update xunit versions (#3053)

* Update XUnit versions

* Fix Xunit warnings

tests/Directory.Build.props

@@ -15,9 +15,9 @@
     <MicrosoftNetTestSdkVersion>17.4.0</MicrosoftNetTestSdkVersion>
 		<!--GHSA-5crp-9r3c-p9vr-->
 		<NewtonsoftJsonVersion>13.0.2</NewtonsoftJsonVersion>
-		<XunitVersion>2.4.2</XunitVersion>
-		<XunitRunnerVisualStudioVersion>2.4.5</XunitRunnerVisualStudioVersion>
-    <XunitAssertVersion>2.4.2</XunitAssertVersion>
+		<XunitVersion>2.9.2</XunitVersion>
+		<XunitRunnerVisualStudioVersion>2.8.2</XunitRunnerVisualStudioVersion>
+    <XunitAssertVersion>2.9.2</XunitAssertVersion>
     <XunitExtensibilityCoreVersion>2.4.2</XunitExtensibilityCoreVersion>
     <NSubstituteVersion>4.2.2</NSubstituteVersion>
     <NSubstituteAnalyzersCSharpVersion>1.0.13</NSubstituteAnalyzersCSharpVersion>

tests/E2E Tests/GraphServiceClientTests/GraphServiceClientTests.cs

@@ -81,7 +81,7 @@ public async Task AuthenticateRequestAsync_NonGraphUri_DoesNotSetAuthZHeader()
             GraphAuthenticationProvider graphAuthenticationProvider = new(_authorizationHeaderProvider, new GraphServiceClientOptions());
 
             // act
-            await graphAuthenticationProvider.AuthenticateRequestAsync(request).ConfigureAwait(false);
+            await graphAuthenticationProvider.AuthenticateRequestAsync(request);
 
             // assert
             Assert.False(request.Headers.ContainsKey("Authorization"));

tests/E2E Tests/WebAppUiTests/WebAppIntegrationTests.cs

@@ -28,7 +28,7 @@ public async Task ChallengeUser_MicrosoftIdentityFlow_RemoteApp_ValidEmailPasswo
             IBrowser browser = await playwright.Chromium.LaunchAsync(new() { Headless = true });
             IPage page = await browser.NewPageAsync();
             await page.GotoAsync(UrlString);
-            LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync().ConfigureAwait(false);
+            LabResponse labResponse = await LabUserHelper.GetDefaultUserAsync();
 
             try
             {

tests/Microsoft.Identity.Web.Test.Integration/AcquireTokenForAppIntegrationTests.cs

@@ -67,7 +67,9 @@ public AcquireTokenForAppIntegrationTests(ITestOutputHelper output) // test set-
         [Theory]
         [InlineData(true, Constants.Bearer)]
         [InlineData(true, "PoP")]
+#pragma warning disable xUnit1012 // Null should only be used for nullable parameters
         [InlineData(false, null)]
+#pragma warning restore xUnit1012 // Null should only be used for nullable parameters
         public async Task GetAccessTokenOrAuthResultForApp_ReturnsAccessTokenOrAuthResultAsync(bool getAuthResult, string authHeaderPrefix)
         {
             // Arrange

tests/Microsoft.Identity.Web.Test/Certificates/DefaultCertificateLoaderTests.cs

@@ -16,7 +16,9 @@ public class DefaultCertificateLoaderTests
         // [InlineData(CertificateSource.Path, @"c:\temp\WebAppCallingWebApiCert.pfx", "")]
         // [InlineData(CertificateSource.StoreWithDistinguishedName, "CurrentUser/My", "CN=WebAppCallingWebApiCert")]
         // [InlineData(CertificateSource.StoreWithThumbprint, "CurrentUser/My", "962D129A859174EE8B5596985BD18EFEB6961684")]
+#pragma warning disable xUnit1012 // Null should only be used for nullable parameters
         [InlineData(CertificateSource.Base64Encoded, null, TestConstants.CertificateX5c)]
+#pragma warning restore xUnit1012 // Null should only be used for nullable parameters
         [Theory]
         public void TestDefaultCertificateLoader(CertificateSource certificateSource, string container, string referenceOrValue)
         {
@@ -53,7 +55,9 @@ public void TestDefaultCertificateLoader(CertificateSource certificateSource, st
             Assert.NotNull(certificateDescription.Certificate);
         }
 
