From c3269ef78f8aa09d9f1fa3f64aff8c75b0f0dd3e Mon Sep 17 00:00:00 2001
From: damienbod <damien_bod@hotmail.com>
Date: Sun, 15 Dec 2024 16:42:33 +0100
Subject: [PATCH 1/5] .NET 9

---
 .github/workflows/azure-deploy-issuer.yml          | 14 +++++++-------
 .github/workflows/azure-deploy-verifier.yml        | 14 +++++++-------
 .github/workflows/dotnet.yml                       |  6 +++---
 IssuerDrivingLicense/IssuerDrivingLicense.csproj   |  2 +-
 .../VerifierInsuranceCompany.csproj                |  2 +-
 5 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/.github/workflows/azure-deploy-issuer.yml b/.github/workflows/azure-deploy-issuer.yml
index 6ece13c..06f9ec0 100644
--- a/.github/workflows/azure-deploy-issuer.yml
+++ b/.github/workflows/azure-deploy-issuer.yml
@@ -17,12 +17,12 @@
 # For more information on the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
 # For more samples to get started with GitHub Action workflows to deploy to Azure: https://github.com/Azure/actions-workflow-samples
 
-name: Build and deploy IssuerDrivingLicense
+name: Deploy IssuerDrivingLicense
 
 env:
   AZURE_WEBAPP_NAME: damienbodsharepointissuer          # set this to the name of your Azure Web App
   AZURE_WEBAPP_PACKAGE_PATH: '.'   # set this to the path to your web app project, defaults to the repository root
-  DOTNET_VERSION: '7.0'                                 # set this to the .NET Core version to use
+  DOTNET_VERSION: '9.0'                                 # set this to the .NET Core version to use
 
 on:
   push:
@@ -37,15 +37,15 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Set up .NET Core
-        uses: actions/setup-dotnet@v2
+        uses: actions/setup-dotnet@v4
         with:
           dotnet-version: ${{ env.DOTNET_VERSION }}
 
       - name: Set up dependency caching for faster builds
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: ~/.nuget/packages
           key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
@@ -59,7 +59,7 @@ jobs:
         run: dotnet publish ./IssuerDrivingLicense/IssuerDrivingLicense.csproj -c Release -o ${{env.DOTNET_ROOT}}/issuerpackage
 
       - name: Upload artifact for deployment job
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: .net-app
           path: ${{env.DOTNET_ROOT}}/issuerpackage
@@ -75,7 +75,7 @@ jobs:
 
     steps:
       - name: Download artifact from build job
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: .net-app
 
diff --git a/.github/workflows/azure-deploy-verifier.yml b/.github/workflows/azure-deploy-verifier.yml
index f3c945a..5006c59 100644
--- a/.github/workflows/azure-deploy-verifier.yml
+++ b/.github/workflows/azure-deploy-verifier.yml
@@ -17,12 +17,12 @@
 # For more information on the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
 # For more samples to get started with GitHub Action workflows to deploy to Azure: https://github.com/Azure/actions-workflow-samples
 
-name: Build and deploy VerifierInsuranceCompany
+name: Deploy VerifierInsuranceCompany
 
 env:
   AZURE_WEBAPP_NAME: damienbodsharepointverifier        # set this to the name of your Azure Web App
   AZURE_WEBAPP_PACKAGE_PATH: '.'   # set this to the path to your web app project, defaults to the repository root
-  DOTNET_VERSION: '7.0'                                 # set this to the .NET Core version to use
+  DOTNET_VERSION: '9.0'                                 # set this to the .NET Core version to use
 
 on:
   push:
@@ -37,15 +37,15 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Set up .NET Core
-        uses: actions/setup-dotnet@v2
+        uses: actions/setup-dotnet@v4
         with:
           dotnet-version: ${{ env.DOTNET_VERSION }}
 
       - name: Set up dependency caching for faster builds
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: ~/.nuget/packages
           key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
@@ -59,7 +59,7 @@ jobs:
         run: dotnet publish ./VerifierInsuranceCompany/VerifierInsuranceCompany.csproj -c Release -o ${{env.DOTNET_ROOT}}/verifierpackage
 
       - name: Upload artifact for deployment job
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: .net-app
           path: ${{env.DOTNET_ROOT}}/verifierpackage
@@ -75,7 +75,7 @@ jobs:
 
     steps:
       - name: Download artifact from build job
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: .net-app
 
diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml
index 3f11567..ef763fe 100644
--- a/.github/workflows/dotnet.yml
+++ b/.github/workflows/dotnet.yml
@@ -12,11 +12,11 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - name: Setup .NET
-      uses: actions/setup-dotnet@v2
+      uses: actions/setup-dotnet@v4
       with:
-        dotnet-version: '7.0'
+        dotnet-version: '9.0'
         include-prerelease: True
     - name: Restore dependencies
       run: dotnet restore
diff --git a/IssuerDrivingLicense/IssuerDrivingLicense.csproj b/IssuerDrivingLicense/IssuerDrivingLicense.csproj
index b5ddc67..45d7485 100644
--- a/IssuerDrivingLicense/IssuerDrivingLicense.csproj
+++ b/IssuerDrivingLicense/IssuerDrivingLicense.csproj
@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net7.0</TargetFramework>
+    <TargetFramework>net9.0</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
     <UserSecretsId>aspnet-IssuerDrivingLicense-825A2CCD-D7A7-4681-8552-A73D569859BF</UserSecretsId>
diff --git a/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj b/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
index 57cd2dd..d870d5b 100644
--- a/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
+++ b/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net7.0</TargetFramework>
+    <TargetFramework>net9.0</TargetFramework>
     <UserSecretsId>135d3421-6a33-43c7-883f-ae60e65f2a2f</UserSecretsId>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>

