made .Value private

Author: Erwinvandervalk

access-token-management/samples/Web/Controllers/HomeController.cs

@@ -36,7 +36,7 @@ public async Task<IActionResult> CallApiAsUserManual()
     {
         UserToken token = await _tokenManagementService.GetAccessTokenAsync(User);
         var client = _httpClientFactory.CreateClient();
-        client.SetToken(token.AccessTokenType?.ToScheme().ToString()!, token.AccessToken.Value);
+        client.SetToken(token.AccessTokenType?.ToScheme().ToString()!, token.AccessToken.ToString());
 
         var response = await client.GetStringAsync($"{_configuration.ApiBaseUrl}test");
         ViewBag.Json = PrettyPrint(response);
@@ -50,7 +50,7 @@ public async Task<IActionResult> CallApiAsUserExtensionMethod()
         var client = _httpClientFactory.CreateClient();
         var scheme = token.AccessTokenType?.ToScheme().ToString()
             ?? throw new InvalidOperationException("Scheme is empty");
-        client.SetToken(scheme, token.AccessToken.Value);
+        client.SetToken(scheme, token.AccessToken.ToString());
 
         var response = await client.GetStringAsync($"{_configuration.ApiBaseUrl}test");
         ViewBag.Json = PrettyPrint(response);
@@ -92,8 +92,8 @@ public async Task<IActionResult> CallApiAsClientExtensionMethod()
     {
         ClientCredentialsToken token = await HttpContext.GetClientAccessTokenAsync();
         var client = _httpClientFactory.CreateClient();
-        var scheme = token.AccessTokenType?.ToScheme().Value ?? throw new InvalidOperationException("Scheme is empty");
-        client.SetToken(scheme, token.AccessToken.Value);
+        var scheme = token.AccessTokenType?.ToScheme().ToString() ?? throw new InvalidOperationException("Scheme is empty");
+        client.SetToken(scheme, token.AccessToken.ToString());
 
         var response = await client.GetStringAsync($"{_configuration.ApiBaseUrl}test");
 

access-token-management/samples/WebJarJwt/ClientAssertionService.cs

@@ -45,15 +45,15 @@ public ClientAssertionService(
 
         var descriptor = new SecurityTokenDescriptor
         {
-            Issuer = config.ClientId?.Value,
+            Issuer = config.ClientId?.ToString(),
             Audience = config.TokenEndpoint?.GetLeftPart(UriPartial.Authority),
             Expires = DateTime.UtcNow.AddMinutes(1),
             SigningCredentials = Credential,
 
             Claims = new Dictionary<string, object>
             {
                 { JwtClaimTypes.JwtId, Guid.NewGuid().ToString() },
-                { JwtClaimTypes.Subject, config.ClientId?.Value! },
+                { JwtClaimTypes.Subject, config.ClientId?.ToString()! },
                 { JwtClaimTypes.IssuedAt, DateTime.UtcNow.ToEpochTime() }
             },
 
@@ -86,7 +86,7 @@ public async Task<string> SignAuthorizeRequest(OpenIdConnectMessage message,
 
         var descriptor = new SecurityTokenDescriptor
         {
-            Issuer = config.ClientId?.Value,
+            Issuer = config.ClientId?.ToString(),
             Audience = config.TokenEndpoint?.GetLeftPart(UriPartial.Authority),
             Expires = DateTime.UtcNow.AddMinutes(1),
             SigningCredentials = Credential,

access-token-management/samples/WebJarJwt/Controllers/HomeController.cs

@@ -33,7 +33,7 @@ public async Task<IActionResult> CallApiAsUserManual()
     {
         UserToken token = await _tokenManagementService.GetAccessTokenAsync(User);
         var client = _httpClientFactory.CreateClient();
-        client.SetBearerToken(token.AccessToken?.Value!);
+        client.SetBearerToken(token.AccessToken?.ToString()!);
 
         var response = await client.GetStringAsync("https://demo.duendesoftware.com/api/test");
         ViewBag.Json = PrettyPrint(response);
@@ -45,7 +45,7 @@ public async Task<IActionResult> CallApiAsUserExtensionMethod()
     {
         UserToken token = await HttpContext.GetUserAccessTokenAsync();
         var client = _httpClientFactory.CreateClient();
-        client.SetBearerToken(token.AccessToken.Value);
+        client.SetBearerToken(token.AccessToken.ToString());
 
