diff --git a/.config/CredScanSuppressions.json b/.config/CredScanSuppressions.json
index 2f6299934db2..ad56dd7cb027 100644
--- a/.config/CredScanSuppressions.json
+++ b/.config/CredScanSuppressions.json
@@ -20,6 +20,58 @@
{
"placeholder": "1qaz@WSX",
"_justification": "This is a fake password used in test code."
- }
+ },
+ {
+ "file": "\\src\\DataProtection\\Extensions\\test\\TestFiles\\TestCert.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\DataProtection\\Extensions\\test\\TestFiles\\TestCert2.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\DefaultBuilder\\test\\Microsoft.AspNetCore.FunctionalTests\\testCert.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\DataProtection\\DataProtection\\test\\TestFiles\\TestCert1.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\DataProtection\\DataProtection\\test\\TestFiles\\TestCert2.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\Middleware\\WebSockets\\test\\ConformanceTests\\AutobahnTestApp\\TestResources\\testCert.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\Servers\\Kestrel\\shared\\test\\TestCertificates\\aspnetdevcert.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\Servers\\Kestrel\\shared\\test\\TestCertificates\\eku.client.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\Servers\\Kestrel\\shared\\test\\TestCertificates\\eku.code_signing.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\Servers\\Kestrel\\shared\\test\\TestCertificates\\eku.multiple_usages.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\Servers\\Kestrel\\shared\\test\\TestCertificates\\eku.server.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\Servers\\Kestrel\\shared\\test\\TestCertificates\\no_extensions.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
+ {
+ "file": "\\src\\Servers\\Kestrel\\shared\\test\\TestCertificates\\testCert.pfx",
+ "_justification": "Legitimate UT certificate file with private key"
+ },
]
}
diff --git a/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/AuthenticatedEncryptorDescriptorTests.cs b/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/AuthenticatedEncryptorDescriptorTests.cs
index 0bed1de2e462..a83d8fc8e4a0 100644
--- a/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/AuthenticatedEncryptorDescriptorTests.cs
+++ b/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/AuthenticatedEncryptorDescriptorTests.cs
@@ -4,6 +4,7 @@
using System;
using System.Globalization;
using System.Security.Cryptography;
+using System.Text;
using System.Text.RegularExpressions;
using Microsoft.AspNetCore.Cryptography.Cng;
using Microsoft.AspNetCore.Cryptography.SafeHandles;
@@ -118,20 +119,20 @@ public void CreateAuthenticatedEncryptor_RoundTripsData_ManagedImplementation(
public void ExportToXml_ProducesCorrectPayload_Cbc()
{
// Arrange
- var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
- var descriptor = CreateDescriptor(EncryptionAlgorithm.AES_192_CBC, ValidationAlgorithm.HMACSHA512, masterKey);
+ var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
+ var descriptor = CreateDescriptor(EncryptionAlgorithm.AES_192_CBC, ValidationAlgorithm.HMACSHA512, masterKey.ToSecret());
// Act
var retVal = descriptor.ExportToXml();
// Assert
Assert.Equal(typeof(AuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
- const string expectedXml = @"
+ var expectedXml = $@"
- k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==
+ {masterKey}
";
XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
@@ -141,20 +142,20 @@ public void ExportToXml_ProducesCorrectPayload_Cbc()
public void ExportToXml_ProducesCorrectPayload_Gcm()
{
// Arrange
- var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
- var descriptor = CreateDescriptor(EncryptionAlgorithm.AES_192_GCM, ValidationAlgorithm.HMACSHA512, masterKey);