From 35f0ba7bd11c7df2ac8604e99c9e773f36eee33a Mon Sep 17 00:00:00 2001
From: damienbod <damien_bod@hotmail.com>
Date: Sun, 15 Dec 2024 16:43:08 +0100
Subject: [PATCH 2/5] .NET 9

---
 .../IssuerDrivingLicense.csproj               | 22 +++++++++----------
 .../VerifierInsuranceCompany.csproj           | 14 ++++++------
 2 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/IssuerDrivingLicense/IssuerDrivingLicense.csproj b/IssuerDrivingLicense/IssuerDrivingLicense.csproj
index 45d7485..de0e688 100644
--- a/IssuerDrivingLicense/IssuerDrivingLicense.csproj
+++ b/IssuerDrivingLicense/IssuerDrivingLicense.csproj
@@ -8,21 +8,21 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.9" NoWarn="NU1605" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="7.0.9" NoWarn="NU1605" />
-    <PackageReference Include="Microsoft.Identity.Web" Version="2.13.1" />
-    <PackageReference Include="Microsoft.Identity.Web.UI" Version="2.13.1" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="7.0.9" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="7.0.9">
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="9.0.0" NoWarn="NU1605" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="9.0.0" NoWarn="NU1605" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="3.5.0" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="3.5.0" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="9.0.0" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="9.0.0">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="System.Configuration.ConfigurationManager" Version="7.0.0" />
+    <PackageReference Include="System.Configuration.ConfigurationManager" Version="9.0.0" />
 
-    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="7.0.9" />
-    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="7.0.8" />
-    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="0.20.0" />
-    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders.TagHelpers" Version="0.20.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="9.0.0" />
+    <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="9.0.0" />
+    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="0.24.0" />
+    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders.TagHelpers" Version="0.24.0" />
   </ItemGroup>
 
 </Project>
diff --git a/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj b/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
index d870d5b..76dbd12 100644
--- a/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
+++ b/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
@@ -9,13 +9,13 @@
 
   <ItemGroup>
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.9" NoWarn="NU1605" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="7.0.9" NoWarn="NU1605" />
-    <PackageReference Include="Microsoft.Identity.Web" Version="2.13.1" />
-    <PackageReference Include="Microsoft.Identity.Web.UI" Version="2.13.1" />
-    <PackageReference Include="System.Configuration.ConfigurationManager" Version="7.0.0" />
-    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="0.20.0" />
-    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders.TagHelpers" Version="0.20.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="9.0.0" NoWarn="NU1605" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="9.0.0" NoWarn="NU1605" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="3.5.0" />
+    <PackageReference Include="Microsoft.Identity.Web.UI" Version="3.5.0" />
+    <PackageReference Include="System.Configuration.ConfigurationManager" Version="9.0.0" />
+    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="0.24.0" />
+    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders.TagHelpers" Version="0.24.0" />
   </ItemGroup>
 
   <ItemGroup>

From 48aa1de1d801bec1ca940e26d7423b283edc7ff5 Mon Sep 17 00:00:00 2001
From: damienbod <damien_bod@hotmail.com>
Date: Sun, 15 Dec 2024 16:43:35 +0100
Subject: [PATCH 3/5] code clean up

---
 .../Migrations/20211015070446_init.cs          |  1 -
 .../Migrations/20230623080507_update-scheme.cs |  3 +--
 IssuerDrivingLicense/Pages/Admin.cshtml.cs     |  2 +-
 .../Pages/DriverLicenses/Create.cshtml.cs      |  2 +-
 .../Pages/DriverLicenses/Details.cshtml.cs     |  2 +-
 .../Pages/DriverLicenses/Edit.cshtml.cs        |  6 +++---
 .../Pages/DriverLicenses/User.cshtml.cs        |  4 ++--
 IssuerDrivingLicense/Pages/Error.cshtml.cs     |  2 +-
 .../SecurityHeadersDefinitions.cs              |  2 --
 .../Services/CredentialSettings.cs             |  4 ++--
 .../Services/IssuerController.cs               | 11 +++++------
 IssuerDrivingLicense/Services/IssuerService.cs |  4 ++--
 VerifierInsuranceCompany/Pages/Error.cshtml.cs |  2 +-
 .../SecurityHeadersDefinitions.cs              |  2 --
 .../Services/CredentialSettings.cs             |  4 ++--
 .../Services/VerifierController.cs             | 18 ++++++++++--------
 16 files changed, 32 insertions(+), 37 deletions(-)

diff --git a/IssuerDrivingLicense/Migrations/20211015070446_init.cs b/IssuerDrivingLicense/Migrations/20211015070446_init.cs
index c3fae25..4e0096f 100644
--- a/IssuerDrivingLicense/Migrations/20211015070446_init.cs
+++ b/IssuerDrivingLicense/Migrations/20211015070446_init.cs
@@ -1,4 +1,3 @@
-using System;
 using Microsoft.EntityFrameworkCore.Migrations;
 
