Add .NET analyzer

ref #44
authgear · Jun 2, 2022 · 4e0f493 · 4e0f493
2 parents b5c05a3 + 8e11a3f
commit 4e0f493
Show file tree

Hide file tree

Showing 36 changed files with 336 additions and 244 deletions.
diff --git a/Authgear.Xamarin/.editorconfig b/Authgear.Xamarin/.editorconfig
@@ -4,4 +4,42 @@ dotnet_separate_import_directive_groups = false
 csharp_new_line_before_open_brace = all
 csharp_new_line_before_catch = true
 csharp_new_line_before_else = true
-csharp_new_line_before_finally = true
+csharp_new_line_before_finally = true
+
+# CA1032: Implement standard exception constructors
+dotnet_diagnostic.CA1032.severity = none
+
+# CA1031: Do not catch general exception types
+dotnet_diagnostic.CA1031.severity = none
+
+# CA1307: Specify StringComparison for clarity
+# Some methods are not available in netstandard
+dotnet_diagnostic.CA1307.severity = none
+
+# CA1056: URI-like properties should not be strings
+dotnet_diagnostic.CA1056.severity = none
+
+# CA2227: Collection properties should be read only
+dotnet_diagnostic.CA2227.severity = none
+
+# CA1003: Use generic event handler instances
+dotnet_diagnostic.CA1003.severity = none
+
+# CA1062: Validate arguments of public methods
+# Not needed with NRT
+dotnet_diagnostic.CA1062.severity = none
+
+# CA2208: Instantiate argument exceptions correctly
+dotnet_diagnostic.CA2208.severity = none
+
+# CA2208: Type names should not match namespaces
+dotnet_diagnostic.CA1724.severity = none
+
+# CA1054: URI-like parameters should not be strings
+dotnet_diagnostic.CA1054.severity = none
+
+# CA2237: Mark ISerializable types with SerializableAttribute
+dotnet_diagnostic.CA2237.severity = none
+
+# CA1014: Mark assemblies with CLSCompliantAttribute
+dotnet_diagnostic.CA1014.severity = none
diff --git a/Authgear.Xamarin/AnonymousUserIosException.ios.cs b/Authgear.Xamarin/AnonymousUserIosException.ios.cs
@@ -1,4 +1,5 @@
 using System;
+using System.Globalization;
 using Foundation;
 using Security;
 
@@ -13,7 +14,7 @@ public AnonymousUserIosException(NSError error) : base("")
             Error = error;
         }
 
-        public AnonymousUserIosException(SecStatusCode code) : this(new NSError(NSError.OsStatusErrorDomain, Convert.ToInt32(code)))
+        public AnonymousUserIosException(SecStatusCode code) : this(new NSError(NSError.OsStatusErrorDomain, Convert.ToInt32(code, CultureInfo.InvariantCulture)))
         {
 
         }

diff --git a/Authgear.Xamarin/AnonymousUserNotFoundException.cs b/Authgear.Xamarin/AnonymousUserNotFoundException.cs
@@ -4,7 +4,7 @@
 
 namespace Authgear.Xamarin
 {
-    internal class AnonymousUserNotFoundException : Exception
+    public class AnonymousUserNotFoundException : Exception
     {
         public AnonymousUserNotFoundException() : base() { }
     }

diff --git a/Authgear.Xamarin/AuthenticateOptions.cs b/Authgear.Xamarin/AuthenticateOptions.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections.Generic;
+using System.Collections.ObjectModel;
 using System.Text;
 using Authgear.Xamarin.Oauth;
 
