Support for .NET 8 with numerous changes

.github/dependabot.yml

@@ -31,6 +31,11 @@ updates:
     update-types: ["version-update:semver-patch"]
   - dependency-name: "AzureIPNetworks"
     update-types: ["version-update:semver-patch"]
+  # Ignore major updates for packages used in multi-targeting
+  - dependency-name: "Microsoft.AspNetCore.Mvc.NewtonsoftJson"
+    update-types: ["version-update:semver-patch"]
+  - dependency-name: "Microsoft.AspNetCore.TestHost"
+    update-types: ["version-update:semver-patch"]
 - package-ecosystem: "github-actions" # See documentation for possible values
   directory: "/" # Location of package manifests
   schedule:

.github/workflows/pr.yml

@@ -39,7 +39,7 @@ jobs:
     - name: Setup .NET SDK
       uses: actions/setup-dotnet@v3
       with:
-        dotnet-version: 7.x
+        dotnet-version: 8.x
 
     - name: Start MongoDB
       uses: supercharge/[email protected]

.github/workflows/preview.yml

@@ -55,7 +55,7 @@ jobs:
     - name: Setup .NET SDK
       uses: actions/setup-dotnet@v3
       with:
-        dotnet-version: 7.x
+        dotnet-version: 8.x
 
     - name: Start MongoDB
       uses: supercharge/[email protected]
@@ -100,7 +100,7 @@ jobs:
     - name: Setup .NET SDK
       uses: actions/setup-dotnet@v3
       with:
-        dotnet-version: '7.x'
+        dotnet-version: '8.x'
         source-url: ${{ secrets.PRIVATE_FEED_URL }}
       env:
         NUGET_AUTH_TOKEN: ${{ secrets.PRIVATE_FEED_API_KEY }}
@@ -126,7 +126,7 @@ jobs:
     - name: Setup .NET SDK
       uses: actions/setup-dotnet@v3
       with:
-        dotnet-version: '7.x'
+        dotnet-version: '8.x'
         source-url: https://api.nuget.org/v3/index.json
       env:
         NUGET_AUTH_TOKEN: ${{ secrets.NUGET_API_KEY }}

.github/workflows/release.yml

@@ -52,7 +52,7 @@ jobs:
     - name: Setup .NET SDK
       uses: actions/setup-dotnet@v3
       with:
-        dotnet-version: 7.x
+        dotnet-version: 8.x
         source-url: https://api.nuget.org/v3/index.json
       env:
         NUGET_AUTH_TOKEN: ${{ secrets.NUGET_API_KEY }}

Directory.Build.props

@@ -2,7 +2,7 @@
   <!-- There is nothing else to import. -->
 
   <PropertyGroup>
-    <TargetFrameworks>net7.0</TargetFrameworks>
+    <TargetFrameworks>net7.0;net8.0</TargetFrameworks>
     <LangVersion>latest</LangVersion>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>

samples/HttpAuthenticationSample/HttpAuthenticationSample.csproj

@@ -1,8 +1,8 @@
 <Project Sdk="Microsoft.NET.Sdk.Worker">
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="7.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Hosting" Version="7.0.1" />
+    <PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="8.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Hosting" Version="8.0.0" />
   </ItemGroup>
 
   <ItemGroup>

samples/SerilogSample/SerilogSample.csproj

@@ -5,7 +5,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Extensions.Hosting" Version="7.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Hosting" Version="8.0.0" />
   </ItemGroup>
 
   <ItemGroup>

samples/TokensSample/Controllers/BooksController.cs

@@ -18,7 +18,7 @@ public IActionResult List([FromQuery] ContinuationToken<DateTimeOffset>? token)
         query = query.Take(10); // limit the number of items to pull from the database
 
         var books = query.ToList(); // pull from the database
-        last = books.Any() ? books.Last().Created : null;
+        last = books.Count != 0 ? books.Last().Created : null;
 
         if (last is not null)
         {

samples/TokensSample/Program.cs

@@ -1,6 +1,6 @@
 var builder = WebApplication.CreateBuilder(args);
 
