Bump Microsoft.IdentityModel.* from 5.5.1 to 5.7.1

Some projects compiled under .NET8.0

.editorconfig

@@ -219,6 +219,9 @@ csharp_style_namespace_declarations = block_scoped:silent
 csharp_style_prefer_method_group_conversion = true:silent
 dotnet_diagnostic.SA1500.severity = silent
 dotnet_diagnostic.SA1200.severity = silent
+csharp_style_prefer_top_level_statements = true:silent
+csharp_style_prefer_primary_constructors = true:suggestion
+dotnet_diagnostic.SA1027.severity = silent
 
 [*.{cs,vb}]
 dotnet_style_operator_placement_when_wrapping = beginning_of_line
@@ -231,4 +234,9 @@ dotnet_style_prefer_is_null_check_over_reference_equality_method = true:suggesti
 dotnet_style_prefer_auto_properties = true:silent
 dotnet_style_object_initializer = true:suggestion
 dotnet_style_collection_initializer = true:suggestion
-dotnet_style_prefer_simplified_boolean_expressions = true:suggestion
+dotnet_style_prefer_simplified_boolean_expressions = true:suggestion
+dotnet_style_prefer_conditional_expression_over_assignment = true:silent
+dotnet_style_prefer_conditional_expression_over_return = true:silent
+dotnet_style_explicit_tuple_names = true:suggestion
+dotnet_style_prefer_inferred_tuple_names = true:suggestion
+dotnet_style_prefer_inferred_anonymous_type_member_names = true:suggestion

src/Abc.IdentityModel.Metadata/Abc.IdentityModel.Metadata.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFrameworks>netstandard2.0;net6.0</TargetFrameworks>
+    <TargetFrameworks>netstandard2.0;net6.0;net8.0</TargetFrameworks>
     <GeneratePackageOnBuild>True</GeneratePackageOnBuild>
   </PropertyGroup>
 
@@ -16,7 +16,7 @@
     <Reference Include="System.IdentityModel" />
   </ItemGroup>
   <ItemGroup>
-    <PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="7.5.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="7.7.1" />
   </ItemGroup>
 
 </Project>

src/Abc.IdentityModel.Metadata/MetadataSerializationException.cs

@@ -45,6 +45,9 @@ public MetadataSerializationException(string message, Exception innerException)
         /// </summary>
         /// <param name="info">A <see cref="SerializationInfo" /> object that holds the serialized object data.</param>
         /// <param name="context">A <see cref="StreamingContext" /> object that contains the contextual information about the source or destination.</param>
+#if NET8_0_OR_GREATER
+        [Obsolete(DiagnosticId = "SYSLIB0051")]
+#endif
         protected MetadataSerializationException(SerializationInfo info, StreamingContext context)
             : base(info, context) {
         }

src/Abc.IdentityModel.Protocols.EidasLight/Abc.IdentityModel.Protocols.EidasLight.csproj

@@ -11,7 +11,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.IdentityModel.Logging" Version="7.5.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Logging" Version="7.7.1" />
     <PackageReference Include="Apache.Ignite" Version="2.16.0" />
     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="6.0.0" />
   </ItemGroup>

src/Abc.IdentityModel.Protocols.Saml2/Abc.IdentityModel.Protocols.Saml.csproj

@@ -25,9 +25,9 @@
 
   <ItemGroup>
     <PackageReference Include="Abc.Diagnostics" Version="[1.2.6, 1.3.0)" />
-    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="7.5.1" />
-    <PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="7.5.1" />
-    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="7.5.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="7.7.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="7.7.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="7.7.1" />
     <!--<PackageReference Include="System.ServiceModel.Http" Version="4.7.0" />-->
   </ItemGroup>
 

src/Abc.IdentityModel.Tokens.Jwt/Abc.IdentityModel.Tokens.Jwt.csproj

@@ -1,14 +1,14 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFrameworks>netstandard2.0;net6.0</TargetFrameworks>
+    <TargetFrameworks>netstandard2.0;net6.0;net8.0</TargetFrameworks>
     <GeneratePackageOnBuild>true</GeneratePackageOnBuild>
     <RootNamespace>Abc.IdentityModel.Tokens</RootNamespace>
     <PackageTags>.NET;Windows;Authentication;Identity;Json;Web;Token;</PackageTags>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.5.1" />
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.7.1" />
   </ItemGroup>
 
