Use var more

More usage of var for consistency, rather than using explicit types.

Author: martincostello

.editorconfig

@@ -85,7 +85,7 @@ dotnet_naming_symbols.constant_fields.required_modifiers          = const
 [*.cs]
 
 # var preferences
-csharp_style_var_for_built_in_types = false:suggestion
+csharp_style_var_for_built_in_types = true:suggestion
 csharp_style_var_when_type_is_apparent = true:silent
 csharp_style_var_elsewhere = true:silent
 

src/AspNet.Security.OAuth.Alipay/AlipayAuthenticationHandler.cs

@@ -72,7 +72,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
             context.Properties.Items.Remove(OAuthConstants.CodeVerifierKey);
         }
 
-        string address = QueryHelpers.AddQueryString(Options.TokenEndpoint, tokenRequestParameters);
+        var address = QueryHelpers.AddQueryString(Options.TokenEndpoint, tokenRequestParameters);
 
         using var response = await Backchannel.GetAsync(address, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
         if (!response.IsSuccessStatusCode)
@@ -85,7 +85,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
         using var document = JsonDocument.Parse(stream);
 
         var mainElement = document.RootElement.GetProperty("alipay_system_oauth_token_response");
-        if (!ValidateReturnCode(mainElement, out string code))
+        if (!ValidateReturnCode(mainElement, out var code))
         {
             return OAuthTokenResponse.Failed(new Exception($"An error (Code:{code}) occurred while retrieving an access token."));
         }
@@ -113,7 +113,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
         };
         parameters.Add("sign", GetRSA2Signature(parameters));
 
-        string address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, parameters);
+        var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, parameters);
 
         using var response = await Backchannel.GetAsync(address, Context.RequestAborted);
 
@@ -129,11 +129,11 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
 
         if (!rootElement.TryGetProperty("alipay_user_info_share_response", out JsonElement mainElement))
         {
-            string errorCode = rootElement.GetProperty("error_response").GetProperty("code").GetString()!;
+            var errorCode = rootElement.GetProperty("error_response").GetProperty("code").GetString()!;
             throw new Exception($"An error (Code:{errorCode}) occurred while retrieving user information.");
         }
 
-        if (!ValidateReturnCode(mainElement, out string code))
+        if (!ValidateReturnCode(mainElement, out var code))
         {
             throw new Exception($"An error (Code:{code}) occurred while retrieving user information.");
         }
@@ -192,14 +192,14 @@ private string GetRSA2Signature([NotNull] SortedDictionary<string, string?> sort
                    .Append('&');
         }
 
-        string plainText = builder.ToString();
-        byte[] plainBytes = Encoding.UTF8.GetBytes(plainText, 0, plainText.Length - 1); // Skip the last '&'
-        byte[] privateKeyBytes = Convert.FromBase64String(Options.ClientSecret);
+        var plainText = builder.ToString();
+        var plainBytes = Encoding.UTF8.GetBytes(plainText, 0, plainText.Length - 1); // Skip the last '&'
+        var privateKeyBytes = Convert.FromBase64String(Options.ClientSecret);
 
         using var rsa = RSA.Create();
         rsa.ImportRSAPrivateKey(privateKeyBytes, out _);
 
-        byte[] encryptedBytes = rsa.SignData(plainBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
+        var encryptedBytes = rsa.SignData(plainBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
 
         return Convert.ToBase64String(encryptedBytes);
     }
@@ -220,13 +220,13 @@ protected override string BuildChallengeUrl([NotNull] AuthenticationProperties p
 
         if (Options.UsePkce)
         {
-            byte[] bytes = RandomNumberGenerator.GetBytes(256 / 8);
-            string codeVerifier = WebEncoders.Base64UrlEncode(bytes);
+            var bytes = RandomNumberGenerator.GetBytes(256 / 8);
+            var codeVerifier = WebEncoders.Base64UrlEncode(bytes);
 
             // Store this for use during the code redemption.
             properties.Items.Add(OAuthConstants.CodeVerifierKey, codeVerifier);
 
