequired || - response.Error == OidcConstants.AuthorizeErrors.InteractionRequired || - response.Error == OidcConstants.AuthorizeErrors.TemporarilyUnavailable || - response.Error == OidcConstants.AuthorizeErrors.UnmetAuthenticationRequirements; + response.Error is + OidcConstants.AuthorizeErrors.AccessDenied or + OidcConstants.AuthorizeErrors.AccountSelectionRequired or + OidcConstants.AuthorizeErrors.LoginRequired or + OidcConstants.AuthorizeErrors.ConsentRequired or + OidcConstants.AuthorizeErrors.InteractionRequired or + OidcConstants.AuthorizeErrors.TemporarilyUnavailable or + OidcConstants.AuthorizeErrors.UnmetAuthenticationRequirements; if (isSafeError) { // this scenario we can return back to the client @@ -131,8 +132,9 @@ private async Task ProcessResponseAsync(AuthorizeResponse response, HttpContext private async Task RenderAuthorizeResponseAsync(AuthorizeResponse response, HttpContext context) { - if (response.Request.ResponseMode == OidcConstants.ResponseModes.Query || - response.Request.ResponseMode == OidcConstants.ResponseModes.Fragment) + if (response.Request.ResponseMode is + OidcConstants.ResponseModes.Query or + OidcConstants.ResponseModes.Fragment) { context.Response.SetNoCache(); context.Response.Redirect(BuildRedirectUri(response)); diff --git a/src/IdentityServer/Extensions/ClaimsExtensions.cs b/src/IdentityServer/Extensions/ClaimsExtensions.cs index 5974fe64b..784258efb 100644 --- a/src/IdentityServer/Extensions/ClaimsExtensions.cs +++ b/src/IdentityServer/Extensions/ClaimsExtensions.cs @@ -51,8 +51,7 @@ public static Dictionary ToClaimsDictionary(this IEnumerable 0) sb.Append(", "); sb.Append("DPoP"); diff --git a/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs b/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs index 6ff2b65a5..4e719b657 100644 --- a/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs +++ b/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs @@ -294,7 +294,7 @@ private AuthorizeRequestValidationResult ValidateCoreParameters(ValidatedAuthori ////////////////////////////////////////////////////////// // check if PKCE is required and validate parameters ////////////////////////////////////////////////////////// - if (request.GrantType == GrantType.AuthorizationCode || request.GrantType == GrantType.Hybrid) + if (request.GrantType is GrantType.AuthorizationCode or GrantType.Hybrid) { _logger.LogDebug("Checking for PKCE parameters"); @@ -449,8 +449,7 @@ private async Task ValidateScopeAndResourceAsy // check scope vs response_type plausability ////////////////////////////////////////////////////////// var requirement = Constants.ResponseTypeToScopeRequirement[request.ResponseType]; - if (requirement == Constants.ScopeRequirement.Identity || - requirement == Constants.ScopeRequirement.IdentityOnly) + if (requirement is Constants.ScopeRequirement.Identity or Constants.ScopeRequirement.IdentityOnly) { if (request.IsOpenIdRequest == false) { diff --git a/src/IdentityServer/Validation/Default/StrictRedirectUriValidator.cs b/src/IdentityServer/Validation/Default/StrictRedirectUriValidator.cs index bce157335..bf73eb6fd 100644 --- a/src/IdentityServer/Validation/Default/StrictRedirectUriValidator.cs +++ b/src/IdentityServer/Validation/Default/StrictRedirectUriValidator.cs @@ -83,8 +83,9 @@ public virtual Task IsRedirectUriValidAsync(RedirectUriValidationContext c // was pushed) if (_options?.PushedAuthorization?.AllowUnregisteredPushedRedirectUris == true && context.Client.RequireClientSecret && - (context.AuthorizeRequestType == AuthorizeRequestType.PushedAuthorization || - context.AuthorizeRequestType == AuthorizeRequestType.AuthorizeWithPushedParameters)) + context.AuthorizeRequestType is + AuthorizeRequestType.PushedAuthorization or + AuthorizeRequestType.AuthorizeWithPushedParameters) { return Task.FromResult(true); } diff --git a/src/IdentityServer/Validation/Models/ValidatedAuthorizeRequest.cs b/src/IdentityServer/Validation/Models/ValidatedAuthorizeRequest.cs index 09c932811..b1433f7d7 100644 --- a/src/IdentityServer/Validation/Models/ValidatedAuthorizeRequest.cs +++ b/src/IdentityServer/Validation/Models/ValidatedAuthorizeRequest.cs @@ -273,13 +273,12 @@ public class ValidatedAuthorizeRequest : ValidatedRequest /// /// true if an access token was requested; otherwise, false. /// - public bool AccessTokenRequested => ResponseType == OidcConstants.ResponseTypes.IdTokenToken || - ResponseType == OidcConstants.ResponseTypes.Code || - ResponseType == OidcConstants.ResponseTypes.CodeIdToken || - ResponseType == OidcConstants.ResponseTypes.CodeToken || - ResponseType == OidcConstants.ResponseTypes.CodeIdTokenToken; - - + public bool AccessTokenRequested => ResponseType is + OidcConstants.ResponseTypes.IdTokenToken or + OidcConstants.ResponseTypes.Code or + OidcConstants.ResponseTypes.CodeIdToken or + OidcConstants.ResponseTypes.CodeToken or + OidcConstants.ResponseTypes.CodeIdTokenToken; /// /// Initializes a new instance of the class.