 </Project>

src/Abc.IdentityModel.Tokens.Saml/Abc.IdentityModel.Tokens.Saml.csproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFrameworks>netstandard2.0;net6.0</TargetFrameworks>
+    <TargetFrameworks>netstandard2.0;net6.0;net8.0</TargetFrameworks>
     <GeneratePackageOnBuild>true</GeneratePackageOnBuild>
     <RootNamespace>Abc.IdentityModel.Tokens</RootNamespace>
     <PackageTags>.NET;Windows;Authentication;Identity;SamlTokens;Saml Token;Saml2 Token;Encryption</PackageTags>
@@ -22,11 +22,11 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.IdentityModel.Logging" Version="7.5.1" />
-    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="7.5.1" />
-    <PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="7.5.1" />
-    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="7.5.1" />
-    <PackageReference Include="Microsoft.IdentityModel.JsonWebTokens" Version="7.5.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Logging" Version="7.7.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="7.7.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="7.7.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="7.7.1" />
+    <PackageReference Include="Microsoft.IdentityModel.JsonWebTokens" Version="7.7.1" />
   </ItemGroup>
 
 </Project>

src/Abc.IdentityModel.Tokens.Saml/EncryptionExtension.cs

@@ -146,28 +146,38 @@ internal static SecurityKey GetSecurityKey(EncryptingCredentials encryptingCrede
                 throw LogExceptionMessage(new SecurityTokenEncryptionFailedException(FormatInvariant(LogMessages.IDX50601, MarkAsNonPII(encryptingCredentials.Alg), encryptingCredentials.Key)));
             }
 
-            byte[] keyBytes;
-            // only 128, 384 and 512 AesCbc
+            // only 128, 384 and 256 AesCbc
+            int keySizeInBits;
             if (SecurityAlgorithms.Aes128Encryption.Equals(encryptingCredentials.Enc, StringComparison.Ordinal)) {
-                keyBytes = JwtTokenUtilities.GenerateKeyBytes(128);
+                keySizeInBits = 128;
             }
             else if (SecurityAlgorithms.Aes192Encryption.Equals(encryptingCredentials.Enc, StringComparison.Ordinal)) {
-                keyBytes = JwtTokenUtilities.GenerateKeyBytes(192);
+                keySizeInBits = 192;
             }
             else if (SecurityAlgorithms.Aes256Encryption.Equals(encryptingCredentials.Enc, StringComparison.Ordinal)) {
-                keyBytes = JwtTokenUtilities.GenerateKeyBytes(256);
+                keySizeInBits = 256;
             }
             else {
                 throw LogExceptionMessage(
                     new SecurityTokenEncryptionFailedException(FormatInvariant(LogMessages.IDX50617, MarkAsNonPII(SecurityAlgorithms.Aes128CbcHmacSha256), MarkAsNonPII(SecurityAlgorithms.Aes192CbcHmacSha384), MarkAsNonPII(SecurityAlgorithms.Aes256CbcHmacSha512), MarkAsNonPII(encryptingCredentials.Enc))));
             }
 
+            var keyBytes = GenerateKeyBytes(keySizeInBits);
+
             var kwProvider = cryptoProviderFactory.CreateKeyWrapProvider(encryptingCredentials.Key, encryptingCredentials.Alg);
             wrappedKey = kwProvider.WrapKey(keyBytes);
 
             return new SymmetricSecurityKey(keyBytes);
         }
 
+        private static byte[] GenerateKeyBytes(int sizeInBits) {
+            var sizeInBytes = (sizeInBits + 7) / 8;
+            var key = new byte[sizeInBytes];
+            using RandomNumberGenerator randomNumberGenerator = RandomNumberGenerator.Create();
+            randomNumberGenerator.GetBytes(key);
+            return key;
+        }
+
         private static AuthenticatedEncryptionResult EncryptWithAesCbc(SecurityKey key, byte[] plainText, byte[] iv) {
             using Aes aes = Aes.Create();
             aes.Mode = CipherMode.CBC;