+ var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
+ var descriptor = CreateDescriptor(EncryptionAlgorithm.AES_192_GCM, ValidationAlgorithm.HMACSHA512, masterKey.ToSecret());
// Act
var retVal = descriptor.ExportToXml();
// Assert
Assert.Equal(typeof(AuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
- const string expectedXml = @"
+ var expectedXml = $@"
- k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==
+ {masterKey}
";
XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
diff --git a/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngCbcAuthenticatedEncryptorDescriptorTests.cs b/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngCbcAuthenticatedEncryptorDescriptorTests.cs
index 090465fb136e..6e251e03e9fb 100644
--- a/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngCbcAuthenticatedEncryptorDescriptorTests.cs
+++ b/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngCbcAuthenticatedEncryptorDescriptorTests.cs
@@ -2,6 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
+using System.Text;
using Xunit;
namespace Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel
@@ -12,7 +13,7 @@ public class CngCbcAuthenticatedEncryptorDescriptorTests
public void ExportToXml_WithProviders_ProducesCorrectPayload()
{
// Arrange
- var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
+ var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
var descriptor = new CngCbcAuthenticatedEncryptorDescriptor(new CngCbcAuthenticatedEncryptorConfiguration()
{
EncryptionAlgorithm = "enc-alg",
@@ -20,19 +21,19 @@ public void ExportToXml_WithProviders_ProducesCorrectPayload()
EncryptionAlgorithmProvider = "enc-alg-prov",
HashAlgorithm = "hash-alg",
HashAlgorithmProvider = "hash-alg-prov"
- }, masterKey);
+ }, masterKey.ToSecret());
// Act
var retVal = descriptor.ExportToXml();
// Assert
Assert.Equal(typeof(CngCbcAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
- const string expectedXml = @"
+ var expectedXml = $@"
- k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==
+ {masterKey}
";
XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
@@ -42,25 +43,25 @@ public void ExportToXml_WithProviders_ProducesCorrectPayload()
public void ExportToXml_WithoutProviders_ProducesCorrectPayload()
{
// Arrange
- var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
+ var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
var descriptor = new CngCbcAuthenticatedEncryptorDescriptor(new CngCbcAuthenticatedEncryptorConfiguration()
{
EncryptionAlgorithm = "enc-alg",
EncryptionAlgorithmKeySize = 2048,
HashAlgorithm = "hash-alg"
- }, masterKey);
+ }, masterKey.ToSecret());
// Act
var retVal = descriptor.ExportToXml();
// Assert
Assert.Equal(typeof(CngCbcAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
- const string expectedXml = @"
+ var expectedXml = $@"
- k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==
+ {masterKey}
";
XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
diff --git a/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngGcmAuthenticatedEncryptorDescriptorDeserializerTests.cs b/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngGcmAuthenticatedEncryptorDescriptorDeserializerTests.cs
index 05845dfde04c..7b0b5214a800 100644
--- a/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngGcmAuthenticatedEncryptorDescriptorDeserializerTests.cs
+++ b/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngGcmAuthenticatedEncryptorDescriptorDeserializerTests.cs
@@ -2,6 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
+using System.Text;
using System.Xml.Linq;
using Microsoft.AspNetCore.Cryptography;
using Microsoft.AspNetCore.DataProtection.KeyManagement;
