Various cleanup (#558)

* Various cleanup

* dotnet format

---------

Co-authored-by: joegoldman2 <[email protected]>

Author: joegoldman2

.github/workflows/main.yml

@@ -26,7 +26,7 @@ env:
   DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
   DOTNET_NOLOGO: true
   DOTNET_CLI_TELEMETRY_OPTOUT: true
-  
+
 jobs:
   # Determine version
   version:
@@ -43,7 +43,7 @@ jobs:
               echo "Invalid version: ${{ github.event.release.tag_name }}"
               exit 1
           fi
-          
+
           echo "version=${{ github.event.release.tag_name }}" >> $GITHUB_OUTPUT
 
       - name: Determine prerelease version
@@ -94,7 +94,7 @@ jobs:
       - name: Install .NET
         uses: actions/setup-dotnet@607fce577a46308457984d59e4954e075820f10a # v3.0.3
         with:
-          dotnet-version: | 
+          dotnet-version: |
             6.0.x
             8.0.x
 
@@ -133,7 +133,7 @@ jobs:
       - name: Install .NET
         uses: actions/setup-dotnet@607fce577a46308457984d59e4954e075820f10a # v3.0.3
         with:
-          dotnet-version: | 
+          dotnet-version: |
             6.0.x
             8.0.x
 
@@ -147,7 +147,7 @@ jobs:
           --configuration Release
           -p:ContinuousIntegrationBuild=true
           -p:Version=${{ needs.version.outputs.version }}
-          
+
       - name: Run pack
         run: >
           dotnet pack
@@ -186,7 +186,7 @@ jobs:
       - name: Install .NET
         uses: actions/setup-dotnet@607fce577a46308457984d59e4954e075820f10a # v3.0.3
         with:
-          dotnet-version: | 
+          dotnet-version: |
             6.0.x
             8.0.x
 

.github/workflows/release-drafter.yml

@@ -13,4 +13,4 @@ jobs:
       # Drafts your next Release notes as Pull Requests are merged into "master"
       - uses: release-drafter/release-drafter@v5
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

BlazorWasmDemo/Client/wwwroot/css/open-iconic/README.md

@@ -8,7 +8,7 @@
 ## What's in Open Iconic?
 
 * 223 icons designed to be legible down to 8 pixels
-* Super-light SVG files - 61.8 for the entire set 
+* Super-light SVG files - 61.8 for the entire set
 * SVG sprite—the modern replacement for icon fonts
 * Webfont (EOT, OTF, SVG, TTF, WOFF), PNG and WebP formats
 * Webfont stylesheets (including versions for Bootstrap and Foundation) in CSS, LESS, SCSS and Stylus formats
@@ -33,7 +33,7 @@ We like SVGs and we think they're the way to display icons on the web. Since Ope
 
 Open Iconic also comes in a SVG sprite which allows you to display all the icons in the set with a single request. It's like an icon font, without being a hack.
 
-Adding an icon from an SVG sprite is a little different than what you're used to, but it's still a piece of cake. *Tip: To make your icons easily style able, we suggest adding a general class to the* `<svg>` *tag and a unique class name for each different icon in the* `<use>` *tag.*  
+Adding an icon from an SVG sprite is a little different than what you're used to, but it's still a piece of cake. *Tip: To make your icons easily style able, we suggest adding a general class to the* `<svg>` *tag and a unique class name for each different icon in the* `<use>` *tag.*
 
 ```
 <svg class="icon">

BlazorWasmDemo/Server/Properties/launchSettings.json

@@ -34,4 +34,4 @@
       "sslPort": 44312
     }
   }
-}
+}

CHANGELOG.md

@@ -1,6 +1,6 @@
 # FIDO2 .NET library (WebAuthn)
 
-[Readme](https://github.com/passwordless-lib/fido2-net-lib/blob/master/README.md) 
+[Readme](https://github.com/passwordless-lib/fido2-net-lib/blob/master/README.md)
 
 2020-03-24 1.1.0
 - Refactored FIDO2 model
@@ -11,4 +11,4 @@
 - Conformance tool recently changed the way EdDSA signatures are verified.  This fix passes the test in v1.1.6.
 
 2019-07-31 1.0.1
-- initial release FIDO2 .NET library (WebAuthn)
+- initial release FIDO2 .NET library (WebAuthn)

CONTRIBUTING.md

@@ -51,7 +51,7 @@ OS's use different variable names to represent similar settings. Code should con
 For example, when looking for the user's home directory, on Windows the variable is `USERPROFILE` but on most Linux systems it is `HOME`.
 