-// see https://learn.microsoft.com/en-us/aspnet/core/security/data-protection/introduction?view=aspnetcore-7.0
+// see https://learn.microsoft.com/en-us/aspnet/core/security/data-protection/introduction?view=aspnetcore-8.0
 builder.Services.AddDataProtection();
 
 builder.Services.AddControllers()

src/Directory.Build.props

@@ -7,7 +7,7 @@
     <Deterministic>true</Deterministic>
     <!--<IsPackable>true</IsPackable>-->
     <Company>Tingle Software</Company>
-    <IsTrimmable>true</IsTrimmable>
+    <IsTrimmable Condition="$([MSBuild]::IsTargetFrameworkCompatible('$(TargetFramework)', 'net7.0'))">true</IsTrimmable>
   </PropertyGroup>
 
   <PropertyGroup>
@@ -29,11 +29,11 @@
   </PropertyGroup>
 
   <PropertyGroup Condition="$(MSBuildProjectName.StartsWith('Tingle.AspNetCore.'))">
-    <TargetFrameworks>net6.0;net7.0</TargetFrameworks>
+    <TargetFrameworks>net6.0;net7.0;net8.0</TargetFrameworks>
   </PropertyGroup>
 
   <PropertyGroup Condition="$(MSBuildProjectName.StartsWith('Tingle.Extensions.'))">
-    <TargetFrameworks>netstandard2.1;net7.0</TargetFrameworks>
+    <TargetFrameworks>netstandard2.1;net7.0;net8.0</TargetFrameworks>
   </PropertyGroup>
 
   <ItemGroup>

src/Tingle.AspNetCore.Authentication/PassThrough/PassThroughHandler.cs

@@ -11,18 +11,35 @@ namespace Tingle.AspNetCore.Authentication.PassThrough;
 /// </summary>
 public class PassThroughHandler : AuthenticationHandler<PassThroughOptions>
 {
+#if NET8_0_OR_GREATER
+
+    /// <summary>
+    /// Create an instance of <see cref="PassThroughHandler"/>
+    /// </summary>
+    /// <param name="options"></param>
+    /// <param name="logger"></param>
+    /// <param name="encoder"></param>
+    public PassThroughHandler(IOptionsMonitor<PassThroughOptions> options, ILoggerFactory logger, UrlEncoder encoder) : base(options, logger, encoder) { }
+
+#else
+
     /// <summary>
     /// Create an instance of <see cref="PassThroughHandler"/>
     /// </summary>
     /// <param name="options"></param>
     /// <param name="logger"></param>
     /// <param name="encoder"></param>
     /// <param name="clock"></param>
+    [Obsolete("ISystemClock is obsolete, use TimeProvider on AuthenticationSchemeOptions instead.")]
     public PassThroughHandler(IOptionsMonitor<PassThroughOptions> options,
                               ILoggerFactory logger,
                               UrlEncoder encoder,
                               ISystemClock clock) : base(options, logger, encoder, clock) { }
 
+#endif
+
+
+
     /// <summary>
     /// The handler calls methods on the events which give the application control at certain points where processing is occurring. 
     /// If it is not provided a default instance is supplied which does nothing when the methods are called.

src/Tingle.AspNetCore.Authentication/SharedKey/SharedKeyHandler.cs

@@ -17,17 +17,30 @@ namespace Tingle.AspNetCore.Authentication.SharedKey;
 /// </summary>
 public class SharedKeyHandler : AuthenticationHandler<SharedKeyOptions>
 {
+#if NET8_0_OR_GREATER
+    /// <summary>
+    /// Create an instance of <see cref="SharedKeyHandler"/>
+    /// </summary>
+    /// <param name="options"></param>
+    /// <param name="logger"></param>
+    /// <param name="encoder"></param>
+    public SharedKeyHandler(IOptionsMonitor<SharedKeyOptions> options, ILoggerFactory logger, UrlEncoder encoder) : base(options, logger, encoder) { }
+
+#else
+
     /// <summary>
     /// Create an instance of <see cref="SharedKeyHandler"/>
     /// </summary>
     /// <param name="options"></param>
     /// <param name="logger"></param>
     /// <param name="encoder"></param>
     /// <param name="clock"></param>
+    [Obsolete("ISystemClock is obsolete, use TimeProvider on AuthenticationSchemeOptions instead.")]
     public SharedKeyHandler(IOptionsMonitor<SharedKeyOptions> options,
                             ILoggerFactory logger,
                             UrlEncoder encoder,
                             ISystemClock clock) : base(options, logger, encoder, clock) { }
+#endif
 
     /// <summary>
     /// The handler calls methods on the events which give the application control at certain points where processing is occurring. 
@@ -131,7 +144,7 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
                 }
             }
 