-            byte[] challengeBytes = SHA256.HashData(Encoding.UTF8.GetBytes(codeVerifier));
+            var challengeBytes = SHA256.HashData(Encoding.UTF8.GetBytes(codeVerifier));
             parameters[OAuthConstants.CodeChallengeKey] = WebEncoders.Base64UrlEncode(challengeBytes);
             parameters[OAuthConstants.CodeChallengeMethodKey] = OAuthConstants.CodeChallengeMethodS256;
         }

src/AspNet.Security.OAuth.Deezer/DeezerAuthenticationHandler.cs

@@ -39,13 +39,13 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
         };
 
         // PKCE https://tools.ietf.org/html/rfc7636#section-4.5, see BuildChallengeUrl
-        if (context.Properties.Items.TryGetValue(OAuthConstants.CodeVerifierKey, out string? codeVerifier))
+        if (context.Properties.Items.TryGetValue(OAuthConstants.CodeVerifierKey, out var codeVerifier))
         {
             tokenRequestParameters.Add(OAuthConstants.CodeVerifierKey, codeVerifier);
             context.Properties.Items.Remove(OAuthConstants.CodeVerifierKey);
         }
 
-        string endpoint = QueryHelpers.AddQueryString(Options.TokenEndpoint, tokenRequestParameters);
+        var endpoint = QueryHelpers.AddQueryString(Options.TokenEndpoint, tokenRequestParameters);
 
         using var requestMessage = new HttpRequestMessage(HttpMethod.Get, endpoint);
         requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue(MediaTypeNames.Application.Json));
@@ -65,7 +65,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
         [NotNull] AuthenticationProperties properties,
         [NotNull] OAuthTokenResponse tokens)
     {
-        string address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken!);
+        var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken!);
 
         using var request = new HttpRequestMessage(HttpMethod.Get, address);
         request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue(MediaTypeNames.Application.Json));
@@ -90,7 +90,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
     protected override string BuildChallengeUrl([NotNull] AuthenticationProperties properties, [NotNull] string redirectUri)
     {
         var scopeParameter = properties.GetParameter<ICollection<string>>(OAuthChallengeProperties.ScopeKey);
-        string scopes = scopeParameter != null ? FormatScope(scopeParameter) : FormatScope();
+        var scopes = scopeParameter != null ? FormatScope(scopeParameter) : FormatScope();
 
         var parameters = new Dictionary<string, string?>
         {
@@ -101,13 +101,13 @@ protected override string BuildChallengeUrl([NotNull] AuthenticationProperties p
 
         if (Options.UsePkce)
         {
-            byte[] bytes = RandomNumberGenerator.GetBytes(256 / 8);
-            string codeVerifier = WebEncoders.Base64UrlEncode(bytes);
+            var bytes = RandomNumberGenerator.GetBytes(256 / 8);
+            var codeVerifier = WebEncoders.Base64UrlEncode(bytes);
 
             // Store this for use during the code redemption.
             properties.Items.Add(OAuthConstants.CodeVerifierKey, codeVerifier);
 
-            byte[] challengeBytes = SHA256.HashData(Encoding.UTF8.GetBytes(codeVerifier));
+            var challengeBytes = SHA256.HashData(Encoding.UTF8.GetBytes(codeVerifier));
             parameters[OAuthConstants.CodeChallengeKey] = WebEncoders.Base64UrlEncode(challengeBytes);
             parameters[OAuthConstants.CodeChallengeMethodKey] = OAuthConstants.CodeChallengeMethodS256;
         }

src/AspNet.Security.OAuth.Mixcloud/MixcloudAuthenticationHandler.cs

@@ -83,7 +83,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
         [NotNull] AuthenticationProperties properties,
         [NotNull] OAuthTokenResponse tokens)
     {
-        string address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken!);
+        var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken!);
 
         using var request = new HttpRequestMessage(HttpMethod.Get, address);
         request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

src/AspNet.Security.OAuth.Shopify/ShopifyAuthenticationHandler.cs

@@ -35,7 +35,10 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
         [NotNull] AuthenticationProperties properties,
         [NotNull] OAuthTokenResponse tokens)
     {
-        string uri = string.Format(CultureInfo.InvariantCulture, ShopifyAuthenticationDefaults.UserInformationEndpointFormat, properties.Items[ShopifyAuthenticationDefaults.ShopNameAuthenticationProperty]);
+        var uri = string.Format(
+            CultureInfo.InvariantCulture,
+            ShopifyAuthenticationDefaults.UserInformationEndpointFormat,
+            properties.Items[ShopifyAuthenticationDefaults.ShopNameAuthenticationProperty]);
 
         using var request = new HttpRequestMessage(HttpMethod.Get, uri);
         request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
@@ -52,23 +55,23 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
 
