Add nullable to Auth.Abstractions, and Auth.Core (#22541)

src/Http/Authentication.Abstractions/ref/Microsoft.AspNetCore.Authentication.Abstractions.csproj

@@ -2,6 +2,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
     <TargetFrameworks>$(DefaultNetCoreTargetFramework)</TargetFrameworks>
+    <Nullable>annotations</Nullable>
   </PropertyGroup>
   <ItemGroup Condition="'$(TargetFramework)' == '$(DefaultNetCoreTargetFramework)'">
     <Compile Include="Microsoft.AspNetCore.Authentication.Abstractions.netcoreapp.cs" />

src/Http/Authentication.Abstractions/ref/Microsoft.AspNetCore.Authentication.Abstractions.netcoreapp.cs

@@ -6,52 +6,52 @@ namespace Microsoft.AspNetCore.Authentication
     public partial class AuthenticateResult
     {
         protected AuthenticateResult() { }
-        public System.Exception Failure { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] protected set { } }
+        public System.Exception? Failure { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] protected set { } }
         public bool None { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] protected set { } }
-        public System.Security.Claims.ClaimsPrincipal Principal { get { throw null; } }
+        public System.Security.Claims.ClaimsPrincipal? Principal { get { throw null; } }
-        public Microsoft.AspNetCore.Authentication.AuthenticationProperties Properties { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] protected set { } }
+        public Microsoft.AspNetCore.Authentication.AuthenticationProperties? Properties { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] protected set { } }
         public bool Succeeded { get { throw null; } }
-        public Microsoft.AspNetCore.Authentication.AuthenticationTicket Ticket { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] protected set { } }
+        public Microsoft.AspNetCore.Authentication.AuthenticationTicket? Ticket { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] protected set { } }
         public Microsoft.AspNetCore.Authentication.AuthenticateResult Clone() { throw null; }
-        public static Microsoft.AspNetCore.Authentication.AuthenticateResult Fail(System.Exception failure) { throw null; }
+        public static Microsoft.AspNetCore.Authentication.AuthenticateResult Fail(System.Exception? failure) { throw null; }
-        public static Microsoft.AspNetCore.Authentication.AuthenticateResult Fail(System.Exception failure, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public static Microsoft.AspNetCore.Authentication.AuthenticateResult Fail(System.Exception? failure, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
-        public static Microsoft.AspNetCore.Authentication.AuthenticateResult Fail(string failureMessage) { throw null; }
+        public static Microsoft.AspNetCore.Authentication.AuthenticateResult Fail(string? failureMessage) { throw null; }
-        public static Microsoft.AspNetCore.Authentication.AuthenticateResult Fail(string failureMessage, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public static Microsoft.AspNetCore.Authentication.AuthenticateResult Fail(string? failureMessage, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
         public static Microsoft.AspNetCore.Authentication.AuthenticateResult NoResult() { throw null; }
         public static Microsoft.AspNetCore.Authentication.AuthenticateResult Success(Microsoft.AspNetCore.Authentication.AuthenticationTicket ticket) { throw null; }
     }
     public static partial class AuthenticationHttpContextExtensions
     {
-        public static System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult> AuthenticateAsync(this Microsoft.AspNetCore.Http.HttpContext context) { throw null; }
+        public static System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult?> AuthenticateAsync(this Microsoft.AspNetCore.Http.HttpContext context) { throw null; }
-        public static System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult> AuthenticateAsync(this Microsoft.AspNetCore.Http.HttpContext context, string scheme) { throw null; }
+        public static System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult?> AuthenticateAsync(this Microsoft.AspNetCore.Http.HttpContext context, string? scheme) { throw null; }
         public static System.Threading.Tasks.Task ChallengeAsync(this Microsoft.AspNetCore.Http.HttpContext context) { throw null; }
-        public static System.Threading.Tasks.Task ChallengeAsync(this Microsoft.AspNetCore.Http.HttpContext context, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public static System.Threading.Tasks.Task ChallengeAsync(this Microsoft.AspNetCore.Http.HttpContext context, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
         public static System.Threading.Tasks.Task ChallengeAsync(this Microsoft.AspNetCore.Http.HttpContext context, string scheme) { throw null; }
-        public static System.Threading.Tasks.Task ChallengeAsync(this Microsoft.AspNetCore.Http.HttpContext context, string scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public static System.Threading.Tasks.Task ChallengeAsync(this Microsoft.AspNetCore.Http.HttpContext context, string? scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
         public static System.Threading.Tasks.Task ForbidAsync(this Microsoft.AspNetCore.Http.HttpContext context) { throw null; }
-        public static System.Threading.Tasks.Task ForbidAsync(this Microsoft.AspNetCore.Http.HttpContext context, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public static System.Threading.Tasks.Task ForbidAsync(this Microsoft.AspNetCore.Http.HttpContext context, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
         public static System.Threading.Tasks.Task ForbidAsync(this Microsoft.AspNetCore.Http.HttpContext context, string scheme) { throw null; }
-        public static System.Threading.Tasks.Task ForbidAsync(this Microsoft.AspNetCore.Http.HttpContext context, string scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public static System.Threading.Tasks.Task ForbidAsync(this Microsoft.AspNetCore.Http.HttpContext context, string? scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
-        public static System.Threading.Tasks.Task<string> GetTokenAsync(this Microsoft.AspNetCore.Http.HttpContext context, string tokenName) { throw null; }
+        public static System.Threading.Tasks.Task<string?> GetTokenAsync(this Microsoft.AspNetCore.Http.HttpContext context, string tokenName) { throw null; }
-        public static System.Threading.Tasks.Task<string> GetTokenAsync(this Microsoft.AspNetCore.Http.HttpContext context, string scheme, string tokenName) { throw null; }
+        public static System.Threading.Tasks.Task<string?> GetTokenAsync(this Microsoft.AspNetCore.Http.HttpContext context, string? scheme, string tokenName) { throw null; }
         public static System.Threading.Tasks.Task SignInAsync(this Microsoft.AspNetCore.Http.HttpContext context, System.Security.Claims.ClaimsPrincipal principal) { throw null; }
-        public static System.Threading.Tasks.Task SignInAsync(this Microsoft.AspNetCore.Http.HttpContext context, System.Security.Claims.ClaimsPrincipal principal, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public static System.Threading.Tasks.Task SignInAsync(this Microsoft.AspNetCore.Http.HttpContext context, System.Security.Claims.ClaimsPrincipal principal, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
         public static System.Threading.Tasks.Task SignInAsync(this Microsoft.AspNetCore.Http.HttpContext context, string scheme, System.Security.Claims.ClaimsPrincipal principal) { throw null; }
-        public static System.Threading.Tasks.Task SignInAsync(this Microsoft.AspNetCore.Http.HttpContext context, string scheme, System.Security.Claims.ClaimsPrincipal principal, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public static System.Threading.Tasks.Task SignInAsync(this Microsoft.AspNetCore.Http.HttpContext context, string? scheme, System.Security.Claims.ClaimsPrincipal principal, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
         public static System.Threading.Tasks.Task SignOutAsync(this Microsoft.AspNetCore.Http.HttpContext context) { throw null; }
-        public static System.Threading.Tasks.Task SignOutAsync(this Microsoft.AspNetCore.Http.HttpContext context, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public static System.Threading.Tasks.Task SignOutAsync(this Microsoft.AspNetCore.Http.HttpContext context, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
-        public static System.Threading.Tasks.Task SignOutAsync(this Microsoft.AspNetCore.Http.HttpContext context, string scheme) { throw null; }
+        public static System.Threading.Tasks.Task SignOutAsync(this Microsoft.AspNetCore.Http.HttpContext context, string? scheme) { throw null; }
-        public static System.Threading.Tasks.Task SignOutAsync(this Microsoft.AspNetCore.Http.HttpContext context, string scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public static System.Threading.Tasks.Task SignOutAsync(this Microsoft.AspNetCore.Http.HttpContext context, string? scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
     }
     public partial class AuthenticationOptions
     {
         public AuthenticationOptions() { }
-        public string DefaultAuthenticateScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
+        public string? DefaultAuthenticateScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
-        public string DefaultChallengeScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
+        public string? DefaultChallengeScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
-        public string DefaultForbidScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
+        public string? DefaultForbidScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
-        public string DefaultScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
+        public string? DefaultScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
-        public string DefaultSignInScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
+        public string? DefaultSignInScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
-        public string DefaultSignOutScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
+        public string? DefaultSignOutScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
         public bool RequireAuthenticatedSignIn { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
         public System.Collections.Generic.IDictionary<string, Microsoft.AspNetCore.Authentication.AuthenticationSchemeBuilder> SchemeMap { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
         public System.Collections.Generic.IEnumerable<Microsoft.AspNetCore.Authentication.AuthenticationSchemeBuilder> Schemes { get { throw null; } }
@@ -61,45 +61,46 @@ namespace Microsoft.AspNetCore.Authentication
     public partial class AuthenticationProperties
     {
         public AuthenticationProperties() { }
-        public AuthenticationProperties(System.Collections.Generic.IDictionary<string, string> items) { }
+        public AuthenticationProperties(System.Collections.Generic.IDictionary<string, string?> items) { }
-        public AuthenticationProperties(System.Collections.Generic.IDictionary<string, string> items, System.Collections.Generic.IDictionary<string, object> parameters) { }
+        public AuthenticationProperties(System.Collections.Generic.IDictionary<string, string?>? items, System.Collections.Generic.IDictionary<string, object?>? parameters) { }
         public bool? AllowRefresh { get { throw null; } set { } }
         public System.DateTimeOffset? ExpiresUtc { get { throw null; } set { } }
         public bool IsPersistent { get { throw null; } set { } }
         public System.DateTimeOffset? IssuedUtc { get { throw null; } set { } }
-        public System.Collections.Generic.IDictionary<string, string> Items { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
+        public System.Collections.Generic.IDictionary<string, string?> Items { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
