Update to ASP.NET Core 9 preview 1

- Update to preview 1 of ASP.NET Core 9.
- Use xunit's `TheoryData<T>`.
- Fix new code analysis warnings and suggestions.
- Disable noisy new CA1515 warning.
- Update various dependencies to their latest versions.

Directory.Build.props

@@ -3,9 +3,9 @@
   <Import Project="Sdk.props" Sdk="Microsoft.DotNet.Arcade.Sdk" />
 
   <PropertyGroup>
-    <DefaultNetCoreTargetFramework>net8.0</DefaultNetCoreTargetFramework>
+    <DefaultNetCoreTargetFramework>net9.0</DefaultNetCoreTargetFramework>
     <LangVersion>latest</LangVersion>
-    <NoWarn>$(NoWarn);CS1591</NoWarn>
+    <NoWarn>$(NoWarn);CA1515;CS1591</NoWarn>
     <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
     <DebugSymbols>true</DebugSymbols>
     <DebugType>portable</DebugType>
@@ -76,6 +76,8 @@
 
   <PropertyGroup>
     <EnablePackageValidation>$(IsPackable)</EnablePackageValidation>
+    <!-- TODO Re-enable when the 9.0.0 packages are published to NuGet.org -->
+    <EnablePackageValidation>false</EnablePackageValidation>
   </PropertyGroup>
 
   <ItemGroup>

Directory.Packages.props

@@ -2,15 +2,15 @@
 
   <ItemGroup>
     <PackageVersion Include="JetBrains.Annotations" Version="2023.3.0" />
-    <PackageVersion Include="JustEat.HttpClientInterception" Version="4.0.0" />
+    <PackageVersion Include="JustEat.HttpClientInterception" Version="4.2.0" />
     <PackageVersion Include="MartinCostello.Logging.XUnit" Version="0.3.0" />
-    <PackageVersion Include="Microsoft.AspNetCore.Authentication.Google" Version="8.0.0" />
-    <PackageVersion Include="Microsoft.AspNetCore.Mvc.Testing" Version="8.0.0" />
-    <PackageVersion Include="Microsoft.AspNetCore.TestHost" Version="8.0.0" />
+    <PackageVersion Include="Microsoft.AspNetCore.Authentication.Google" Version="9.0.0-preview.1.24081.5" />
+    <PackageVersion Include="Microsoft.AspNetCore.Mvc.Testing" Version="9.0.0-preview.1.24081.5" />
+    <PackageVersion Include="Microsoft.AspNetCore.TestHost" Version="9.0.0-preview.1.24081.5" />
     <PackageVersion Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="7.0.3" />
     <PackageVersion Include="NSubstitute" Version="5.1.0" />
     <PackageVersion Include="Shouldly" Version="4.2.1" />
-    <PackageVersion Include="StyleCop.Analyzers" Version="1.2.0-beta.507" />
+    <PackageVersion Include="StyleCop.Analyzers" Version="1.2.0-beta.556" />
   </ItemGroup>
 
 </Project>

eng/Versions.props

@@ -1,13 +1,13 @@
 <Project>
 
   <PropertyGroup>
-    <MajorVersion>8</MajorVersion>
+    <MajorVersion>9</MajorVersion>
     <MinorVersion>0</MinorVersion>
-    <PatchVersion>1</PatchVersion>
+    <PatchVersion>0</PatchVersion>
     <VersionPrefix>$(MajorVersion).$(MinorVersion).$(PatchVersion)</VersionPrefix>
-    <PackageValidationBaselineVersion Condition="'$(PackageValidationBaselineVersion)' == ''">8.0.0</PackageValidationBaselineVersion>
+    <PackageValidationBaselineVersion Condition=" '$(EnablePackageValidation)' == 'true' AND '$(PackageValidationBaselineVersion)' == '' ">9.0.0</PackageValidationBaselineVersion>
     <PreReleaseVersionLabel>preview</PreReleaseVersionLabel>
-    <PreReleaseVersionIteration></PreReleaseVersionIteration>
+    <PreReleaseVersionIteration>1</PreReleaseVersionIteration>
     <PreReleaseBrandingLabel>Preview $(PreReleaseVersionIteration)</PreReleaseBrandingLabel>
     <StabilizePackageVersion Condition="'$(StabilizePackageVersion)' == ''">false</StabilizePackageVersion>
     <DotNetFinalVersionKind Condition="'$(StabilizePackageVersion)' == 'true'">release</DotNetFinalVersionKind>

