openiddict
diff --git a/‎Directory.Build.targets‎
Lines changed: 6 additions & 0 deletions b/‎Directory.Build.targets‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎gen/OpenIddict.Client.WebIntegration.Generators/OpenIddictClientWebIntegrationGenerator.cs‎
Lines changed: 3 additions & 4 deletions b/‎gen/OpenIddict.Client.WebIntegration.Generators/OpenIddictClientWebIntegrationGenerator.cs‎
Lines changed: 3 additions & 4 deletions
diff --git a/‎sandbox/OpenIddict.Sandbox.AspNet.Client/Startup.cs‎
Lines changed: 1 addition & 1 deletion b/‎sandbox/OpenIddict.Sandbox.AspNet.Client/Startup.cs‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎sandbox/OpenIddict.Sandbox.AspNet.Server/Startup.cs‎
Lines changed: 1 addition & 1 deletion b/‎sandbox/OpenIddict.Sandbox.AspNet.Server/Startup.cs‎
Lines changed: 1 addition & 1 deletion
@@ -68,6 +68,7 @@
     <DefineConstants>$(DefineConstants);SUPPORTS_HTTP_CLIENT_DEFAULT_REQUEST_VERSION_POLICY</DefineConstants>
     <DefineConstants>$(DefineConstants);SUPPORTS_HTTP_CLIENT_RESILIENCE</DefineConstants>
     <DefineConstants>$(DefineConstants);SUPPORTS_INT32_RANDOM_NUMBER_GENERATOR_METHODS</DefineConstants>
+    <DefineConstants>$(DefineConstants);SUPPORTS_KESTREL_TLS_HANDSHAKE_CALLBACK_OPTIONS</DefineConstants>
     <DefineConstants>$(DefineConstants);SUPPORTS_MULTIPLE_VALUES_IN_QUERYHELPERS</DefineConstants>
     <DefineConstants>$(DefineConstants);SUPPORTS_NAMED_PIPE_STATIC_FACTORY_WITH_ACL</DefineConstants>
     <DefineConstants>$(DefineConstants);SUPPORTS_ONE_SHOT_HASHING_METHODS</DefineConstants>
@@ -78,6 +79,9 @@
     <DefineConstants>$(DefineConstants);SUPPORTS_TEXT_ELEMENT_ENUMERATOR</DefineConstants>
     <DefineConstants>$(DefineConstants);SUPPORTS_VALUETASK_COMPLETED_TASK</DefineConstants>
     <DefineConstants>$(DefineConstants);SUPPORTS_WINFORMS_TASK_DIALOG</DefineConstants>
+    <DefineConstants>$(DefineConstants);SUPPORTS_X509_CHAIN_POLICY_CUSTOM_TRUST_STORE</DefineConstants>
+    <DefineConstants>$(DefineConstants);SUPPORTS_X509_CHAIN_POLICY_DOWNLOAD_MODE</DefineConstants>
+    <DefineConstants>$(DefineConstants);SUPPORTS_X509_CHAIN_POLICY_TRUST_MODE</DefineConstants>
     <DefineConstants>$(DefineConstants);SUPPORTS_ZLIB_COMPRESSION</DefineConstants>
   </PropertyGroup>
 
@@ -114,6 +118,8 @@
     <DefineConstants>$(DefineConstants);SUPPORTS_JSON_ELEMENT_DEEP_EQUALS</DefineConstants>
     <DefineConstants>$(DefineConstants);SUPPORTS_JSON_ELEMENT_PROPERTY_COUNT</DefineConstants>
     <DefineConstants>$(DefineConstants);SUPPORTS_TYPE_DESCRIPTOR_TYPE_REGISTRATION</DefineConstants>
+    <DefineConstants>$(DefineConstants);SUPPORTS_X509_CHAIN_POLICY_CLONING</DefineConstants>
+    <DefineConstants>$(DefineConstants);SUPPORTS_X509_CHAIN_POLICY_VERIFICATION_TIME_MODE</DefineConstants>
   </PropertyGroup>
 
   <PropertyGroup
 
@@ -628,7 +628,7 @@ public sealed partial class {{ provider.name }}
                 store.Open(OpenFlags.ReadOnly);
 
                 return store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, validOnly: false)
-                    .OfType<X509Certificate2>()
+                    .Cast<X509Certificate2>()
                     .SingleOrDefault();
             }
         }
@@ -652,7 +652,7 @@ public sealed partial class {{ provider.name }}
 
