Merge branch 'dev' into dev-v9

Author: martincostello

.github/workflows/build.yml

@@ -126,6 +126,7 @@ jobs:
         }
         if ($invalidPackages -gt 0) {
           Write-Output "::error::$invalidPackages NuGet package(s) failed validation."
+          exit 1
         }
 
   publish-myget:

.github/workflows/code-scan.yml

@@ -34,14 +34,14 @@ jobs:
       uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
+      uses: github/codeql-action/init@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8
       with:
         languages: ${{ matrix.language }}
 
     - name: Autobuild
-      uses: github/codeql-action/autobuild@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
+      uses: github/codeql-action/autobuild@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
+      uses: github/codeql-action/analyze@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8
       with:
         category: "/language:${{ matrix.language }}"

.github/workflows/update-dotnet-sdks.yml

@@ -21,7 +21,7 @@ permissions:
 jobs:
   update-sdk:
     name: Update .NET SDK
-    uses: martincostello/update-dotnet-sdk/.github/workflows/update-dotnet-sdk.yml@68300a9120c745ca0ff120e2940b63ef1ad2c725 # v3.2.2
+    uses: martincostello/update-dotnet-sdk/.github/workflows/update-dotnet-sdk.yml@67d6e2b14939c06978a7f80444157296c3defe14 # v3.2.3
     permissions:
       contents: write
       pull-requests: write

Directory.Packages.props

@@ -3,7 +3,7 @@
   <ItemGroup>
     <PackageVersion Include="JetBrains.Annotations" Version="2023.3.0" />
     <PackageVersion Include="JustEat.HttpClientInterception" Version="4.3.0" />
-    <PackageVersion Include="MartinCostello.Logging.XUnit" Version="0.3.0" />
+    <PackageVersion Include="MartinCostello.Logging.XUnit" Version="0.4.0" />
     <PackageVersion Include="Microsoft.AspNetCore.Authentication.Google" Version="9.0.0-preview.4.24267.6" />
     <PackageVersion Include="Microsoft.AspNetCore.Mvc.Testing" Version="9.0.0-preview.4.24267.6" />
     <PackageVersion Include="Microsoft.AspNetCore.TestHost" Version="9.0.0-preview.4.24267.6" />

src/AspNet.Security.OAuth.AdobeIO/AdobeIOAuthenticationHandler.cs

@@ -42,7 +42,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.Amazon/AmazonAuthenticationHandler.cs

@@ -57,7 +57,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile from Amazon.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.AmoCrm/AmoCrmAuthenticationHandler.cs

@@ -51,7 +51,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile from amoCRM.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.ArcGIS/ArcGISAuthenticationHandler.cs

@@ -43,7 +43,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
 
         // Request the token
         using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         // Note: error responses always return 200 status codes.
         if (payload.RootElement.TryGetProperty("error", out var error))

src/AspNet.Security.OAuth.Asana/AsanaAuthenticationHandler.cs

@@ -39,7 +39,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.Autodesk/AutodeskAuthenticationHandler.cs

@@ -40,7 +40,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.Baidu/BaiduAuthenticationHandler.cs

@@ -41,7 +41,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.Basecamp/BasecampAuthenticationHandler.cs

@@ -39,7 +39,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.BattleNet/BattleNetAuthenticationHandler.cs

@@ -41,7 +41,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.Bitbucket/BitbucketAuthenticationHandler.cs

@@ -39,7 +39,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
@@ -76,7 +77,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the email address associated to the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         return (from address in payload.RootElement.GetProperty("values").EnumerateArray()
                 where address.GetProperty("is_primary").GetBoolean()

src/AspNet.Security.OAuth.Buffer/BufferAuthenticationHandler.cs

@@ -39,7 +39,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.CiscoSpark/CiscoSparkAuthenticationHandler.cs

@@ -39,7 +39,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.Coinbase/CoinbaseAuthenticationHandler.cs

@@ -39,7 +39,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement.GetProperty("data"));

src/AspNet.Security.OAuth.Deezer/DeezerAuthenticationHandler.cs

@@ -55,7 +55,8 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
             return OAuthTokenResponse.Failed(new Exception("An error occurred while retrieving an OAuth token."));
         }
 
-        var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
         return OAuthTokenResponse.Success(payload);
     }
 
@@ -76,7 +77,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.DeviantArt/DeviantArtAuthenticationHandler.cs

@@ -39,7 +39,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.DigitalOcean/DigitalOceanAuthenticationHandler.cs

@@ -75,7 +75,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var account = payload.RootElement.GetProperty("account");
 

src/AspNet.Security.OAuth.Discord/DiscordAuthenticationHandler.cs

@@ -55,7 +55,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.Dropbox/DropboxAuthenticationHandler.cs

@@ -55,7 +55,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);

src/AspNet.Security.OAuth.Ebay/EbayAuthenticationHandler.cs

@@ -37,7 +37,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull]
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
@@ -82,7 +83,8 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
             return OAuthTokenResponse.Failed(new Exception("An error occurred while retrieving an access token."));
         }
 
-        var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         return OAuthTokenResponse.Success(payload);
     }

src/AspNet.Security.OAuth.ExactOnline/ExactOnlineAuthenticationHandler.cs

@@ -40,7 +40,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
         var user = payload.RootElement
             .GetProperty("d")
             .GetProperty("results")

src/AspNet.Security.OAuth.Feishu/FeishuAuthenticationHandler.cs

@@ -39,7 +39,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
             throw new HttpRequestException("An error occurred while retrieving the user profile.");
         }
 
-        using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+        using var stream = await response.Content.ReadAsStreamAsync(Context.RequestAborted);
+        using var payload = await JsonDocument.ParseAsync(stream, cancellationToken: Context.RequestAborted);
 
         var principal = new ClaimsPrincipal(identity);
         var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);