Enable nullable on more authentication projects

src/Security/Authentication/Core/src/Events/RemoteAuthenticationContext.cs

@@ -35,7 +35,7 @@ protected RemoteAuthenticationContext(
         /// <summary>
         /// Gets or sets the <see cref="AuthenticationProperties"/>.
         /// </summary>
-        public virtual AuthenticationProperties Properties { get; set; }
+        public virtual AuthenticationProperties? Properties { get; set; }
 
         /// <summary>
         /// Calls success creating a ticket with the <see cref="Principal"/> and <see cref="Properties"/>.

src/Security/Authentication/Core/src/HandleRequestResult.cs

@@ -52,7 +52,7 @@ public class HandleRequestResult : AuthenticateResult
         /// <param name="failure">The failure exception.</param>
         /// <param name="properties">Additional state values for the authentication session.</param>
         /// <returns>The result.</returns>
-        public static new HandleRequestResult Fail(Exception failure, AuthenticationProperties properties)
+        public static new HandleRequestResult Fail(Exception failure, AuthenticationProperties? properties)
         {
             return new HandleRequestResult() { Failure = failure, Properties = properties };
         }
@@ -71,7 +71,7 @@ public class HandleRequestResult : AuthenticateResult
         /// <param name="failureMessage">The failure message.</param>
         /// <param name="properties">Additional state values for the authentication session.</param>
         /// <returns>The result.</returns>
-        public static new HandleRequestResult Fail(string failureMessage, AuthenticationProperties properties)
+        public static new HandleRequestResult Fail(string failureMessage, AuthenticationProperties? properties)
             => Fail(new Exception(failureMessage), properties);
 
         /// <summary>

src/Security/Authentication/Core/src/ISecureDataFormat.cs

@@ -32,7 +32,7 @@ public interface ISecureDataFormat<TData>
         /// <param name="protectedText">The data protected value.</param>
         /// <returns>An instance of <typeparamref name="TData"/>.</returns>
         [return: MaybeNull]
-        TData Unprotect(string protectedText);
+        TData Unprotect(string? protectedText);
 
         /// <summary>
         /// Unprotects the specified <paramref name="protectedText"/> using the specified <paramref name="purpose"/>.
@@ -41,6 +41,6 @@ public interface ISecureDataFormat<TData>
         /// <param name="purpose">The purpose.</param>
         /// <returns>An instance of <typeparamref name="TData"/>.</returns>
         [return: MaybeNull]
-        TData Unprotect(string protectedText, string? purpose);
+        TData Unprotect(string? protectedText, string? purpose);
     }
 }

src/Security/Authentication/Core/src/SecureDataFormat.cs

@@ -49,14 +49,14 @@ public string Protect(TData data, string? purpose)
 
         /// <inheritdoc />
         [return: MaybeNull]
-        public TData Unprotect(string protectedText)
+        public TData Unprotect(string? protectedText)
         {
             return Unprotect(protectedText, purpose: null);
         }
 
         /// <inheritdoc />
         [return: MaybeNull]
-        public TData Unprotect(string protectedText, string? purpose)
+        public TData Unprotect(string? protectedText, string? purpose)
         {
             try
             {

src/Security/Authentication/Facebook/src/Microsoft.AspNetCore.Authentication.Facebook.csproj

@@ -5,6 +5,7 @@
     <TargetFramework>$(DefaultNetCoreTargetFramework)</TargetFramework>
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
     <PackageTags>aspnetcore;authentication;security</PackageTags>
+    <Nullable>enable</Nullable>
   </PropertyGroup>
 
   <ItemGroup>

src/Security/Authentication/Google/src/GoogleChallengeProperties.cs

@@ -43,22 +43,22 @@ public GoogleChallengeProperties()
         /// Initializes a new instance of <see cref="GoogleChallengeProperties"/>.
         /// </summary>
         /// <inheritdoc />
-        public GoogleChallengeProperties(IDictionary<string, string> items)
+        public GoogleChallengeProperties(IDictionary<string, string?> items)
             : base(items)
         { }
 
         /// <summary>
         /// Initializes a new instance of <see cref="GoogleChallengeProperties"/>.
         /// </summary>
         /// <inheritdoc />
-        public GoogleChallengeProperties(IDictionary<string, string> items, IDictionary<string, object> parameters)
+        public GoogleChallengeProperties(IDictionary<string, string?> items, IDictionary<string, object?> parameters)
             : base(items, parameters)
         { }
 
