Keep public interface receiving IEnumerable and internally use List

AzureAD · Jun 24, 2024 · dfc1eb6 · dfc1eb6
1 parent e3ab461
commit dfc1eb6
Showing 1 changed file with 12 additions and 9 deletions.
diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Audience.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Audience.cs
@@ -112,7 +112,7 @@ public static void ValidateAudience(IEnumerable<string> audiences, SecurityToken
         /// <exception cref="SecurityTokenInvalidAudienceException">If none of the 'audiences' matched either <see cref="TokenValidationParameters.ValidAudience"/> or one of <see cref="TokenValidationParameters.ValidAudiences"/>.</exception>
         /// <remarks>An EXACT match is required.</remarks>
 #pragma warning disable CA1801 // TODO: remove pragma disable once callContext is used for logging
-        internal static AudienceValidationResult ValidateAudience(IList<string> audiences, SecurityToken? securityToken, TokenValidationParameters validationParameters, CallContext callContext)
+        internal static AudienceValidationResult ValidateAudience(IEnumerable<string> audiences, SecurityToken? securityToken, TokenValidationParameters validationParameters, CallContext callContext)
 #pragma warning restore CA1801
         {
             if (validationParameters == null)
@@ -154,9 +154,12 @@ internal static AudienceValidationResult ValidateAudience(IList<string> audience
                         typeof(SecurityTokenInvalidAudienceException),
                         new StackFrame(true)));
 
-            if (audiences.Count == 0)
+            if (audiences is not List<string> audiencesAsList)
+                audiencesAsList = audiences.ToList();
+
+            if (audiencesAsList.Count == 0)
                 return new AudienceValidationResult(
-                    Utility.SerializeAsSingleCommaDelimitedString(audiences),
+                    Utility.SerializeAsSingleCommaDelimitedString(audiencesAsList),
                     ValidationFailureType.NullArgument,
                     new ExceptionDetail(
                         new MessageDetail(
@@ -165,31 +168,31 @@ internal static AudienceValidationResult ValidateAudience(IList<string> audience
                         typeof(SecurityTokenInvalidAudienceException),
                         new StackFrame(true)));
 
-            string? validAudience = AudienceIsValidReturning(audiences, validationParameters);
+            string? validAudience = AudienceIsValidReturning(audiencesAsList, validationParameters);
             if (validAudience != null)
             {
                 return new AudienceValidationResult(validAudience);
             }
 
             return new AudienceValidationResult(
-                    Utility.SerializeAsSingleCommaDelimitedString(audiences),
+                    Utility.SerializeAsSingleCommaDelimitedString(audiencesAsList),
                     ValidationFailureType.AudienceValidationFailed,
                     new ExceptionDetail(
                         new MessageDetail(
                             LogMessages.IDX10214,
-                            LogHelper.MarkAsNonPII(Utility.SerializeAsSingleCommaDelimitedString(audiences)),
+                            LogHelper.MarkAsNonPII(Utility.SerializeAsSingleCommaDelimitedString(audiencesAsList)),
                             LogHelper.MarkAsNonPII(validationParameters.ValidAudience ?? "null"),
                             LogHelper.MarkAsNonPII(Utility.SerializeAsSingleCommaDelimitedString(validationParameters.ValidAudiences))),
                         typeof(SecurityTokenInvalidAudienceException),
                         new StackFrame(true)));
         }
 
-        private static bool AudienceIsValid(IList<string> audiences, TokenValidationParameters validationParameters)
+        private static bool AudienceIsValid(List<string> audiences, TokenValidationParameters validationParameters)
         {
             return AudienceIsValidReturning(audiences, validationParameters) != null;
         }
 
-        private static string? AudienceIsValidReturning(IList<string> audiences, TokenValidationParameters validationParameters)
+        private static string? AudienceIsValidReturning(List<string> audiences, TokenValidationParameters validationParameters)
         {
             string? validAudience = null;
             if (!string.IsNullOrWhiteSpace(validationParameters.ValidAudience))
@@ -206,7 +209,7 @@ private static bool AudienceIsValid(IList<string> audiences, TokenValidationPara
             return validAudience;
         }
 
-        private static string? AudiencesMatchSingle(IList<string> audiences, string validAudience, bool ignoreTrailingSlashWhenValidatingAudience)
+        private static string? AudiencesMatchSingle(List<string> audiences, string validAudience, bool ignoreTrailingSlashWhenValidatingAudience)
         {
             for (int i = 0; i < audiences.Count; i++)
             {