 #nullable disable
diff --git a/IssuerDrivingLicense/Migrations/20230623080507_update-scheme.cs b/IssuerDrivingLicense/Migrations/20230623080507_update-scheme.cs
index 301004b..a46d7da 100644
--- a/IssuerDrivingLicense/Migrations/20230623080507_update-scheme.cs
+++ b/IssuerDrivingLicense/Migrations/20230623080507_update-scheme.cs
@@ -1,5 +1,4 @@
-using System;
-using Microsoft.EntityFrameworkCore.Migrations;
+using Microsoft.EntityFrameworkCore.Migrations;
 
 #nullable disable
 
diff --git a/IssuerDrivingLicense/Pages/Admin.cshtml.cs b/IssuerDrivingLicense/Pages/Admin.cshtml.cs
index c4bc2ec..0f9862c 100644
--- a/IssuerDrivingLicense/Pages/Admin.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/Admin.cshtml.cs
@@ -1,6 +1,6 @@
+using IssuerDrivingLicense.Persistence;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using Microsoft.EntityFrameworkCore;
-using IssuerDrivingLicense.Persistence;
 
 namespace IssuerDrivingLicense;
 
diff --git a/IssuerDrivingLicense/Pages/DriverLicenses/Create.cshtml.cs b/IssuerDrivingLicense/Pages/DriverLicenses/Create.cshtml.cs
index ca7e84d..c656b8c 100644
--- a/IssuerDrivingLicense/Pages/DriverLicenses/Create.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/DriverLicenses/Create.cshtml.cs
@@ -50,7 +50,7 @@ public async Task<IActionResult> OnPostAsync()
         // TODO add other properties as needed
 
         _context.DriverLicenses.Add(DriverLicense);
-            await _context.SaveChangesAsync();
+        await _context.SaveChangesAsync();
 
         return RedirectToPage("./User", new { id = DriverLicense.UserName });
     }
diff --git a/IssuerDrivingLicense/Pages/DriverLicenses/Details.cshtml.cs b/IssuerDrivingLicense/Pages/DriverLicenses/Details.cshtml.cs
index 95185a3..78d9351 100644
--- a/IssuerDrivingLicense/Pages/DriverLicenses/Details.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/DriverLicenses/Details.cshtml.cs
@@ -1,7 +1,7 @@
+using IssuerDrivingLicense.Persistence;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using Microsoft.EntityFrameworkCore;
-using IssuerDrivingLicense.Persistence;
 
 namespace IssuerDrivingLicense.Pages.DriverLicenses;
 
diff --git a/IssuerDrivingLicense/Pages/DriverLicenses/Edit.cshtml.cs b/IssuerDrivingLicense/Pages/DriverLicenses/Edit.cshtml.cs
index 7827d8d..9a20ee9 100644
--- a/IssuerDrivingLicense/Pages/DriverLicenses/Edit.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/DriverLicenses/Edit.cshtml.cs
@@ -1,7 +1,7 @@
-using Microsoft.AspNetCore.Mvc;
+using IssuerDrivingLicense.Persistence;
+using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using Microsoft.EntityFrameworkCore;
-using IssuerDrivingLicense.Persistence;
 
 namespace IssuerDrivingLicense.Pages.DriverLicenses;
 
@@ -53,7 +53,7 @@ public async Task<IActionResult> OnPostAsync()
         if (DriverLicense != null)
         {
             var existingDriverLicense = await _context.DriverLicenses.FirstOrDefaultAsync(m => m.Id == DriverLicense.Id);
-            
+
             if (existingDriverLicense == null)
                 return NotFound();
 
diff --git a/IssuerDrivingLicense/Pages/DriverLicenses/User.cshtml.cs b/IssuerDrivingLicense/Pages/DriverLicenses/User.cshtml.cs
index 1925eab..4086a34 100644
--- a/IssuerDrivingLicense/Pages/DriverLicenses/User.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/DriverLicenses/User.cshtml.cs
@@ -1,7 +1,7 @@
-using Microsoft.AspNetCore.Mvc;
+using IssuerDrivingLicense.Persistence;
+using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
 using Microsoft.EntityFrameworkCore;
-using IssuerDrivingLicense.Persistence;
 
 namespace IssuerDrivingLicense.Pages.DriverLicenses;
 
diff --git a/IssuerDrivingLicense/Pages/Error.cshtml.cs b/IssuerDrivingLicense/Pages/Error.cshtml.cs
index c635794..a7de55f 100644
--- a/IssuerDrivingLicense/Pages/Error.cshtml.cs
+++ b/IssuerDrivingLicense/Pages/Error.cshtml.cs
@@ -1,6 +1,6 @@
+using System.Diagnostics;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
-using System.Diagnostics;
 