-            if (validationFailures.Any())
+            if (validationFailures.Count != 0)
             {
                 var authenticationFailedContext = new AuthenticationFailedContext(Context, Scheme, Options)
                 {

src/Tingle.AspNetCore.Authentication/SharedKey/Validation/Exceptions/SharedKeyInvalidDateException.cs

@@ -1,6 +1,4 @@
-using System.Runtime.Serialization;
-
-namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
+namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
 
 ///
 [Serializable]
@@ -15,9 +13,6 @@ public SharedKeyInvalidDateException(string message) : base(message) { }
     ///
     public SharedKeyInvalidDateException(string message, Exception inner) : base(message, inner) { }
 
-    ///
-    protected SharedKeyInvalidDateException(SerializationInfo info, StreamingContext context) : base(info, context) { }
-
     /// <summary>
     /// The value supplied for date
     /// </summary>

src/Tingle.AspNetCore.Authentication/SharedKey/Validation/Exceptions/SharedKeyInvalidSignatureException.cs

@@ -1,6 +1,4 @@
-using System.Runtime.Serialization;
-
-namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
+namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
 
 ///
 [Serializable]
@@ -14,7 +12,4 @@ public SharedKeyInvalidSignatureException(string message) : base(message) { }
 
     ///
     public SharedKeyInvalidSignatureException(string message, Exception inner) : base(message, inner) { }
-
-    ///
-    protected SharedKeyInvalidSignatureException(SerializationInfo info, StreamingContext context) : base(info, context) { }
 }

src/Tingle.AspNetCore.Authentication/SharedKey/Validation/Exceptions/SharedKeyInvalidSigningKeysException.cs

@@ -1,6 +1,4 @@
-using System.Runtime.Serialization;
-
-namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
+namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
 
 ///
 [Serializable]
@@ -15,9 +13,6 @@ public SharedKeyInvalidSigningKeysException(string message) : base(message) { }
     ///
     public SharedKeyInvalidSigningKeysException(string message, Exception inner) : base(message, inner) { }
 
-    ///
-    protected SharedKeyInvalidSigningKeysException(SerializationInfo info, StreamingContext context) : base(info, context) { }
-
     /// <summary>
     /// List of invalid keys
     /// </summary>

src/Tingle.AspNetCore.Authentication/SharedKey/Validation/Exceptions/SharedKeyNoDateException.cs

@@ -1,6 +1,4 @@
-using System.Runtime.Serialization;
-
-namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
+namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
 
 ///
 [Serializable]
@@ -15,9 +13,6 @@ public SharedKeyNoDateException(string message) : base(message) { }
     ///
     public SharedKeyNoDateException(string message, Exception inner) : base(message, inner) { }
 
-    ///
-    protected SharedKeyNoDateException(SerializationInfo info, StreamingContext context) : base(info, context) { }
-
     /// <summary>
     /// List of possible header names for specifying the time
     /// </summary>

src/Tingle.AspNetCore.Authentication/SharedKey/Validation/Exceptions/SharedKeyNoKeysException.cs

@@ -1,6 +1,4 @@
-using System.Runtime.Serialization;
-
-namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
+namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
 
 ///
 [Serializable]
@@ -14,7 +12,4 @@ public SharedKeyNoKeysException(string message) : base(message) { }
 
     ///
     public SharedKeyNoKeysException(string message, Exception inner) : base(message, inner) { }
-
-    ///
-    protected SharedKeyNoKeysException(SerializationInfo info, StreamingContext context) : base(info, context) { }
 }

src/Tingle.AspNetCore.Authentication/SharedKey/Validation/Exceptions/SharedKeyTimeWindowExpiredException.cs

@@ -1,6 +1,4 @@
-using System.Runtime.Serialization;
-
-namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
+namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
 
 ///
 [Serializable]
@@ -15,9 +13,6 @@ public SharedKeyTimeWindowExpiredException(string message) : base(message) { }
     ///
     public SharedKeyTimeWindowExpiredException(string message, Exception inner) : base(message, inner) { }
 
-    ///
-    protected SharedKeyTimeWindowExpiredException(SerializationInfo info, StreamingContext context) : base(info, context) { }
-
     /// <summary>
     /// The date supplied
     /// </summary>

src/Tingle.AspNetCore.Authentication/SharedKey/Validation/Exceptions/SharedKeyTokenException.cs