+#pragma warning disable xUnit1012 // Null should only be used for nullable parameters
         [InlineData(CertificateSource.Base64Encoded, null, TestConstants.CertificateX5c)]
+#pragma warning restore xUnit1012 // Null should only be used for nullable parameters
         [Theory]
         public void TestLoadFirstCertificate(
             CertificateSource certificateSource,
@@ -71,7 +75,9 @@ public void TestLoadFirstCertificate(
             Assert.Equal("CN=ACS2ClientCertificate", certificate.Issuer);
         }
 
+#pragma warning disable xUnit1012 // Null should only be used for nullable parameters
         [InlineData(CertificateSource.Base64Encoded, null, TestConstants.CertificateX5c)]
+#pragma warning restore xUnit1012 // Null should only be used for nullable parameters
         [Theory]
         public void TestLoadAllCertificates(
            CertificateSource certificateSource,

tests/Microsoft.Identity.Web.Test/DownstreamWebApiSupport/DownstreamApiTests.cs

@@ -119,7 +119,7 @@ public void SerializeInput_WithHttpContent_ReturnsSameContent()
         }
 
         [Fact]
-        public void SerializeInput_WithSerializer_ReturnsSerializedContent()
+        public async Task SerializeInput_WithSerializer_ReturnsSerializedContentAsync()
         {
             // Arrange
             var input = new Person();
@@ -129,11 +129,12 @@ public void SerializeInput_WithSerializer_ReturnsSerializedContent()
             var result = DownstreamApi.SerializeInput(input, _options);
 
             // Assert
-            Assert.Equal("serialized", result?.ReadAsStringAsync().Result);
+            Assert.NotNull(result);
+            Assert.Equal("serialized", await result.ReadAsStringAsync());
         }
 
         [Fact]
-        public void SerializeInput_WithStringAndContentType_ReturnsStringContent()
+        public async Task SerializeInput_WithStringAndContentType_ReturnsStringContent()
         {
             // Arrange
             var input = "test";
@@ -144,11 +145,11 @@ public void SerializeInput_WithStringAndContentType_ReturnsStringContent()
 
             // Assert
             Assert.IsType<StringContent>(result);
-            Assert.Equal(input, result.ReadAsStringAsync().Result);
+            Assert.Equal(input, await result.ReadAsStringAsync());
         }
 
         [Fact]
-        public void SerializeInput_WithByteArray_ReturnsByteArrayContent()
+        public async Task SerializeInput_WithByteArray_ReturnsByteArrayContentAsync()
         {
             // Arrange
             var input = new byte[] { 1, 2, 3 };
@@ -158,11 +159,11 @@ public void SerializeInput_WithByteArray_ReturnsByteArrayContent()
 
             // Assert
             Assert.IsType<ByteArrayContent>(result);
-            Assert.Equal(input, result.ReadAsByteArrayAsync().Result);
+            Assert.Equal(input, await result.ReadAsByteArrayAsync());
         }
 
         [Fact]
-        public void SerializeInput_WithStream_ReturnsStreamContent()
+        public async Task SerializeInput_WithStream_ReturnsStreamContentAsync()
         {
             // Arrange
             var input = new MemoryStream(Encoding.UTF8.GetBytes("test"));
@@ -172,7 +173,7 @@ public void SerializeInput_WithStream_ReturnsStreamContent()
 
             // Assert
             Assert.IsType<StreamContent>(result);
-            Assert.Equal("test", new StreamReader(result.ReadAsStreamAsync().Result).ReadToEnd());
+            Assert.Equal("test", new StreamReader(await result.ReadAsStreamAsync()).ReadToEnd());
         }
 
         [Fact]
@@ -279,7 +280,7 @@ public async Task DeserializeOutput_ReturnsDeserializedContent()
 
 #if NET8_0_OR_GREATER
         [Fact]
-        public void SerializeInput_WithSerializer_ReturnsSerializedContent_WhenJsonTypeInfoProvided()
+        public async Task SerializeInput_WithSerializer_ReturnsSerializedContent_WhenJsonTypeInfoProvided()
         {
             // Arrange
             var input = new Person();
@@ -289,7 +290,8 @@ public void SerializeInput_WithSerializer_ReturnsSerializedContent_WhenJsonTypeI
             var result = DownstreamApi.SerializeInput(input, _options, CustomJsonContext.Default.Person);
 