 namespace IssuerDrivingLicense.Pages;
 
diff --git a/IssuerDrivingLicense/SecurityHeadersDefinitions.cs b/IssuerDrivingLicense/SecurityHeadersDefinitions.cs
index b36e2f3..d5ffdeb 100644
--- a/IssuerDrivingLicense/SecurityHeadersDefinitions.cs
+++ b/IssuerDrivingLicense/SecurityHeadersDefinitions.cs
@@ -1,5 +1,3 @@
-using Microsoft.AspNetCore.Builder;
-
 namespace IssuerDrivingLicense;
 
 public static class SecurityHeadersDefinitions
diff --git a/IssuerDrivingLicense/Services/CredentialSettings.cs b/IssuerDrivingLicense/Services/CredentialSettings.cs
index e60d946..3c84e5a 100644
--- a/IssuerDrivingLicense/Services/CredentialSettings.cs
+++ b/IssuerDrivingLicense/Services/CredentialSettings.cs
@@ -1,5 +1,5 @@
-using Microsoft.Identity.Web;
-using System.Security.Cryptography.X509Certificates;
+using System.Security.Cryptography.X509Certificates;
+using Microsoft.Identity.Web;
 
 namespace IssuerDrivingLicense;
 
diff --git a/IssuerDrivingLicense/Services/IssuerController.cs b/IssuerDrivingLicense/Services/IssuerController.cs
index 8c7adff..ef86c4d 100644
--- a/IssuerDrivingLicense/Services/IssuerController.cs
+++ b/IssuerDrivingLicense/Services/IssuerController.cs
@@ -1,14 +1,13 @@
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Options;
-using System.Net;
-using Microsoft.Extensions.Caching.Memory;
 using System.Diagnostics;
+using System.Globalization;
+using System.Net;
 using System.Net.Http.Headers;
+using System.Text.Json;
 using IssuerDrivingLicense.Services;
 using Microsoft.AspNetCore.Authorization;
-using System.Text.Json;
+using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Caching.Distributed;
-using System.Globalization;
+using Microsoft.Extensions.Options;
 
 namespace IssuerDrivingLicense;
 
diff --git a/IssuerDrivingLicense/Services/IssuerService.cs b/IssuerDrivingLicense/Services/IssuerService.cs
index 4a46cfc..9f6b500 100644
--- a/IssuerDrivingLicense/Services/IssuerService.cs
+++ b/IssuerDrivingLicense/Services/IssuerService.cs
@@ -1,10 +1,10 @@
+using System.Globalization;
+using System.Security.Cryptography;
 using IssuerDrivingLicense.Services;
 using Microsoft.Extensions.Caching.Memory;
 using Microsoft.Extensions.Options;
 using Microsoft.Identity.Client;
 using Microsoft.Identity.Web;
-using System.Globalization;
-using System.Security.Cryptography;
 
 namespace IssuerDrivingLicense;
 
diff --git a/VerifierInsuranceCompany/Pages/Error.cshtml.cs b/VerifierInsuranceCompany/Pages/Error.cshtml.cs
index 43c26c7..a3b16a8 100644
--- a/VerifierInsuranceCompany/Pages/Error.cshtml.cs
+++ b/VerifierInsuranceCompany/Pages/Error.cshtml.cs
@@ -1,6 +1,6 @@
+using System.Diagnostics;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
-using System.Diagnostics;
 
 namespace VerifierInsuranceCompany.Pages;
 
diff --git a/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs b/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs
index 0eacffc..72b589a 100644
--- a/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs
+++ b/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs
@@ -1,5 +1,3 @@
-using Microsoft.AspNetCore.Builder;
-
 namespace IssuerDrivingLicense;
 
 public static class SecurityHeadersDefinitions
diff --git a/VerifierInsuranceCompany/Services/CredentialSettings.cs b/VerifierInsuranceCompany/Services/CredentialSettings.cs
index 2f57842..354ee43 100644
--- a/VerifierInsuranceCompany/Services/CredentialSettings.cs
+++ b/VerifierInsuranceCompany/Services/CredentialSettings.cs
@@ -1,5 +1,5 @@
-using Microsoft.Identity.Web;
-using System.Security.Cryptography.X509Certificates;
+using System.Security.Cryptography.X509Certificates;
+using Microsoft.Identity.Web;
 
 namespace VerifierInsuranceCompany;
 
diff --git a/VerifierInsuranceCompany/Services/VerifierController.cs b/VerifierInsuranceCompany/Services/VerifierController.cs
index ab49348..c69c874 100644
--- a/VerifierInsuranceCompany/Services/VerifierController.cs
+++ b/VerifierInsuranceCompany/Services/VerifierController.cs
@@ -1,13 +1,12 @@
-using Microsoft.AspNetCore.Mvc;
 using System.Diagnostics;
+using System.Globalization;
 using System.Net;
 using System.Net.Http.Headers;
-using Microsoft.Extensions.Options;
-using VerifierInsuranceCompany.Services;
 using System.Text.Json;
-using System.Globalization;
-using Azure;
+using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Caching.Distributed;
+using Microsoft.Extensions.Options;
+using VerifierInsuranceCompany.Services;
 
 namespace VerifierInsuranceCompany;
 