 ```cs
-var homeDir = Environment.GetEnvironmentVariable("USERPROFILE") 
+var homeDir = Environment.GetEnvironmentVariable("USERPROFILE")
                   ?? Environment.GetEnvironmentVariable("HOME");
 ```
 

Demo/.config/dotnet-tools.json

@@ -9,4 +9,4 @@
       ]
     }
   }
-}
+}

Demo/Demo.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
+<Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
     <TargetFramework>net8.0</TargetFramework>

Demo/Properties/launchSettings.json

@@ -23,4 +23,4 @@
       "applicationUrl": "http://localhost:4729/;https://localhost:44329/"
     }
   }
-}
+}

Demo/appsettings.Development.json

@@ -1,4 +1,4 @@
-{
+{
   "Logging": {
     "IncludeScopes": false,
     "LogLevel": {

Demo/appsettings.json

@@ -1,11 +1,11 @@
-{
+{
   "fido2": {
     "serverDomain": "localhost",
     "origins": [ "https://localhost:44329" ],
     "timestampDriftTolerance": 300000,
     "backupEligibleCredentialPolicy": "allowed",
     "backedUpCredentialPolicy": "allowed"
-  },  
+  },
   "Logging": {
     "IncludeScopes": false,
     "LogLevel": {

Demo/bundleconfig.json

@@ -1,4 +1,4 @@
-// Configure bundling and minification for the project.
+// Configure bundling and minification for the project.
 // More info at https://go.microsoft.com/fwlink/?LinkId=808241
 [
   {

Demo/launchSettings.json

@@ -7,4 +7,4 @@
       "sslPort": 44329
     }
   }
-}
+}

Demo/wwwroot/js/.eslintrc.json

@@ -1,3 +1,3 @@
-{
+{
   "env": {"es6": true}
-}
+}

Documentation/NET46X.md

@@ -19,4 +19,4 @@ TypeLoadExceptions for types like "ECPoint" - essentially breaking the functiona
 ## FI0404
 
 Because NuGet doesn't give us the ability to reduce these frameworks from the .NET Standard restore graphs,
-we have to fall back to MSBuild errors preventing you to even build a project with the offending configurations.
+we have to fall back to MSBuild errors preventing you to even build a project with the offending configurations.

README.md

@@ -1,5 +1,5 @@
 # FIDO2 .NET Library (WebAuthn)
-A working implementation library + demo for [FIDO2](https://fidoalliance.org/fido2/) and [WebAuthn](https://www.w3.org/TR/webauthn/) using [.NET](https://dotnet.microsoft.com/)  
+A working implementation library + demo for [FIDO2](https://fidoalliance.org/fido2/) and [WebAuthn](https://www.w3.org/TR/webauthn/) using [.NET](https://dotnet.microsoft.com/)
 [![Build Status](https://dev.azure.com/anders/Fido2/_apis/build/status/abergs.fido2-net-lib?branchName=master)](https://dev.azure.com/anders/Fido2/_build/latest?definitionId=10&branchName=master)
 [![codecov](https://codecov.io/gh/passwordless-lib/fido2-net-lib/branch/master/graph/badge.svg)](https://codecov.io/gh/passwordless-lib/fido2-net-lib)
 [![Financial Contributors on Open Collective](https://opencollective.com/passwordless/all/badge.svg?label=financial+contributors)](https://opencollective.com/passwordless)
@@ -23,7 +23,7 @@ This project is part of the [.NET foundation](https://dotnetfoundation.org)
 
