Updated to .NET 10

.github/workflows/ci.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        dotnet-version: [ '8.0.x' ]
+        dotnet-version: [ '10.0.x' ]
 
     steps:
     - uses: actions/checkout@v4
@@ -42,7 +42,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        dotnet-version: [ '8.0.x' ]
+        dotnet-version: [ '10.0.x' ]
 
     steps:
     - uses: actions/checkout@v4

.github/workflows/pack-and-push.yml

@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        dotnet-version: [ '8.0.x' ]
+        dotnet-version: [ '10.0.x' ]
 
     steps:
     - uses: actions/checkout@v4

src/JWTGuard.SampleApi/JWTGuard.SampleApi.csproj

@@ -1,17 +1,17 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net8.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="[8.0.10,9.0.0)" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="[10.0.3,11.0.0)" />
   </ItemGroup>
 
-    <ItemGroup>
-        <InternalsVisibleTo Include="JWTGuard" />
-    </ItemGroup>
+  <ItemGroup>
+    <InternalsVisibleTo Include="JWTGuard" />
+  </ItemGroup>
 
 </Project>

src/JWTGuard.SampleApi/Program.cs

@@ -15,7 +15,7 @@
         options.Authority = authority;
         options.Audience = "api";
 
         IEnumerable<SecurityKey> AllowSpecialCases(string token, SecurityToken securityToken, string kid, TokenValidationParameters parameters)
         {
             var header = JwtHeader.Base64UrlDeserialize(token.Split('.')[0]);
 
@@ -39,7 +39,7 @@
                 var certPem = (x5c as List<object>)![0] as string;
 
                 SecurityKey? securityKey;
-                if (certPem.Contains("RSA PUBLIC", StringComparison.Ordinal))
+                if (certPem is not null && certPem.Contains("RSA PUBLIC", StringComparison.Ordinal))
                 {
                     var rsaSecurityKey = new RsaSecurityKey(RSA.Create());
                     rsaSecurityKey.Rsa.ImportFromPem(certPem);
@@ -82,7 +82,7 @@
                 return [JsonWebKeyConverter.ConvertFromSecurityKey(securityKey)];
             }
 
-            return Array.Empty<SecurityKey>();
+            return [];
         }
 
         options.TokenValidationParameters = new()
@@ -146,6 +146,4 @@
 record WeatherForecast(DateOnly Date, int TemperatureC, string? Summary)
 {
     public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);
-}
-
-public partial class Program {}
+}

src/JWTGuard/Helpers/JwtBuilder.cs

@@ -3,8 +3,7 @@
 using System.Text;
 
 using Duende.IdentityServer.Test;
-
-using IdentityModel;
+using Duende.IdentityModel;
 
 using Microsoft.IdentityModel.JsonWebTokens;
 using Microsoft.IdentityModel.Tokens;

src/JWTGuard/JWTGuard.csproj

@@ -1,19 +1,20 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
-    <TargetFramework>net8.0</TargetFramework>
+    <TargetFramework>net10.0</TargetFramework>
+    <OutputType>Exe</OutputType>
     <ImplicitUsings>enable</ImplicitUsings>
     <Nullable>enable</Nullable>
     <IsTestProject>true</IsTestProject>
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Duende.IdentityServer" Version="[7.0.8,8.0.0)" />
-    <PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" Version="[8.0.10,9.0.0)" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="[17.11.1,18.0.0)" />
-    <PackageReference Include="xunit" Version="[2.9.2,3.0.0)" />
-    <PackageReference Include="xunit.runner.visualstudio" Version="[2.8.2,3.0.0)">
+    <PackageReference Include="Duende.IdentityServer" Version="[7.4.6,8.0.0)" />
+    <PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" Version="[10.0.3,11.0.0)" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="[18.3.0,19.0.0)" />
+    <PackageReference Include="xunit.v3" Version="[3.2.2,4.0.0)" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="[3.1.5,4.0.0)">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>

src/JWTGuard/Tests/AudienceTests.cs

@@ -1,5 +1,4 @@
-using System.Net;
-using System.Net.Http.Headers;
+using System.Net.Http.Headers;
 
 using JWTGuard.Helpers;
 