-        public System.Collections.Generic.IDictionary<string, object> Parameters { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
+        public System.Collections.Generic.IDictionary<string, object?> Parameters { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
-        public string RedirectUri { get { throw null; } set { } }
+        public string? RedirectUri { get { throw null; } set { } }
         public Microsoft.AspNetCore.Authentication.AuthenticationProperties Clone() { throw null; }
         protected bool? GetBool(string key) { throw null; }
         protected System.DateTimeOffset? GetDateTimeOffset(string key) { throw null; }
+        [return: System.Diagnostics.CodeAnalysis.MaybeNullAttribute]
         public T GetParameter<T>(string key) { throw null; }
-        public string GetString(string key) { throw null; }
+        public string? GetString(string key) { throw null; }
         protected void SetBool(string key, bool? value) { }
         protected void SetDateTimeOffset(string key, System.DateTimeOffset? value) { }
-        public void SetParameter<T>(string key, T value) { }
+        public void SetParameter<T>(string key, [System.Diagnostics.CodeAnalysis.MaybeNullAttribute] T value) { }
-        public void SetString(string key, string value) { }
+        public void SetString(string key, string? value) { }
     }
     public partial class AuthenticationScheme
     {
-        public AuthenticationScheme(string name, string displayName, System.Type handlerType) { }
+        public AuthenticationScheme(string name, string? displayName, System.Type handlerType) { }
-        public string DisplayName { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
+        public string? DisplayName { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
         public System.Type HandlerType { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
         public string Name { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
     }
     public partial class AuthenticationSchemeBuilder
     {
         public AuthenticationSchemeBuilder(string name) { }
-        public string DisplayName { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
+        public string? DisplayName { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
-        public System.Type HandlerType { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
+        public System.Type? HandlerType { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
         public string Name { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
         public Microsoft.AspNetCore.Authentication.AuthenticationScheme Build() { throw null; }
     }
     public partial class AuthenticationTicket
     {
-        public AuthenticationTicket(System.Security.Claims.ClaimsPrincipal principal, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties, string authenticationScheme) { }
+        public AuthenticationTicket(System.Security.Claims.ClaimsPrincipal principal, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties, string? authenticationScheme) { }
         public AuthenticationTicket(System.Security.Claims.ClaimsPrincipal principal, string authenticationScheme) { }
-        public string AuthenticationScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
+        public string? AuthenticationScheme { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
         public System.Security.Claims.ClaimsPrincipal Principal { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
         public Microsoft.AspNetCore.Authentication.AuthenticationProperties Properties { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
         public Microsoft.AspNetCore.Authentication.AuthenticationTicket Clone() { throw null; }
@@ -107,16 +108,16 @@ namespace Microsoft.AspNetCore.Authentication
     public partial class AuthenticationToken
     {
         public AuthenticationToken() { }
-        public string Name { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
+        public string? Name { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
-        public string Value { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
+        public string? Value { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute] set { } }
     }
     public static partial class AuthenticationTokenExtensions
     {
-        public static System.Threading.Tasks.Task<string> GetTokenAsync(this Microsoft.AspNetCore.Authentication.IAuthenticationService auth, Microsoft.AspNetCore.Http.HttpContext context, string tokenName) { throw null; }
+        public static System.Threading.Tasks.Task<string?> GetTokenAsync(this Microsoft.AspNetCore.Authentication.IAuthenticationService auth, Microsoft.AspNetCore.Http.HttpContext context, string tokenName) { throw null; }
         [System.Diagnostics.DebuggerStepThroughAttribute]
-        public static System.Threading.Tasks.Task<string> GetTokenAsync(this Microsoft.AspNetCore.Authentication.IAuthenticationService auth, Microsoft.AspNetCore.Http.HttpContext context, string scheme, string tokenName) { throw null; }
+        public static System.Threading.Tasks.Task<string?> GetTokenAsync(this Microsoft.AspNetCore.Authentication.IAuthenticationService auth, Microsoft.AspNetCore.Http.HttpContext context, string? scheme, string tokenName) { throw null; }
         public static System.Collections.Generic.IEnumerable<Microsoft.AspNetCore.Authentication.AuthenticationToken> GetTokens(this Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
-        public static string GetTokenValue(this Microsoft.AspNetCore.Authentication.AuthenticationProperties properties, string tokenName) { throw null; }
+        public static string? GetTokenValue(this Microsoft.AspNetCore.Authentication.AuthenticationProperties properties, string tokenName) { throw null; }
         public static void StoreTokens(this Microsoft.AspNetCore.Authentication.AuthenticationProperties properties, System.Collections.Generic.IEnumerable<Microsoft.AspNetCore.Authentication.AuthenticationToken> tokens) { }
         public static bool UpdateTokenValue(this Microsoft.AspNetCore.Authentication.AuthenticationProperties properties, string tokenName, string tokenValue) { throw null; }
     }
@@ -128,13 +129,13 @@ namespace Microsoft.AspNetCore.Authentication
     public partial interface IAuthenticationHandler
     {
         System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult> AuthenticateAsync();
-        System.Threading.Tasks.Task ChallengeAsync(Microsoft.AspNetCore.Authentication.AuthenticationProperties properties);
+        System.Threading.Tasks.Task ChallengeAsync(Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties);
-        System.Threading.Tasks.Task ForbidAsync(Microsoft.AspNetCore.Authentication.AuthenticationProperties properties);
+        System.Threading.Tasks.Task ForbidAsync(Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties);
         System.Threading.Tasks.Task InitializeAsync(Microsoft.AspNetCore.Authentication.AuthenticationScheme scheme, Microsoft.AspNetCore.Http.HttpContext context);
     }
     public partial interface IAuthenticationHandlerProvider
     {
-        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.IAuthenticationHandler> GetHandlerAsync(Microsoft.AspNetCore.Http.HttpContext context, string authenticationScheme);
+        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.IAuthenticationHandler?> GetHandlerAsync(Microsoft.AspNetCore.Http.HttpContext context, string authenticationScheme);
     }
     public partial interface IAuthenticationRequestHandler : Microsoft.AspNetCore.Authentication.IAuthenticationHandler
     {
@@ -144,31 +145,31 @@ namespace Microsoft.AspNetCore.Authentication
     {
         void AddScheme(Microsoft.AspNetCore.Authentication.AuthenticationScheme scheme);
         System.Threading.Tasks.Task<System.Collections.Generic.IEnumerable<Microsoft.AspNetCore.Authentication.AuthenticationScheme>> GetAllSchemesAsync();
-        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetDefaultAuthenticateSchemeAsync();
+        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetDefaultAuthenticateSchemeAsync();
-        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetDefaultChallengeSchemeAsync();
+        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetDefaultChallengeSchemeAsync();
-        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetDefaultForbidSchemeAsync();
+        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetDefaultForbidSchemeAsync();
-        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetDefaultSignInSchemeAsync();
+        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetDefaultSignInSchemeAsync();
-        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetDefaultSignOutSchemeAsync();
+        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetDefaultSignOutSchemeAsync();
         System.Threading.Tasks.Task<System.Collections.Generic.IEnumerable<Microsoft.AspNetCore.Authentication.AuthenticationScheme>> GetRequestHandlerSchemesAsync();
-        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetSchemeAsync(string name);
+        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetSchemeAsync(string name);
         void RemoveScheme(string name);
         bool TryAddScheme(Microsoft.AspNetCore.Authentication.AuthenticationScheme scheme) { throw null; }
     }
     public partial interface IAuthenticationService
     {
-        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult> AuthenticateAsync(Microsoft.AspNetCore.Http.HttpContext context, string scheme);
+        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult?> AuthenticateAsync(Microsoft.AspNetCore.Http.HttpContext context, string? scheme);
-        System.Threading.Tasks.Task ChallengeAsync(Microsoft.AspNetCore.Http.HttpContext context, string scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties);
+        System.Threading.Tasks.Task ChallengeAsync(Microsoft.AspNetCore.Http.HttpContext context, string? scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties);
-        System.Threading.Tasks.Task ForbidAsync(Microsoft.AspNetCore.Http.HttpContext context, string scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties);
+        System.Threading.Tasks.Task ForbidAsync(Microsoft.AspNetCore.Http.HttpContext context, string? scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties);
-        System.Threading.Tasks.Task SignInAsync(Microsoft.AspNetCore.Http.HttpContext context, string scheme, System.Security.Claims.ClaimsPrincipal principal, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties);
+        System.Threading.Tasks.Task SignInAsync(Microsoft.AspNetCore.Http.HttpContext context, string? scheme, System.Security.Claims.ClaimsPrincipal principal, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties);
-        System.Threading.Tasks.Task SignOutAsync(Microsoft.AspNetCore.Http.HttpContext context, string scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties);
+        System.Threading.Tasks.Task SignOutAsync(Microsoft.AspNetCore.Http.HttpContext context, string? scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties);
     }
     public partial interface IAuthenticationSignInHandler : Microsoft.AspNetCore.Authentication.IAuthenticationHandler, Microsoft.AspNetCore.Authentication.IAuthenticationSignOutHandler
     {
-        System.Threading.Tasks.Task SignInAsync(System.Security.Claims.ClaimsPrincipal user, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties);
+        System.Threading.Tasks.Task SignInAsync(System.Security.Claims.ClaimsPrincipal user, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties);
     }
     public partial interface IAuthenticationSignOutHandler : Microsoft.AspNetCore.Authentication.IAuthenticationHandler
     {
-        System.Threading.Tasks.Task SignOutAsync(Microsoft.AspNetCore.Authentication.AuthenticationProperties properties);
+        System.Threading.Tasks.Task SignOutAsync(Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties);
     }
     public partial interface IClaimsTransformation
     {