         var response = await client.GetStringAsync("https://demo.duendesoftware.com/api/test");
         ViewBag.Json = PrettyPrint(response);
@@ -76,7 +76,7 @@ public async Task<IActionResult> CallApiAsClientExtensionMethod()
     {
         ClientCredentialsToken token = await HttpContext.GetClientAccessTokenAsync();
         var client = _httpClientFactory.CreateClient();
-        client.SetBearerToken(token.AccessToken.Value);
+        client.SetBearerToken(token.AccessToken.ToString());
 
         var response = await client.GetStringAsync("https://demo.duendesoftware.com/api/test");
 

access-token-management/samples/Worker/ClientAssertionService.cs

@@ -35,19 +35,19 @@ public class ClientAssertionService(IOptionsMonitor<ClientCredentialsClient> opt
     {
         if (clientName == "demo.jwt")
         {
-            var options1 = options.Get(clientName.Value);
+            var options1 = options.Get(clientName.ToString());
 
             var descriptor = new SecurityTokenDescriptor
             {
-                Issuer = options1.ClientId?.Value,
+                Issuer = options1.ClientId?.ToString(),
                 Audience = options1.TokenEndpoint?.ToString(),
                 Expires = DateTime.UtcNow.AddMinutes(1),
                 SigningCredentials = Credential,
 
                 Claims = new Dictionary<string, object>
                 {
                     { JwtClaimTypes.JwtId, Guid.NewGuid().ToString() },
-                    { JwtClaimTypes.Subject, options1.ClientId?.Value! },
+                    { JwtClaimTypes.Subject, options1.ClientId?.ToString()! },
                     { JwtClaimTypes.IssuedAt, DateTime.UtcNow.ToEpochTime() }
                 }
             };

access-token-management/samples/Worker/WorkerManual.cs

@@ -33,7 +33,7 @@ protected override async Task ExecuteAsync(CancellationToken stoppingToken)
             client.BaseAddress = new Uri("https://demo.duendesoftware.com/api/");
 
             ClientCredentialsToken token = await _tokenManagementService.GetAccessTokenAsync("demo", cancellationToken: stoppingToken);
-            client.SetBearerToken(token.AccessToken.Value);
+            client.SetBearerToken(token.AccessToken.ToString());
 
             var response = await client.GetAsync("test", stoppingToken);
 

access-token-management/samples/Worker/WorkerManualJwt.cs

@@ -33,7 +33,7 @@ protected override async Task ExecuteAsync(CancellationToken stoppingToken)
             client.BaseAddress = new Uri("https://demo.duendesoftware.com/api/");
 
             ClientCredentialsToken token = await _tokenManagementService.GetAccessTokenAsync("demo.jwt", cancellationToken: stoppingToken);
-            client.SetBearerToken(token.AccessToken.Value);
+            client.SetBearerToken(token.AccessToken.ToString());
 
             var response = await client.GetAsync("test", stoppingToken);
 

access-token-management/samples/WorkerDI/ClientAssertionService.cs

@@ -35,19 +35,19 @@ public class ClientAssertionService(IOptionsMonitor<ClientCredentialsClient> opt
     {
         if (clientName == "demo.jwt")
         {
-            var options1 = options.Get(clientName.Value);
+            var options1 = options.Get(clientName.ToString());
 
             var descriptor = new SecurityTokenDescriptor
             {
-                Issuer = options1.ClientId!.Value,
+                Issuer = options1.ClientId!.ToString(),
                 Audience = options1.TokenEndpoint!.ToString(),
                 Expires = DateTime.UtcNow.AddMinutes(1),
                 SigningCredentials = Credential,
 
                 Claims = new Dictionary<string, object>
                 {
                     { JwtClaimTypes.JwtId, Guid.NewGuid().ToString() },
-                    { JwtClaimTypes.Subject, options1.ClientId.Value },
+                    { JwtClaimTypes.Subject, options1.ClientId.ToString() },
                     { JwtClaimTypes.IssuedAt, DateTime.UtcNow.ToEpochTime() }
                 }
             };

access-token-management/samples/WorkerDI/WorkerManual.cs

@@ -33,7 +33,7 @@ protected override async Task ExecuteAsync(CancellationToken stoppingToken)
             client.BaseAddress = new Uri("https://demo.duendesoftware.com/api/");
 
             ClientCredentialsToken token = await _tokenManagementService.GetAccessTokenAsync("demo", cancellationToken: stoppingToken);
-            client.SetBearerToken(token.AccessToken.Value);
+            client.SetBearerToken(token.AccessToken.ToString());
 
             var response = await client.GetAsync("test", stoppingToken);
 

access-token-management/samples/WorkerDI/WorkerManualJwt.cs

@@ -33,7 +33,7 @@ protected override async Task ExecuteAsync(CancellationToken stoppingToken)
             client.BaseAddress = new Uri("https://demo.duendesoftware.com/api/");
 
