V9.0.0/hotfix, housekeeping and dependency bump (#76)

* 🚨 fixed https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca1861

* ⬆️ bump swashbuckle

* 🚨 https://sonarcloud.io/organizations/geekle/rules?open=csharpsquid%3AS1066&rule_key=csharpsquid%3AS1066

* 🚨 exclude IDE0008

* 🔧 updated to include more analysis rules and enforce code style in build

* 🚨 https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0055

* 🔧 exclude CA1200

* 🚨 https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0130

* 🚑 hotfix for ThrowIfDifferent and ThrowIfNotDifferent

* 🚨 https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca1000

* 🚨 https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0005

* 🚨 updated ignore list

* ⬆️ bump MinVer, Microsoft.NET.Test.Sdk and YamlDotNet

* 👷 need to read up on pull_request vs pull_request_target. Problem for now is mentioned here: https://github.com/orgs/community/discussions/40659

* 🚑 fixed Compare(..) in EnumerableSizeComparer{T}

Author: gimlichael

.editorconfig

@@ -31,4 +31,67 @@ dotnet_diagnostic.S3267.severity = none
 # This is a violation of Framework Design Guidelines.
 # https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca1859
 [*.{cs,vb}]
-dotnet_diagnostic.CA1859.severity = none
+dotnet_diagnostic.CA1859.severity = none
+
+# IDE0008: Use explicit type
+# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0007-ide0008
+[*.{cs,vb}]
+dotnet_diagnostic.IDE0008.severity = none
+
+[*.{cs,vb}]
+indent_style = space
+indent_size = 4
+
+[*.xml]
+indent_style = space
+indent_size = 2
+
+# IDE0078: Use pattern matching
+# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0078
+[*.{cs,vb}]
+dotnet_diagnostic.IDE0078.severity = none
+
+# IDE0290: Use primary constructor
+# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0290
+[*.{cs,vb}]
+dotnet_diagnostic.IDE0290.severity = none
+
+# CA1200: Avoid using cref tags with a prefix
+# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca1200
+[*.{cs,vb}]
+dotnet_diagnostic.CA1200.severity = none
+
+# IDE0305: Use collection expression for fluent
+# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0305
+[*.{cs,vb}]
+dotnet_diagnostic.IDE0305.severity = none
+
+# IDE0011: Add braces
+# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0011
+[*.{cs,vb}]
+dotnet_diagnostic.IDE0011.severity = none
+
+# IDE0028: Use collection initializers or expressions
+# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0028
+[*.{cs,vb}]
+dotnet_diagnostic.IDE0028.severity = none
+
+# IDE0039: Use collection expression for array
+# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0300
+[*.{cs,vb}]
+dotnet_diagnostic.IDE0300.severity = none
+
+# IDE0031: Use collection expression for empty
+# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0301
+[*.{cs,vb}]
+dotnet_diagnostic.IDE0301.severity = none
+
+# IDE0046: Use conditional expression for return
+# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0046
+[*.{cs,vb}]
+dotnet_diagnostic.IDE0046.severity = none
+
+# IDE0047: Parentheses preferences
+# https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/style-rules/ide0047-ide0048
+[*.{cs,vb}]
+dotnet_diagnostic.IDE0047.severity = none

.github/workflows/pipelines.yml

@@ -1,6 +1,6 @@
 name: Cuemon CI/CD Pipeline
 on:
-  pull_request_target:
+  pull_request:
     branches: [main]
     paths-ignore:
       - .codecov/**

Directory.Build.props

@@ -36,9 +36,10 @@
     <AssemblyOriginatorKeyFile>$(MSBuildThisFileDirectory)cuemon.snk</AssemblyOriginatorKeyFile>
     <EnableNETAnalyzers>true</EnableNETAnalyzers>
     <AnalysisLevel>latest</AnalysisLevel>
-    <AnalysisMode>Minimum</AnalysisMode>
-    <NoWarn>7035,IDE0305,S6618</NoWarn>
+    <AnalysisMode>Recommended</AnalysisMode>
+    <NoWarn>7035,S6618</NoWarn>
     <MinVerTagPrefix>v</MinVerTagPrefix>
+    <EnforceCodeStyleInBuild>true</EnforceCodeStyleInBuild>
   </PropertyGroup>
 