src/Http/Authentication.Abstractions/src/AuthenticateResult.cs

@@ -24,22 +24,22 @@ namespace Microsoft.AspNetCore.Authentication
         /// <summary>
         /// The authentication ticket.
         /// </summary>
-        public AuthenticationTicket Ticket { get; protected set; }
+        public AuthenticationTicket? Ticket { get; protected set; }
 
         /// <summary>
         /// Gets the claims-principal with authenticated user identities.
         /// </summary>
-        public ClaimsPrincipal Principal => Ticket?.Principal;
+        public ClaimsPrincipal? Principal => Ticket?.Principal;
 
         /// <summary>
         /// Additional state values for the authentication session.
         /// </summary>
-        public AuthenticationProperties Properties { get; protected set; }
+        public AuthenticationProperties? Properties { get; protected set; }
 
         /// <summary>
         /// Holds failure information from the authentication.
         /// </summary>
-        public Exception Failure { get; protected set; }
+        public Exception? Failure { get; protected set; }
 
         /// <summary>
         /// Indicates that there was no information returned for this authentication scheme.
@@ -58,11 +58,11 @@ namespace Microsoft.AspNetCore.Authentication
             }
             if (Failure != null)
             {
-                return Fail(Failure, Properties.Clone());
+                return Fail(Failure, Properties?.Clone());
             }
             if (Succeeded)
             {
-                return Success(Ticket.Clone());
+                return Success(Ticket!.Clone());
             }
             // This shouldn't happen
             throw new NotImplementedException();
@@ -96,7 +96,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// </summary>
         /// <param name="failure">The failure exception.</param>
         /// <returns>The result.</returns>
-        public static AuthenticateResult Fail(Exception failure)
+        public static AuthenticateResult Fail(Exception? failure)
         {
             return new AuthenticateResult() { Failure = failure };
         }
@@ -107,7 +107,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="failure">The failure exception.</param>
         /// <param name="properties">Additional state values for the authentication session.</param>
         /// <returns>The result.</returns>
-        public static AuthenticateResult Fail(Exception failure, AuthenticationProperties properties)
+        public static AuthenticateResult Fail(Exception? failure, AuthenticationProperties? properties)
         {
             return new AuthenticateResult() { Failure = failure, Properties = properties };
         }
@@ -117,7 +117,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// </summary>
         /// <param name="failureMessage">The failure message.</param>
         /// <returns>The result.</returns>
-        public static AuthenticateResult Fail(string failureMessage)
+        public static AuthenticateResult Fail(string? failureMessage)
             => Fail(new Exception(failureMessage));
 
         /// <summary>
@@ -126,7 +126,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="failureMessage">The failure message.</param>
         /// <param name="properties">Additional state values for the authentication session.</param>
         /// <returns>The result.</returns>
-        public static AuthenticateResult Fail(string failureMessage, AuthenticationProperties properties)
+        public static AuthenticateResult Fail(string? failureMessage, AuthenticationProperties? properties)
             => Fail(new Exception(failureMessage), properties);
     }
 }

src/Http/Authentication.Abstractions/src/AuthenticationHttpContextExtensions.cs

@@ -18,7 +18,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// </summary>
         /// <param name="context">The <see cref="HttpContext"/> context.</param>
         /// <returns>The <see cref="AuthenticateResult"/>.</returns>
-        public static Task<AuthenticateResult> AuthenticateAsync(this HttpContext context) =>
+        public static Task<AuthenticateResult?> AuthenticateAsync(this HttpContext context) =>
             context.AuthenticateAsync(scheme: null);
 
         /// <summary>
@@ -27,7 +27,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="context">The <see cref="HttpContext"/> context.</param>
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <returns>The <see cref="AuthenticateResult"/>.</returns>
-        public static Task<AuthenticateResult> AuthenticateAsync(this HttpContext context, string scheme) =>
+        public static Task<AuthenticateResult?> AuthenticateAsync(this HttpContext context, string? scheme) =>
             context.RequestServices.GetRequiredService<IAuthenticationService>().AuthenticateAsync(context, scheme);
 
         /// <summary>
@@ -53,7 +53,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="context">The <see cref="HttpContext"/> context.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> properties.</param>
         /// <returns>The task.</returns>
-        public static Task ChallengeAsync(this HttpContext context, AuthenticationProperties properties) =>
+        public static Task ChallengeAsync(this HttpContext context, AuthenticationProperties? properties) =>
             context.ChallengeAsync(scheme: null, properties: properties);
 
         /// <summary>
@@ -63,7 +63,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> properties.</param>
         /// <returns>The task.</returns>
-        public static Task ChallengeAsync(this HttpContext context, string scheme, AuthenticationProperties properties) =>
+        public static Task ChallengeAsync(this HttpContext context, string? scheme, AuthenticationProperties? properties) =>
             context.RequestServices.GetRequiredService<IAuthenticationService>().ChallengeAsync(context, scheme, properties);
 
         /// <summary>
@@ -89,7 +89,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="context">The <see cref="HttpContext"/> context.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> properties.</param>
         /// <returns>The task.</returns>
-        public static Task ForbidAsync(this HttpContext context, AuthenticationProperties properties) =>
+        public static Task ForbidAsync(this HttpContext context, AuthenticationProperties? properties) =>
             context.ForbidAsync(scheme: null, properties: properties);
 
         /// <summary>
@@ -99,7 +99,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> properties.</param>
         /// <returns>The task.</returns>
-        public static Task ForbidAsync(this HttpContext context, string scheme, AuthenticationProperties properties) =>
+        public static Task ForbidAsync(this HttpContext context, string? scheme, AuthenticationProperties? properties) =>
             context.RequestServices.GetRequiredService<IAuthenticationService>().ForbidAsync(context, scheme, properties);
 