             return Set{{ setting.property_name }}(
                 store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, validOnly: false)
-                    .OfType<X509Certificate2>()
+                    .Cast<X509Certificate2>()
                     .SingleOrDefault() ?? throw new InvalidOperationException(SR.GetResourceString(SR.ID0066)));
         }
         {{~ else if setting.clr_type == 'bool' ~}}
@@ -1163,8 +1163,7 @@ public static partial void ConfigureProvider(OpenIddictClientRegistration regist
             if (settings.{{ setting.property_name }} is not null)
             {
                 // If the signing key is an asymmetric security key, ensure it has a private key.
-                if (settings.{{ setting.property_name }} is AsymmetricSecurityKey asymmetricSecurityKey &&
-                    asymmetricSecurityKey.PrivateKeyStatus is PrivateKeyStatus.DoesNotExist)
+                if (settings.{{ setting.property_name }} is AsymmetricSecurityKey { PrivateKeyStatus: PrivateKeyStatus.DoesNotExist })
                 {
                     throw new InvalidOperationException(SR.GetResourceString(SR.ID0067));
                 }
 
@@ -71,7 +71,7 @@ public void Configuration(IAppBuilder app)
                     ProviderDisplayName = "Local OIDC server",
 
                     ClientId = "mvc",
-                    ClientSecret = "901564A5-E7FE-42CB-B10D-61EF6A8F3654",
+                    ClientSecret = "emCimpdc9SeOaZzN5jzm4_eek-STF6VenfVlKO1_qt0",
                     Scopes = { Scopes.Email, Scopes.Profile, Scopes.OfflineAccess, "demo_api" },
 
                     RedirectUri = new Uri("callback/login/local", UriKind.Relative),
 
@@ -199,7 +199,7 @@ public void Configuration(IAppBuilder app)
                 {
                     ApplicationType = ApplicationTypes.Web,
                     ClientId = "mvc",
-                    ClientSecret = "901564A5-E7FE-42CB-B10D-61EF6A8F3654",
+                    ClientSecret = "emCimpdc9SeOaZzN5jzm4_eek-STF6VenfVlKO1_qt0",
                     ClientType = ClientTypes.Confidential,
                     ConsentType = ConsentTypes.Systematic,
                     DisplayName = "MVC client application",
Original file line number	Diff line number	Diff line change
`@@ -628,7 +628,7 @@ public sealed partial class {{ provider.name }}`
`628`	`628`	`store.Open(OpenFlags.ReadOnly);`
`629`	`629`
`630`	`630`	`return store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, validOnly: false)`
`631`		`- .OfType<X509Certificate2>()`
	`631`	`+ .Cast<X509Certificate2>()`
`632`	`632`	`.SingleOrDefault();`
`633`	`633`	`}`
`634`	`634`	`}`
`@@ -652,7 +652,7 @@ public sealed partial class {{ provider.name }}`
`652`	`652`
`653`	`653`	`return Set{{ setting.property_name }}(`
`654`	`654`	`store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, validOnly: false)`
`655`		`- .OfType<X509Certificate2>()`
	`655`	`+ .Cast<X509Certificate2>()`
`656`	`656`	`.SingleOrDefault() ?? throw new InvalidOperationException(SR.GetResourceString(SR.ID0066)));`
`657`	`657`	`}`
`658`	`658`	`{{~ else if setting.clr_type == 'bool' ~}}`
`@@ -1163,8 +1163,7 @@ public static partial void ConfigureProvider(OpenIddictClientRegistration regist`
`1163`	`1163`	`if (settings.{{ setting.property_name }} is not null)`
`1164`	`1164`	`{`
`1165`	`1165`	`// If the signing key is an asymmetric security key, ensure it has a private key.`
`1166`		`- if (settings.{{ setting.property_name }} is AsymmetricSecurityKey asymmetricSecurityKey &&`
`1167`		`- asymmetricSecurityKey.PrivateKeyStatus is PrivateKeyStatus.DoesNotExist)`
	`1166`	`+ if (settings.{{ setting.property_name }} is AsymmetricSecurityKey { PrivateKeyStatus: PrivateKeyStatus.DoesNotExist })`
`1168`	`1167`	`{`
`1169`	`1168`	`throw new InvalidOperationException(SR.GetResourceString(SR.ID0067));`
`1170`	`1169`	`}`
Original file line number	Diff line number	Diff line change
`@@ -199,7 +199,7 @@ public void Configuration(IAppBuilder app)`
`199`	`199`	`{`
`200`	`200`	`ApplicationType = ApplicationTypes.Web,`
`201`	`201`	`ClientId = "mvc",`
`202`		`- ClientSecret = "901564A5-E7FE-42CB-B10D-61EF6A8F3654",`
	`202`	`+ ClientSecret = "emCimpdc9SeOaZzN5jzm4_eek-STF6VenfVlKO1_qt0",`
`203`	`203`	`ClientType = ClientTypes.Confidential,`
`204`	`204`	`ConsentType = ConsentTypes.Systematic,`
`205`	`205`	`DisplayName = "MVC client application",`