   <ItemGroup Condition="'$(NuGetPackageRoot)' != ''">
@@ -47,7 +48,7 @@
 
   <ItemGroup Condition="'$(IsTestProject)' == 'false'">
     <PackageReference Include="Microsoft.SourceLink.GitHub" Version="8.0.0" PrivateAssets="all" />
-    <PackageReference Include="MinVer" Version="5.0.0" PrivateAssets="all" />
+    <PackageReference Include="MinVer" Version="6.0.0" PrivateAssets="all" />
     <None Include="..\..\.nuget\icon.png" Pack="true" Visible="false" PackagePath="icon.png" />
     <None Include="..\..\.nuget\$(MSBuildProjectName)\README.md" Pack="true" PackagePath="\" />
   </ItemGroup>
@@ -73,7 +74,7 @@
   </PropertyGroup>
 
   <ItemGroup Condition="'$(IsTestProject)' == 'true'">
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.10.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1" />
     <PackageReference Include="Microsoft.TestPlatform.ObjectModel" Version="17.10.0" Condition="$(TargetFramework.StartsWith('net4')) AND '$(IsLinux)' == 'true'" />
     <PackageReference Include="xunit" Version="2.9.0" />
     <PackageReference Include="xunit.runner.console" Version="2.9.0" />

src/Cuemon.AspNetCore.Authentication/AuthenticationOptions.cs

@@ -38,7 +38,7 @@ public abstract class AuthenticationOptions : AuthenticationSchemeOptions, IVali
         /// </remarks>
         protected AuthenticationOptions()
         {
-	        UnauthorizedMessage = "The request has not been applied because it lacks valid authentication credentials for the target resource.";
+            UnauthorizedMessage = "The request has not been applied because it lacks valid authentication credentials for the target resource.";
             ResponseHandler = () => new HttpResponseMessage(HttpStatusCode.Unauthorized) { Content = new StringContent(UnauthorizedMessage) };
             RequireSecureConnection = true;
         }
@@ -61,16 +61,16 @@ protected AuthenticationOptions()
         /// <value>The message of an unauthorized request.</value>
         public string UnauthorizedMessage { get; set; }
 
-		/// <summary>
-		/// Determines whether the public read-write properties of this instance are in a valid state.
-		/// </summary>
-		/// <exception cref="InvalidOperationException">
-		/// <seealso cref="UnauthorizedMessage"/> cannot be null.
-		/// </exception>
-		/// <remarks>This method is expected to throw exceptions when one or more conditions fails to be in a valid state.</remarks>
-		public virtual void ValidateOptions()
+        /// <summary>
+        /// Determines whether the public read-write properties of this instance are in a valid state.
+        /// </summary>
+        /// <exception cref="InvalidOperationException">
+        /// <seealso cref="UnauthorizedMessage"/> cannot be null.
+        /// </exception>
+        /// <remarks>This method is expected to throw exceptions when one or more conditions fails to be in a valid state.</remarks>
+        public virtual void ValidateOptions()
         {
-	        Validator.ThrowIfInvalidState(UnauthorizedMessage == null);
+            Validator.ThrowIfInvalidState(UnauthorizedMessage == null);
         }
     }
 }

src/Cuemon.AspNetCore.Authentication/AuthorizationHeader.cs

@@ -37,7 +37,7 @@ public virtual AuthorizationHeader Parse(string authorizationHeader, Action<Auth
             Validator.ThrowIfNullOrWhitespace(authorizationHeader);
             Validator.ThrowIfFalse(() => authorizationHeader.StartsWith(AuthenticationScheme), nameof(authorizationHeader), $"Header did not start with {AuthenticationScheme}.");
             Validator.ThrowIfInvalidConfigurator(setup, out var options);
-            
+
             var headerWithoutScheme = authorizationHeader.Remove(0, AuthenticationScheme.Length + 1);
             var credentials = DelimitedString.Split(headerWithoutScheme, o => o.Delimiter = options.CredentialsDelimiter).ToList();
 

src/Cuemon.AspNetCore.Authentication/Basic/BasicAuthenticationOptions.cs

@@ -45,19 +45,19 @@ public BasicAuthenticationOptions()
         /// <value>The realm that defines the protection space.</value>
         public string Realm { get; set; }
 