@@ -9,9 +10,9 @@ public class AuthenticateOptions
     {
         public string RedirectUri { get; set; }
         public string? State { get; set; }
-        public List<PromptOption>? PromptOptions { get; set; }
+        public IReadOnlyCollection<PromptOption>? PromptOptions { get; set; }
         public string? LoginHint { get; set; }
-        public List<string>? UiLocales { get; set; }
+        public IReadOnlyCollection<string>? UiLocales { get; set; }
         public ColorScheme? ColorScheme { get; set; }
         public AuthenticatePage? Page { get; set; }
 

diff --git a/Authgear.Xamarin/Authgear.Xamarin.csproj b/Authgear.Xamarin/Authgear.Xamarin.csproj
@@ -19,14 +19,16 @@
 	  <PackageLicenseFile>LICENSE</PackageLicenseFile>
 	  <PackageRequireLicenseAcceptance>true</PackageRequireLicenseAcceptance>
 	  <PackageProjectUrl>https://github.com/authgear/authgear-sdk-xamarin</PackageProjectUrl>
-	  <!-- TODO: Can we use 9.0 for init only setters? -->
 	  <LangVersion>8.0</LangVersion>
 	  <Nullable>enable</Nullable>
+	  <AnalysisMode>AllEnabledByDefault</AnalysisMode>
+	  <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
   </PropertyGroup>
 
   <ItemGroup>
     <PackageReference Include="System.Text.Json" Version="6.0.3" />
     <PackageReference Include="Xamarin.Essentials" Version="1.7.2" />
+	<PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="6.0.0" PrivateAssets="all" />
   </ItemGroup>
 
 	<ItemGroup>

diff --git a/Authgear.Xamarin/AuthgearException.netstandard.cs b/Authgear.Xamarin/AuthgearException.netstandard.cs
@@ -6,7 +6,7 @@ namespace Authgear.Xamarin
 {
     public partial class AuthgearException
     {
-        internal static Exception? PlatformWrap(Exception ex)
+        internal static Exception? PlatformWrap(Exception _)
         {
             return null;
         }

diff --git a/Authgear.Xamarin/AuthgearSdk.cs b/Authgear.Xamarin/AuthgearSdk.cs
diff --git a/Authgear.Xamarin/AuthgearSdk.ios.cs b/Authgear.Xamarin/AuthgearSdk.ios.cs
@@ -13,13 +13,16 @@ public partial class AuthgearSdk
         /// </summary>
         /// <param name="app">Dummy tag argument to denote this constructor is for ios</param>
         /// <param name="options"></param>
-        public AuthgearSdk(UIApplication app, AuthgearOptions options) : this(options)
+        public AuthgearSdk(UIApplication _, AuthgearOptions options) : this(options)
         {
             biometric = new Biometric();
             keyRepo = new KeyRepo();
             webView = new WebView();
         }
+        // Other platform's implementation is not static
+#pragma warning disable CA1822 // Mark members as static
         private DeviceInfoRoot PlatformGetDeviceInfo()
+#pragma warning restore CA1822 // Mark members as static
         {
             return new DeviceInfoRoot
             {

diff --git a/Authgear.Xamarin/BiometricIosException.ios.cs b/Authgear.Xamarin/BiometricIosException.ios.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections.Generic;
+using System.Globalization;
 using System.Text;
 using Foundation;
 using Security;
@@ -15,7 +16,7 @@ public BiometricIosException(NSError error) : base("")
             Error = error;
         }
 
-        public BiometricIosException(SecStatusCode code) : this(new NSError(NSError.OsStatusErrorDomain, Convert.ToInt32(code)))
+        public BiometricIosException(SecStatusCode code) : this(new NSError(NSError.OsStatusErrorDomain, Convert.ToInt32(code, CultureInfo.InvariantCulture)))
         {
 
         }

diff --git a/Authgear.Xamarin/BiometricPromptAuthenticationException.android.cs b/Authgear.Xamarin/BiometricPromptAuthenticationException.android.cs
@@ -5,7 +5,7 @@
 
 namespace Authgear.Xamarin
 {
-    internal class BiometricPromptAuthenticationException : Exception
+    public class BiometricPromptAuthenticationException : Exception
     {
         public int ErrorCode { get; private set; }
         public BiometricPromptAuthenticationException(string message) : base(message) { }

diff --git a/Authgear.Xamarin/CodeVerifier.cs b/Authgear.Xamarin/CodeVerifier.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections.Generic;
+using System.Globalization;
 using System.Linq;
 using System.Security.Cryptography;
 using System.Text;
@@ -18,20 +19,20 @@ public CodeVerifier(RandomNumberGenerator generator)
             using (var provider = generator)
             {
                 provider.GetBytes(bytes);
-                Verifier = string.Join("", bytes.Select(x => x.ToString("x2")));
+                Verifier = string.Join("", bytes.Select(x => x.ToString("x2", CultureInfo.InvariantCulture)));
             }
             Challenge = ComputeCodeChallenge(Verifier);
         }
 