 ```Install-Package Fido2```
 
-To use the asp.net helpers, install the asp.net-package.  
+To use the asp.net helpers, install the asp.net-package.
 
 ```Install-Package Fido2.AspNet```
 
@@ -33,28 +33,28 @@ To use the asp.net helpers, install the asp.net-package.
 * [Code examples](#examples)
 
 ## What is FIDO2?
-**The passwordless web is coming.**  
+**The passwordless web is coming.**
 [FIDO2](https://fidoalliance.org/fido2/) / [WebAuthn](https://www.w3.org/TR/webauthn/) is a new open authentication standard, supported by [browsers](https://www.w3.org/Consortium/Member/List) and [many large tech companies](https://fidoalliance.org/members/) such as Microsoft, Google etc. The main driver is to allow a user to login without passwords, creating *passwordless flows* or strong MFA for user signup/login on websites. The standard is not limited to web applications with support coming to Active Directory and native apps. The technology builds on public/private keys, allowing authentication to happen without sharing a secret between the user & platform. This brings many benefits, such as easier and safer logins and makes phishing attempts extremely hard.
 
-Read more: 
+Read more:
 - [Why it's exciting](http://ideasof.andersaberg.com/development/the-passwordless-web)
 - [Medium](https://blog.tokenize.com/fido-2-0-what-is-it-and-why-are-we-excited-31a66df6e113)
 - [FIDO Alliance](https://fidoalliance.org/fido2/)
 - [Yubico](https://www.yubico.com/2018/08/10-things-youve-been-wondering-about-fido2-webauthn-and-a-passwordless-world/)
 - [WebAuthn.Guide](https://webauthn.guide/) from Duo Security
-- [WebAuthn.io](https://webauthn.io/) 
+- [WebAuthn.io](https://webauthn.io/)
 - [WebAuthn Awesome](https://github.com/herrjemand/WebauthnAwesome)
 
 ## Supported features
 
-- ✅ Attestation API & verification (Register and verify credentials/authenticators)  
+- ✅ Attestation API & verification (Register and verify credentials/authenticators)
 - ✅ Assertion API & verification (Authenticate users)
 - ✅ 100% pass rate in [conformance testing](#conformance-testing-tool) ([results](https://github.com/passwordless-lib/fido2-net-lib/issues/13#issuecomment-457318859))
 - ✅ FIDO2 security keys aka roaming authenticators ([spec](https://www.w3.org/TR/webauthn/#roaming-authenticators)), like SoloKeys [Solo](https://github.com/solokeys/solo/blob/master/README.md), Yubico [YubiKey](https://www.yubico.com/products/yubikey-hardware/), and Feitian [BioPass FIDO2](https://www.ftsafe.com/Products/FIDO2))
 - ✅ Device embedded authenticators aka platform authenticators ([spec](https://www.w3.org/TR/webauthn/#platform-authenticators)), like [Android Key](https://source.android.com/security/keystore/attestation) and [TPM](https://trustedcomputinggroup.org/resource/trusted-platform-module-2-0-a-brief-introduction/))
 - ✅ Backwards compatibility with FIDO U2F authenticators ([spec](https://www.w3.org/TR/#conforming-authenticators-u2f))
-- ✅ [Windows Hello](https://docs.microsoft.com/en-us/microsoft-edge/dev-guide/windows-integration/web-authentication) 
-- ✅ [Face ID and Touch ID for the Web](https://webkit.org/blog/11312/meet-face-id-and-touch-id-for-the-web/) (aka "Apple Hello") 
+- ✅ [Windows Hello](https://docs.microsoft.com/en-us/microsoft-edge/dev-guide/windows-integration/web-authentication)
+- ✅ [Face ID and Touch ID for the Web](https://webkit.org/blog/11312/meet-face-id-and-touch-id-for-the-web/) (aka "Apple Hello")
 - ✅ All currently referenced cryptographic algorithms for FIDO2 Server ([spec](https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-server-v2.0-rd-20180702.html#other))
 - ✅ All current attestation formats: "packed", "tpm", "android-key", "android-safetynet", "fido-u2f", "apple", "apple-appattest", and "none" ([spec](https://www.iana.org/assignments/webauthn/webauthn.xhtml))
 - ✅ FIDO2 Server attestation validation via FIDO Metadata Service V3 ([spec](https://fidoalliance.org/specs/mds/fido-metadata-service-v3.0-ps-20210518.html))
@@ -209,7 +209,7 @@ https://www.nuget.org/packages/Fido2/ and https://www.nuget.org/packages/Fido2.M