global.json

@@ -1,12 +1,12 @@
 {
   "sdk": {
-    "version": "8.0.100",
+    "version": "9.0.100-preview.1.24101.2",
     "allowPrerelease": true,
     "rollForward": "major"
   },
 
   "tools": {
-    "dotnet": "8.0.100"
+    "dotnet": "9.0.100-preview.1.24101.2"
   },
 
   "msbuild-sdks": {

src/AspNet.Security.OAuth.LinkedIn/LinkedInAuthenticationOptions.cs

@@ -29,7 +29,7 @@ public LinkedInAuthenticationOptions()
         Scope.Add("r_emailaddress");
 
         ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, ProfileFields.Id);
-        ClaimActions.MapCustomJson(ClaimTypes.Name, user => GetFullName(user));
+        ClaimActions.MapCustomJson(ClaimTypes.Name, GetFullName);
         ClaimActions.MapCustomJson(ClaimTypes.GivenName, user => GetMultiLocaleString(user, ProfileFields.FirstName));
         ClaimActions.MapCustomJson(ClaimTypes.Surname, user => GetMultiLocaleString(user, ProfileFields.LastName));
         ClaimActions.MapCustomJson(Claims.PictureUrl, user => GetPictureUrls(user)?.LastOrDefault());

src/AspNet.Security.OAuth.Smartsheet/SmartsheetAuthenticationOptions.cs

@@ -29,7 +29,7 @@ public SmartsheetAuthenticationOptions()
         ClaimActions.MapJsonKey(ClaimTypes.GivenName, "firstName");
         ClaimActions.MapJsonKey(ClaimTypes.Surname, "lastName");
         ClaimActions.MapJsonKey(ClaimTypes.Email, "email");
-        ClaimActions.MapCustomJson(Claims.ProfileImage, user => GetProfileImageUri(user));
+        ClaimActions.MapCustomJson(Claims.ProfileImage, GetProfileImageUri);
     }
 
     private static string GetProfileImageUri(JsonElement user)

test/AspNet.Security.OAuth.Providers.Tests/Apple/AppleAuthenticationOptionsTests.cs

@@ -19,7 +19,7 @@ public static void Validate_Throws_If_ClientSecret_Is_Null_With_No_Secret_Genera
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("ClientSecret", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("ClientSecret", options.Validate);
     }
 
     [Fact]
@@ -34,7 +34,7 @@ public static void Validate_Throws_If_AuthorizationEndpoint_Is_Null()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("AuthorizationEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentException>("AuthorizationEndpoint", options.Validate);
     }
 
     [Fact]
@@ -49,7 +49,7 @@ public static void Validate_Throws_If_TokenEndpoint_Is_Null()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("TokenEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentException>("TokenEndpoint", options.Validate);
     }
 
     [Fact]
@@ -64,7 +64,7 @@ public static void Validate_Throws_If_CallbackPath_Is_Null()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("CallbackPath", () => options.Validate());
+        Assert.Throws<ArgumentException>("CallbackPath", options.Validate);
     }
 
     [Fact]
@@ -79,7 +79,7 @@ public static void Validate_Throws_If_KeyId_Is_Null_With_Secret_Generation()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("KeyId", () => options.Validate());
+        Assert.Throws<ArgumentException>("KeyId", options.Validate);
     }
 