         // In Shopify, the customer can modify the scope given to the app. Apps should verify
         // that the customer is allowing the required scope.
-        string actualScope = tokens.Response!.RootElement.GetString("scope") ?? string.Empty;
-        bool isPersistent = true;
+        var actualScope = tokens.Response!.RootElement.GetString("scope") ?? string.Empty;
+        var isPersistent = true;
 
         // If the request was for a "per-user" (i.e. no offline access)
         if (tokens.Response.RootElement.TryGetProperty("expires_in", out var expiresInProperty))
         {
             isPersistent = false;
 
-            if (expiresInProperty.TryGetInt32(out int expiresIn))
+            if (expiresInProperty.TryGetInt32(out var expiresIn))
             {
                 var expires = Clock.UtcNow.AddSeconds(expiresIn);
                 identity.AddClaim(new Claim(ClaimTypes.Expiration, expires.ToString("O", CultureInfo.InvariantCulture), ClaimValueTypes.DateTime));
             }
 
             actualScope = tokens.Response.RootElement.GetString("associated_user_scope") ?? string.Empty;
 
-            string userData = tokens.Response.RootElement.GetString("associated_user") ?? string.Empty;
+            var userData = tokens.Response.RootElement.GetString("associated_user") ?? string.Empty;
             identity.AddClaim(new Claim(ClaimTypes.UserData, userData));
         }
 
@@ -94,16 +97,16 @@ protected override string FormatScope([NotNull] IEnumerable<string> scopes)
     /// <inheritdoc />
     protected override string BuildChallengeUrl([NotNull] AuthenticationProperties properties, [NotNull] string redirectUri)
     {
-        if (!properties.Items.TryGetValue(ShopifyAuthenticationDefaults.ShopNameAuthenticationProperty, out string? shopName))
+        if (!properties.Items.TryGetValue(ShopifyAuthenticationDefaults.ShopNameAuthenticationProperty, out var shopName))
         {
             Log.ShopNameMissing(Logger);
             throw new InvalidOperationException("Shopify provider AuthenticationProperties must contain ShopNameAuthenticationProperty.");
         }
 
-        string authorizationEndpoint = string.Format(CultureInfo.InvariantCulture, Options.AuthorizationEndpoint, shopName);
+        var authorizationEndpoint = string.Format(CultureInfo.InvariantCulture, Options.AuthorizationEndpoint, shopName);
 
         // Get the permission scope, which can either be set in options or overridden in AuthenticationProperties.
-        if (!properties.Items.TryGetValue(ShopifyAuthenticationDefaults.ShopScopeAuthenticationProperty, out string? scope))
+        if (!properties.Items.TryGetValue(ShopifyAuthenticationDefaults.ShopScopeAuthenticationProperty, out var scope))
         {
             var scopeParameter = properties.GetParameter<ICollection<string>>(OAuthChallengeProperties.ScopeKey);
             scope = scopeParameter != null ? FormatScope(scopeParameter) : FormatScope();
@@ -118,23 +121,23 @@ protected override string BuildChallengeUrl([NotNull] AuthenticationProperties p
 
         if (Options.UsePkce)
         {
-            byte[] bytes = RandomNumberGenerator.GetBytes(256 / 8);
-            string codeVerifier = WebEncoders.Base64UrlEncode(bytes);
+            var bytes = RandomNumberGenerator.GetBytes(256 / 8);
+            var codeVerifier = WebEncoders.Base64UrlEncode(bytes);
 
             // Store this for use during the code redemption.
             properties.Items.Add(OAuthConstants.CodeVerifierKey, codeVerifier);
 
-            byte[] challengeBytes = SHA256.HashData(Encoding.UTF8.GetBytes(codeVerifier));
+            var challengeBytes = SHA256.HashData(Encoding.UTF8.GetBytes(codeVerifier));
             parameters[OAuthConstants.CodeChallengeKey] = WebEncoders.Base64UrlEncode(challengeBytes);
             parameters[OAuthConstants.CodeChallengeMethodKey] = OAuthConstants.CodeChallengeMethodS256;
         }
 
         parameters["state"] = Options.StateDataFormat.Protect(properties);
 