 See [Contributing](CONTRIBUTING.md) for information about contributing to the project.
 
 This project has adopted the code of conduct defined by the Contributor Covenant to clarify expected behavior in our community.
-For more information see the [.NET Foundation Code of Conduct](https://dotnetfoundation.org/code-of-conduct). 
+For more information see the [.NET Foundation Code of Conduct](https://dotnetfoundation.org/code-of-conduct).
 
 For security and penetration testing, please see our [Vulnerability Disclosure Program](./VDP.md)
 

SPONSORS.md

@@ -2,4 +2,4 @@ Backer / Plaintext
 * Veikko Eeva
 
 Donated
-* Jure Purgar 
+* Jure Purgar

Src/Fido2.AspNet/DistributedCacheMetadataService.cs

@@ -69,7 +69,7 @@ protected virtual DateTimeOffset GetMemoryCacheAbsoluteExpiryTime(DateTimeOffset
         var expiryTime = _systemClock.UtcNow.GetNextIncrement(_defaultMemoryCacheInterval);
 
         //Ensure that memory cache expiry time never exceeds the next update time from the service
-        if (nextUpdateTime.HasValue && expiryTime > nextUpdateTime.Value)
+        if (nextUpdateTime.HasValue && expiryTime > nextUpdateTime.Value)
             expiryTime = nextUpdateTime.Value;
 
         return expiryTime;
@@ -107,7 +107,7 @@ await _distributedCache.SetStringAsync(
             new DistributedCacheEntryOptions()
             {
                 AbsoluteExpiration = GetDistributedCacheAbsoluteExpiryTime(GetNextUpdateTimeFromPayload(payload))
-            },
+            },
             cancellationToken);
     }
 

Src/Fido2.AspNet/Fido2.AspNet.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
     <TargetFrameworks>$(SupportedTargetFrameworks)</TargetFrameworks>

Src/Fido2.BlazorWebAssembly/Fido2.BlazorWebAssembly.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk.Razor">
+<Project Sdk="Microsoft.NET.Sdk.Razor">
 
   <PropertyGroup>
     <TargetFrameworks>$(SupportedTargetFrameworks)</TargetFrameworks>

Src/Fido2.BlazorWebAssembly/tsconfig.json

@@ -1,4 +1,4 @@
-{
+{
   "compileOnSave": true,
   "compilerOptions": {
     "noImplicitAny": true,

Src/Fido2.Ctap2/Commands/AuthenticatorMakeCredentialCommand.cs

@@ -30,8 +30,8 @@ public AuthenticatorMakeCredentialCommand(
     public byte[] ClientDataHash { get; }
 
     /// <summary>
-    /// This PublicKeyCredentialRpEntity data structure describes a Relying Party with which the new public key credential will be associated. 
-    /// It contains the Relying party identifier of type text string, (optionally) a human-friendly RP name of type text string, and (optionally) a URL of type text string, referencing a RP icon image. 
+    /// This PublicKeyCredentialRpEntity data structure describes a Relying Party with which the new public key credential will be associated.
+    /// It contains the Relying party identifier of type text string, (optionally) a human-friendly RP name of type text string, and (optionally) a URL of type text string, referencing a RP icon image.
     /// </summary>
     [CborMember(0x02)]
     public PublicKeyCredentialRpEntity Rp { get; }
@@ -46,7 +46,7 @@ public AuthenticatorMakeCredentialCommand(
     public PubKeyCredParam[] PubKeyCredParams { get; }
 
     /// <summary>
-    /// The authenticator returns an error if the authenticator already contains one of the credentials enumerated in this sequence. 
+    /// The authenticator returns an error if the authenticator already contains one of the credentials enumerated in this sequence.
     /// This allows RPs to limit the creation of multiple credentials for the same account on a single authenticator.
     /// </summary>
     [CborMember(0x05)]
@@ -104,7 +104,7 @@ public AuthenticatorMakeCredentialCommand(
 
         if (Options is AuthenticatorMakeCredentialOptions options)
         {
-            // 0x07 : options     
+            // 0x07 : options
             cbor.Add(0x07, options.ToCborObject());
         }
 

Src/Fido2.Ctap2/Fido2.Ctap2.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
     <TargetFrameworks>$(SupportedTargetFrameworks)</TargetFrameworks>