@@ -19,6 +20,7 @@ public class CngGcmAuthenticatedEncryptorDescriptorDeserializerTests
public void ImportFromXml_CreatesAppropriateDescriptor()
{
// Arrange
+ var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
var descriptor = new CngGcmAuthenticatedEncryptorDescriptor(
new CngGcmAuthenticatedEncryptorConfiguration()
{
@@ -26,13 +28,13 @@ public void ImportFromXml_CreatesAppropriateDescriptor()
EncryptionAlgorithmKeySize = 192,
EncryptionAlgorithmProvider = null
},
- "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret());
+ masterKey.ToSecret());
var control = CreateEncryptorInstanceFromDescriptor(descriptor);
- const string xml = @"
+ var xml = $@"
- k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==
+ {masterKey}
";
var deserializedDescriptor = new CngGcmAuthenticatedEncryptorDescriptorDeserializer().ImportFromXml(XElement.Parse(xml));
var test = CreateEncryptorInstanceFromDescriptor(deserializedDescriptor as CngGcmAuthenticatedEncryptorDescriptor);
diff --git a/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngGcmAuthenticatedEncryptorDescriptorTests.cs b/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngGcmAuthenticatedEncryptorDescriptorTests.cs
index 933f7e7d8564..16fcfd2cd74d 100644
--- a/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngGcmAuthenticatedEncryptorDescriptorTests.cs
+++ b/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/CngGcmAuthenticatedEncryptorDescriptorTests.cs
@@ -2,6 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
+using System.Text;
using Xunit;
namespace Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel
@@ -12,24 +13,24 @@ public class CngGcmAuthenticatedEncryptorDescriptorTests
public void ExportToXml_WithProviders_ProducesCorrectPayload()
{
// Arrange
- var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
+ var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
var descriptor = new CngGcmAuthenticatedEncryptorDescriptor(new CngGcmAuthenticatedEncryptorConfiguration()
{
EncryptionAlgorithm = "enc-alg",
EncryptionAlgorithmKeySize = 2048,
EncryptionAlgorithmProvider = "enc-alg-prov"
- }, masterKey);
+ }, masterKey.ToSecret());
// Act
var retVal = descriptor.ExportToXml();
// Assert
Assert.Equal(typeof(CngGcmAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
- const string expectedXml = @"
+ var expectedXml = $@"
- k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==
+ {masterKey}
";
XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
@@ -39,23 +40,23 @@ public void ExportToXml_WithProviders_ProducesCorrectPayload()
public void ExportToXml_WithoutProviders_ProducesCorrectPayload()
{
// Arrange
- var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
+ var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
var descriptor = new CngGcmAuthenticatedEncryptorDescriptor(new CngGcmAuthenticatedEncryptorConfiguration()
{
EncryptionAlgorithm = "enc-alg",
EncryptionAlgorithmKeySize = 2048
- }, masterKey);
+ }, masterKey.ToSecret());
// Act
var retVal = descriptor.ExportToXml();
// Assert
Assert.Equal(typeof(CngGcmAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
- const string expectedXml = @"
+ var expectedXml = $@"
- k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==
+ {masterKey}
";
XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
diff --git a/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/ManagedAuthenticatedEncryptorDescriptorTests.cs b/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/ManagedAuthenticatedEncryptorDescriptorTests.cs
index 4e4f4534484e..3aaa9abe3f1e 100644
--- a/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/ManagedAuthenticatedEncryptorDescriptorTests.cs
+++ b/src/DataProtection/DataProtection/test/AuthenticatedEncryption/ConfigurationModel/ManagedAuthenticatedEncryptorDescriptorTests.cs