             ClientCredentialsToken token = await _tokenManagementService.GetAccessTokenAsync("demo.jwt");
-            client.SetBearerToken(token.AccessToken.Value);
+            client.SetBearerToken(token.AccessToken.ToString());
 
             var response = await client.GetAsync("test", stoppingToken);
 

access-token-management/src/AccessTokenManagement.OpenIdConnect/HttpContextExtensions.cs

@@ -84,7 +84,7 @@ public static async Task<TokenResult<ClientCredentialsToken>> GetClientAccessTok
     }
 
     const string AuthenticationPropertiesDPoPKey = ".Token.dpop_proof_key";
-    internal static void SetProofKey(this AuthenticationProperties properties, DPoPJsonWebKey key) => properties.Items[AuthenticationPropertiesDPoPKey] = key.Value;
+    internal static void SetProofKey(this AuthenticationProperties properties, DPoPJsonWebKey key) => properties.Items[AuthenticationPropertiesDPoPKey] = key.ToString();
     internal static DPoPJsonWebKey? GetProofKey(this AuthenticationProperties properties)
     {
         if (properties.Items.TryGetValue(AuthenticationPropertiesDPoPKey, out var key))

access-token-management/src/AccessTokenManagement.OpenIdConnect/Internal/AuthenticationSessionUserAccessTokenStore.cs

@@ -36,7 +36,7 @@ public async Task<TokenResult<TokenForParameters>> GetTokenAsync(
         // we use String.Empty as the key for a null SignInScheme
         if (!cache.TryGetValue(parameters.SignInScheme, out var result))
         {
-            result = await contextAccessor.HttpContext!.AuthenticateAsync(parameters.SignInScheme?.Value)
+            result = await contextAccessor.HttpContext!.AuthenticateAsync(parameters.SignInScheme?.ToString())
                 .ConfigureAwait(false);
         }
 
@@ -79,7 +79,7 @@ public async Task StoreTokenAsync(
         if (!cache.TryGetValue(parameters.SignInScheme, out var result))
         {
             result = await contextAccessor.HttpContext!
-                .AuthenticateAsync(parameters.SignInScheme?.Value)
+                .AuthenticateAsync(parameters.SignInScheme?.ToString())
                 .ConfigureAwait(false);
         }
 
@@ -100,12 +100,12 @@ public async Task StoreTokenAsync(
 
         var scheme = await tokensInProps.GetSchemeAsync(parameters, cancellationToken);
 
-        await contextAccessor.HttpContext!.SignInAsync(scheme.Value, principal, result.Properties)
+        await contextAccessor.HttpContext!.SignInAsync(scheme.ToString(), principal, result.Properties)
             .ConfigureAwait(false);
 
         // add to the cache so if GetTokenAsync is called again, we will use the updated property values
         cache[parameters.SignInScheme] =
-            AuthenticateResult.Success(new AuthenticationTicket(principal, result.Properties, scheme.Value));
+            AuthenticateResult.Success(new AuthenticationTicket(principal, result.Properties, scheme.ToString()));
     }
 
     /// <inheritdoc/>

access-token-management/src/AccessTokenManagement.OpenIdConnect/Internal/ConfigureOpenIdConnectOptions.cs

@@ -51,7 +51,7 @@ public void Configure(OpenIdConnectOptions options)
     /// <inheritdoc/>
     public void Configure(string? name, OpenIdConnectOptions options)
     {
-        if (_configScheme.Value == name)
+        if (_configScheme.ToString() == name)
         {
             // add the event handling to enable DPoP for this OIDC client
             options.Events.OnRedirectToIdentityProvider = CreateCallback(options.Events.OnRedirectToIdentityProvider);
@@ -88,7 +88,7 @@ async Task Callback(RedirectContext context)
                     context.Properties.SetProofKey(key);
 
                     // pass jkt to authorize endpoint
-                    context.ProtocolMessage.Parameters[OidcConstants.AuthorizeRequest.DPoPKeyThumbprint] = jkt.Value;
+                    context.ProtocolMessage.Parameters[OidcConstants.AuthorizeRequest.DPoPKeyThumbprint] = jkt.ToString();
                 }
             }
         }

access-token-management/src/AccessTokenManagement.OpenIdConnect/Internal/OpenIdConnectConfigurationService.cs