@@ -115,7 +114,7 @@ public async Task<ActionResult> PresentationCallback()
             //the request will be deleted from the server immediately.
             //That's why it is so important to capture this callback and relay this to the UI so the UI can hide
             //the QR code to prevent the user from scanning it twice (resulting in an error since the request is already deleted)
-            if (verifierCallbackResponse != null  && verifierCallbackResponse.RequestStatus == VerifierConst.RequestRetrieved)
+            if (verifierCallbackResponse != null && verifierCallbackResponse.RequestStatus == VerifierConst.RequestRetrieved)
             {
                 var cacheData = new CacheData
                 {
@@ -172,8 +171,11 @@ public ActionResult PresentationResponse()
             if (data != null)
             {
                 Debug.WriteLine("check if there was a response yet: " + data);
-                return new ContentResult { ContentType = "application/json",
-                    Content = JsonSerializer.Serialize(data) };
+                return new ContentResult
+                {
+                    ContentType = "application/json",
+                    Content = JsonSerializer.Serialize(data)
+                };
             }
 
             return Ok();

From f530f205b813563a3681936b72dcc0c2a303ef0b Mon Sep 17 00:00:00 2001
From: damienbod <damien_bod@hotmail.com>
Date: Sun, 15 Dec 2024 16:44:09 +0100
Subject: [PATCH 4/5] .NET 9

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index de8c612..c320815 100644
--- a/README.md
+++ b/README.md
@@ -11,6 +11,7 @@
 
 ## History
 
+- 2024-12-15 .NET 9, Updated packages
 - 2023-07-29 Updated packages
 - 2023-06-24 Updated VC, using mDL based driving license
 - 2023-06-23 Update subject model, based on https://github.com/w3c-ccg/vdl-vocab/blob/main/context/v1.jsonld

From 9b02591fe33207c8492717c6ffc3da6a0858655c Mon Sep 17 00:00:00 2001
From: damienbod <damien_bod@hotmail.com>
Date: Sun, 15 Dec 2024 16:51:39 +0100
Subject: [PATCH 5/5] .NET 9

---
 .../IssuerDrivingLicense.csproj               |  4 +-
 IssuerDrivingLicense/Program.cs               | 90 +++++++++++++++----
 .../SecurityHeadersDefinitions.cs             | 39 +++-----
 IssuerDrivingLicense/Startup.cs               | 78 ----------------
 VerifierInsuranceCompany/Program.cs           | 69 +++++++++++---
 .../SecurityHeadersDefinitions.cs             | 42 ++++-----
 VerifierInsuranceCompany/Startup.cs           | 56 ------------
 .../VerifierInsuranceCompany.csproj           |  4 +-
 8 files changed, 164 insertions(+), 218 deletions(-)
 delete mode 100644 IssuerDrivingLicense/Startup.cs
 delete mode 100644 VerifierInsuranceCompany/Startup.cs

diff --git a/IssuerDrivingLicense/IssuerDrivingLicense.csproj b/IssuerDrivingLicense/IssuerDrivingLicense.csproj
index de0e688..8892c69 100644
--- a/IssuerDrivingLicense/IssuerDrivingLicense.csproj
+++ b/IssuerDrivingLicense/IssuerDrivingLicense.csproj
@@ -21,8 +21,8 @@
 
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="9.0.0" />
     <PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="9.0.0" />
-    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="0.24.0" />
-    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders.TagHelpers" Version="0.24.0" />
+    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="1.0.0-preview.2" />
+    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders.TagHelpers" Version="1.0.0-preview.2" />
   </ItemGroup>
 
 </Project>
diff --git a/IssuerDrivingLicense/Program.cs b/IssuerDrivingLicense/Program.cs
index 0bc8621..1f488ae 100644
--- a/IssuerDrivingLicense/Program.cs
+++ b/IssuerDrivingLicense/Program.cs
@@ -1,18 +1,78 @@
-namespace IssuerDrivingLicense;
+using System.Configuration;
+using IssuerDrivingLicense;
+using IssuerDrivingLicense.Persistence;
+using Microsoft.AspNetCore.Authentication.OpenIdConnect;
+using Microsoft.AspNetCore.Server.Kestrel.Core;
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Identity.Web.UI;
+using Microsoft.Identity.Web;
 