         /// <summary>
@@ -128,7 +128,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="principal">The user.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> properties.</param>
         /// <returns>The task.</returns>
-        public static Task SignInAsync(this HttpContext context, ClaimsPrincipal principal, AuthenticationProperties properties) =>
+        public static Task SignInAsync(this HttpContext context, ClaimsPrincipal principal, AuthenticationProperties? properties) =>
             context.SignInAsync(scheme: null, principal: principal, properties: properties);
 
         /// <summary>
@@ -139,7 +139,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="principal">The user.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> properties.</param>
         /// <returns>The task.</returns>
-        public static Task SignInAsync(this HttpContext context, string scheme, ClaimsPrincipal principal, AuthenticationProperties properties) =>
+        public static Task SignInAsync(this HttpContext context, string? scheme, ClaimsPrincipal principal, AuthenticationProperties? properties) =>
             context.RequestServices.GetRequiredService<IAuthenticationService>().SignInAsync(context, scheme, principal, properties);
 
         /// <summary>
@@ -155,7 +155,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="context">The <see cref="HttpContext"/> context.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> properties.</param>
         /// <returns>The task.</returns>
-        public static Task SignOutAsync(this HttpContext context, AuthenticationProperties properties) => context.SignOutAsync(scheme: null, properties: properties);
+        public static Task SignOutAsync(this HttpContext context, AuthenticationProperties? properties) => context.SignOutAsync(scheme: null, properties: properties);
 
         /// <summary>
         /// Extension method for SignOut.
@@ -163,7 +163,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="context">The <see cref="HttpContext"/> context.</param>
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <returns>The task.</returns>
-        public static Task SignOutAsync(this HttpContext context, string scheme) => context.SignOutAsync(scheme, properties: null);
+        public static Task SignOutAsync(this HttpContext context, string? scheme) => context.SignOutAsync(scheme, properties: null);
 
         /// <summary>
         /// Extension method for SignOut.
@@ -172,7 +172,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> properties.</param>
         /// <returns>The task.</returns>
-        public static Task SignOutAsync(this HttpContext context, string scheme, AuthenticationProperties properties) =>
+        public static Task SignOutAsync(this HttpContext context, string? scheme, AuthenticationProperties? properties) =>
             context.RequestServices.GetRequiredService<IAuthenticationService>().SignOutAsync(context, scheme, properties);
 
         /// <summary>
@@ -182,7 +182,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <param name="tokenName">The name of the token.</param>
         /// <returns>The value of the token.</returns>
-        public static Task<string> GetTokenAsync(this HttpContext context, string scheme, string tokenName) =>
+        public static Task<string?> GetTokenAsync(this HttpContext context, string? scheme, string tokenName) =>
             context.RequestServices.GetRequiredService<IAuthenticationService>().GetTokenAsync(context, scheme, tokenName);
 
         /// <summary>
@@ -191,7 +191,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="context">The <see cref="HttpContext"/> context.</param>
         /// <param name="tokenName">The name of the token.</param>
         /// <returns>The value of the token.</returns>
-        public static Task<string> GetTokenAsync(this HttpContext context, string tokenName) =>
+        public static Task<string?> GetTokenAsync(this HttpContext context, string tokenName) =>
             context.RequestServices.GetRequiredService<IAuthenticationService>().GetTokenAsync(context, tokenName);
     }
 }

src/Http/Authentication.Abstractions/src/AuthenticationOptions.cs

@@ -64,32 +64,32 @@ namespace Microsoft.AspNetCore.Authentication
         /// <summary>
         /// Used as the fallback default scheme for all the other defaults.
         /// </summary>
-        public string DefaultScheme { get; set; }
+        public string? DefaultScheme { get; set; }
 
         /// <summary>
         /// Used as the default scheme by <see cref="IAuthenticationService.AuthenticateAsync(HttpContext, string)"/>.
         /// </summary>
-        public string DefaultAuthenticateScheme { get; set; }
+        public string? DefaultAuthenticateScheme { get; set; }
 
         /// <summary>
         /// Used as the default scheme by <see cref="IAuthenticationService.SignInAsync(HttpContext, string, System.Security.Claims.ClaimsPrincipal, AuthenticationProperties)"/>.
         /// </summary>
-        public string DefaultSignInScheme { get; set; }
+        public string? DefaultSignInScheme { get; set; }
 
         /// <summary>
         /// Used as the default scheme by <see cref="IAuthenticationService.SignOutAsync(HttpContext, string, AuthenticationProperties)"/>.
         /// </summary>
-        public string DefaultSignOutScheme { get; set; }
+        public string? DefaultSignOutScheme { get; set; }
 
         /// <summary>
         /// Used as the default scheme by <see cref="IAuthenticationService.ChallengeAsync(HttpContext, string, AuthenticationProperties)"/>.
         /// </summary>
-        public string DefaultChallengeScheme { get; set; }
+        public string? DefaultChallengeScheme { get; set; }
 
         /// <summary>
         /// Used as the default scheme by <see cref="IAuthenticationService.ForbidAsync(HttpContext, string, AuthenticationProperties)"/>.
         /// </summary>
-        public string DefaultForbidScheme { get; set; }
+        public string? DefaultForbidScheme { get; set; }
 
         /// <summary>
         /// If true, SignIn should throw if attempted with a ClaimsPrincipal.Identity.IsAuthenticated = false.

src/Http/Authentication.Abstractions/src/AuthenticationProperties.cs

@@ -3,6 +3,7 @@
 
 using System;
 using System.Collections.Generic;
+using System.Diagnostics.CodeAnalysis;
 using System.Globalization;
 
 namespace Microsoft.AspNetCore.Authentication
@@ -30,7 +31,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// Initializes a new instance of the <see cref="AuthenticationProperties"/> class.
         /// </summary>
         /// <param name="items">State values dictionary to use.</param>
-        public AuthenticationProperties(IDictionary<string, string> items)
+        public AuthenticationProperties(IDictionary<string, string?> items)
             : this(items, parameters: null)
         { }
 
@@ -39,10 +40,10 @@ namespace Microsoft.AspNetCore.Authentication
         /// </summary>
         /// <param name="items">State values dictionary to use.</param>
         /// <param name="parameters">Parameters dictionary to use.</param>
-        public AuthenticationProperties(IDictionary<string, string> items, IDictionary<string, object> parameters)
+        public AuthenticationProperties(IDictionary<string, string?>? items, IDictionary<string, object?>? parameters)
         {
-            Items = items ?? new Dictionary<string, string>(StringComparer.Ordinal);
+            Items = items ?? new Dictionary<string, string?>(StringComparer.Ordinal);
-            Parameters = parameters ?? new Dictionary<string, object>(StringComparer.Ordinal);
+            Parameters = parameters ?? new Dictionary<string, object?>(StringComparer.Ordinal);
         }
 
         /// <summary>
@@ -50,19 +51,20 @@ namespace Microsoft.AspNetCore.Authentication
         /// </summary>
         /// <returns>A copy.</returns>
         public AuthenticationProperties Clone()
-            => new AuthenticationProperties(new Dictionary<string, string>(Items, StringComparer.Ordinal),
+            => new AuthenticationProperties(
-                          new Dictionary<string, object>(Parameters, StringComparer.Ordinal));
+                new Dictionary<string, string?>(Items, StringComparer.Ordinal),
+                new Dictionary<string, object?>(Parameters, StringComparer.Ordinal));
 
         /// <summary>
         /// State values about the authentication session.
         /// </summary>
-        public IDictionary<string, string> Items { get; }
+        public IDictionary<string, string?> Items { get; }
 
         /// <summary>
         /// Collection of parameters that are passed to the authentication handler. These are not intended for
         /// serialization or persistence, only for flowing data between call sites.
         /// </summary>
-        public IDictionary<string, object> Parameters { get; }
+        public IDictionary<string, object?> Parameters { get; }
 
         /// <summary>
         /// Gets or sets whether the authentication session is persisted across multiple requests.
@@ -76,7 +78,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <summary>
         /// Gets or sets the full path or absolute URI to be used as an http redirect response value.
         /// </summary>
-        public string RedirectUri
+        public string? RedirectUri
         {
             get => GetString(RedirectUriKey);
             set => SetString(RedirectUriKey, value);
@@ -114,9 +116,9 @@ namespace Microsoft.AspNetCore.Authentication
         /// </summary>
         /// <param name="key">Property key.</param>
         /// <returns>Retrieved value or <c>null</c> if the property is not set.</returns>
-        public string GetString(string key)
+        public string? GetString(string key)
         {
-            return Items.TryGetValue(key, out string value) ? value : null;
+            return Items.TryGetValue(key, out var value) ? value : null;
         }
 