             // Assert
-            Assert.Equal("serialized", result?.ReadAsStringAsync().Result);
+            Assert.NotNull(result);
+            Assert.Equal("serialized", await (result?.ReadAsStringAsync()));
         }
 
         [Fact]

tests/Microsoft.Identity.Web.Test/MicrosoftIdentityOptionsTests.cs

@@ -48,6 +48,7 @@ public void IsB2C_NullOrEmptyUserFlow_ReturnsFalse()
             Assert.False(options.IsB2C);
         }
 
+#pragma warning disable xUnit1012 // Null should only be used for nullable parameters
         [Theory]
         [InlineData(TestConstants.ClientId, TestConstants.AadInstance, TestConstants.GuestTenantId, null, null, AzureAd, null)]
         [InlineData(null, TestConstants.AadInstance, TestConstants.GuestTenantId, null, null, null, AzureAd, MissingParam.ClientId)]
@@ -61,6 +62,7 @@ public void IsB2C_NullOrEmptyUserFlow_ReturnsFalse()
         [InlineData(TestConstants.ClientId, TestConstants.B2CInstance, null, null, TestConstants.B2CSignUpSignInUserFlow, "", AzureAdB2C, MissingParam.Domain)]
         [InlineData(TestConstants.ClientId, null, null, TestConstants.AuthorityWithTenantSpecified, null, null, AzureAd)]
         [InlineData(null, null, null, TestConstants.AuthorityWithTenantSpecified, null, null, AzureAd, MissingParam.ClientId)]
+#pragma warning restore xUnit1012 // Null should only be used for nullable parameters
         public void ValidateRequiredMicrosoftIdentityOptions(
            string clientId,
            string instance,

tests/Microsoft.Identity.Web.Test/Resource/JwtBearerMiddlewareDiagnosticsTests.cs

@@ -46,7 +46,7 @@ public JwtBearerMiddlewareDiagnosticsTests()
         }
 
         [Fact]
-        public async void Subscribe_OnAuthenticationFailed_CompletesSuccessfully()
+        public async Task Subscribe_OnAuthenticationFailed_CompletesSuccessfully()
         {
             _jwtEvents.OnAuthenticationFailed = _eventHandler;
             _jwtDiagnostics.Subscribe(_jwtEvents);
@@ -56,7 +56,7 @@ public async void Subscribe_OnAuthenticationFailed_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnMessageReceived_CompletesSuccessfully()
+        public async Task Subscribe_OnMessageReceived_CompletesSuccessfully()
         {
             _jwtEvents.OnMessageReceived = _eventHandler;
             _jwtDiagnostics.Subscribe(_jwtEvents);
@@ -66,7 +66,7 @@ public async void Subscribe_OnMessageReceived_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnTokenValidated_CompletesSuccessfully()
+        public async Task Subscribe_OnTokenValidated_CompletesSuccessfully()
         {
             _jwtEvents.OnTokenValidated = _eventHandler;
             _jwtDiagnostics.Subscribe(_jwtEvents);
@@ -76,7 +76,7 @@ public async void Subscribe_OnTokenValidated_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnChallenge_CompletesSuccessfully()
+        public async Task Subscribe_OnChallenge_CompletesSuccessfully()
         {
             _jwtEvents.OnChallenge = _eventHandler;
             _jwtDiagnostics.Subscribe(_jwtEvents);
@@ -86,7 +86,7 @@ public async void Subscribe_OnChallenge_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnAuthenticationFailedDefault_CompletesSuccessfully()
+        public async Task Subscribe_OnAuthenticationFailedDefault_CompletesSuccessfully()
         {
             _jwtEvents = _jwtDiagnostics.Subscribe(null!);
             await _jwtEvents.AuthenticationFailed(new AuthenticationFailedContext(_httpContext, _authScheme, _jwtOptions));
@@ -95,7 +95,7 @@ public async void Subscribe_OnAuthenticationFailedDefault_CompletesSuccessfully(
         }
 