-public class Program
+var builder = WebApplication.CreateBuilder(args);
+
+builder.WebHost.ConfigureKestrel(serverOptions =>
+{
+    serverOptions.AddServerHeader = false;
+});
+
+var services = builder.Services;
+var configuration = builder.Configuration;
+
+services.Configure<KestrelServerOptions>(options =>
+{
+    options.AllowSynchronousIO = true;
+});
+
+services.AddSecurityHeaderPolicies()
+    .SetPolicySelector(ctx => SecurityHeadersDefinitions
+        .GetHeaderPolicyCollection(builder.Environment.IsDevelopment()));
+
+services.Configure<CredentialSettings>(configuration.GetSection("CredentialSettings"));
+services.AddScoped<DriverLicenseService>();
+services.AddScoped<IssuerService>();
+
+services.AddDatabaseDeveloperPageExceptionFilter();
+services.AddDbContext<DrivingLicenseDbContext>(options =>
+    options.UseSqlServer(
+        configuration.GetConnectionString("DefaultConnection")));
+
+services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
+    .AddMicrosoftIdentityWebApp(configuration.GetSection("AzureAd"));
+
+services.AddAuthorization(options =>
+{
+    options.FallbackPolicy = options.DefaultPolicy;
+});
+
+services.AddDistributedMemoryCache();
+
+services.AddRazorPages()
+    .AddMvcOptions(options => { })
+    .AddMicrosoftIdentityUI();
+
+services.AddRazorPages();
+
+var app = builder.Build();
+
+app.UseSecurityHeaders();
+
+if (app.Environment.IsDevelopment())
+{
+    app.UseDeveloperExceptionPage();
+}
+else
 {
-    public static void Main(string[] args)
-    {
-        CreateHostBuilder(args).Build().Run();
-    }
-
-    public static IHostBuilder CreateHostBuilder(string[] args) =>
-    Host.CreateDefaultBuilder(args)
-        .ConfigureWebHostDefaults(webBuilder =>
-        {
-            webBuilder
-                .ConfigureKestrel(options => options.AddServerHeader = false)
-                .UseStartup<Startup>();
-        });
+    app.UseExceptionHandler("/Error");
 }
+
+app.UseHttpsRedirection();
+app.UseStaticFiles();
+
+app.UseRouting();
+
+app.UseAuthentication();
+app.UseAuthorization();
+
+app.MapRazorPages();
+app.MapControllers();
+
+app.Run();
diff --git a/IssuerDrivingLicense/SecurityHeadersDefinitions.cs b/IssuerDrivingLicense/SecurityHeadersDefinitions.cs
index d5ffdeb..99ee508 100644
--- a/IssuerDrivingLicense/SecurityHeadersDefinitions.cs
+++ b/IssuerDrivingLicense/SecurityHeadersDefinitions.cs
@@ -2,13 +2,22 @@ namespace IssuerDrivingLicense;
 
 public static class SecurityHeadersDefinitions
 {
+    private static HeaderPolicyCollection? policy;
+
     public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
     {
-        var policy = new HeaderPolicyCollection()
+        // Avoid building a new HeaderPolicyCollection on every request for performance reasons.
+        // Where possible, cache and reuse HeaderPolicyCollection instances.
+        if (policy != null)
+        {
+            return policy;
+        }
+
+        policy = new HeaderPolicyCollection()
             .AddFrameOptionsDeny()
-            .AddXssProtectionBlock()
             .AddContentTypeOptionsNoSniff()
             .AddReferrerPolicyStrictOriginWhenCrossOrigin()
+            .RemoveServerHeader()
             .AddCrossOriginOpenerPolicy(builder => builder.SameOrigin())
             .AddCrossOriginEmbedderPolicy(builder => builder.RequireCorp())
             .AddCrossOriginResourcePolicy(builder => builder.SameOrigin())
@@ -17,32 +26,14 @@ public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
                 builder.AddObjectSrc().None();
                 builder.AddBlockAllMixedContent();
                 builder.AddImgSrc().Self().From("data:");
-                builder.AddFormAction().Self();
                 builder.AddFontSrc().Self();
+                builder.AddFormAction().Self();
                 builder.AddStyleSrc().Self().UnsafeInline();
                 builder.AddBaseUri().Self();
-                builder.AddScriptSrc().Self().UnsafeInline().WithNonce();
+                builder.AddScriptSrc().UnsafeInline().WithNonce();
                 builder.AddFrameAncestors().None();
-                //builder.AddCustomDirective("require-trusted-types-for", "'script'");
             })
-            .RemoveServerHeader()
-            .AddPermissionsPolicy(builder =>
-            {
-                builder.AddAccelerometer().None();
-                builder.AddAutoplay().None();
-                builder.AddCamera().None();
-                builder.AddEncryptedMedia().None();
-                builder.AddFullscreen().All();
-                builder.AddGeolocation().None();
-                builder.AddGyroscope().None();
-                builder.AddMagnetometer().None();
-                builder.AddMicrophone().None();
-                builder.AddMidi().None();
-                builder.AddPayment().None();
-                builder.AddPictureInPicture().None();
-                builder.AddSyncXHR().None();
-                builder.AddUsb().None();
-            });
+            .AddPermissionsPolicyWithDefaultSecureDirectives();
 
         if (!isDev)
         {
@@ -50,8 +41,6 @@ public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
             policy.AddStrictTransportSecurityMaxAgeIncludeSubDomains(maxAgeInSeconds: 60 * 60 * 24 * 365);
         }
 
