From 3bb031651be3d519352f7e7b4f21e5ef93a986fc Mon Sep 17 00:00:00 2001 From: BrentSchmaltz Date: Tue, 8 Oct 2024 10:56:59 -0700 Subject: [PATCH] Removed multiple public apis (#2888) revised how exceptions are created Co-authored-by: id4s --- .../Exceptions/SecurityTokenException.cs | 4 +- .../InternalAPI.Unshipped.txt | 25 ++++---- .../PublicAPI.Unshipped.txt | 28 +++------ .../Details/AudienceValidationError.cs | 9 +++ .../Details/LifetimeValidationError.cs | 62 +++++++++++-------- .../Results/Details/ValidationError.cs | 4 +- .../Validation/ValidationParameters.cs | 2 +- .../Validation/Validators.Lifetime.cs | 8 ++- .../SecurityTokenExceptionTests.cs | 3 - 9 files changed, 78 insertions(+), 67 deletions(-) diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs index 1b7096ff30..f0e86568a5 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs @@ -20,7 +20,7 @@ namespace Microsoft.IdentityModel.Tokens /// Represents a security token exception. /// [Serializable] - public class SecurityTokenException : Exception, ISecurityTokenException + public class SecurityTokenException : Exception { [NonSerialized] private string _stackTrace; @@ -72,7 +72,7 @@ protected SecurityTokenException(SerializationInfo info, StreamingContext contex /// Sets the that caused the exception. /// /// - public void SetValidationError(ValidationError validationError) + internal void SetValidationError(ValidationError validationError) { _validationError = validationError; } diff --git a/src/Microsoft.IdentityModel.Tokens/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens/InternalAPI.Unshipped.txt index 121c2c70b9..edb5c02a17 100644 --- a/src/Microsoft.IdentityModel.Tokens/InternalAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.Tokens/InternalAPI.Unshipped.txt @@ -7,6 +7,7 @@ Microsoft.IdentityModel.Tokens.AudienceValidationError Microsoft.IdentityModel.Tokens.AudienceValidationError.AudienceValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, System.Collections.Generic.IList invalidAudiences) -> void Microsoft.IdentityModel.Tokens.CertificateHelper Microsoft.IdentityModel.Tokens.CertificateHelper.CertificateHelper() -> void +Microsoft.IdentityModel.Tokens.DecryptionKeyResolverDelegate Microsoft.IdentityModel.Tokens.ISecurityTokenException Microsoft.IdentityModel.Tokens.ISecurityTokenException.SetValidationError(Microsoft.IdentityModel.Tokens.ValidationError validationError) -> void Microsoft.IdentityModel.Tokens.IssuerSigningKeyValidationDelegate @@ -16,16 +17,9 @@ Microsoft.IdentityModel.Tokens.IssuerValidationSource.IssuerIsConfigurationIssue Microsoft.IdentityModel.Tokens.IssuerValidationSource.NotValidated = 0 -> Microsoft.IdentityModel.Tokens.IssuerValidationSource Microsoft.IdentityModel.Tokens.LifetimeValidationDelegate Microsoft.IdentityModel.Tokens.LifetimeValidationError -Microsoft.IdentityModel.Tokens.LifetimeValidationError.AdditionalInformation -Microsoft.IdentityModel.Tokens.LifetimeValidationError.AdditionalInformation.AdditionalInformation() -> void -Microsoft.IdentityModel.Tokens.LifetimeValidationError.AdditionalInformation.AdditionalInformation(System.DateTime? NotBeforeDate, System.DateTime? ExpirationDate) -> void -Microsoft.IdentityModel.Tokens.LifetimeValidationError.AdditionalInformation.ExpirationDate.get -> System.DateTime? -Microsoft.IdentityModel.Tokens.LifetimeValidationError.AdditionalInformation.ExpirationDate.set -> void -Microsoft.IdentityModel.Tokens.LifetimeValidationError.AdditionalInformation.NotBeforeDate.get -> System.DateTime? -Microsoft.IdentityModel.Tokens.LifetimeValidationError.AdditionalInformation.NotBeforeDate.set -> void Microsoft.IdentityModel.Tokens.LifetimeValidationError.LifetimeValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame) -> void -Microsoft.IdentityModel.Tokens.LifetimeValidationError.LifetimeValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, Microsoft.IdentityModel.Tokens.LifetimeValidationError.AdditionalInformation? additionalInformation) -> void -Microsoft.IdentityModel.Tokens.LifetimeValidationError.LifetimeValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, System.Exception