         /// <summary>
@@ -124,7 +126,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// </summary>
         /// <param name="key">Property key.</param>
         /// <param name="value">Value to set or <c>null</c> to remove the property.</param>
-        public void SetString(string key, string value)
+        public void SetString(string key, string? value)
         {
             if (value != null)
             {
@@ -142,6 +144,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <typeparam name="T">Parameter type.</typeparam>
         /// <param name="key">Parameter key.</param>
         /// <returns>Retrieved value or the default value if the property is not set.</returns>
+        [return: MaybeNull]
         public T GetParameter<T>(string key)
             => Parameters.TryGetValue(key, out var obj) && obj is T value ? value : default;
 
@@ -151,7 +154,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <typeparam name="T">Parameter type.</typeparam>
         /// <param name="key">Parameter key.</param>
         /// <param name="value">Value to set.</param>
-        public void SetParameter<T>(string key, T value)
+        public void SetParameter<T>(string key, [MaybeNull] T value)
             => Parameters[key] = value;
 
         /// <summary>
@@ -161,7 +164,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <returns>Retrieved value or <c>null</c> if the property is not set.</returns>
         protected bool? GetBool(string key)
         {
-            if (Items.TryGetValue(key, out string value) && bool.TryParse(value, out bool boolValue))
+            if (Items.TryGetValue(key, out var value) && bool.TryParse(value, out var boolValue))
             {
                 return boolValue;
             }
@@ -192,8 +195,8 @@ namespace Microsoft.AspNetCore.Authentication
         /// <returns>Retrieved value or <c>null</c> if the property is not set.</returns>
         protected DateTimeOffset? GetDateTimeOffset(string key)
         {
-            if (Items.TryGetValue(key, out string value)
+            if (Items.TryGetValue(key, out var value)
-                && DateTimeOffset.TryParseExact(value, UtcDateTimeFormat, CultureInfo.InvariantCulture, DateTimeStyles.RoundtripKind, out DateTimeOffset dateTimeOffset))
+                && DateTimeOffset.TryParseExact(value, UtcDateTimeFormat, CultureInfo.InvariantCulture, DateTimeStyles.RoundtripKind, out var dateTimeOffset))
             {
                 return dateTimeOffset;
             }

src/Http/Authentication.Abstractions/src/AuthenticationScheme.cs

@@ -2,7 +2,6 @@
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System;
-using System.Reflection;
 
 namespace Microsoft.AspNetCore.Authentication
 {
@@ -18,7 +17,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="name">The name for the authentication scheme.</param>
         /// <param name="displayName">The display name for the authentication scheme.</param>
         /// <param name="handlerType">The <see cref="IAuthenticationHandler"/> type that handles this scheme.</param>
-        public AuthenticationScheme(string name, string displayName, Type handlerType)
+        public AuthenticationScheme(string name, string? displayName, Type handlerType)
         {
             if (name == null)
             {
@@ -46,7 +45,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <summary>
         /// The display name for the scheme. Null is valid and used for non user facing schemes.
         /// </summary>
-        public string DisplayName { get; }
+        public string? DisplayName { get; }
 
         /// <summary>
         /// The <see cref="IAuthenticationHandler"/> type that handles this scheme.

src/Http/Authentication.Abstractions/src/AuthenticationSchemeBuilder.cs

@@ -27,17 +27,25 @@ namespace Microsoft.AspNetCore.Authentication
         /// <summary>
         /// The display name for the scheme being built.
         /// </summary>
-        public string DisplayName { get; set; }
+        public string? DisplayName { get; set; }
 
         /// <summary>
         /// The <see cref="IAuthenticationHandler"/> type responsible for this scheme.
         /// </summary>
-        public Type HandlerType { get; set; }
+        public Type? HandlerType { get; set; }
 
         /// <summary>
         /// Builds the <see cref="AuthenticationScheme"/> instance.
         /// </summary>
         /// <returns></returns>
-        public AuthenticationScheme Build() => new AuthenticationScheme(Name, DisplayName, HandlerType);
+        public AuthenticationScheme Build()
+        {
+            if (HandlerType is null)
+            {
+                throw new InvalidOperationException($"{nameof(HandlerType)} must be configured to build an {nameof(AuthenticationScheme)}.");
+            }
+
+            return new AuthenticationScheme(Name, DisplayName, HandlerType);
+        }
     }
 }

src/Http/Authentication.Abstractions/src/AuthenticationTicket.cs

@@ -17,7 +17,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="principal">the <see cref="ClaimsPrincipal"/> that represents the authenticated user.</param>
         /// <param name="properties">additional properties that can be consumed by the user or runtime.</param>
         /// <param name="authenticationScheme">the authentication middleware that was responsible for this ticket.</param>
-        public AuthenticationTicket(ClaimsPrincipal principal, AuthenticationProperties properties, string authenticationScheme)
+        public AuthenticationTicket(ClaimsPrincipal principal, AuthenticationProperties? properties, string? authenticationScheme)
         {
             if (principal == null)
             {
@@ -41,7 +41,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <summary>
         /// Gets the authentication type.
         /// </summary>
-        public string AuthenticationScheme { get; private set; }
+        public string? AuthenticationScheme { get; private set; }
 
         /// <summary>
         /// Gets the claims-principal with authenticated user identities.

src/Http/Authentication.Abstractions/src/AuthenticationToken.cs

@@ -12,11 +12,11 @@ namespace Microsoft.AspNetCore.Authentication
         /// <summary>
         /// Name.
         /// </summary>
-        public string Name { get; set; }
+        public string? Name { get; set; }
 
         /// <summary>
         /// Value.
         /// </summary>
-        public string Value { get; set; }
+        public string? Value { get; set; }
     }
 }

src/Http/Authentication.Abstractions/src/IAuthenticationHandler.cs

@@ -30,13 +30,13 @@ namespace Microsoft.AspNetCore.Authentication
         /// </summary>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> that contains the extra meta-data arriving with the authentication.</param>
         /// <returns>A task.</returns>
-        Task ChallengeAsync(AuthenticationProperties properties);
+        Task ChallengeAsync(AuthenticationProperties? properties);
 
         /// <summary>
         /// Forbid behavior.
         /// </summary>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> that contains the extra meta-data arriving with the authentication.</param>
         /// <returns>A task.</returns>
-        Task ForbidAsync(AuthenticationProperties properties);
+        Task ForbidAsync(AuthenticationProperties? properties);
     }
 }

src/Http/Authentication.Abstractions/src/IAuthenticationHandlerProvider.cs

@@ -17,6 +17,6 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="context">The context.</param>
         /// <param name="authenticationScheme">The name of the authentication scheme being handled.</param>
         /// <returns>The handler instance.</returns>
-        Task<IAuthenticationHandler> GetHandlerAsync(HttpContext context, string authenticationScheme);
+        Task<IAuthenticationHandler?> GetHandlerAsync(HttpContext context, string authenticationScheme);
     }
-}
+}

src/Http/Authentication.Abstractions/src/IAuthenticationSchemeProvider.cs

@@ -23,7 +23,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// </summary>
         /// <param name="name">The name of the authenticationScheme.</param>
         /// <returns>The scheme or null if not found.</returns>
-        Task<AuthenticationScheme> GetSchemeAsync(string name);
+        Task<AuthenticationScheme?> GetSchemeAsync(string name);
 
         /// <summary>
         /// Returns the scheme that will be used by default for <see cref="IAuthenticationService.AuthenticateAsync(HttpContext, string)"/>.
@@ -31,7 +31,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// Otherwise, this will fallback to <see cref="AuthenticationOptions.DefaultScheme"/>.
         /// </summary>
         /// <returns>The scheme that will be used by default for <see cref="IAuthenticationService.AuthenticateAsync(HttpContext, string)"/>.</returns>
-        Task<AuthenticationScheme> GetDefaultAuthenticateSchemeAsync();
+        Task<AuthenticationScheme?> GetDefaultAuthenticateSchemeAsync();
 