@@ -1,6 +1,4 @@
-using System.Runtime.Serialization;
-
-namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
+namespace Tingle.AspNetCore.Authentication.SharedKey.Validation.Exceptions;
 
 ///
 [Serializable]
@@ -14,7 +12,4 @@ public SharedKeyTokenException(string message) : base(message) { }
 
     ///
     public SharedKeyTokenException(string message, Exception inner) : base(message, inner) { }
-
-    ///
-    protected SharedKeyTokenException(SerializationInfo info, StreamingContext context) : base(info, context) { }
 }

src/Tingle.AspNetCore.Authorization/AuthorizationPolicyBuilderExtensions.cs

@@ -26,7 +26,11 @@ public static AuthorizationPolicyBuilder RequireApprovedNetworks(this Authorizat
         if (!networks.Any()) return builder;
 
         // reduce the networks where possible (referred to as supernetting)
+#if NET8_0_OR_GREATER
+        var reduced = networks;
+#else
         var reduced = IPNetwork.Supernet(networks.ToArray());
+#endif
 
         // add the requirement
         return builder.AddRequirements(new ApprovedIPNetworkRequirement(reduced));
@@ -134,7 +138,11 @@ public static AuthorizationPolicyBuilder RequireNetworkFromDns(this Authorizatio
                 var ips = Dns.GetHostAddresses(f);
 
                 // parse the IP addresses into IP networks
+#if NET8_0_OR_GREATER
+                var rawNetworks = ips?.Select(ip => IPNetwork.Parse($"{ip}/32")) ?? Array.Empty<IPNetwork>();
+#else
                 var rawNetworks = ips?.Select(ip => IPNetwork.Parse(ip.ToString(), CidrGuess.ClassLess)) ?? Array.Empty<IPNetwork>();
+#endif
 
                 // add networks into the list if there are any
                 if (rawNetworks?.Any() ?? false)
@@ -148,7 +156,7 @@ public static AuthorizationPolicyBuilder RequireNetworkFromDns(this Authorizatio
         }
 
         // if there are no networks, return
-        if (!networks.Any()) return builder;
+        if (networks.Count == 0) return builder;
 
         // create the requirement and add it to the builder
         return builder.RequireApprovedNetworks(networks);

src/Tingle.AspNetCore.Authorization/README.md

@@ -43,7 +43,7 @@ builder.Services.AddHttpContextAccessor();
 builder.Services.AddApprovedNetworksHandler();
 ```
 
-Details of the implementation of `my_auth_scheme` authentication scheme have been omitted here since it is beyond the scope of this discussion. More details on how to handle authentication in ASP.NET Core can be found [here](https://docs.microsoft.com/en-us/aspnet/core/security/authentication/?view=aspnetcore-7.0).
+Details of the implementation of `my_auth_scheme` authentication scheme have been omitted here since it is beyond the scope of this discussion. More details on how to handle authentication in ASP.NET Core can be found [here](https://docs.microsoft.com/en-us/aspnet/core/security/authentication/?view=aspnetcore-8.0).
 
 The above code section defines `my_auth_policy` authorization policy which ensures the user who has been authenticated via the `my_auth_scheme` has access to the resource they're trying to gain access to. Using `RequireApprovedNetworks` extension method on the `AuthorizationPolicyBuilder` we can then add a comma separated list of IP networks that are approved to access the resource from.
 

src/Tingle.AspNetCore.Authorization/Tingle.AspNetCore.Authorization.csproj

@@ -10,7 +10,7 @@
 
   <ItemGroup>
     <FrameworkReference Include="Microsoft.AspNetCore.App" />
-    <PackageReference Include="AzureIPNetworks" Version="1.5.0" />
+    <PackageReference Include="AzureIPNetworks" Version="1.6.0" />
   </ItemGroup>
 
 </Project>

src/Tingle.AspNetCore.DataProtection.MongoDB/README.md

@@ -2,7 +2,7 @@
 
 Web applications often need to store security-sensitive data. Windows provides DPAPI for desktop applications, but this is unsuitable for web applications especially when running in a Docker container. The ASP.NET Core data protection stack provide a simple, easy to use cryptographic API a developer can use to protect data, including key management and rotation.
 
-Microsoft has already provided ways to persist data protection keys to [various storage systems](https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?view=aspnetcore-7.0).
+Microsoft has already provided ways to persist data protection keys to [various storage systems](https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/overview?view=aspnetcore-8.0).
 
 This package provides the functionality to persist the data protection keys to MongoDB.