         /// <summary>
         /// The "access_type" parameter value being used for a challenge request.
         /// </summary>
-        public string AccessType
+        public string? AccessType
         {
             get => GetParameter<string>(AccessTypeKey);
             set => SetParameter(AccessTypeKey, value);
@@ -67,7 +67,7 @@ public string AccessType
         /// <summary>
         /// The "approval_prompt" parameter value being used for a challenge request.
         /// </summary>
-        public string ApprovalPrompt
+        public string? ApprovalPrompt
         {
             get => GetParameter<string>(ApprovalPromptKey);
             set => SetParameter(ApprovalPromptKey, value);
@@ -85,7 +85,7 @@ public bool? IncludeGrantedScopes
         /// <summary>
         /// The "login_hint" parameter value being used for a challenge request.
         /// </summary>
-        public string LoginHint
+        public string? LoginHint
         {
             get => GetParameter<string>(LoginHintKey);
             set => SetParameter(LoginHintKey, value);
@@ -94,7 +94,7 @@ public string LoginHint
         /// <summary>
         /// The "prompt" parameter value being used for a challenge request.
         /// </summary>
-        public string Prompt
+        public string? Prompt
         {
             get => GetParameter<string>(PromptParameterKey);
             set => SetParameter(PromptParameterKey, value);

src/Security/Authentication/Google/src/GoogleHandler.cs

@@ -51,7 +51,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
                 var context = new OAuthCreatingTicketContext(new ClaimsPrincipal(identity), properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
                 context.RunClaimActions();
                 await Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
+                return new AuthenticationTicket(context.Principal!, context.Properties, Scheme.Name);
             }
         }
 
@@ -76,18 +76,18 @@ protected override string BuildChallengeUrl(AuthenticationProperties properties,
             var state = Options.StateDataFormat.Protect(properties);
             queryStrings.Add("state", state);
 
-            var authorizationEndpoint = QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, queryStrings);
+            var authorizationEndpoint = QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, queryStrings!);
             return authorizationEndpoint;
         }
 
         private static void AddQueryString<T>(
             IDictionary<string, string> queryStrings,
             AuthenticationProperties properties,
             string name,
-            Func<T, string> formatter,
+            Func<T, string?> formatter,
             T defaultValue)
         {
-            string value = null;
+            string? value;
             var parameterValue = properties.GetParameter<T>(name);
             if (parameterValue != null)
             {
@@ -111,7 +111,7 @@ private static void AddQueryString(
             IDictionary<string, string> queryStrings,
             AuthenticationProperties properties,
             string name,
-            string defaultValue = null)
+            string? defaultValue = null)
             => AddQueryString(queryStrings, properties, name, x => x, defaultValue);
     }
 }

src/Security/Authentication/Google/src/GoogleOptions.cs

@@ -40,6 +40,6 @@ public GoogleOptions()
         /// Set the value to offline if your application needs to refresh access tokens when the user is not present at the browser.
         /// </para>
         /// </summary>
-        public string AccessType { get; set; }
+        public string? AccessType { get; set; }
     }
 }

src/Security/Authentication/Google/src/Microsoft.AspNetCore.Authentication.Google.csproj

@@ -5,6 +5,7 @@
     <TargetFramework>$(DefaultNetCoreTargetFramework)</TargetFramework>
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
     <PackageTags>aspnetcore;authentication;security</PackageTags>
+    <Nullable>enable</Nullable>
   </PropertyGroup>
 