@@ -27,7 +26,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Authorized_For_Allowed_Audiences(
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertAuthorizedResponse(response);
@@ -48,7 +47,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Unauthorized_For_Disallowed_Audie
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertUnauthorizedResponse(response);
@@ -67,7 +66,7 @@ private Task<string> GetJwtAsync(string audience)
     public static TheoryData<string?> GetAllowedAudiences()
     {
         return TestSettings.CurrentTestSettings.AllowedAudiences.Count == 0
-            ? new TheoryData<string?>([null])
+            ? new TheoryData<string?>((string?)null)
             : new TheoryData<string?>(TestSettings.CurrentTestSettings.AllowedAudiences);
     }
 
@@ -77,7 +76,7 @@ private Task<string> GetJwtAsync(string audience)
     public static TheoryData<string?> GetDisallowedAudiences()
     {
         return TestSettings.CurrentTestSettings.DisallowedAudiences.Count == 0
-            ? new TheoryData<string?>([null])
+            ? new TheoryData<string?>((string?)null)
             : new TheoryData<string?>(TestSettings.CurrentTestSettings.DisallowedAudiences);
     }
 }

src/JWTGuard/Tests/ExternalSignatureTests.cs

@@ -1,5 +1,4 @@
 using System.Net.Http.Headers;
-using System.Net;
 using System.Text;
 
 using Xunit;
@@ -23,7 +22,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Unauthorized_For_External_WebKey_
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertUnauthorizedResponse(response);
@@ -37,7 +36,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Unauthorized_For_External_WebKey_
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertUnauthorizedResponse(response);
@@ -51,7 +50,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Unauthorized_For_External_Certifi
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertUnauthorizedResponse(response);
@@ -65,7 +64,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Unauthorized_For_External_Certifi
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertUnauthorizedResponse(response);
@@ -91,8 +90,8 @@ private string GetJwt(ExternalSignatureTestCase testCase)
 
         var encodedPayload = payload.Base64UrlEncode();
 
-        var headerAndPayload = "";
-        var signature = "";
+        string headerAndPayload;
+        string signature;
 
         switch (testCase)
         {

src/JWTGuard/Tests/IssuerTests.cs

@@ -1,5 +1,4 @@
-using System.Net;
-using System.Net.Http.Headers;
+using System.Net.Http.Headers;
 
 using JWTGuard.Helpers;
 
@@ -27,7 +26,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Authorized_For_Allowed_Issuer(str
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertAuthorizedResponse(response);
@@ -48,7 +47,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Unauthorized_For_Disallowed_Issue
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertUnauthorizedResponse(response);
@@ -67,7 +66,7 @@ private Task<string> GetJwtAsync(string issuer)
     public static TheoryData<string?> GetAllowedIssuers()
     {
         return TestSettings.CurrentTestSettings.AllowedIssuers.Count == 0
-            ? new TheoryData<string?>([null])
+            ? new TheoryData<string?>((string?)null)
             : new TheoryData<string?>(TestSettings.CurrentTestSettings.AllowedIssuers);
     }
 
@@ -77,7 +76,7 @@ private Task<string> GetJwtAsync(string issuer)
     public static TheoryData<string?> GetDisallowedIssuers()
     {
         return TestSettings.CurrentTestSettings.DisallowedIssuers.Count == 0
-            ? new TheoryData<string?>([null])
+            ? new TheoryData<string?>((string?)null)
             : new TheoryData<string?>(TestSettings.CurrentTestSettings.DisallowedIssuers);
     }
 }

src/JWTGuard/Tests/JwtGuardTestBase.cs

@@ -34,7 +34,7 @@ public abstract class JwtGuardTestBase(TargetApiWebApplicationFactory factory) :
     /// <summary>
     /// Initializes the base class for a test run.
     /// </summary>
-    public Task InitializeAsync()
+    public ValueTask InitializeAsync()
     {
         Client = Factory.CreateClient(new WebApplicationFactoryClientOptions
         {
@@ -44,13 +44,13 @@ public Task InitializeAsync()
         _serviceScope = Factory.Services.CreateAsyncScope();
         ServiceProvider = _serviceScope.ServiceProvider;
 