-        policy.ApplyDocumentHeadersToAllResponses();
-
         return policy;
     }
 }
diff --git a/IssuerDrivingLicense/Startup.cs b/IssuerDrivingLicense/Startup.cs
deleted file mode 100644
index 06f47c1..0000000
--- a/IssuerDrivingLicense/Startup.cs
+++ /dev/null
@@ -1,78 +0,0 @@
-using IssuerDrivingLicense.Persistence;
-using Microsoft.AspNetCore.Authentication.OpenIdConnect;
-using Microsoft.AspNetCore.Server.Kestrel.Core;
-using Microsoft.EntityFrameworkCore;
-using Microsoft.Identity.Web;
-using Microsoft.Identity.Web.UI;
-
-namespace IssuerDrivingLicense;
-
-public class Startup
-{
-    public Startup(IConfiguration configuration)
-    {
-        Configuration = configuration;
-    }
-
-    public IConfiguration Configuration { get; }
-
-    public void ConfigureServices(IServiceCollection services)
-    {
-        services.Configure<KestrelServerOptions>(options =>
-        {
-            options.AllowSynchronousIO = true;
-        });
-
-        services.Configure<CredentialSettings>(Configuration.GetSection("CredentialSettings"));
-        services.AddScoped<DriverLicenseService>();
-        services.AddScoped<IssuerService>();
-
-        services.AddDatabaseDeveloperPageExceptionFilter();
-        services.AddDbContext<DrivingLicenseDbContext>(options =>
-            options.UseSqlServer(
-                Configuration.GetConnectionString("DefaultConnection")));
-
-        services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
-            .AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"));
-
-        services.AddAuthorization(options =>
-        {
-            options.FallbackPolicy = options.DefaultPolicy;
-        });
-
-        services.AddDistributedMemoryCache();
-
-        services.AddRazorPages()
-            .AddMvcOptions(options => { })
-            .AddMicrosoftIdentityUI();
-    }
-
-    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
-    {
-        app.UseSecurityHeaders(SecurityHeadersDefinitions
-           .GetHeaderPolicyCollection(env.IsDevelopment()));
-
-        if (env.IsDevelopment())
-        {
-            app.UseDeveloperExceptionPage();
-        }
-        else
-        {
-            app.UseExceptionHandler("/Error");
-        }
-
-        app.UseHttpsRedirection();
-        app.UseStaticFiles();
-
-        app.UseRouting();
-
-        app.UseAuthentication();
-        app.UseAuthorization();
-
-        app.UseEndpoints(endpoints =>
-        {
-            endpoints.MapRazorPages();
-            endpoints.MapControllers();
-        });
-    }
-}
diff --git a/VerifierInsuranceCompany/Program.cs b/VerifierInsuranceCompany/Program.cs
index 2877105..8a6ecaa 100644
--- a/VerifierInsuranceCompany/Program.cs
+++ b/VerifierInsuranceCompany/Program.cs
@@ -1,16 +1,59 @@
-namespace VerifierInsuranceCompany;
+using System.Configuration;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authentication.OpenIdConnect;
+using Microsoft.AspNetCore.Server.Kestrel.Core;
+using VerifierInsuranceCompany;
 
-public class Program
+var builder = WebApplication.CreateBuilder(args);
+
+builder.WebHost.ConfigureKestrel(serverOptions =>
+{
+    serverOptions.AddServerHeader = false;
+});
+
+var services = builder.Services;
+var configuration = builder.Configuration;
+
+services.Configure<KestrelServerOptions>(options =>
+{
+    options.AllowSynchronousIO = true;
+});
+
+services.AddSecurityHeaderPolicies()
+    .SetPolicySelector(ctx => SecurityHeadersDefinitions
+        .GetHeaderPolicyCollection(builder.Environment.IsDevelopment()));
+
+services.AddScoped<VerifierService>();
+services.Configure<KestrelServerOptions>(options =>
+{
+    options.AllowSynchronousIO = true;
+});
+
+services.Configure<CredentialSettings>(configuration.GetSection("CredentialSettings"));
+services.AddHttpClient();
+services.AddDistributedMemoryCache();
+
+services.AddRazorPages();
+
+var app = builder.Build();
+
+app.UseSecurityHeaders();
+
+if (app.Environment.IsDevelopment())
 {
-    public static void Main(string[] args)
-    {
-        CreateHostBuilder(args).Build().Run();
-    }
-
-    public static IHostBuilder CreateHostBuilder(string[] args) =>
-        Host.CreateDefaultBuilder(args)
-            .ConfigureWebHostDefaults(webBuilder =>
-            {
-                webBuilder.UseStartup<Startup>();
-            });
+    app.UseDeveloperExceptionPage();
 }
+else
+{
+    app.UseExceptionHandler("/Error");
+    app.UseHsts();
+}
+
+app.UseHttpsRedirection();
+app.UseStaticFiles();
+app.UseRouting();
+
+app.MapControllers();
+app.MapRazorPages();
+
+app.Run();
diff --git a/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs b/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs
index 72b589a..efc2d8a 100644
--- a/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs
+++ b/VerifierInsuranceCompany/SecurityHeadersDefinitions.cs
@@ -1,14 +1,23 @@
-namespace IssuerDrivingLicense;
+namespace VerifierInsuranceCompany;
 