-        string challengeUrl = QueryHelpers.AddQueryString(authorizationEndpoint, parameters);
+        var challengeUrl = QueryHelpers.AddQueryString(authorizationEndpoint, parameters);
 
         // If we're requesting a per-user, online only, token, add the grant_options query param.
-        if (properties.Items.TryGetValue(ShopifyAuthenticationDefaults.GrantOptionsAuthenticationProperty, out string? grantOptions) &&
+        if (properties.Items.TryGetValue(ShopifyAuthenticationDefaults.GrantOptionsAuthenticationProperty, out var grantOptions) &&
             grantOptions == ShopifyAuthenticationDefaults.PerUserAuthenticationPropertyValue)
         {
             challengeUrl = QueryHelpers.AddQueryString(challengeUrl, "grant_options[]", ShopifyAuthenticationDefaults.PerUserAuthenticationPropertyValue);
@@ -167,7 +170,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
             var shopValue = Context.Request.Query["shop"];
             var stateValue = Context.Request.Query["state"];
 
-            string shop = shopValue.ToString();
+            var shop = shopValue.ToString();
 
             // Shop name must end with myshopify.com
             if (!shop.EndsWith(".myshopify.com", StringComparison.OrdinalIgnoreCase))
@@ -182,7 +185,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
             // request the token. This probably isn't necessary, but it's an easy extra verification.
             var authenticationProperties = Options.StateDataFormat.Unprotect(stateValue);
 
-            string? shopNamePropertyValue = authenticationProperties?.Items[ShopifyAuthenticationDefaults.ShopNameAuthenticationProperty];
+            var shopNamePropertyValue = authenticationProperties?.Items[ShopifyAuthenticationDefaults.ShopNameAuthenticationProperty];
 
             if (!string.Equals(shopNamePropertyValue, shopDns, StringComparison.OrdinalIgnoreCase))
             {
@@ -195,7 +198,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
             return OAuthTokenResponse.Failed(ex);
         }
 
-        string uri = string.Format(CultureInfo.InvariantCulture, Options.TokenEndpoint, shopDns);
+        var uri = string.Format(CultureInfo.InvariantCulture, Options.TokenEndpoint, shopDns);
 
         using var request = new HttpRequestMessage(HttpMethod.Post, uri);
         request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/x-www-form-urlencoded"));

src/AspNet.Security.OAuth.Weixin/WeixinAuthenticationHandler.cs

@@ -54,11 +54,13 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
         [NotNull] AuthenticationProperties properties,
         [NotNull] OAuthTokenResponse tokens)
     {
-        string address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, new Dictionary<string, string?>
+        var parameters = new Dictionary<string, string?>
         {
             ["access_token"] = tokens.AccessToken,
             ["openid"] = tokens.Response?.RootElement.GetString("openid")
-        });
+        };
+
+        var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, parameters);
 
         using var response = await Backchannel.GetAsync(address);
         if (!response.IsSuccessStatusCode)
@@ -102,7 +104,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OA
             context.Properties.Items.Remove(OAuthConstants.CodeVerifierKey);
         }
 
-        string address = QueryHelpers.AddQueryString(Options.TokenEndpoint, tokenRequestParameters);
+        var address = QueryHelpers.AddQueryString(Options.TokenEndpoint, tokenRequestParameters);
 
         using var response = await Backchannel.GetAsync(address);
         if (!response.IsSuccessStatusCode)
@@ -150,8 +152,8 @@ protected override string BuildChallengeUrl([NotNull] AuthenticationProperties p
             parameters[OAuthConstants.CodeChallengeMethodKey] = OAuthConstants.CodeChallengeMethodS256;
         }
 
-        string state = Options.StateDataFormat.Protect(properties);
-        bool addRedirectHash = false;
+        var state = Options.StateDataFormat.Protect(properties);
+        var addRedirectHash = false;
 
         if (!IsWeixinAuthorizationEndpointInUse())
         {
@@ -163,7 +165,7 @@ protected override string BuildChallengeUrl([NotNull] AuthenticationProperties p
         parameters["redirect_uri"] = redirectUri;
         parameters[State] = addRedirectHash ? OauthState : state;
 
-        string challengeUrl = QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, parameters);
+        var challengeUrl = QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, parameters);
 
         if (addRedirectHash)
         {