     [Fact]
@@ -95,7 +95,7 @@ public static void Validate_Throws_If_TeamId_Is_Null_With_Secret_Generation()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("TeamId", () => options.Validate());
+        Assert.Throws<ArgumentException>("TeamId", options.Validate);
     }
 
     [Fact]
@@ -112,7 +112,7 @@ public static void Validate_Throws_If_TokenAudience_Is_Null_With_Secret_Generati
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("TokenAudience", () => options.Validate());
+        Assert.Throws<ArgumentException>("TokenAudience", options.Validate);
     }
 
     [Fact]
@@ -129,6 +129,6 @@ public static void Validate_Throws_If_ClientSecretExpiresAfter_Is_Zero_With_Secr
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentOutOfRangeException>("ClientSecretExpiresAfter", () => options.Validate());
+        Assert.Throws<ArgumentOutOfRangeException>("ClientSecretExpiresAfter", options.Validate);
     }
 }

test/AspNet.Security.OAuth.Providers.Tests/JumpCloud/JumpCloudAuthenticationOptionsTests.cs

@@ -21,7 +21,7 @@ public static void Validate_Throws_If_AuthorizationEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("AuthorizationEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("AuthorizationEndpoint", options.Validate);
     }
 
     [Fact]
@@ -37,7 +37,7 @@ public static void Validate_Throws_If_TokenEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("TokenEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("TokenEndpoint", options.Validate);
     }
 
     [Fact]
@@ -53,7 +53,7 @@ public static void Validate_Throws_If_UserInformationEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("UserInformationEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentException>("UserInformationEndpoint", options.Validate);
     }
 
     [Fact]

test/AspNet.Security.OAuth.Providers.Tests/Keycloak/KeycloakAuthenticationOptionsTests.cs

@@ -8,11 +8,11 @@ namespace AspNet.Security.OAuth.Keycloak;
 
 public static class KeycloakAuthenticationOptionsTests
 {
-    public static IEnumerable<object[]> AccessTypes => new object[][]
+    public static TheoryData<KeycloakAuthenticationAccessType> AccessTypes => new()
     {
-            new object[] { KeycloakAuthenticationAccessType.BearerOnly },
-            new object[] { KeycloakAuthenticationAccessType.Confidential },
-            new object[] { KeycloakAuthenticationAccessType.Public },
+        { KeycloakAuthenticationAccessType.BearerOnly },
+        { KeycloakAuthenticationAccessType.Confidential },
+        { KeycloakAuthenticationAccessType.Public },
     };
 
     [Theory]
@@ -46,7 +46,7 @@ public static void Validate_Throws_If_ClientSecret_Is_Null(KeycloakAuthenticatio
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("ClientSecret", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("ClientSecret", options.Validate);
     }
 
     [Theory]
@@ -63,7 +63,7 @@ public static void Validate_Throws_If_AuthorizationEndpoint_Is_Null(KeycloakAuth
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("AuthorizationEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("AuthorizationEndpoint", options.Validate);
     }
 
     [Theory]
@@ -80,7 +80,7 @@ public static void Validate_Throws_If_TokenEndpoint_Is_Null(KeycloakAuthenticati
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("TokenEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("TokenEndpoint", options.Validate);
     }
 
     [Theory]
@@ -97,6 +97,6 @@ public static void Validate_Throws_If_CallbackPath_Is_Null(KeycloakAuthenticatio
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("CallbackPath", () => options.Validate());
+        Assert.Throws<ArgumentException>("CallbackPath", options.Validate);
     }
 }

test/AspNet.Security.OAuth.Providers.Tests/Moodle/MoodleAuthenticationOptionsTests.cs

@@ -21,7 +21,7 @@ public static void Validate_Throws_If_AuthorizationEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("AuthorizationEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("AuthorizationEndpoint", options.Validate);
     }
 
     [Fact]
@@ -37,7 +37,7 @@ public static void Validate_Throws_If_TokenEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("TokenEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("TokenEndpoint", options.Validate);
     }
 