-		/// <summary>
-		/// Determines whether the public read-write properties of this instance are in a valid state.
-		/// </summary>
-		/// <exception cref="InvalidOperationException">
-		/// <seealso cref="Authenticator"/> cannot be null - or -
-		/// <seealso cref="Realm"/> cannot be null, empty or consist only of white-space characters.
-		/// </exception>
-		/// <remarks>This method is expected to throw exceptions when one or more conditions fails to be in a valid state.</remarks>
-		public override void ValidateOptions()
+        /// <summary>
+        /// Determines whether the public read-write properties of this instance are in a valid state.
+        /// </summary>
+        /// <exception cref="InvalidOperationException">
+        /// <seealso cref="Authenticator"/> cannot be null - or -
+        /// <seealso cref="Realm"/> cannot be null, empty or consist only of white-space characters.
+        /// </exception>
+        /// <remarks>This method is expected to throw exceptions when one or more conditions fails to be in a valid state.</remarks>
+        public override void ValidateOptions()
         {
             Validator.ThrowIfInvalidState(Authenticator == null);
             Validator.ThrowIfInvalidState(string.IsNullOrWhiteSpace(Realm));
-	        base.ValidateOptions();
+            base.ValidateOptions();
         }
     }
 }

src/Cuemon.AspNetCore.Authentication/Basic/BasicAuthorizationHeader.cs

@@ -75,13 +75,15 @@ public BasicAuthorizationHeader(string username, string password) : base(Scheme)
         /// <value>The password of the credentials.</value>
         public string Password { get; }
 
+        private static readonly char[] ColonSeparator = new[] { ':' };
+
         /// <summary>
         /// Returns a <see cref="string" /> that represents this instance.
         /// </summary>
         /// <returns>A <see cref="string" /> that represents this instance.</returns>
         public override string ToString()
         {
-            var credentials =  Convert.ToBase64String(Decorator.Enclose($"{UserName}:{Password}").ToByteArray());
+            var credentials = Convert.ToBase64String(Decorator.Enclose($"{UserName}:{Password}").ToByteArray());
             return $"{AuthenticationScheme} {credentials}";
         }
 
@@ -117,7 +119,7 @@ protected override AuthorizationHeader ParseCore(IReadOnlyDictionary<string, str
                 {
                     options.Encoding = Encoding.ASCII;
                     options.Preamble = PreambleSequence.Remove;
-                }).Split(new [] { ':' }, 2);
+                }).Split(ColonSeparator, 2);
 
                 if (plainCredentials.Length == 2 &&
                     !string.IsNullOrWhiteSpace(plainCredentials[0]) &&
@@ -129,4 +131,4 @@ protected override AuthorizationHeader ParseCore(IReadOnlyDictionary<string, str
             return null;
         }
     }
-}
+}

src/Cuemon.AspNetCore.Authentication/Basic/BasicAuthorizationHeaderBuilder.cs

@@ -34,15 +34,15 @@ public BasicAuthorizationHeaderBuilder AddPassword(string password)
         {
             return AddOrUpdate(BasicFields.Password, password);
         }
-        
+
         /// <summary>
         /// Builds an instance of <see cref="BasicAuthorizationHeader"/> that implements <see cref="AuthorizationHeader" />.
         /// </summary>
         /// <returns>An instance of <see cref="BasicAuthorizationHeader"/>.</returns>
         public override BasicAuthorizationHeader Build()
         {
             ValidateData(BasicFields.UserName, BasicFields.Password);
-            return new BasicAuthorizationHeader(Data[BasicFields.UserName], Data[BasicFields.Password]); 
+            return new BasicAuthorizationHeader(Data[BasicFields.UserName], Data[BasicFields.Password]);
         }
     }
 }