@@ -36,7 +36,7 @@ public async Task<OpenIdConnectClientConfiguration> GetOpenIdConnectConfiguratio
             configScheme = defaultScheme.Name;
         }
 
-        var options = oidcOptionsMonitor.Get(configScheme.Value);
+        var options = oidcOptionsMonitor.Get(configScheme.ToString());
 
         OpenIdConnectConfiguration configuration;
         try

access-token-management/src/AccessTokenManagement.OpenIdConnect/Internal/StoreTokensInAuthenticationProperties.cs

@@ -110,23 +110,23 @@ public async Task SetUserToken(
     {
         var tokenNames = GetTokenNamesWithScheme(parameters);
 
-        authenticationProperties.Items[tokenNames.Token] = token.AccessToken.Value;
-        authenticationProperties.Items[tokenNames.ClientId] = token.ClientId.Value;
-        authenticationProperties.Items[tokenNames.IdentityToken] = token.IdentityToken?.Value;
-        authenticationProperties.Items[tokenNames.TokenType] = token.AccessTokenType?.Value;
+        authenticationProperties.Items[tokenNames.Token] = token.AccessToken.ToString();
+        authenticationProperties.Items[tokenNames.ClientId] = token.ClientId.ToString();
+        authenticationProperties.Items[tokenNames.IdentityToken] = token.IdentityToken?.ToString();
+        authenticationProperties.Items[tokenNames.TokenType] = token.AccessTokenType?.ToString();
         if (token.DPoPJsonWebKey != null)
         {
-            authenticationProperties.Items[tokenNames.DPoPKey] = token.DPoPJsonWebKey.Value;
+            authenticationProperties.Items[tokenNames.DPoPKey] = token.DPoPJsonWebKey.ToString();
         }
         authenticationProperties.Items[tokenNames.Expires] = token.Expiration.ToString("o", CultureInfo.InvariantCulture);
 
         if (token.RefreshToken != null)
         {
-            authenticationProperties.Items[tokenNames.RefreshToken] = token.RefreshToken.Value;
+            authenticationProperties.Items[tokenNames.RefreshToken] = token.RefreshToken.ToString();
         }
 
         var authenticationScheme = await GetSchemeAsync(parameters, cancellationToken);
-        var cookieOptions = cookieOptionsMonitor.Get(authenticationScheme.Value);
+        var cookieOptions = cookieOptionsMonitor.Get(authenticationScheme.ToString());
 
         if (authenticationProperties.AllowRefresh == true ||
             (authenticationProperties.AllowRefresh == null && cookieOptions.SlidingExpiration))
@@ -153,7 +153,7 @@ public async Task SetUserToken(
         if (appendChallengeScheme)
         {
             var scheme = parameters?.ChallengeScheme ?? throw new InvalidOperationException("Attempt to append challenge scheme to token names, but no challenge scheme specified in UserTokenRequestParameters");
-            token = tokens.SingleOrDefault(t => t.Key == ChallengeSuffix(key, scheme.Value)).Value;
+            token = tokens.SingleOrDefault(t => t.Key == ChallengeSuffix(key, scheme.ToString())).Value;
         }
 
         if (token.IsMissing())

access-token-management/src/AccessTokenManagement.OpenIdConnect/Internal/UserTokenEndpointService.cs

@@ -45,8 +45,8 @@ public async Task<TokenResult<UserToken>> RefreshAccessTokenAsync(
         var request = new RefreshTokenRequest
         {
             Address = tokenEndpoint.ToString(),
-            ClientId = oidc.ClientId?.Value ?? throw new InvalidOperationException("ClientID is null"),
-            ClientSecret = oidc.ClientSecret?.Value ?? throw new InvalidOperationException("ClientSecret is null"),
+            ClientId = oidc.ClientId?.ToString() ?? throw new InvalidOperationException("ClientID is null"),
+            ClientSecret = oidc.ClientSecret?.ToString()?? throw new InvalidOperationException("ClientSecret is null"),
             ClientCredentialStyle = options.Value.ClientCredentialStyle,
             RefreshToken = refreshToken.RefreshToken.ToString()
         };
@@ -55,12 +55,12 @@ public async Task<TokenResult<UserToken>> RefreshAccessTokenAsync(
 
         if (parameters.Scope != null)
         {
-            request.Scope = parameters.Scope.Value;
+            request.Scope = parameters.Scope.ToString();
         }
 
         if (parameters.Resource != null)
         {
-            request.Resource.Add(parameters.Resource.Value);
+            request.Resource.Add(parameters.Resource.ToString());
         }
 
         if (parameters.Assertion != null)
@@ -94,7 +94,7 @@ public async Task<TokenResult<UserToken>> RefreshAccessTokenAsync(
                 DPoPJsonWebKey = dPoPJsonWebKey,
             }, cancellationToken);
 