src/Abc.IdentityModel.Tokens.Saml/Saml/EncryptedSecurityTokenHandler.cs

@@ -251,28 +251,38 @@ internal static SecurityKey GetSecurityKey(EncryptingCredentials encryptingCrede
                 throw LogExceptionMessage(new SecurityTokenEncryptionFailedException(FormatInvariant(LogMessages.IDX50601, MarkAsNonPII(encryptingCredentials.Alg), encryptingCredentials.Key)));
             }
 
-            byte[] keyBytes;
-            // only 128, 384 and 512 AesCbc
+            // only 128, 384 and 256 AesCbc
+            int keySizeInBits;
             if (SecurityAlgorithms.Aes128Encryption.Equals(encryptingCredentials.Enc, StringComparison.Ordinal)) {
-                keyBytes = JwtTokenUtilities.GenerateKeyBytes(128);
+                keySizeInBits = 128;
             }
             else if (SecurityAlgorithms.Aes192Encryption.Equals(encryptingCredentials.Enc, StringComparison.Ordinal)) {
-                keyBytes = JwtTokenUtilities.GenerateKeyBytes(192);
+                keySizeInBits = 192;
             }
             else if (SecurityAlgorithms.Aes256Encryption.Equals(encryptingCredentials.Enc, StringComparison.Ordinal)) {
-                keyBytes = JwtTokenUtilities.GenerateKeyBytes(256);
+                keySizeInBits = 256;
             }
             else {
                 throw LogExceptionMessage(
                     new SecurityTokenEncryptionFailedException(FormatInvariant(LogMessages.IDX50617, MarkAsNonPII(SecurityAlgorithms.Aes128CbcHmacSha256), MarkAsNonPII(SecurityAlgorithms.Aes192CbcHmacSha384), MarkAsNonPII(SecurityAlgorithms.Aes256CbcHmacSha512), MarkAsNonPII(encryptingCredentials.Enc))));
             }
 
+            var keyBytes = GenerateKeyBytes(keySizeInBits);
+
             var kwProvider = cryptoProviderFactory.CreateKeyWrapProvider(encryptingCredentials.Key, encryptingCredentials.Alg);
             wrappedKey = kwProvider.WrapKey(keyBytes);
 
             return new SymmetricSecurityKey(keyBytes);
         }
 
+        private static byte[] GenerateKeyBytes(int sizeInBits) {
+            var sizeInBytes = (sizeInBits + 7) / 8;
+            var key = new byte[sizeInBytes];
+            using RandomNumberGenerator randomNumberGenerator = RandomNumberGenerator.Create();
+            randomNumberGenerator.GetBytes(key);
+            return key;
+        }
+
         private AuthenticatedEncryptionResult EncryptWithAesCbc(SecurityKey key, byte[] plainText, byte[] iv) {
             using Aes aes = Aes.Create();
             aes.Mode = CipherMode.CBC;

src/Abc.IdentityModel.Xml/Abc.IdentityModel.Xml.csproj

@@ -1,15 +1,15 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <TargetFrameworks>netstandard2.0;net6.0</TargetFrameworks>
+    <TargetFrameworks>netstandard2.0;net6.0;net8.0</TargetFrameworks>
     <GeneratePackageOnBuild>true</GeneratePackageOnBuild>
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
     <PackageTags>.NET;Windows;Authentication;Identity;Encryption</PackageTags>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.IdentityModel.Logging" Version="7.5.1" />
-    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="7.5.1" />
-    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="7.5.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Logging" Version="7.7.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="7.7.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="7.7.1" />
   </ItemGroup>
 