         [Fact]
-        public async void Subscribe_OnMessageReceivedDefault_CompletesSuccessfully()
+        public async Task Subscribe_OnMessageReceivedDefault_CompletesSuccessfully()
         {
             _jwtEvents = _jwtDiagnostics.Subscribe(_jwtEvents);
             await _jwtEvents.MessageReceived(new MessageReceivedContext(_httpContext, _authScheme, _jwtOptions));
@@ -104,7 +104,7 @@ public async void Subscribe_OnMessageReceivedDefault_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnTokenValidatedDefault_CompletesSuccessfully()
+        public async Task Subscribe_OnTokenValidatedDefault_CompletesSuccessfully()
         {
             _jwtEvents = _jwtDiagnostics.Subscribe(_jwtEvents);
             await _jwtEvents.TokenValidated(new TokenValidatedContext(_httpContext, _authScheme, _jwtOptions));
@@ -113,7 +113,7 @@ public async void Subscribe_OnTokenValidatedDefault_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnChallengeDefault_CompletesSuccessfully()
+        public async Task Subscribe_OnChallengeDefault_CompletesSuccessfully()
         {
             _jwtEvents = _jwtDiagnostics.Subscribe(_jwtEvents);
             await _jwtEvents.Challenge(new JwtBearerChallengeContext(_httpContext, _authScheme, _jwtOptions, new AuthenticationProperties()));

tests/Microsoft.Identity.Web.Test/Resource/OpenIdConnectMiddlewareDiagnosticsTests.cs

@@ -49,7 +49,7 @@ public OpenIdConnectMiddlewareDiagnosticsTests()
         }
 
         [Fact]
-        public async void Subscribe_OnRedirectToIdentityProvider_CompletesSuccessfully()
+        public async Task Subscribe_OnRedirectToIdentityProvider_CompletesSuccessfully()
         {
             _openIdEvents.OnRedirectToIdentityProvider = _eventHandler;
             _openIdDiagnostics.Subscribe(_openIdEvents);
@@ -59,7 +59,7 @@ public async void Subscribe_OnRedirectToIdentityProvider_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnMessageReceived_CompletesSuccessfully()
+        public async Task Subscribe_OnMessageReceived_CompletesSuccessfully()
         {
             _openIdEvents.OnMessageReceived = _eventHandler;
             _openIdDiagnostics.Subscribe(_openIdEvents);
@@ -69,7 +69,7 @@ public async void Subscribe_OnMessageReceived_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnAuthorizationCodeReceived_CompletesSuccessfully()
+        public async Task Subscribe_OnAuthorizationCodeReceived_CompletesSuccessfully()
         {
             _openIdEvents.OnAuthorizationCodeReceived = _eventHandler;
             _openIdDiagnostics.Subscribe(_openIdEvents);
@@ -79,7 +79,7 @@ public async void Subscribe_OnAuthorizationCodeReceived_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnTokenResponseReceived_CompletesSuccessfully()
+        public async Task Subscribe_OnTokenResponseReceived_CompletesSuccessfully()
         {
             _openIdEvents.OnTokenResponseReceived = _eventHandler;
             _openIdDiagnostics.Subscribe(_openIdEvents);
@@ -89,7 +89,7 @@ public async void Subscribe_OnTokenResponseReceived_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnTokenValidated_CompletesSuccessfully()
+        public async Task Subscribe_OnTokenValidated_CompletesSuccessfully()
         {
             _openIdEvents.OnTokenValidated = _eventHandler;
             _openIdDiagnostics.Subscribe(_openIdEvents);
@@ -99,7 +99,7 @@ public async void Subscribe_OnTokenValidated_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnUserInformationReceived_CompletesSuccessfully()
+        public async Task Subscribe_OnUserInformationReceived_CompletesSuccessfully()
         {
             _openIdEvents.OnUserInformationReceived = _eventHandler;
             _openIdDiagnostics.Subscribe(_openIdEvents);
@@ -109,7 +109,7 @@ public async void Subscribe_OnUserInformationReceived_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnAuthenticationFailed_CompletesSuccessfully()
+        public async Task Subscribe_OnAuthenticationFailed_CompletesSuccessfully()
         {
             _openIdEvents.OnAuthenticationFailed = _eventHandler;
             _openIdDiagnostics.Subscribe(_openIdEvents);
@@ -119,7 +119,7 @@ public async void Subscribe_OnAuthenticationFailed_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnRemoteSignOut_CompletesSuccessfully()
+        public async Task Subscribe_OnRemoteSignOut_CompletesSuccessfully()
         {
             _openIdEvents.OnRemoteSignOut = _eventHandler;
             _openIdDiagnostics.Subscribe(_openIdEvents);
@@ -129,7 +129,7 @@ public async void Subscribe_OnRemoteSignOut_CompletesSuccessfully()
         }
 