@@ -3,6 +3,7 @@
using System;
using System.Security.Cryptography;
+using System.Text;
using Xunit;
namespace Microsoft.AspNetCore.DataProtection.AuthenticatedEncryption.ConfigurationModel
@@ -13,28 +14,27 @@ public class ManagedAuthenticatedEncryptorDescriptorTests
public void ExportToXml_CustomTypes_ProducesCorrectPayload()
{
// Arrange
- var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
+ var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
var descriptor = new ManagedAuthenticatedEncryptorDescriptor(new ManagedAuthenticatedEncryptorConfiguration()
{
EncryptionAlgorithmType = typeof(MySymmetricAlgorithm),
EncryptionAlgorithmKeySize = 2048,
ValidationAlgorithmType = typeof(MyKeyedHashAlgorithm)
- }, masterKey);
+ }, masterKey.ToSecret());
// Act
var retVal = descriptor.ExportToXml();
// Assert
Assert.Equal(typeof(ManagedAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
- string expectedXml = string.Format(@"
+ var expectedXml = $@"
-
-
+
+
- k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==
+ {masterKey}
- ",
- typeof(MySymmetricAlgorithm).AssemblyQualifiedName, typeof(MyKeyedHashAlgorithm).AssemblyQualifiedName);
+ ";
XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
}
@@ -46,28 +46,27 @@ public void ExportToXml_CustomTypes_ProducesCorrectPayload()
public void ExportToXml_BuiltInTypes_ProducesCorrectPayload(Type encryptionAlgorithmType, Type validationAlgorithmType)
{
// Arrange
- var masterKey = "k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==".ToSecret();
+ var masterKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("[PLACEHOLDER]"));
var descriptor = new ManagedAuthenticatedEncryptorDescriptor(new ManagedAuthenticatedEncryptorConfiguration()
{
EncryptionAlgorithmType = encryptionAlgorithmType,
EncryptionAlgorithmKeySize = 2048,
ValidationAlgorithmType = validationAlgorithmType
- }, masterKey);
+ }, masterKey.ToSecret());
// Act
var retVal = descriptor.ExportToXml();
// Assert
Assert.Equal(typeof(ManagedAuthenticatedEncryptorDescriptorDeserializer), retVal.DeserializerType);
- string expectedXml = string.Format(@"
+ var expectedXml = $@"
-
-
+
+
- k88VrwGLINfVAqzlAp7U4EAjdlmUG17c756McQGdjHU8Ajkfc/A3YOKdqlMcF6dXaIxATED+g2f62wkRRRRRzA==
+ {masterKey}
- ",
- encryptionAlgorithmType.Name, validationAlgorithmType.Name);
+ ";
XmlAssert.Equal(expectedXml, retVal.SerializedDescriptorElement);
}
diff --git a/src/Http/Headers/test/CacheControlHeaderValueTest.cs b/src/Http/Headers/test/CacheControlHeaderValueTest.cs
index 51e8ce5f5805..2c0143c3d7ff 100644
--- a/src/Http/Headers/test/CacheControlHeaderValueTest.cs
+++ b/src/Http/Headers/test/CacheControlHeaderValueTest.cs
@@ -48,17 +48,17 @@ public void Properties_SetAndGetAllProperties_SetValueReturnedInGetter()
// String collection properties
Assert.NotNull(cacheControl.NoCacheHeaders);
Assert.Throws(() => cacheControl.NoCacheHeaders.Add(null));
- Assert.Throws(() => cacheControl.NoCacheHeaders.Add("invalid token"));
- cacheControl.NoCacheHeaders.Add("token");
+ Assert.Throws(() => cacheControl.NoCacheHeaders.Add("invalid PLACEHOLDER"));
+ cacheControl.NoCacheHeaders.Add("PLACEHOLDER");
Assert.Equal(1, cacheControl.NoCacheHeaders.Count);
- Assert.Equal("token", cacheControl.NoCacheHeaders.First());
+ Assert.Equal("PLACEHOLDER", cacheControl.NoCacheHeaders.First());
Assert.NotNull(cacheControl.PrivateHeaders);
Assert.Throws(() => cacheControl.PrivateHeaders.Add(null));
- Assert.Throws(() => cacheControl.PrivateHeaders.Add("invalid token"));
- cacheControl.PrivateHeaders.Add("token");
+ Assert.Throws(() => cacheControl.PrivateHeaders.Add("invalid PLACEHOLDER"));
+ cacheControl.PrivateHeaders.Add("PLACEHOLDER");
Assert.Equal(1, cacheControl.PrivateHeaders.Count);