     [Fact]
@@ -53,7 +53,7 @@ public static void Validate_Throws_If_UserInformationEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("UserInformationEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentException>("UserInformationEndpoint", options.Validate);
     }
 
     [Fact]

test/AspNet.Security.OAuth.Providers.Tests/Okta/OktaAuthenticationOptionsTests.cs

@@ -21,7 +21,7 @@ public static void Validate_Throws_If_AuthorizationEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("AuthorizationEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("AuthorizationEndpoint", options.Validate);
     }
 
     [Fact]
@@ -37,7 +37,7 @@ public static void Validate_Throws_If_TokenEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("TokenEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("TokenEndpoint", options.Validate);
     }
 
     [Fact]
@@ -53,7 +53,7 @@ public static void Validate_Throws_If_UserInformationEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("UserInformationEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentException>("UserInformationEndpoint", options.Validate);
     }
 
     [Fact]

test/AspNet.Security.OAuth.Providers.Tests/PackageMetadataTests.cs

@@ -17,8 +17,10 @@ public static class PackageMetadataTests
         .Select((p) => p.Value)
         .First();
 
-    public static IEnumerable<object[]> Projects()
+    public static TheoryData<string, string> Projects()
     {
+        var testCases = new TheoryData<string, string>();
+
         foreach (var directory in Directory.EnumerateDirectories(Path.Combine(_solutionRoot!, "src")))
         {
             foreach (var project in Directory.EnumerateFiles(directory, "*.csproj"))
@@ -27,10 +29,12 @@ public static IEnumerable<object[]> Projects()
 
                 foreach (var propertyName in new[] { "Authors", "Description", "PackageTags" })
                 {
-                    yield return new object[] { projectName, propertyName };
+                    testCases.Add(projectName, propertyName);
                 }
             }
         }
+
+        return testCases;
     }
 
     [Theory]

test/AspNet.Security.OAuth.Providers.Tests/PingOne/PingOneAuthenticationOptionsTests.cs

@@ -21,7 +21,7 @@ public static void Validate_Throws_If_AuthorizationEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("AuthorizationEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("AuthorizationEndpoint", options.Validate);
     }
 
     [Fact]
@@ -37,7 +37,7 @@ public static void Validate_Throws_If_TokenEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("TokenEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentNullException>("TokenEndpoint", options.Validate);
     }
 
     [Fact]
@@ -53,7 +53,7 @@ public static void Validate_Throws_If_UserInformationEndpoint_Not_Set()
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("UserInformationEndpoint", () => options.Validate());
+        Assert.Throws<ArgumentException>("UserInformationEndpoint", options.Validate);
     }
 
     [Fact]

test/AspNet.Security.OAuth.Providers.Tests/StackExchange/StackExchangeAuthenticationOptionsTests.cs

@@ -22,7 +22,7 @@ public static void Validate_Throws_If_RequestKey_Is_Not_Set(string? value)
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("RequestKey", () => options.Validate());
+        Assert.Throws<ArgumentException>("RequestKey", options.Validate);
     }
 
     [Theory]
@@ -40,6 +40,6 @@ public static void Validate_Throws_If_Site_Is_Not_Set(string? value)
         };
 
         // Act and Assert
-        Assert.Throws<ArgumentException>("Site", () => options.Validate());
+        Assert.Throws<ArgumentException>("Site", options.Validate);
     }
 }

test/AspNet.Security.OAuth.Providers.Tests/StaticAnalysisTests.cs

@@ -75,7 +75,7 @@ private static AssemblyName[] GetProviderAssemblyNames()
     private static Type[] GetPublicTypes(IEnumerable<AssemblyName> assemblyNames)
     {
         var types = assemblyNames
-            .Select((p) => AssemblyLoadContext.Default.LoadFromAssemblyName(p))
+            .Select(AssemblyLoadContext.Default.LoadFromAssemblyName)
             .SelectMany((p) => p.GetTypes())
             .Where((p) => p.IsPublic || p.IsNestedPublic)
             .ToArray();