         [Fact]
-        public async void Subscribe_OnRedirectToIdentityProviderForSignOut_CompletesSuccessfully()
+        public async Task Subscribe_OnRedirectToIdentityProviderForSignOut_CompletesSuccessfully()
         {
             _openIdEvents.OnRedirectToIdentityProviderForSignOut = _eventHandler;
             _openIdDiagnostics.Subscribe(_openIdEvents);
@@ -139,7 +139,7 @@ public async void Subscribe_OnRedirectToIdentityProviderForSignOut_CompletesSucc
         }
 
         [Fact]
-        public async void Subscribe_OnSignedOutCallbackRedirect_CompletesSuccessfully()
+        public async Task Subscribe_OnSignedOutCallbackRedirect_CompletesSuccessfully()
         {
             _openIdEvents.OnSignedOutCallbackRedirect = _eventHandler;
             _openIdDiagnostics.Subscribe(_openIdEvents);

tests/Microsoft.Identity.Web.Test/Resource/RequiredScopeOrAppPermissionPolicyTests.cs

@@ -4,6 +4,7 @@
 using System;
 using System.Collections.Generic;
 using System.Security.Claims;
+using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.Extensions.Configuration.Memory;
 using Microsoft.Extensions.DependencyInjection;
@@ -31,7 +32,7 @@ public class RequiredScopeOrAppPermissionPolicyTests
         [InlineData(ClaimConstants.Roles)]
         [InlineData(ClaimConstants.Roles, true)]
         [RequiredScopeOrAppPermission(RequiredAppPermissionsConfigurationKey = "AzureAd:AppPermission")]
-        public async void VerifyAppHasAnyAcceptedAppPermission_TestAsync(
+        public async Task VerifyAppHasAnyAcceptedAppPermission_TestAsync(
             string claimType,
             bool withConfig = false)
         {
@@ -57,7 +58,7 @@ public async void VerifyAppHasAnyAcceptedAppPermission_TestAsync(
         [InlineData(ClaimConstants.Role, true)]
         [InlineData(ClaimConstants.Roles)]
         [InlineData(ClaimConstants.Roles, true)]
-        public async void VerifyAppHasAnyAcceptedAppPermission_OneAppPermissionMatches_TestAsync(
+        public async Task VerifyAppHasAnyAcceptedAppPermission_OneAppPermissionMatches_TestAsync(
             string claimType,
             bool withConfig = false)
         {
@@ -79,7 +80,7 @@ public async void VerifyAppHasAnyAcceptedAppPermission_OneAppPermissionMatches_T
         }
 
         [Fact]
-        public async void VerifyAppHasAnyAcceptedAppPermission_WithMismatchAppPermissionTest_FailsAsync()
+        public async Task VerifyAppHasAnyAcceptedAppPermission_WithMismatchAppPermissionTest_FailsAsync()
         {
             // Arrange
             var authorizationService = BuildAuthorizationService(
@@ -98,7 +99,7 @@ public async void VerifyAppHasAnyAcceptedAppPermission_WithMismatchAppPermission
         }
 
         [Fact]
-        public async void VerifyAppHasAnyAcceptedAppPermission_RequiredAppPermissionMissingAsync()
+        public async Task VerifyAppHasAnyAcceptedAppPermission_RequiredAppPermissionMissingAsync()
         {
             // Arrange
             var authorizationService = BuildAuthorizationService(
@@ -117,7 +118,7 @@ public async void VerifyAppHasAnyAcceptedAppPermission_RequiredAppPermissionMiss
         }
 
         [Fact]
-        public async void IncorrectPolicyName_FailsAsync()
+        public async Task IncorrectPolicyName_FailsAsync()
         {
             // Arrange
             var authorizationService = BuildAuthorizationService(
@@ -134,7 +135,7 @@ public async void IncorrectPolicyName_FailsAsync()
         }
 
         [Fact]
-        public async void VerifyAppHasAnyAcceptedScopeOrAppPermission_TestAsync()
+        public async Task VerifyAppHasAnyAcceptedScopeOrAppPermission_TestAsync()
         {
             // Arrange
             var authorizationService = BuildAuthorizationService(