innerException, Microsoft.IdentityModel.Tokens.LifetimeValidationError.AdditionalInformation? additionalInformation) -> void +Microsoft.IdentityModel.Tokens.LifetimeValidationError.LifetimeValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, System.DateTime expires) -> void +Microsoft.IdentityModel.Tokens.LifetimeValidationError.LifetimeValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, System.DateTime notBefore, System.DateTime expires) -> void Microsoft.IdentityModel.Tokens.RSACryptoServiceProviderProxy.SignData(byte[] input, int offset, int length, object hash) -> byte[] Microsoft.IdentityModel.Tokens.SecurityTokenArgumentNullException Microsoft.IdentityModel.Tokens.SecurityTokenArgumentNullException.SecurityTokenArgumentNullException() -> void @@ -98,8 +92,14 @@ Microsoft.IdentityModel.Tokens.ValidatedTokenType.ValidatedTokenType() -> void Microsoft.IdentityModel.Tokens.ValidatedTokenType.ValidatedTokenType(string Type, int ValidTypeCount) -> void Microsoft.IdentityModel.Tokens.ValidatedTokenType.ValidTypeCount.get -> int Microsoft.IdentityModel.Tokens.ValidatedTokenType.ValidTypeCount.set -> void +Microsoft.IdentityModel.Tokens.ValidationError +Microsoft.IdentityModel.Tokens.ValidationError.AddStackFrame(System.Diagnostics.StackFrame stackFrame) -> Microsoft.IdentityModel.Tokens.ValidationError +Microsoft.IdentityModel.Tokens.ValidationError.ExceptionType.get -> System.Type Microsoft.IdentityModel.Tokens.ValidationError.FailureType.get -> Microsoft.IdentityModel.Tokens.ValidationFailureType +Microsoft.IdentityModel.Tokens.ValidationError.InnerException.get -> System.Exception +Microsoft.IdentityModel.Tokens.ValidationError.InnerValidationError.get -> Microsoft.IdentityModel.Tokens.ValidationError Microsoft.IdentityModel.Tokens.ValidationError.MessageDetail.get -> Microsoft.IdentityModel.Tokens.MessageDetail +Microsoft.IdentityModel.Tokens.ValidationError.StackFrames.get -> System.Collections.Generic.IList Microsoft.IdentityModel.Tokens.ValidationError.ValidationError(Microsoft.IdentityModel.Tokens.MessageDetail MessageDetail, Microsoft.IdentityModel.Tokens.ValidationFailureType failureType, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame) -> void Microsoft.IdentityModel.Tokens.ValidationError.ValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, Microsoft.IdentityModel.Tokens.ValidationFailureType failureType, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, Microsoft.IdentityModel.Tokens.ValidationError innerValidationError) -> void Microsoft.IdentityModel.Tokens.ValidationError.ValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, Microsoft.IdentityModel.Tokens.ValidationFailureType failureType, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, System.Exception innerException) -> void @@ -110,6 +110,7 @@ Microsoft.IdentityModel.Tokens.ValidationParameters.LifetimeValidator.get -> Mic Microsoft.IdentityModel.Tokens.ValidationParameters.SignatureValidator.get -> Microsoft.IdentityModel.Tokens.SignatureValidationDelegate Microsoft.IdentityModel.Tokens.ValidationParameters.TimeProvider.get -> System.TimeProvider Microsoft.IdentityModel.Tokens.ValidationParameters.TimeProvider.set -> void +Microsoft.IdentityModel.Tokens.ValidationParameters.TokenDecryptionKeyResolver.get -> Microsoft.IdentityModel.Tokens.DecryptionKeyResolverDelegate Microsoft.IdentityModel.Tokens.ValidationParameters.TokenReplayValidator.get -> Microsoft.IdentityModel.Tokens.TokenReplayValidationDelegate Microsoft.IdentityModel.Tokens.ValidationParameters.TypeValidator.get -> Microsoft.IdentityModel.Tokens.TokenTypeValidationDelegate Microsoft.IdentityModel.Tokens.ValidationParameters.TypeValidator.set -> void @@ -123,13 +124,12 @@ Microsoft.IdentityModel.Tokens.ValidationResult.ValidationResult() -> v Microsoft.IdentityModel.Tokens.ValidationResult.ValidationResult(Microsoft.IdentityModel.Tokens.ValidationError error) -> void Microsoft.IdentityModel.Tokens.ValidationResult.ValidationResult(TResult result) -> void override Microsoft.IdentityModel.Tokens.AudienceValidationError.AddAdditionalInformation(Microsoft.IdentityModel.Tokens.ISecurityTokenException exception) -> void -override