         /// <summary>
         /// Returns the scheme that will be used by default for <see cref="IAuthenticationService.ChallengeAsync(HttpContext, string, AuthenticationProperties)"/>.
@@ -39,7 +39,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// Otherwise, this will fallback to <see cref="AuthenticationOptions.DefaultScheme"/>.
         /// </summary>
         /// <returns>The scheme that will be used by default for <see cref="IAuthenticationService.ChallengeAsync(HttpContext, string, AuthenticationProperties)"/>.</returns>
-        Task<AuthenticationScheme> GetDefaultChallengeSchemeAsync();
+        Task<AuthenticationScheme?> GetDefaultChallengeSchemeAsync();
 
         /// <summary>
         /// Returns the scheme that will be used by default for <see cref="IAuthenticationService.ForbidAsync(HttpContext, string, AuthenticationProperties)"/>.
@@ -47,7 +47,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// Otherwise, this will fallback to <see cref="GetDefaultChallengeSchemeAsync"/> .
         /// </summary>
         /// <returns>The scheme that will be used by default for <see cref="IAuthenticationService.ForbidAsync(HttpContext, string, AuthenticationProperties)"/>.</returns>
-        Task<AuthenticationScheme> GetDefaultForbidSchemeAsync();
+        Task<AuthenticationScheme?> GetDefaultForbidSchemeAsync();
 
         /// <summary>
         /// Returns the scheme that will be used by default for <see cref="IAuthenticationService.SignInAsync(HttpContext, string, System.Security.Claims.ClaimsPrincipal, AuthenticationProperties)"/>.
@@ -55,7 +55,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// Otherwise, this will fallback to <see cref="AuthenticationOptions.DefaultScheme"/>.
         /// </summary>
         /// <returns>The scheme that will be used by default for <see cref="IAuthenticationService.SignInAsync(HttpContext, string, System.Security.Claims.ClaimsPrincipal, AuthenticationProperties)"/>.</returns>
-        Task<AuthenticationScheme> GetDefaultSignInSchemeAsync();
+        Task<AuthenticationScheme?> GetDefaultSignInSchemeAsync();
 
         /// <summary>
         /// Returns the scheme that will be used by default for <see cref="IAuthenticationService.SignOutAsync(HttpContext, string, AuthenticationProperties)"/>.
@@ -63,7 +63,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// Otherwise, this will fallback to <see cref="GetDefaultSignInSchemeAsync"/> .
         /// </summary>
         /// <returns>The scheme that will be used by default for <see cref="IAuthenticationService.SignOutAsync(HttpContext, string, AuthenticationProperties)"/>.</returns>
-        Task<AuthenticationScheme> GetDefaultSignOutSchemeAsync();
+        Task<AuthenticationScheme?> GetDefaultSignOutSchemeAsync();
 
         /// <summary>
         /// Registers a scheme for use by <see cref="IAuthenticationService"/>. 
@@ -100,4 +100,4 @@ namespace Microsoft.AspNetCore.Authentication
         /// <returns>The schemes in priority order for request handling</returns>
         Task<IEnumerable<AuthenticationScheme>> GetRequestHandlerSchemesAsync();
     }
-}
+}

src/Http/Authentication.Abstractions/src/IAuthenticationService.cs

@@ -18,7 +18,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="context">The <see cref="HttpContext"/>.</param>
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <returns>The result.</returns>
-        Task<AuthenticateResult> AuthenticateAsync(HttpContext context, string scheme);
+        Task<AuthenticateResult?> AuthenticateAsync(HttpContext context, string? scheme);
 
         /// <summary>
         /// Challenge the specified authentication scheme.
@@ -27,7 +27,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
         /// <returns>A task.</returns>
-        Task ChallengeAsync(HttpContext context, string scheme, AuthenticationProperties properties);
+        Task ChallengeAsync(HttpContext context, string? scheme, AuthenticationProperties? properties);
 
         /// <summary>
         /// Forbids the specified authentication scheme.
@@ -36,7 +36,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
         /// <returns>A task.</returns>
-        Task ForbidAsync(HttpContext context, string scheme, AuthenticationProperties properties);
+        Task ForbidAsync(HttpContext context, string? scheme, AuthenticationProperties? properties);
 
         /// <summary>
         /// Sign a principal in for the specified authentication scheme.
@@ -46,7 +46,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="principal">The <see cref="ClaimsPrincipal"/> to sign in.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
         /// <returns>A task.</returns>
-        Task SignInAsync(HttpContext context, string scheme, ClaimsPrincipal principal, AuthenticationProperties properties);
+        Task SignInAsync(HttpContext context, string? scheme, ClaimsPrincipal principal, AuthenticationProperties? properties);
 
         /// <summary>
         /// Sign out the specified authentication scheme.
@@ -55,6 +55,6 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
         /// <returns>A task.</returns>
-        Task SignOutAsync(HttpContext context, string scheme, AuthenticationProperties properties);
+        Task SignOutAsync(HttpContext context, string? scheme, AuthenticationProperties? properties);
     }
 }

src/Http/Authentication.Abstractions/src/IAuthenticationSignInHandler.cs

@@ -17,6 +17,6 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="user">The <see cref="ClaimsPrincipal"/> user.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> that contains the extra meta-data arriving with the authentication.</param>
         /// <returns>A task.</returns>
-        Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties);
+        Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties);
     }
 }

src/Http/Authentication.Abstractions/src/IAuthenticationSignOutHandler.cs

@@ -15,7 +15,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// </summary>
         /// <param name="properties">The <see cref="AuthenticationProperties"/> that contains the extra meta-data arriving with the authentication.</param>
         /// <returns>A task.</returns>
-        Task SignOutAsync(AuthenticationProperties properties);
+        Task SignOutAsync(AuthenticationProperties? properties);
     }
 
 }

src/Http/Authentication.Abstractions/src/Microsoft.AspNetCore.Authentication.Abstractions.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk" ToolsVersion="15.0">
+<Project Sdk="Microsoft.NET.Sdk" ToolsVersion="15.0">
   <PropertyGroup>
     <Description>ASP.NET Core common types used by the various authentication components.</Description>
     <TargetFramework>$(DefaultNetCoreTargetFramework)</TargetFramework>
@@ -7,6 +7,8 @@
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
     <PackageTags>aspnetcore;authentication;security</PackageTags>
     <IsPackable>false</IsPackable>
+    <Nullable>enable</Nullable>
+    <LangVersion>Preview</LangVersion>
   </PropertyGroup>
 
   <ItemGroup>

src/Http/Authentication.Abstractions/src/TokenExtensions.cs

@@ -43,9 +43,14 @@ namespace Microsoft.AspNetCore.Authentication
             var tokenNames = new List<string>();
             foreach (var token in tokens)
             {
+                if (token.Name is null)
+                {
+                    throw new ArgumentNullException(nameof(tokens), "Token name cannot be null.");
+                }
+
                 // REVIEW: should probably check that there are no ; in the token name and throw or encode
                 tokenNames.Add(token.Name);
-                properties.Items[TokenKeyPrefix+token.Name] = token.Value;
+                properties.Items[TokenKeyPrefix + token.Name] = token.Value;
             }
             if (tokenNames.Count > 0)
             {
@@ -59,7 +64,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="properties">The <see cref="AuthenticationProperties"/> properties.</param>
         /// <param name="tokenName">The token name.</param>
         /// <returns>The token value.</returns>
-        public static string GetTokenValue(this AuthenticationProperties properties, string tokenName)
+        public static string? GetTokenValue(this AuthenticationProperties properties, string tokenName)
         {
             if (properties == null)
             {
@@ -109,9 +114,9 @@ namespace Microsoft.AspNetCore.Authentication
             }
 
             var tokens = new List<AuthenticationToken>();
-            if (properties.Items.ContainsKey(TokenNamesKey))
+            if (properties.Items.TryGetValue(TokenNamesKey, out var value) && !string.IsNullOrEmpty(value))
             {
-                var tokenNames = properties.Items[TokenNamesKey].Split(';');
+                var tokenNames = value.Split(';');
                 foreach (var name in tokenNames)
                 {
                     var token = properties.GetTokenValue(name);
@@ -132,7 +137,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="context">The <see cref="HttpContext"/> context.</param>
         /// <param name="tokenName">The name of the token.</param>
         /// <returns>The value of the token.</returns>
-        public static Task<string> GetTokenAsync(this IAuthenticationService auth, HttpContext context, string tokenName)
+        public static Task<string?> GetTokenAsync(this IAuthenticationService auth, HttpContext context, string tokenName)
             => auth.GetTokenAsync(context, scheme: null, tokenName: tokenName);
 