-            request.DPoPProofToken = proof?.ProofToken.Value;
+            request.DPoPProofToken = proof?.ProofToken.ToString();
         }
 
         logger.SendingRefreshTokenRequest(LogLevel.Debug, tokenEndpoint);
@@ -117,7 +117,7 @@ public async Task<TokenResult<UserToken>> RefreshAccessTokenAsync(
             };
             var proof = await dPoPProofService.CreateProofTokenAsync(dPoPProofRequest, cancellationToken);
 
-            request.DPoPProofToken = proof?.ProofToken.Value;
+            request.DPoPProofToken = proof?.ProofToken.ToString();
 
             if (request.DPoPProofToken != null)
             {
@@ -176,11 +176,11 @@ public async Task RevokeRefreshTokenAsync(
         {
             Address = revocationEndpoint.ToString(),
 
-            ClientId = oidc.ClientId?.Value ?? throw new InvalidOperationException("ClientID is null"),
-            ClientSecret = oidc.ClientSecret?.Value ?? throw new InvalidOperationException("ClientSecret is null"),
+            ClientId = oidc.ClientId?.ToString() ?? throw new InvalidOperationException("ClientID is null"),
+            ClientSecret = oidc.ClientSecret?.ToString() ?? throw new InvalidOperationException("ClientSecret is null"),
             ClientCredentialStyle = options.Value.ClientCredentialStyle,
 
-            Token = refreshToken.Value,
+            Token = refreshToken.ToString(),
             TokenTypeHint = OidcConstants.TokenTypes.RefreshToken
         };
 

access-token-management/src/AccessTokenManagement.OpenIdConnect/Internal/UserTokenRequestConcurrencyControl.cs

@@ -21,11 +21,11 @@ public async Task<TokenResult<UserToken>> ExecuteWithConcurrencyControl(UserRefr
     {
         try
         {
-            return await Dictionary.GetOrAdd(key.RefreshToken.Value, _ => new Lazy<Task<TokenResult<UserToken>>>(tokenRetriever)).Value.ConfigureAwait(false);
+            return await Dictionary.GetOrAdd(key.RefreshToken.ToString(), _ => new Lazy<Task<TokenResult<UserToken>>>(tokenRetriever)).Value.ConfigureAwait(false);
         }
         finally
         {
-            Dictionary.TryRemove(key.RefreshToken.Value, out _);
+            Dictionary.TryRemove(key.RefreshToken.ToString(), out _);
         }
     }
 }

access-token-management/src/AccessTokenManagement/AccessTokenString.cs

@@ -27,7 +27,7 @@ public static bool TryParse(string value, [NotNullWhen(true)] out AccessTokenStr
         IStringValue<AccessTokenString>.TryBuildValidatedObject(value, Validators, out parsed, out errors);
 
 
-    public static AccessTokenString Load(string result) => new(result);
+    static AccessTokenString IStringValue<AccessTokenString>.Load(string result) => new(result);
 
     public static AccessTokenString Parse(string value) => StringParsers<AccessTokenString>.Parse(value);
 }

access-token-management/src/AccessTokenManagement/AccessTokenType.cs

@@ -19,7 +19,7 @@ public record AccessTokenType : IStringValue<AccessTokenType>
 
     private AccessTokenType(string value) => Value = value;
 
-    public string Value { get; }
+    private string Value { get; }
 
     public static implicit operator AccessTokenType(string value) => Parse(value);
 
@@ -28,7 +28,7 @@ public static bool TryParse(string value, [NotNullWhen(true)] out AccessTokenTyp
             .TryBuildValidatedObject(value, Validators, out parsed, out errors);
 
 
-    public static AccessTokenType Load(string result) => new(result);
+    static AccessTokenType IStringValue<AccessTokenType>.Load(string result) => new(result);
 
     public static AccessTokenType Parse(string value) =>
         StringParsers<AccessTokenType>.Parse(value);

access-token-management/src/AccessTokenManagement/ClientCredentialsCacheKey.cs

@@ -18,7 +18,7 @@ public record ClientCredentialsCacheKey : IStringValue<ClientCredentialsCacheKey
 
     private ClientCredentialsCacheKey(string value) => Value = value;
 
-    public string Value { get; }
+    private string Value { get; }
 
     public static ClientCredentialsCacheKey Parse(string value) => StringParsers<ClientCredentialsCacheKey>.Parse(value);