Microsoft.IdentityModel.Tokens.LifetimeValidationError.AddAdditionalInformation(Microsoft.IdentityModel.Tokens.ISecurityTokenException exception) -> void +override Microsoft.IdentityModel.Tokens.AudienceValidationError.GetException() -> System.Exception +override Microsoft.IdentityModel.Tokens.LifetimeValidationError.GetException() -> System.Exception override Microsoft.IdentityModel.Tokens.SecurityTokenArgumentNullException.StackTrace.get -> string override Microsoft.IdentityModel.Tokens.ValidationResult.Equals(object obj) -> bool override Microsoft.IdentityModel.Tokens.ValidationResult.GetHashCode() -> int static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.DecryptJwtToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jsonWebToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.JsonWebTokens.JwtTokenDecryptionParameters decryptionParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.TokenDecryptionResult -Microsoft.IdentityModel.Tokens.ResolveTokenDecryptionKeyDelegate -Microsoft.IdentityModel.Tokens.ValidationParameters.TokenDecryptionKeyResolver.get -> Microsoft.IdentityModel.Tokens.ResolveTokenDecryptionKeyDelegate Microsoft.IdentityModel.Tokens.ValidationParameters.TokenDecryptionKeyResolver.set -> void Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.DecryptToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.TokenDecryptionResult const Microsoft.IdentityModel.Tokens.LogMessages.IDX10215 = "IDX10215: Audience validation failed. Audiences: '{0}'. Did not match: validationParameters.ValidAudiences: '{1}'." -> string @@ -826,6 +826,7 @@ virtual Microsoft.IdentityModel.Tokens.SecurityToken.CreateClaims(string issuer) virtual Microsoft.IdentityModel.Tokens.SignatureProvider.ObjectPoolSize.get -> int virtual Microsoft.IdentityModel.Tokens.TokenHandler.CreateClaimsIdentityInternal(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters tokenValidationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity virtual Microsoft.IdentityModel.Tokens.ValidationError.AddAdditionalInformation(Microsoft.IdentityModel.Tokens.ISecurityTokenException exception) -> void +virtual Microsoft.IdentityModel.Tokens.ValidationError.GetException() -> System.Exception virtual Microsoft.IdentityModel.Tokens.ValidationParameters.Clone() -> Microsoft.IdentityModel.Tokens.ValidationParameters virtual Microsoft.IdentityModel.Tokens.ValidationParameters.CreateClaimsIdentity(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, string issuer) -> System.Security.Claims.ClaimsIdentity Microsoft.IdentityModel.Tokens.SecurityTokenException.SetValidationError(Microsoft.IdentityModel.Tokens.ValidationError validationError) -> void diff --git a/src/Microsoft.IdentityModel.Tokens/PublicAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens/PublicAPI.Unshipped.txt index badfc929cb..0b563a0b97 100644 --- a/src/Microsoft.IdentityModel.Tokens/PublicAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.Tokens/PublicAPI.Unshipped.txt @@ -1,4 +1,4 @@ -abstract Microsoft.IdentityModel.Tokens.AsymmetricSecurityKey.HasPrivateKey.get -> bool +abstract Microsoft.IdentityModel.Tokens.AsymmetricSecurityKey.HasPrivateKey.get -> bool abstract Microsoft.IdentityModel.Tokens.AsymmetricSecurityKey.PrivateKeyStatus.get -> Microsoft.IdentityModel.Tokens.PrivateKeyStatus abstract Microsoft.IdentityModel.Tokens.BaseConfigurationManager.RequestRefresh() -> void abstract Microsoft.IdentityModel.Tokens.CryptoProviderCache.GetCacheKey(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, string algorithm, string typeofProvider) -> string @@ -419,7 +419,6 @@ Microsoft.IdentityModel.Tokens.SecurityTokenException.SecurityTokenException() - Microsoft.IdentityModel.Tokens.SecurityTokenException.SecurityTokenException(string message) -> void Microsoft.IdentityModel.Tokens.SecurityTokenException.SecurityTokenException(string message, System.Exception innerException) -> void Microsoft.IdentityModel.Tokens.SecurityTokenException.SecurityTokenException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) -> void -Microsoft.IdentityModel.Tokens.SecurityTokenException.SetValidationError(Microsoft.IdentityModel.Tokens.ValidationError validationError) -> void