Src/Fido2.Ctap2/Responses/AuthenticatorClientPinResponse.cs

@@ -7,7 +7,7 @@ public sealed class AuthenticatorClientPinResponse
 {
     /// <summary>
     /// Authenticator key agreement public key in COSE_Key format.
-    /// This will be used to establish a sharedSecret between platform and the authenticator. 
+    /// This will be used to establish a sharedSecret between platform and the authenticator.
     /// The COSE_Key-encoded public key MUST contain the optional "alg" parameter and MUST NOT contain any other optional parameters.
     /// The "alg" parameter MUST contain a COSEAlgorithmIdentifier value.
     /// </summary>

Src/Fido2.Ctap2/Responses/AuthenticatorGetAssertionResponse.cs

@@ -40,14 +40,14 @@ public sealed class AuthenticatorGetAssertionResponse
     public PublicKeyCredentialUserEntity? User { get; set; }
 
     /// <summary>
-    /// Total number of account credentials for the RP.This member is required when more than one account for the RP and the authenticator does not have a display. 
+    /// Total number of account credentials for the RP.This member is required when more than one account for the RP and the authenticator does not have a display.
     /// Omitted when returned for the authenticatorGetNextAssertion method.
     /// </summary>
     [CborMember(0x05)]
     public int? NumberOfCredentials { get; set; }
 
     /// <summary>
-    /// Indicates that a credential was selected by the user via interaction directly with the authenticator, and thus the platform does not need to confirm the credential. 
+    /// Indicates that a credential was selected by the user via interaction directly with the authenticator, and thus the platform does not need to confirm the credential.
     /// MUST NOT be present in response to a request where an allowList was given, where numberOfCredentials is greater than one, nor in response to an authenticatorGetNextAssertion request.
     /// </summary>
     [CborMember(0x06)]

Src/Fido2.Ctap2/Responses/AuthenticatorGetInfoResponse.cs

@@ -19,7 +19,7 @@ public sealed class AuthenticatorGetInfoResponse
     public string[] Extensions { get; set; }
 
     /// <summary>
-    /// The claimed AAGUID. 
+    /// The claimed AAGUID.
     /// 16 bytes in length and encoded the same as MakeCredential AuthenticatorData, as specified in [WebAuthn].
     /// </summary>
     [CborMember(0x03)]

Src/Fido2.Ctap2/Responses/AuthenticatorMakeCredentialResponse.cs

@@ -46,7 +46,7 @@ public static AuthenticatorMakeCredentialResponse FromCborObject(CborObject cbor
         {
             switch ((int)key)
             {
-                #pragma warning disable format                
+                #pragma warning disable format
                 case 0x01: result.Fmt          = (string)value;  break;
                 case 0x02: result.AuthData     = (byte[])value;  break;
                 case 0x03: result.AttStmt      = (CborMap)value; break;

Src/Fido2.Development/Fido2.Development.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
     <TargetFrameworks>$(SupportedTargetFrameworks)</TargetFrameworks>

Src/Fido2.Development/StoredCredential.cs

@@ -37,13 +37,13 @@ public class StoredCredential
     public bool IsBackedUp { get; set; }
 
     /// <summary>
-    /// The value of the attestationObject attribute when the public key credential source was registered. 
+    /// The value of the attestationObject attribute when the public key credential source was registered.
     /// Storing this enables the Relying Party to reference the credential's attestation statement at a later time.
     /// </summary>
     public byte[] AttestationObject { get; set; }
 
     /// <summary>
-    /// The value of the clientDataJSON attribute when the public key credential source was registered. 
+    /// The value of the clientDataJSON attribute when the public key credential source was registered.
     /// Storing this in combination with the above attestationObject item enables the Relying Party to re-verify the attestation signature at a later time.
     /// </summary>
     public byte[] AttestationClientDataJson { get; set; }