- Assert.Equal("token", cacheControl.PrivateHeaders.First());
+ Assert.Equal("PLACEHOLDER", cacheControl.PrivateHeaders.First());
// NameValueHeaderValue collection property
Assert.NotNull(cacheControl.Extensions);
@@ -115,21 +115,21 @@ public void ToString_UseResponseDirectiveValues_AllSerializedCorrectly()
cacheControl.NoCache = true;
Assert.Equal("no-cache", cacheControl.ToString());
- cacheControl.NoCacheHeaders.Add("token1");
- Assert.Equal("no-cache=\"token1\"", cacheControl.ToString());
+ cacheControl.NoCacheHeaders.Add("PLACEHOLDER1");
+ Assert.Equal("no-cache=\"PLACEHOLDER1\"", cacheControl.ToString());
cacheControl.Public = true;
- Assert.Equal("public, no-cache=\"token1\"", cacheControl.ToString());
+ Assert.Equal("public, no-cache=\"PLACEHOLDER1\"", cacheControl.ToString());
cacheControl = new CacheControlHeaderValue();
cacheControl.Private = true;
Assert.Equal("private", cacheControl.ToString());
- cacheControl.PrivateHeaders.Add("token2");
- cacheControl.PrivateHeaders.Add("token3");
- Assert.Equal("private=\"token2, token3\"", cacheControl.ToString());
+ cacheControl.PrivateHeaders.Add("PLACEHOLDER2");
+ cacheControl.PrivateHeaders.Add("PLACEHOLDER3");
+ Assert.Equal("private=\"PLACEHOLDER2, PLACEHOLDER3\"", cacheControl.ToString());
cacheControl.MustRevalidate = true;
- Assert.Equal("must-revalidate, private=\"token2, token3\"", cacheControl.ToString());
+ Assert.Equal("must-revalidate, private=\"PLACEHOLDER2, PLACEHOLDER3\"", cacheControl.ToString());
cacheControl.ProxyRevalidate = true;
- Assert.Equal("must-revalidate, proxy-revalidate, private=\"token2, token3\"", cacheControl.ToString());
+ Assert.Equal("must-revalidate, proxy-revalidate, private=\"PLACEHOLDER2, PLACEHOLDER3\"", cacheControl.ToString());
}
[Fact]
@@ -218,21 +218,21 @@ public void GetHashCode_CompareCollectionFieldsSet_MatchExpectation()
var cacheControl5 = new CacheControlHeaderValue();
cacheControl1.NoCache = true;
- cacheControl1.NoCacheHeaders.Add("token2");
+ cacheControl1.NoCacheHeaders.Add("PLACEHOLDER2");
cacheControl2.NoCache = true;
- cacheControl2.NoCacheHeaders.Add("token1");
- cacheControl2.NoCacheHeaders.Add("token2");
+ cacheControl2.NoCacheHeaders.Add("PLACEHOLDER1");
+ cacheControl2.NoCacheHeaders.Add("PLACEHOLDER2");
CompareHashCodes(cacheControl1, cacheControl2, false);
- cacheControl1.NoCacheHeaders.Add("token1");
+ cacheControl1.NoCacheHeaders.Add("PLACEHOLDER1");
CompareHashCodes(cacheControl1, cacheControl2, true);
// Since NoCache and Private generate different hash codes, even if NoCacheHeaders and PrivateHeaders
// have the same values, the hash code will be different.
cacheControl3.Private = true;
- cacheControl3.PrivateHeaders.Add("token2");
+ cacheControl3.PrivateHeaders.Add("PLACEHOLDER2");
CompareHashCodes(cacheControl1, cacheControl3, false);
@@ -343,27 +343,27 @@ public void Equals_CompareCollectionFieldsSet_MatchExpectation()
var cacheControl6 = new CacheControlHeaderValue();
cacheControl1.NoCache = true;
- cacheControl1.NoCacheHeaders.Add("token2");
+ cacheControl1.NoCacheHeaders.Add("PLACEHOLDER2");
Assert.False(cacheControl1.Equals(null), "Compare with 'null'");
cacheControl2.NoCache = true;
- cacheControl2.NoCacheHeaders.Add("token1");
- cacheControl2.NoCacheHeaders.Add("token2");
+ cacheControl2.NoCacheHeaders.Add("PLACEHOLDER1");
+ cacheControl2.NoCacheHeaders.Add("PLACEHOLDER2");
CompareValues(cacheControl1, cacheControl2, false);
- cacheControl1.NoCacheHeaders.Add("token1");
+ cacheControl1.NoCacheHeaders.Add("PLACEHOLDER1");
CompareValues(cacheControl1, cacheControl2, true);
// Since NoCache and Private generate different hash codes, even if NoCacheHeaders and PrivateHeaders
// have the same values, the hash code will be different.