-        return Task.CompletedTask;
+        return ValueTask.CompletedTask;
     }
 
     /// <summary>
     /// Disposes the service scope and every service requested during the test run.
     /// </summary>
-    public async Task DisposeAsync()
+    public async ValueTask DisposeAsync()
     {
         await _serviceScope.DisposeAsync();
     }

src/JWTGuard/Tests/JwtTypeTests.cs

@@ -1,5 +1,4 @@
-using System.Net;
-using System.Net.Http.Headers;
+using System.Net.Http.Headers;
 
 using JWTGuard.Helpers;
 
@@ -27,7 +26,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Authorized_For_Valid_JWT_Types(st
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertAuthorizedResponse(response);
@@ -48,7 +47,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Unauthorized_For_Invalid_JWT_Type
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertUnauthorizedResponse(response);
@@ -67,7 +66,7 @@ private Task<string> GetJwtAsync(string tokenType)
     public static TheoryData<string?> GetValidJwtTypes()
     {
         return TestSettings.CurrentTestSettings.ValidTokenTypes.Count == 0
-            ? new TheoryData<string?>([null])
+            ? new TheoryData<string?>((string?)null)
             : new TheoryData<string?>(TestSettings.CurrentTestSettings.ValidTokenTypes);
     }
 
@@ -77,7 +76,7 @@ private Task<string> GetJwtAsync(string tokenType)
     public static TheoryData<string?> GetInvalidJwtTypes()
     {
         return TestSettings.CurrentTestSettings.InvalidTokenTypes.Count == 0 
-            ? new TheoryData<string?>([null]) 
+            ? new TheoryData<string?>((string?)null)
             : new TheoryData<string?>(TestSettings.CurrentTestSettings.InvalidTokenTypes);
     }
 }

src/JWTGuard/Tests/SignatureAlgorithmTests.cs

@@ -1,5 +1,4 @@
-using System.Net;
-using System.Net.Http.Headers;
+using System.Net.Http.Headers;
 
 using JWTGuard.Helpers;
 
@@ -27,7 +26,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Authorized_For_Supported_Signatur
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertAuthorizedResponse(response);
@@ -48,7 +47,7 @@ internal async Task Accessing_AuthorizedUrl_Is_Unauthorized_For_Unsupported_Sign
         Client!.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwt);
 
         // Act
-        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl);
+        var response = await Client.GetAsync(TestSettings.CurrentTestSettings.TargetUrl, TestContext.Current.CancellationToken);
 
         // Assert
         TestSettings.CurrentTestSettings.AssertUnauthorizedResponse(response);
@@ -67,7 +66,7 @@ private Task<string> GetJwtAsync(string signatureAlgorithm)
     public static TheoryData<string?> GetAllowedAlgorithms()
     {
         return TestSettings.CurrentTestSettings.AllowedAlgorithms.Count == 0
-            ? new TheoryData<string?>([null])
+            ? new TheoryData<string?>((string?)null)
             : new TheoryData<string?>(TestSettings.CurrentTestSettings.AllowedAlgorithms);
     }
 
@@ -77,7 +76,7 @@ private Task<string> GetJwtAsync(string signatureAlgorithm)
     public static TheoryData<string?> GetDisallowedAlgorithms()
     {
         return TestSettings.CurrentTestSettings.DisallowedAlgorithms.Count == 0
-            ? new TheoryData<string?>([null])
+            ? new TheoryData<string?>((string?)null)
             : new TheoryData<string?>(TestSettings.CurrentTestSettings.DisallowedAlgorithms);
     }
 }