         /// <summary>
@@ -143,7 +148,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <param name="tokenName">The name of the token.</param>
         /// <returns>The value of the token.</returns>
-        public static async Task<string> GetTokenAsync(this IAuthenticationService auth, HttpContext context, string scheme, string tokenName)
+        public static async Task<string?> GetTokenAsync(this IAuthenticationService auth, HttpContext context, string? scheme, string tokenName)
         {
             if (auth == null)
             {
@@ -158,4 +163,4 @@ namespace Microsoft.AspNetCore.Authentication
             return result?.Properties?.GetTokenValue(tokenName);
         }
     }
-}
+}

src/Http/Authentication.Core/ref/Microsoft.AspNetCore.Authentication.Core.csproj

@@ -2,6 +2,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
     <TargetFrameworks>$(DefaultNetCoreTargetFramework)</TargetFrameworks>
+    <Nullable>annotations</Nullable>
   </PropertyGroup>
   <ItemGroup Condition="'$(TargetFramework)' == '$(DefaultNetCoreTargetFramework)'">
     <Compile Include="Microsoft.AspNetCore.Authentication.Core.netcoreapp.cs" />

src/Http/Authentication.Core/ref/Microsoft.AspNetCore.Authentication.Core.netcoreapp.cs

@@ -14,7 +14,7 @@ namespace Microsoft.AspNetCore.Authentication
         public AuthenticationHandlerProvider(Microsoft.AspNetCore.Authentication.IAuthenticationSchemeProvider schemes) { }
         public Microsoft.AspNetCore.Authentication.IAuthenticationSchemeProvider Schemes { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
         [System.Diagnostics.DebuggerStepThroughAttribute]
-        public System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.IAuthenticationHandler> GetHandlerAsync(Microsoft.AspNetCore.Http.HttpContext context, string authenticationScheme) { throw null; }
+        public System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.IAuthenticationHandler?> GetHandlerAsync(Microsoft.AspNetCore.Http.HttpContext context, string authenticationScheme) { throw null; }
     }
     public partial class AuthenticationSchemeProvider : Microsoft.AspNetCore.Authentication.IAuthenticationSchemeProvider
     {
@@ -22,13 +22,13 @@ namespace Microsoft.AspNetCore.Authentication
         protected AuthenticationSchemeProvider(Microsoft.Extensions.Options.IOptions<Microsoft.AspNetCore.Authentication.AuthenticationOptions> options, System.Collections.Generic.IDictionary<string, Microsoft.AspNetCore.Authentication.AuthenticationScheme> schemes) { }
         public virtual void AddScheme(Microsoft.AspNetCore.Authentication.AuthenticationScheme scheme) { }
         public virtual System.Threading.Tasks.Task<System.Collections.Generic.IEnumerable<Microsoft.AspNetCore.Authentication.AuthenticationScheme>> GetAllSchemesAsync() { throw null; }
-        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetDefaultAuthenticateSchemeAsync() { throw null; }
+        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetDefaultAuthenticateSchemeAsync() { throw null; }
-        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetDefaultChallengeSchemeAsync() { throw null; }
+        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetDefaultChallengeSchemeAsync() { throw null; }
-        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetDefaultForbidSchemeAsync() { throw null; }
+        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetDefaultForbidSchemeAsync() { throw null; }
-        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetDefaultSignInSchemeAsync() { throw null; }
+        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetDefaultSignInSchemeAsync() { throw null; }
-        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetDefaultSignOutSchemeAsync() { throw null; }
+        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetDefaultSignOutSchemeAsync() { throw null; }
         public virtual System.Threading.Tasks.Task<System.Collections.Generic.IEnumerable<Microsoft.AspNetCore.Authentication.AuthenticationScheme>> GetRequestHandlerSchemesAsync() { throw null; }
-        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme> GetSchemeAsync(string name) { throw null; }
+        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationScheme?> GetSchemeAsync(string name) { throw null; }
         public virtual void RemoveScheme(string name) { }
         public virtual bool TryAddScheme(Microsoft.AspNetCore.Authentication.AuthenticationScheme scheme) { throw null; }
     }
@@ -40,15 +40,15 @@ namespace Microsoft.AspNetCore.Authentication
         public Microsoft.AspNetCore.Authentication.IAuthenticationSchemeProvider Schemes { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
         public Microsoft.AspNetCore.Authentication.IClaimsTransformation Transform { [System.Runtime.CompilerServices.CompilerGeneratedAttribute] get { throw null; } }
         [System.Diagnostics.DebuggerStepThroughAttribute]
-        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult> AuthenticateAsync(Microsoft.AspNetCore.Http.HttpContext context, string scheme) { throw null; }
+        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult?> AuthenticateAsync(Microsoft.AspNetCore.Http.HttpContext context, string? scheme) { throw null; }
         [System.Diagnostics.DebuggerStepThroughAttribute]
-        public virtual System.Threading.Tasks.Task ChallengeAsync(Microsoft.AspNetCore.Http.HttpContext context, string scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public virtual System.Threading.Tasks.Task ChallengeAsync(Microsoft.AspNetCore.Http.HttpContext context, string? scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
         [System.Diagnostics.DebuggerStepThroughAttribute]
-        public virtual System.Threading.Tasks.Task ForbidAsync(Microsoft.AspNetCore.Http.HttpContext context, string scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public virtual System.Threading.Tasks.Task ForbidAsync(Microsoft.AspNetCore.Http.HttpContext context, string? scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
         [System.Diagnostics.DebuggerStepThroughAttribute]
-        public virtual System.Threading.Tasks.Task SignInAsync(Microsoft.AspNetCore.Http.HttpContext context, string scheme, System.Security.Claims.ClaimsPrincipal principal, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public virtual System.Threading.Tasks.Task SignInAsync(Microsoft.AspNetCore.Http.HttpContext context, string? scheme, System.Security.Claims.ClaimsPrincipal principal, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
         [System.Diagnostics.DebuggerStepThroughAttribute]
-        public virtual System.Threading.Tasks.Task SignOutAsync(Microsoft.AspNetCore.Http.HttpContext context, string scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties properties) { throw null; }
+        public virtual System.Threading.Tasks.Task SignOutAsync(Microsoft.AspNetCore.Http.HttpContext context, string? scheme, Microsoft.AspNetCore.Authentication.AuthenticationProperties? properties) { throw null; }
     }
     public partial class NoopClaimsTransformation : Microsoft.AspNetCore.Authentication.IClaimsTransformation
     {

src/Http/Authentication.Core/src/AuthenticationHandlerProvider.cs

@@ -29,7 +29,7 @@ namespace Microsoft.AspNetCore.Authentication
         public IAuthenticationSchemeProvider Schemes { get; }
 
         // handler instance cache, need to initialize once per request
-        private Dictionary<string, IAuthenticationHandler> _handlerMap = new Dictionary<string, IAuthenticationHandler>(StringComparer.Ordinal);
+        private readonly Dictionary<string, IAuthenticationHandler> _handlerMap = new Dictionary<string, IAuthenticationHandler>(StringComparer.Ordinal);
 
         /// <summary>
         /// Returns the handler instance that will be used.
@@ -37,11 +37,11 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="context">The context.</param>
         /// <param name="authenticationScheme">The name of the authentication scheme being handled.</param>
         /// <returns>The handler instance.</returns>
-        public async Task<IAuthenticationHandler> GetHandlerAsync(HttpContext context, string authenticationScheme)
+        public async Task<IAuthenticationHandler?> GetHandlerAsync(HttpContext context, string authenticationScheme)
         {
-            if (_handlerMap.ContainsKey(authenticationScheme))
+            if (_handlerMap.TryGetValue(authenticationScheme, out var value))
             {
-                return _handlerMap[authenticationScheme];
+                return value;
             }
 
             var scheme = await Schemes.GetSchemeAsync(authenticationScheme);

src/Http/Authentication.Core/src/AuthenticationSchemeProvider.cs

@@ -54,10 +54,10 @@ namespace Microsoft.AspNetCore.Authentication
         private IEnumerable<AuthenticationScheme> _schemesCopy = Array.Empty<AuthenticationScheme>();
         private IEnumerable<AuthenticationScheme> _requestHandlersCopy = Array.Empty<AuthenticationScheme>();
 
-        private Task<AuthenticationScheme> GetDefaultSchemeAsync()
+        private Task<AuthenticationScheme?> GetDefaultSchemeAsync()
             => _options.DefaultScheme != null
             ? GetSchemeAsync(_options.DefaultScheme)
-            : Task.FromResult<AuthenticationScheme>(null);
+            : Task.FromResult<AuthenticationScheme?>(null);
 