   <ItemGroup>

src/Security/Authentication/Google/src/PublicAPI.Unshipped.txt

@@ -1 +1,30 @@
 #nullable enable
+Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.AccessType.get -> string?
+Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.AccessType.set -> void
+Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.ApprovalPrompt.get -> string?
+Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.ApprovalPrompt.set -> void
+Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.GoogleChallengeProperties(System.Collections.Generic.IDictionary<string!, string?>! items) -> void
+Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.GoogleChallengeProperties(System.Collections.Generic.IDictionary<string!, string?>! items, System.Collections.Generic.IDictionary<string!, object?>! parameters) -> void
+Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.LoginHint.get -> string?
+Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.LoginHint.set -> void
+Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.Prompt.get -> string?
+Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.Prompt.set -> void
+Microsoft.AspNetCore.Authentication.Google.GoogleHandler.GoogleHandler(Microsoft.Extensions.Options.IOptionsMonitor<Microsoft.AspNetCore.Authentication.Google.GoogleOptions!>! options, Microsoft.Extensions.Logging.ILoggerFactory! logger, System.Text.Encodings.Web.UrlEncoder! encoder, Microsoft.AspNetCore.Authentication.ISystemClock! clock) -> void
+Microsoft.AspNetCore.Authentication.Google.GoogleOptions.AccessType.get -> string?
+Microsoft.AspNetCore.Authentication.Google.GoogleOptions.AccessType.set -> void
+const Microsoft.AspNetCore.Authentication.Google.GoogleDefaults.AuthenticationScheme = "Google" -> string!
+override Microsoft.AspNetCore.Authentication.Google.GoogleHandler.BuildChallengeUrl(Microsoft.AspNetCore.Authentication.AuthenticationProperties! properties, string! redirectUri) -> string!
+override Microsoft.AspNetCore.Authentication.Google.GoogleHandler.CreateTicketAsync(System.Security.Claims.ClaimsIdentity! identity, Microsoft.AspNetCore.Authentication.AuthenticationProperties! properties, Microsoft.AspNetCore.Authentication.OAuth.OAuthTokenResponse! tokens) -> System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationTicket!>!
+static Microsoft.Extensions.DependencyInjection.GoogleExtensions.AddGoogle(this Microsoft.AspNetCore.Authentication.AuthenticationBuilder! builder) -> Microsoft.AspNetCore.Authentication.AuthenticationBuilder!
+static Microsoft.Extensions.DependencyInjection.GoogleExtensions.AddGoogle(this Microsoft.AspNetCore.Authentication.AuthenticationBuilder! builder, System.Action<Microsoft.AspNetCore.Authentication.Google.GoogleOptions!>! configureOptions) -> Microsoft.AspNetCore.Authentication.AuthenticationBuilder!
+static Microsoft.Extensions.DependencyInjection.GoogleExtensions.AddGoogle(this Microsoft.AspNetCore.Authentication.AuthenticationBuilder! builder, string! authenticationScheme, System.Action<Microsoft.AspNetCore.Authentication.Google.GoogleOptions!>! configureOptions) -> Microsoft.AspNetCore.Authentication.AuthenticationBuilder!
+static Microsoft.Extensions.DependencyInjection.GoogleExtensions.AddGoogle(this Microsoft.AspNetCore.Authentication.AuthenticationBuilder! builder, string! authenticationScheme, string! displayName, System.Action<Microsoft.AspNetCore.Authentication.Google.GoogleOptions!>! configureOptions) -> Microsoft.AspNetCore.Authentication.AuthenticationBuilder!
+static readonly Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.AccessTypeKey -> string!
+static readonly Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.ApprovalPromptKey -> string!
+static readonly Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.IncludeGrantedScopesKey -> string!
+static readonly Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.LoginHintKey -> string!
+static readonly Microsoft.AspNetCore.Authentication.Google.GoogleChallengeProperties.PromptParameterKey -> string!
+static readonly Microsoft.AspNetCore.Authentication.Google.GoogleDefaults.AuthorizationEndpoint -> string!
+static readonly Microsoft.AspNetCore.Authentication.Google.GoogleDefaults.DisplayName -> string!
+static readonly Microsoft.AspNetCore.Authentication.Google.GoogleDefaults.TokenEndpoint -> string!
+static readonly Microsoft.AspNetCore.Authentication.Google.GoogleDefaults.UserInformationEndpoint -> string!

src/Security/Authentication/OpenIdConnect/src/Events/AuthorizationCodeReceivedContext.cs

@@ -26,30 +26,30 @@ public AuthorizationCodeReceivedContext(
         /// <summary>
         /// Gets or sets the <see cref="OpenIdConnectMessage"/>.
         /// </summary>
-        public OpenIdConnectMessage ProtocolMessage { get; set; }
+        public OpenIdConnectMessage ProtocolMessage { get; set; } = default!;
 
         /// <summary>
         /// Gets or sets the <see cref="JwtSecurityToken"/> that was received in the authentication response, if any.
         /// </summary>
-        public JwtSecurityToken JwtSecurityToken { get; set; }
+        public JwtSecurityToken? JwtSecurityToken { get; set; }
 