cacheControl3.Private = true;
- cacheControl3.PrivateHeaders.Add("token2");
+ cacheControl3.PrivateHeaders.Add("PLACEHOLDER2");
CompareValues(cacheControl1, cacheControl3, false);
cacheControl4.Private = true;
- cacheControl4.PrivateHeaders.Add("token3");
+ cacheControl4.PrivateHeaders.Add("PLACEHOLDER3");
CompareValues(cacheControl3, cacheControl4, false);
cacheControl5.Extensions.Add(new NameValueHeaderValue("custom"));
@@ -386,9 +386,9 @@ public void TryParse_DifferentValidScenarios_AllReturnTrue()
expected = new CacheControlHeaderValue();
expected.NoCache = true;
- expected.NoCacheHeaders.Add("token1");
- expected.NoCacheHeaders.Add("token2");
- CheckValidTryParse("no-cache=\"token1, token2\"", expected);
+ expected.NoCacheHeaders.Add("PLACEHOLDER1");
+ expected.NoCacheHeaders.Add("PLACEHOLDER2");
+ CheckValidTryParse("no-cache=\"PLACEHOLDER1, PLACEHOLDER2\"", expected);
expected = new CacheControlHeaderValue();
expected.NoStore = true;
@@ -406,12 +406,12 @@ public void TryParse_DifferentValidScenarios_AllReturnTrue()
expected = new CacheControlHeaderValue();
expected.Public = true;
expected.Private = true;
- expected.PrivateHeaders.Add("token1");
+ expected.PrivateHeaders.Add("PLACEHOLDER1");
expected.MustRevalidate = true;
expected.ProxyRevalidate = true;
expected.Extensions.Add(new NameValueHeaderValue("c", "d"));
expected.Extensions.Add(new NameValueHeaderValue("a", "b"));
- CheckValidTryParse(",public, , private=\"token1\", must-revalidate, c=d, proxy-revalidate, a=b", expected);
+ CheckValidTryParse(",public, , private=\"PLACEHOLDER1\", must-revalidate, c=d, proxy-revalidate, a=b", expected);
expected = new CacheControlHeaderValue();
expected.Private = true;
@@ -428,7 +428,7 @@ public void TryParse_DifferentValidScenarios_AllReturnTrue()
[InlineData(null)]
[InlineData("")]
[InlineData(" ")]
- // Token-only values
+ // PLACEHOLDER-only values
[InlineData("no-store=15")]
[InlineData("no-store=")]
[InlineData("no-transform=a")]
@@ -441,17 +441,17 @@ public void TryParse_DifferentValidScenarios_AllReturnTrue()
[InlineData("must-revalidate=")]
[InlineData("proxy-revalidate=x")]
[InlineData("proxy-revalidate=")]
- // Token with optional field-name list
+ // PLACEHOLDER with optional field-name list
[InlineData("no-cache=")]
- [InlineData("no-cache=token")]
- [InlineData("no-cache=\"token")]
- [InlineData("no-cache=\"\"")] // at least one token expected as value
+ [InlineData("no-cache=PLACEHOLDER")]
+ [InlineData("no-cache=\"PLACEHOLDER")]
+ [InlineData("no-cache=\"\"")] // at least one PLACEHOLDER expected as value
[InlineData("private=")]
- [InlineData("private=token")]
- [InlineData("private=\"token")]
- [InlineData("private=\",\"")] // at least one token expected as value
+ [InlineData("private=PLACEHOLDER")]
+ [InlineData("private=\"PLACEHOLDER")]
+ [InlineData("private=\",\"")] // at least one PLACEHOLDER expected as value
[InlineData("private=\"=\"")]
- // Token with delta-seconds value
+ // PLACEHOLDER with delta-seconds value
[InlineData("max-age")]
[InlineData("max-age=")]