 public static class SecurityHeadersDefinitions
 {
+    private static HeaderPolicyCollection? policy;
+
     public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
     {
-        var policy = new HeaderPolicyCollection()
+        // Avoid building a new HeaderPolicyCollection on every request for performance reasons.
+        // Where possible, cache and reuse HeaderPolicyCollection instances.
+        if (policy != null)
+        {
+            return policy;
+        }
+
+        policy = new HeaderPolicyCollection()
             .AddFrameOptionsDeny()
-            .AddXssProtectionBlock()
             .AddContentTypeOptionsNoSniff()
             .AddReferrerPolicyStrictOriginWhenCrossOrigin()
+            .RemoveServerHeader()
             .AddCrossOriginOpenerPolicy(builder => builder.SameOrigin())
             .AddCrossOriginEmbedderPolicy(builder => builder.RequireCorp())
             .AddCrossOriginResourcePolicy(builder => builder.SameOrigin())
@@ -17,32 +26,13 @@ public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
                 builder.AddObjectSrc().None();
                 builder.AddBlockAllMixedContent();
                 builder.AddImgSrc().Self().From("data:");
-                builder.AddFormAction().Self();
                 builder.AddFontSrc().Self();
-                builder.AddBaseUri().Self();
                 builder.AddStyleSrc().Self().UnsafeInline();
-                builder.AddScriptSrc().Self().UnsafeInline().WithNonce();
+                builder.AddBaseUri().Self();
+                builder.AddScriptSrc().UnsafeInline().WithNonce();
                 builder.AddFrameAncestors().None();
-                //builder.AddCustomDirective("require-trusted-types-for", "'script'");
             })
-            .RemoveServerHeader()
-            .AddPermissionsPolicy(builder =>
-            {
-                builder.AddAccelerometer().None();
-                builder.AddAutoplay().None();
-                builder.AddCamera().None();
-                builder.AddEncryptedMedia().None();
-                builder.AddFullscreen().All();
-                builder.AddGeolocation().None();
-                builder.AddGyroscope().None();
-                builder.AddMagnetometer().None();
-                builder.AddMicrophone().None();
-                builder.AddMidi().None();
-                builder.AddPayment().None();
-                builder.AddPictureInPicture().None();
-                builder.AddSyncXHR().None();
-                builder.AddUsb().None();
-            });
+            .AddPermissionsPolicyWithDefaultSecureDirectives();
 
         if (!isDev)
         {
@@ -50,8 +40,6 @@ public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev)
             policy.AddStrictTransportSecurityMaxAgeIncludeSubDomains(maxAgeInSeconds: 60 * 60 * 24 * 365);
         }
 
-        policy.ApplyDocumentHeadersToAllResponses();
-
         return policy;
     }
 }
diff --git a/VerifierInsuranceCompany/Startup.cs b/VerifierInsuranceCompany/Startup.cs
deleted file mode 100644
index 3c12bda..0000000
--- a/VerifierInsuranceCompany/Startup.cs
+++ /dev/null
@@ -1,56 +0,0 @@
-using IssuerDrivingLicense;
-using Microsoft.AspNetCore.Server.Kestrel.Core;
-
-namespace VerifierInsuranceCompany;
-
-public class Startup
-{
-    public Startup(IConfiguration configuration)
-    {
-        Configuration = configuration;
-    }
-
-    public IConfiguration Configuration { get; }
-
-    // This method gets called by the runtime. Use this method to add services to the container.
-    public void ConfigureServices(IServiceCollection services)
-    {
-        services.AddScoped<VerifierService>();
-        services.Configure<KestrelServerOptions>(options =>
-        {
-            options.AllowSynchronousIO = true;
-        });
-
-        services.Configure<CredentialSettings>(Configuration.GetSection("CredentialSettings"));
-        services.AddHttpClient();
-        services.AddDistributedMemoryCache();
-
-        services.AddRazorPages();
-    }
-
-    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
-    {
-        app.UseSecurityHeaders(SecurityHeadersDefinitions
-           .GetHeaderPolicyCollection(env.IsDevelopment()));
-
-        if (env.IsDevelopment())
-        {
-            app.UseDeveloperExceptionPage();
-        }
-        else
-        {
-            app.UseExceptionHandler("/Error");
-            app.UseHsts();
-        }
-
-        app.UseHttpsRedirection();
-        app.UseStaticFiles();
-        app.UseRouting();
-
-        app.UseEndpoints(endpoints =>
-        {
-            endpoints.MapControllers();
-            endpoints.MapRazorPages();
-        });
-    }
-}
diff --git a/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj b/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
index 76dbd12..3ae48f7 100644
--- a/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
+++ b/VerifierInsuranceCompany/VerifierInsuranceCompany.csproj
@@ -14,8 +14,8 @@
     <PackageReference Include="Microsoft.Identity.Web" Version="3.5.0" />
     <PackageReference Include="Microsoft.Identity.Web.UI" Version="3.5.0" />
     <PackageReference Include="System.Configuration.ConfigurationManager" Version="9.0.0" />
-    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="0.24.0" />
-    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders.TagHelpers" Version="0.24.0" />
+    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders" Version="1.0.0-preview.2" />
+    <PackageReference Include="NetEscapades.AspNetCore.SecurityHeaders.TagHelpers" Version="1.0.0-preview.2" />
   </ItemGroup>
 
   <ItemGroup>