src/Cuemon.AspNetCore.Authentication/Digest/DigestAuthenticationHandler.cs

@@ -34,17 +34,17 @@ public DigestAuthenticationHandler(IOptionsMonitor<DigestAuthenticationOptions>
             _nonceTracker = nonceTracker;
         }
 #else
-		/// <summary>
-		/// Initializes a new instance of the <see cref="DigestAuthenticationHandler"/> class.
-		/// </summary>
-		/// <param name="options">The monitor for the options instance.</param>
-		/// <param name="logger">The <see cref="T:Microsoft.Extensions.Logging.ILoggerFactory" />.</param>
-		/// <param name="encoder">The <see cref="T:System.Text.Encodings.Web.UrlEncoder" />.</param>
-		/// <param name="nonceTracker">The dependency injected implementation of an <see cref="INonceTracker"/>.</param>
-		public DigestAuthenticationHandler(IOptionsMonitor<DigestAuthenticationOptions> options, ILoggerFactory logger, UrlEncoder encoder, INonceTracker nonceTracker = null) : base(options, logger, encoder)
-		{
-			_nonceTracker = nonceTracker;
-		}
+        /// <summary>
+        /// Initializes a new instance of the <see cref="DigestAuthenticationHandler"/> class.
+        /// </summary>
+        /// <param name="options">The monitor for the options instance.</param>
+        /// <param name="logger">The <see cref="T:Microsoft.Extensions.Logging.ILoggerFactory" />.</param>
+        /// <param name="encoder">The <see cref="T:System.Text.Encodings.Web.UrlEncoder" />.</param>
+        /// <param name="nonceTracker">The dependency injected implementation of an <see cref="INonceTracker"/>.</param>
+        public DigestAuthenticationHandler(IOptionsMonitor<DigestAuthenticationOptions> options, ILoggerFactory logger, UrlEncoder encoder, INonceTracker nonceTracker = null) : base(options, logger, encoder)
+        {
+            _nonceTracker = nonceTracker;
+        }
 #endif
 
         /// <summary>

src/Cuemon.AspNetCore.Authentication/Digest/DigestAuthenticationMiddleware.cs

@@ -46,12 +46,12 @@ public DigestAuthenticationMiddleware(RequestDelegate next, Action<DigestAuthent
         /// <remarks><c>qop</c> is included and supported to be compliant with RFC 2617 (hence, this implementation cannot revert to reduced legacy RFC 2069 mode).</remarks>
         public override async Task InvokeAsync(HttpContext context, INonceTracker di)
         {
-	        if (Options.Authenticator == null) { throw new InvalidOperationException(string.Create(CultureInfo.InvariantCulture, $"The {nameof(Options.Authenticator)} delegate cannot be null.")); }
-	        
-	        context.Items.TryAdd(nameof(DigestAuthenticationOptions), Options);
-	        context.Items.TryAdd(nameof(INonceTracker), di);
+            if (Options.Authenticator == null) { throw new InvalidOperationException(string.Create(CultureInfo.InvariantCulture, $"The {nameof(Options.Authenticator)} delegate cannot be null.")); }
 
-	        if (!Authenticator.TryAuthenticate(context, Options.RequireSecureConnection, AuthorizationHeaderParser, TryAuthenticate, out var principal))
+            context.Items.TryAdd(nameof(DigestAuthenticationOptions), Options);
+            context.Items.TryAdd(nameof(INonceTracker), di);
+
+            if (!Authenticator.TryAuthenticate(context, Options.RequireSecureConnection, AuthorizationHeaderParser, TryAuthenticate, out var principal))
             {
                 await Decorator.Enclose(context).InvokeUnauthorizedExceptionAsync(Options, principal.Failure, dc =>
                 {
@@ -66,18 +66,18 @@ await Decorator.Enclose(context).InvokeUnauthorizedExceptionAsync(Options, princ
             }
 
             context.User = principal.Result;
-			await Next.Invoke(context).ConfigureAwait(false);
+            await Next.Invoke(context).ConfigureAwait(false);
         }
 
         internal static bool TryAuthenticate(HttpContext context, DigestAuthorizationHeader header, out ConditionalValue<ClaimsPrincipal> result)
         {
-	        var options = context.Items[nameof(DigestAuthenticationOptions)] as DigestAuthenticationOptions;
+            var options = context.Items[nameof(DigestAuthenticationOptions)] as DigestAuthenticationOptions;
             var nonceTracker = context.Items[nameof(INonceTracker)] as INonceTracker;
-			if (options?.Authenticator == null)
-	        {
+            if (options?.Authenticator == null)
+            {
                 result = new UnsuccessfulValue<ClaimsPrincipal>(new SecurityException($"{nameof(options.Authenticator)} was unexpectedly set to null."));
-		        return false;
-	        }
+                return false;
+            }
 
             if (header == null)
             {