[InlineData("max-age=a")]
diff --git a/src/Security/Authentication/test/FacebookTests.cs b/src/Security/Authentication/test/FacebookTests.cs
index b909be9fdc2b..61bed5bd3898 100644
--- a/src/Security/Authentication/test/FacebookTests.cs
+++ b/src/Security/Authentication/test/FacebookTests.cs
@@ -29,7 +29,7 @@ public class FacebookTests
private void ConfigureDefaults(FacebookOptions o)
{
o.AppId = "whatever";
- o.AppSecret = "whatever";
+ o.AppSecret = "PLACEHOLDER";
o.SignInScheme = "auth1";
}
@@ -429,7 +429,7 @@ public async Task VerifySignInSchemeCannotBeSetToSelf()
services => services.AddAuthentication().AddFacebook(o =>
{
o.AppId = "whatever";
- o.AppSecret = "whatever";
+ o.AppSecret = "PLACEHOLDER";
o.SignInScheme = FacebookDefaults.AuthenticationScheme;
}),
async context =>
@@ -449,7 +449,7 @@ public async Task VerifySignInSchemeCannotBeSetToSelfUsingDefaultScheme()
services => services.AddAuthentication(o => o.DefaultScheme = FacebookDefaults.AuthenticationScheme).AddFacebook(o =>
{
o.AppId = "whatever";
- o.AppSecret = "whatever";
+ o.AppSecret = "PLACEHOLDER";
}),
async context =>
{
@@ -468,7 +468,7 @@ public async Task VerifySignInSchemeCannotBeSetToSelfUsingDefaultSignInScheme()
services => services.AddAuthentication(o => o.DefaultSignInScheme = FacebookDefaults.AuthenticationScheme).AddFacebook(o =>
{
o.AppId = "whatever";
- o.AppSecret = "whatever";
+ o.AppSecret = "PLACEHOLDER";
}),
async context =>
{
@@ -497,7 +497,7 @@ public async Task ThrowsIfAppIdMissing()
{
var server = CreateServer(
app => { },
- services => services.AddAuthentication().AddFacebook(o => o.SignInScheme = "Whatever"),
+ services => services.AddAuthentication().AddFacebook(o => o.SignInScheme = "PLACEHOLDER"),
async context =>
{
await Assert.ThrowsAsync("AppId", () => context.ChallengeAsync("Facebook"));
diff --git a/src/Security/Authentication/test/TwitterTests.cs b/src/Security/Authentication/test/TwitterTests.cs
index c1937d136ce6..d07648c0958b 100644
--- a/src/Security/Authentication/test/TwitterTests.cs
+++ b/src/Security/Authentication/test/TwitterTests.cs
@@ -22,8 +22,8 @@ public class TwitterTests
{
private void ConfigureDefaults(TwitterOptions o)
{
- o.ConsumerKey = "whatever";
- o.ConsumerSecret = "whatever";
+ o.ConsumerKey = "PLACEHOLDER";
+ o.ConsumerSecret = "PLACEHOLDER";
o.SignInScheme = "auth1";
}
diff --git a/src/Servers/HttpSys/samples/TestClient/Program.cs b/src/Servers/HttpSys/samples/TestClient/Program.cs
index f57945de4250..00dee4e61a2d 100644
--- a/src/Servers/HttpSys/samples/TestClient/Program.cs
+++ b/src/Servers/HttpSys/samples/TestClient/Program.cs
@@ -19,7 +19,7 @@ public static void Main(string[] args)
WebRequestHandler handler = new WebRequestHandler();
handler.ServerCertificateValidationCallback = (_, __, ___, ____) => true;
// handler.UseDefaultCredentials = true;
- handler.Credentials = new NetworkCredential(@"redmond\chrross", "passwird");
+ handler.Credentials = new NetworkCredential(@"redmond\chrross", "PLACEHOLDER");
HttpClient client = new HttpClient(handler);
/*