         /// <summary>
         /// The request that will be sent to the token endpoint and is available for customization.
         /// </summary>
-        public OpenIdConnectMessage TokenEndpointRequest { get; set; }
+        public OpenIdConnectMessage? TokenEndpointRequest { get; set; }
 
         /// <summary>
         /// The configured communication channel to the identity provider for use when making custom requests to the token endpoint.
         /// </summary>
-        public HttpClient Backchannel { get; internal set; }
+        public HttpClient Backchannel { get; internal set; } = default!;
 
         /// <summary>
         /// If the developer chooses to redeem the code themselves then they can provide the resulting tokens here. This is the
         /// same as calling HandleCodeRedemption. If set then the handler will not attempt to redeem the code. An IdToken
         /// is required if one had not been previously received in the authorization response. An access token is optional
         /// if the handler is to contact the user-info endpoint.
         /// </summary>
-        public OpenIdConnectMessage TokenEndpointResponse { get; set; }
+        public OpenIdConnectMessage? TokenEndpointResponse { get; set; }
 
         /// <summary>
         /// Indicates if the developer choose to handle (or skip) the code redemption. If true then the handler will not attempt

src/Security/Authentication/OpenIdConnect/src/Events/MessageReceivedContext.cs

@@ -19,17 +19,17 @@ public MessageReceivedContext(
             HttpContext context,
             AuthenticationScheme scheme,
             OpenIdConnectOptions options,
-            AuthenticationProperties properties)
+            AuthenticationProperties? properties)
             : base(context, scheme, options, properties) { }
 
         /// <summary>
         /// Gets or sets the <see cref="OpenIdConnectMessage"/>.
         /// </summary>
-        public OpenIdConnectMessage ProtocolMessage { get; set; }
+        public OpenIdConnectMessage ProtocolMessage { get; set; } = default!;
 
         /// <summary>
         /// Bearer Token. This will give the application an opportunity to retrieve a token from an alternative location.
         /// </summary>
-        public string Token { get; set; }
+        public string? Token { get; set; }
     }
 }

src/Security/Authentication/OpenIdConnect/src/Events/RemoteSignoutContext.cs

@@ -15,13 +15,13 @@ public class RemoteSignOutContext : RemoteAuthenticationContext<OpenIdConnectOpt
         /// Initializes a new instance of <see cref="RemoteSignOutContext"/>.
         /// </summary>
         /// <inheritdoc />
-        public RemoteSignOutContext(HttpContext context, AuthenticationScheme scheme, OpenIdConnectOptions options, OpenIdConnectMessage message)
+        public RemoteSignOutContext(HttpContext context, AuthenticationScheme scheme, OpenIdConnectOptions options, OpenIdConnectMessage? message)
             : base(context, scheme, options, new AuthenticationProperties())
             => ProtocolMessage = message;
 
         /// <summary>
         /// Gets or sets the <see cref="OpenIdConnectMessage"/>.
         /// </summary>
-        public OpenIdConnectMessage ProtocolMessage { get; set; }
+        public OpenIdConnectMessage? ProtocolMessage { get; set; }
     }
 }

src/Security/Authentication/OpenIdConnect/src/Events/TokenValidatedContext.cs

@@ -24,21 +24,21 @@ public TokenValidatedContext(HttpContext context, AuthenticationScheme scheme, O
         /// <summary>
         /// Gets or sets the <see cref="OpenIdConnectMessage"/>.
         /// </summary>
-        public OpenIdConnectMessage ProtocolMessage { get; set; }
+        public OpenIdConnectMessage ProtocolMessage { get; set; } = default!;
 
         /// <summary>
         /// Gets or sets the validated security token.
         /// </summary>
-        public JwtSecurityToken SecurityToken { get; set; }
+        public JwtSecurityToken SecurityToken { get; set; } = default!;
 
         /// <summary>
         /// Gets or sets the token endpoint response.
         /// </summary>
-        public OpenIdConnectMessage TokenEndpointResponse { get; set; }
+        public OpenIdConnectMessage? TokenEndpointResponse { get; set; }
 
         /// <summary>
         /// Gets or sets the protocol nonce.
         /// </summary>
-        public string Nonce { get; set; }
+        public string? Nonce { get; set; }
     }
 }