-        private string ComputeCodeChallenge(string verifier)
+        private static string ComputeCodeChallenge(string verifier)
         {
             var hash = Sha256(verifier);
             return ConvertExtensions.ToBase64UrlSafeString(hash);
         }
 
-        private byte[] Sha256(string input)
+        private static byte[] Sha256(string input)
         {
-            var sha256 = SHA256.Create();
+            using var sha256 = SHA256.Create();
             return sha256.ComputeHash(Encoding.UTF8.GetBytes(input));
         }
     }

diff --git a/Authgear.Xamarin/Data/Biometric.android.cs b/Authgear.Xamarin/Data/Biometric.android.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections.Generic;
+using System.Globalization;
 using System.Text;
 using System.Threading.Tasks;
 using Android.Content;
@@ -14,6 +15,7 @@
 
 namespace Authgear.Xamarin.Data
 {
+    [System.Diagnostics.CodeAnalysis.SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope", Justification = "Xamarin objects are managed")]
     internal class Biometric : IBiometric
     {
         private const int BiometricOnly = BiometricManager.Authenticators.BiometricStrong;
@@ -82,7 +84,7 @@ internal Biometric(Context context)
             this.context = context;
         }
 
-        private void EnsureApiLevel()
+        private static void EnsureApiLevel()
         {
             if (Build.VERSION.SdkInt < BuildVersionCodes.M)
             {
@@ -102,17 +104,17 @@ public void EnsureIsSupported(BiometricOptions options)
 
         public void RemoveBiometric(string kid)
         {
-            var alias = string.Format(AliasFormat, kid);
+            var alias = string.Format(CultureInfo.InvariantCulture, AliasFormat, kid);
             RemovePrivateKey(alias);
         }
-        private void RemovePrivateKey(string alias)
+        private static void RemovePrivateKey(string alias)
         {
             var keystore = KeyStore.GetInstance(AndroidKeyStore)!;
             keystore.Load(null);
             keystore.DeleteEntry(alias);
         }
 
-        private KeyPair GetPrivateKey(string alias)
+        private static KeyPair GetPrivateKey(string alias)
         {
             var keyStore = KeyStore.GetInstance(AndroidKeyStore)!;
             keyStore.Load(null);
@@ -146,7 +148,7 @@ public async Task<BiometricEnableResult> EnableBiometricAsync(BiometricOptions o
             var optionsAn = options.Android;
             var promptInfo = BuildPromptInfo(optionsAn);
             var kid = Guid.NewGuid().ToString();
-            var alias = string.Format(AliasFormat, kid);
+            var alias = string.Format(CultureInfo.InvariantCulture, AliasFormat, kid);
             var spec = MakeGenerateKeyPairSpec(alias, ToKeyPropertiesAuthType(optionsAn.AccessConstraint), optionsAn.InvalidatedByBiometricEnrollment);
             var keyPair = CreateKeyPair(spec);
             var jwk = Jwk.FromPublicKey(kid, keyPair.Public!);
@@ -160,7 +162,7 @@ public async Task<BiometricEnableResult> EnableBiometricAsync(BiometricOptions o
             var payload = new JwtPayload(DateTimeOffset.Now, challenge, "setup", deviceInfo);
             var lockedSignature = KeyRepo.MakeSignature(keyPair.Private!);
             var cryptoObject = new CryptoObject(lockedSignature);
-            var jwt = await Authenticate(promptInfo, cryptoObject, header, payload);
+            var jwt = await Authenticate(promptInfo, cryptoObject, header, payload).ConfigureAwait(false);
             return new BiometricEnableResult { Kid = kid, Jwt = jwt };
         }
 