Microsoft.IdentityModel.Tokens.SecurityTokenExpiredException Microsoft.IdentityModel.Tokens.SecurityTokenExpiredException.Expires.get -> System.DateTime Microsoft.IdentityModel.Tokens.SecurityTokenExpiredException.Expires.set -> void @@ -444,6 +443,15 @@ Microsoft.IdentityModel.Tokens.SecurityTokenInvalidAudienceException.SecurityTok Microsoft.IdentityModel.Tokens.SecurityTokenInvalidAudienceException.SecurityTokenInvalidAudienceException(string message, System.Exception innerException) -> void Microsoft.IdentityModel.Tokens.SecurityTokenInvalidAudienceException.SecurityTokenInvalidAudienceException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) -> void Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException +Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.ConfigurationCloudInstanceName.get -> string +Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.ConfigurationCloudInstanceName.set -> void +Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SecurityTokenInvalidCloudInstanceException() -> void +Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SecurityTokenInvalidCloudInstanceException(string message) -> void +Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SecurityTokenInvalidCloudInstanceException(string message, System.Exception innerException) -> void +Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SecurityTokenInvalidCloudInstanceException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) -> void +Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SigningKeyCloudInstanceName.get -> string +Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SigningKeyCloudInstanceName.set -> void +override Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) -> void Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException.InvalidIssuer.get -> string Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException.InvalidIssuer.set -> void @@ -934,19 +942,3 @@ virtual Microsoft.IdentityModel.Tokens.TokenHandler.ValidateTokenAsync(Microsoft virtual Microsoft.IdentityModel.Tokens.TokenHandler.ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) -> System.Threading.Tasks.Task virtual Microsoft.IdentityModel.Tokens.TokenValidationParameters.Clone() -> Microsoft.IdentityModel.Tokens.TokenValidationParameters virtual Microsoft.IdentityModel.Tokens.TokenValidationParameters.CreateClaimsIdentity(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, string issuer) -> System.Security.Claims.ClaimsIdentity -override Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) -> void -Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.ConfigurationCloudInstanceName.get -> string -Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.ConfigurationCloudInstanceName.set -> void -Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SecurityTokenInvalidCloudInstanceException() -> void -Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SecurityTokenInvalidCloudInstanceException(string message) -> void -Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SecurityTokenInvalidCloudInstanceException(string message, System.Exception innerException) -> void -Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SecurityTokenInvalidCloudInstanceException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) -> void -Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SigningKeyCloudInstanceName.get -> string -Microsoft.IdentityModel.Tokens.SecurityTokenInvalidCloudInstanceException.SigningKeyCloudInstanceName.set -> void -Microsoft.IdentityModel.Tokens.ValidationError -Microsoft.IdentityModel.Tokens.ValidationError.AddStackFrame(System.Diagnostics.StackFrame stackFrame) -> Microsoft.IdentityModel.Tokens.ValidationError -Microsoft.IdentityModel.Tokens.ValidationError.ExceptionType.get -> System.Type -Microsoft.IdentityModel.Tokens.ValidationError.GetException() -> System.Exception -Microsoft.IdentityModel.Tokens.ValidationError.InnerException.get -> System.Exception -Microsoft.IdentityModel.Tokens.ValidationError.InnerValidationError.get -> Microsoft.IdentityModel.Tokens.ValidationError -Microsoft.IdentityModel.Tokens.ValidationError.StackFrames.get -> System.Collections.Generic.IList diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AudienceValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AudienceValidationError.cs index d999820b12..ab3d70fe9f 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AudienceValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AudienceValidationError.cs @@ -27,6 +27,15 @@ internal override void AddAdditionalInformation(ISecurityTokenException exceptio if (exception is SecurityTokenInvalidAudienceException invalidAudienceException) invalidAudienceException.InvalidAudience = Utility.SerializeAsSingleCommaDelimitedString(_invalidAudiences); } + + /// + /// Creates an instance of an using + /// + /// An instance of an Exception. + public override Exception GetException() + { + return new SecurityTokenInvalidAudienceException(MessageDetail.Message) { InvalidAudience = Utility.SerializeAsSingleCommaDelimitedString(_invalidAudiences) }; + } } } #nullable restore diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LifetimeValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LifetimeValidationError.cs index 40537d497c..cc0635e39d 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LifetimeValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LifetimeValidationError.cs @@ -9,11 +9,8 @@ namespace Microsoft.IdentityModel.Tokens { internal class LifetimeValidationError : ValidationError { - internal record struct AdditionalInformation( - DateTime? NotBeforeDate, - DateTime? ExpirationDate); - - private AdditionalInformation _additionalInformation; + DateTime _notBefore; + DateTime _expires; public LifetimeValidationError( MessageDetail messageDetail, @@ -27,45 +24,58 @@ public LifetimeValidationError( MessageDetail messageDetail, Type exceptionType, StackFrame stackFrame, - AdditionalInformation? additionalInformation) + DateTime notBefore, + DateTime expires) : base(messageDetail, ValidationFailureType.LifetimeValidationFailed, exceptionType, stackFrame) { - if (additionalInformation.HasValue) - _additionalInformation = additionalInformation.Value; + _notBefore = notBefore; + _expires = expires; } public LifetimeValidationError( MessageDetail messageDetail, Type exceptionType, StackFrame stackFrame, - Exception innerException, - AdditionalInformation? additionalInformation) - : base(messageDetail, ValidationFailureType.LifetimeValidationFailed, exceptionType, stackFrame, innerException) + DateTime expires) + : base(messageDetail, ValidationFailureType.LifetimeValidationFailed, exceptionType, stackFrame) { - if (additionalInformation.HasValue) - _additionalInformation = additionalInformation.Value; + _expires = expires; } - internal override void AddAdditionalInformation(ISecurityTokenException exception) + /// + /// Creates an instance of an using + /// + /// An instance of an Exception. + public override Exception GetException() { - if (exception is SecurityTokenExpiredException expiredException && - _additionalInformation.ExpirationDate.HasValue) + if (ExceptionType == typeof(SecurityTokenNoExpirationException)) { - expiredException.Expires = _additionalInformation.ExpirationDate.Value; + return new SecurityTokenNoExpirationException(MessageDetail.Message); } - else if (exception is SecurityTokenNotYetValidException notYetValidException && - _additionalInformation.NotBeforeDate.HasValue) + else if (ExceptionType == typeof(SecurityTokenInvalidLifetimeException)) { - notYetValidException.NotBefore = _additionalInformation.NotBeforeDate.Value; + return new SecurityTokenInvalidLifetimeException(MessageDetail.Message) + { + NotBefore = _notBefore, + Expires = _expires + }; } - else if (exception is SecurityTokenInvalidLifetimeException invalidLifetimeException) + else if (ExceptionType == typeof(SecurityTokenNotYetValidException)) { - if (_additionalInformation.NotBeforeDate.HasValue) - invalidLifetimeException.NotBefore = _additionalInformation.NotBeforeDate.Value; - - if (_additionalInformation.ExpirationDate.HasValue) - invalidLifetimeException.Expires = _additionalInformation.ExpirationDate.Value; + return new SecurityTokenNotYetValidException(MessageDetail.Message) + { + NotBefore = _notBefore + }; + } + else if (ExceptionType == typeof(SecurityTokenExpiredException)) + { + return new SecurityTokenExpiredException(MessageDetail.Message) + { + Expires = _expires + }; } + else + return base.GetException(); } } } diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/ValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/ValidationError.cs index 933a17839e..8b793b663f 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/ValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/ValidationError.cs @@ -15,7 +15,7 @@ internal interface ISecurityTokenException /// /// Contains information so that Exceptions can be logged or thrown written as required. /// - public class ValidationError + internal class ValidationError { private Type _exceptionType; @@ -81,7 +81,7 @@ internal ValidationError( /// Creates an instance of an using /// /// An instance of an Exception. - public Exception GetException() + public virtual Exception GetException() { Exception exception = GetException(ExceptionType, InnerException); diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/ValidationParameters.cs b/src/Microsoft.IdentityModel.Tokens/Validation/ValidationParameters.cs index 469a03e37c..ec63b6665e 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/ValidationParameters.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/ValidationParameters.cs @@ -452,7 +452,7 @@ public SignatureValidationDelegate SignatureValidator /// /// This will be used to decrypt the token. This can be helpful when the does not contain a key identifier. /// - public DecryptionKeyResolverDelegate TokenDecryptionKeyResolver { get; set; } + internal DecryptionKeyResolverDelegate TokenDecryptionKeyResolver { get; set; } /// /// Gets the that is to be used for decrypting inbound tokens. diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Lifetime.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Lifetime.cs index 548e0fbb2a..a1d7c24153 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Lifetime.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Lifetime.cs @@ -77,7 +77,8 @@ internal static ValidationResult ValidateLifetime( LogHelper.MarkAsNonPII(expires.Value)), typeof(SecurityTokenInvalidLifetimeException), new StackFrame(true), - new(NotBeforeDate: notBefore, ExpirationDate: expires)); + notBefore.Value, + expires.Value); DateTime utcNow = validationParameters.TimeProvider.GetUtcNow().UtcDateTime; if (notBefore.HasValue && (notBefore.Value > DateTimeUtil.Add(utcNow, validationParameters.ClockSkew))) @@ -88,7 +89,8 @@ internal static ValidationResult ValidateLifetime( LogHelper.MarkAsNonPII(utcNow)), typeof(SecurityTokenNotYetValidException), new StackFrame(true), - new(NotBeforeDate: notBefore, ExpirationDate: expires)); + notBefore.Value, + expires.Value); if (expires.HasValue && (expires.Value < DateTimeUtil.Add(utcNow, validationParameters.ClockSkew.Negate()))) return new LifetimeValidationError( @@ -98,7 +100,7 @@ internal static ValidationResult ValidateLifetime( LogHelper.MarkAsNonPII(utcNow)), typeof(SecurityTokenExpiredException), new StackFrame(true), - new(NotBeforeDate: null, ExpirationDate: expires)); + expires.Value); // if it reaches here, that means lifetime of the token is valid return new ValidatedLifetime(notBefore, expires); diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/SecurityTokenExceptionTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/SecurityTokenExceptionTests.cs index b43258613a..ff9cbae637 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/SecurityTokenExceptionTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/SecurityTokenExceptionTests.cs @@ -208,9 +208,6 @@ public static TheoryData ExceptionTestData { if (!(ex is SecurityTokenUnableToValidateException securityTokenUnableToValidateException)) throw new ArgumentException($"expected argument of type {nameof(SecurityTokenUnableToValidateException)} received type {ex.GetType()}"); - - securityTokenUnableToValidateException.ValidationFailure = ValidationFailure.InvalidIssuer; - securityTokenUnableToValidateException.ValidationFailure |= ValidationFailure.InvalidLifetime; }, }, #pragma warning restore CS0618 // Type or member is obsolete