   <ItemGroup Condition=" '$(TargetFramework)' == 'net45' Or  '$(TargetFramework)' == 'net451' Or  '$(TargetFramework)' == 'net461'">

src/Abc.IdentityModel.Xml/EncryptedDataReadException.cs

@@ -26,23 +26,29 @@ public EncryptedDataReadException() {
         /// Initializes a new instance of the <see cref="EncryptedDataReadException"/> class.
         /// </summary>
         /// <param name="message">Additional information to be included in the exception and displayed to user.</param>
-        public EncryptedDataReadException(string message) : base(message) {
+        public EncryptedDataReadException(string message)
+            : base(message) {
         }
 
         /// <summary>
         /// Initializes a new instance of the <see cref="EncryptedDataReadException"/> class.
         /// </summary>
         /// <param name="message">Additional information to be included in the exception and displayed to user.</param>
         /// <param name="innerException">A <see cref="Exception"/> that represents the root cause of the exception.</param>
-        public EncryptedDataReadException(string message, Exception innerException) : base(message, innerException) {
+        public EncryptedDataReadException(string message, Exception innerException)
+            : base(message, innerException) {
         }
 
         /// <summary>
         /// Initializes a new instance of the <see cref="EncryptedDataReadException"/> class.
         /// </summary>
         /// <param name="info">the <see cref="SerializationInfo"/> that holds the serialized object data.</param>
         /// <param name="context">The contextual information about the source or destination.</param>
-        protected EncryptedDataReadException(SerializationInfo info, StreamingContext context) : base(info, context) {
+#if NET8_0_OR_GREATER
+        [Obsolete(DiagnosticId = "SYSLIB0051")]
+#endif
+        protected EncryptedDataReadException(SerializationInfo info, StreamingContext context)
+            : base(info, context) {
         }
     }
 }

src/Directory.Build.props

@@ -6,7 +6,7 @@
     <Copyright>© ABC software. All rights reserved.</Copyright>
     <Product>Abc.IdentityModel</Product>
     <AssemblyVersion>2.0</AssemblyVersion>
-    <Version>2.1.1</Version>
+    <Version>2.2.0</Version>
 
     <LangVersion>8.0</LangVersion>
 

test/Abc.IdentityModel.Tokens.Jwt.UnitTests/Abc.IdentityModel.Tokens.Jwt.UnitTests.csproj

@@ -9,16 +9,16 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="7.5.1" />
+    <PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="7.7.1" />
     <PackageReference Include="FluentAssertions" Version="6.12.0" />
-    <PackageReference Include="FluentAssertions.Analyzers" Version="0.31.0">
+    <PackageReference Include="FluentAssertions.Analyzers" Version="0.33.0">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.9.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.10.0" />
     <PackageReference Include="System.Security.Cryptography.Xml" Version="8.0.0" />
-    <PackageReference Include="xunit" Version="2.7.1" />
-    <PackageReference Include="xunit.runner.visualstudio" Version="2.5.8">
+    <PackageReference Include="xunit" Version="2.9.0" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.8.2">
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
       <PrivateAssets>all</PrivateAssets>
     </PackageReference>

test/Abc.IdentityModel.Tokens.Saml.UnitTests/Abc.IdentityModel.Tokens.Saml.UnitTests.csproj

@@ -17,15 +17,15 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="7.5.1" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.9.0" />
+    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="7.7.1" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.10.0" />
     <PackageReference Include="coverlet.collector" Version="6.0.2">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.5.1" />
-    <PackageReference Include="xunit" Version="2.7.1" />
-    <PackageReference Include="xunit.runner.visualstudio" Version="2.5.8">
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.7.1" />
+    <PackageReference Include="xunit" Version="2.9.0" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.8.2">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>

test/Abc.IdentityModel.Xml.UnitTests/Abc.IdentityModel.Xml.UnitTests.csproj

@@ -7,10 +7,10 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="7.5.1" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.9.0" />
-    <PackageReference Include="NUnit" Version="3.13.3" />
-    <PackageReference Include="NUnit3TestAdapter" Version="4.5.0" />
+    <PackageReference Include="Microsoft.IdentityModel.Xml" Version="7.7.1" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.10.0" />
+    <PackageReference Include="NUnit" Version="3.14.0" />
+    <PackageReference Include="NUnit3TestAdapter" Version="4.6.0" />
     <PackageReference Include="coverlet.collector" Version="6.0.2">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>