@@ -173,7 +175,7 @@ public async Task<string> AuthenticateBiometricAsync(BiometricOptions options, s
             EnsureApiLevel();
             EnsureCanAuthenticate(options);
             var promptInfo = BuildPromptInfo(options.Android);
-            var alias = string.Format(AliasFormat, kid);
+            var alias = string.Format(CultureInfo.InvariantCulture, AliasFormat, kid);
             try
             {
                 var keyPair = GetPrivateKey(alias);
@@ -188,21 +190,21 @@ public async Task<string> AuthenticateBiometricAsync(BiometricOptions options, s
                 var payload = new JwtPayload(DateTimeOffset.Now, challenge, "authenticate", deviceInfo);
                 var lockedSignature = KeyRepo.MakeSignature(keyPair.Private!);
                 var cryptoObject = new CryptoObject(lockedSignature);
-                return await Authenticate(promptInfo, cryptoObject, header, payload);
+                return await Authenticate(promptInfo, cryptoObject, header, payload).ConfigureAwait(false);
             }
             catch (Exception ex)
             {
                 throw AuthgearException.Wrap(ex);
             }
         }
 
-        private PromptInfo BuildPromptInfo(BiometricOptionsAndroid options)
+        private static PromptInfo BuildPromptInfo(BiometricOptionsAndroid options)
         {
             var authenticators = ToAuthenticators(options.AccessConstraint);
             return BuildPromptInfo(options.Title, options.Subtitle, options.Description, options.NegativeButtonText, authenticators);
         }
 
-        private PromptInfo BuildPromptInfo(string? title, string? subtitle, string? description, string? negativeButtonText, int authenticators)
+        private static PromptInfo BuildPromptInfo(string? title, string? subtitle, string? description, string? negativeButtonText, int authenticators)
         {
             var builder = new PromptInfo.Builder()
                 .SetTitle(title)
@@ -219,7 +221,7 @@ private PromptInfo BuildPromptInfo(string? title, string? subtitle, string? desc
             return builder.Build();
         }
 
-        private KeyGenParameterSpec MakeGenerateKeyPairSpec(string alias, KeyPropertiesAuthType type, bool invalidatedByBiometricEnrollment)
+        private static KeyGenParameterSpec MakeGenerateKeyPairSpec(string alias, KeyPropertiesAuthType type, bool invalidatedByBiometricEnrollment)
         {
             var builder = new KeyGenParameterSpec.Builder(alias, KeyStorePurpose.Sign | KeyStorePurpose.Verify)
                 .SetKeySize(KeySize)
@@ -228,7 +230,7 @@ private KeyGenParameterSpec MakeGenerateKeyPairSpec(string alias, KeyPropertiesA
                 .SetUserAuthenticationRequired(true);
             if (Build.VERSION.SdkInt >= BuildVersionCodes.R)
             {
-                builder.SetUserAuthenticationParameters(0 /* 0 means require authentication every time */, Convert.ToInt32(type));
+                builder.SetUserAuthenticationParameters(0 /* 0 means require authentication every time */, Convert.ToInt32(type, CultureInfo.InvariantCulture));
             }
             if (Build.VERSION.SdkInt >= BuildVersionCodes.N)
             {
@@ -265,14 +267,14 @@ private KeyGenParameterSpec MakeGenerateKeyPairSpec(string alias, KeyPropertiesA
             return builder.Build();
         }
 
-        private KeyPair CreateKeyPair(KeyGenParameterSpec spec)
+        private static KeyPair CreateKeyPair(KeyGenParameterSpec spec)
         {
             var generator = KeyPairGenerator.GetInstance(KeyProperties.KeyAlgorithmRsa, AndroidKeyStore)!;
             generator.Initialize(spec);
             return generator.GenerateKeyPair()!;
         }
 
-        private Task<string> Authenticate(PromptInfo promptInfo, CryptoObject cryptoObject, JwtHeader header, JwtPayload payload)
+        private static Task<string> Authenticate(PromptInfo promptInfo, CryptoObject cryptoObject, JwtHeader header, JwtPayload payload)
         {
             var taskSource = new TaskCompletionSource<string>(TaskCreationOptions.RunContinuationsAsynchronously);
             var prompt = new BiometricPrompt(Platform.CurrentActivity as FragmentActivity, new AuthenticationCallbackImpl(taskSource, header, payload));