         /// <summary>
         /// Returns the scheme that will be used by default for <see cref="IAuthenticationService.AuthenticateAsync(HttpContext, string)"/>.
@@ -65,7 +65,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// Otherwise, this will fallback to <see cref="AuthenticationOptions.DefaultScheme"/>.
         /// </summary>
         /// <returns>The scheme that will be used by default for <see cref="IAuthenticationService.AuthenticateAsync(HttpContext, string)"/>.</returns>
-        public virtual Task<AuthenticationScheme> GetDefaultAuthenticateSchemeAsync()
+        public virtual Task<AuthenticationScheme?> GetDefaultAuthenticateSchemeAsync()
             => _options.DefaultAuthenticateScheme != null
             ? GetSchemeAsync(_options.DefaultAuthenticateScheme)
             : GetDefaultSchemeAsync();
@@ -76,7 +76,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// Otherwise, this will fallback to <see cref="AuthenticationOptions.DefaultScheme"/>.
         /// </summary>
         /// <returns>The scheme that will be used by default for <see cref="IAuthenticationService.ChallengeAsync(HttpContext, string, AuthenticationProperties)"/>.</returns>
-        public virtual Task<AuthenticationScheme> GetDefaultChallengeSchemeAsync()
+        public virtual Task<AuthenticationScheme?> GetDefaultChallengeSchemeAsync()
             => _options.DefaultChallengeScheme != null
             ? GetSchemeAsync(_options.DefaultChallengeScheme)
             : GetDefaultSchemeAsync();
@@ -87,7 +87,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// Otherwise, this will fallback to <see cref="GetDefaultChallengeSchemeAsync"/> .
         /// </summary>
         /// <returns>The scheme that will be used by default for <see cref="IAuthenticationService.ForbidAsync(HttpContext, string, AuthenticationProperties)"/>.</returns>
-        public virtual Task<AuthenticationScheme> GetDefaultForbidSchemeAsync()
+        public virtual Task<AuthenticationScheme?> GetDefaultForbidSchemeAsync()
             => _options.DefaultForbidScheme != null
             ? GetSchemeAsync(_options.DefaultForbidScheme)
             : GetDefaultChallengeSchemeAsync();
@@ -98,7 +98,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// Otherwise, this will fallback to <see cref="AuthenticationOptions.DefaultScheme"/>.
         /// </summary>
         /// <returns>The scheme that will be used by default for <see cref="IAuthenticationService.SignInAsync(HttpContext, string, System.Security.Claims.ClaimsPrincipal, AuthenticationProperties)"/>.</returns>
-        public virtual Task<AuthenticationScheme> GetDefaultSignInSchemeAsync()
+        public virtual Task<AuthenticationScheme?> GetDefaultSignInSchemeAsync()
             => _options.DefaultSignInScheme != null
             ? GetSchemeAsync(_options.DefaultSignInScheme)
             : GetDefaultSchemeAsync();
@@ -109,7 +109,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// Otherwise this will fallback to <see cref="GetDefaultSignInSchemeAsync"/> if that supports sign out.
         /// </summary>
         /// <returns>The scheme that will be used by default for <see cref="IAuthenticationService.SignOutAsync(HttpContext, string, AuthenticationProperties)"/>.</returns>
-        public virtual Task<AuthenticationScheme> GetDefaultSignOutSchemeAsync()
+        public virtual Task<AuthenticationScheme?> GetDefaultSignOutSchemeAsync()
             => _options.DefaultSignOutScheme != null
             ? GetSchemeAsync(_options.DefaultSignOutScheme)
             : GetDefaultSignInSchemeAsync();
@@ -119,7 +119,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// </summary>
         /// <param name="name">The name of the authenticationScheme.</param>
         /// <returns>The scheme or null if not found.</returns>
-        public virtual Task<AuthenticationScheme> GetSchemeAsync(string name)
+        public virtual Task<AuthenticationScheme?> GetSchemeAsync(string name)
             => Task.FromResult(_schemes.ContainsKey(name) ? _schemes[name] : null);
 
         /// <summary>
@@ -204,4 +204,4 @@ namespace Microsoft.AspNetCore.Authentication
         public virtual Task<IEnumerable<AuthenticationScheme>> GetAllSchemesAsync()
             => Task.FromResult(_schemesCopy);
     }
-}
+}

src/Http/Authentication.Core/src/AuthenticationService.cs

@@ -16,7 +16,7 @@ namespace Microsoft.AspNetCore.Authentication
     /// </summary>
     public class AuthenticationService : IAuthenticationService
     {
-        private HashSet<ClaimsPrincipal> _transformCache;
+        private HashSet<ClaimsPrincipal>? _transformCache;
 
         /// <summary>
         /// Constructor.
@@ -59,7 +59,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="context">The <see cref="HttpContext"/>.</param>
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <returns>The result.</returns>
-        public virtual async Task<AuthenticateResult> AuthenticateAsync(HttpContext context, string scheme)
+        public virtual async Task<AuthenticateResult?> AuthenticateAsync(HttpContext context, string? scheme)
         {
             if (scheme == null)
             {
@@ -80,7 +80,7 @@ namespace Microsoft.AspNetCore.Authentication
             var result = await handler.AuthenticateAsync();
             if (result != null && result.Succeeded)
             {
-                var principal = result.Principal;
+                var principal = result.Principal!;
                 var doTransform = true;
                 _transformCache ??= new HashSet<ClaimsPrincipal>();
                 if (_transformCache.Contains(principal))
@@ -93,7 +93,7 @@ namespace Microsoft.AspNetCore.Authentication
                     principal = await Transform.TransformAsync(principal);
                     _transformCache.Add(principal);
                 }
-                return AuthenticateResult.Success(new AuthenticationTicket(principal, result.Properties, result.Ticket.AuthenticationScheme));
+                return AuthenticateResult.Success(new AuthenticationTicket(principal, result.Properties, result.Ticket!.AuthenticationScheme));
             }
             return result;
         }
@@ -105,7 +105,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
         /// <returns>A task.</returns>
-        public virtual async Task ChallengeAsync(HttpContext context, string scheme, AuthenticationProperties properties)
+        public virtual async Task ChallengeAsync(HttpContext context, string? scheme, AuthenticationProperties? properties)
         {
             if (scheme == null)
             {
@@ -133,7 +133,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
         /// <returns>A task.</returns>
-        public virtual async Task ForbidAsync(HttpContext context, string scheme, AuthenticationProperties properties)
+        public virtual async Task ForbidAsync(HttpContext context, string? scheme, AuthenticationProperties? properties)
         {
             if (scheme == null)
             {
@@ -162,7 +162,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="principal">The <see cref="ClaimsPrincipal"/> to sign in.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
         /// <returns>A task.</returns>
-        public virtual async Task SignInAsync(HttpContext context, string scheme, ClaimsPrincipal principal, AuthenticationProperties properties)
+        public virtual async Task SignInAsync(HttpContext context, string? scheme, ClaimsPrincipal principal, AuthenticationProperties? properties)
         {
             if (principal == null)
             {
@@ -213,7 +213,7 @@ namespace Microsoft.AspNetCore.Authentication
         /// <param name="scheme">The name of the authentication scheme.</param>
         /// <param name="properties">The <see cref="AuthenticationProperties"/>.</param>
         /// <returns>A task.</returns>
-        public virtual async Task SignOutAsync(HttpContext context, string scheme, AuthenticationProperties properties)
+        public virtual async Task SignOutAsync(HttpContext context, string? scheme, AuthenticationProperties? properties)
         {
             if (scheme == null)
             {

src/Http/Authentication.Core/src/Microsoft.AspNetCore.Authentication.Core.csproj

@@ -8,6 +8,7 @@
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
     <PackageTags>aspnetcore;authentication;security</PackageTags>
     <IsPackable>false</IsPackable>
+    <Nullable>enable</Nullable>
   </PropertyGroup>
 
   <ItemGroup>

src/Http/Authentication.Core/test/AuthenticationPropertiesTests.cs

@@ -46,7 +46,7 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
         [Fact]
         public void ItemsConstructor_ReusesItemsDictionary()
         {
-            var items = new Dictionary<string, string>
+            var items = new Dictionary<string, string?>
             {
                 ["foo"] = "bar",
             };
@@ -58,11 +58,11 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
         [Fact]
         public void FullConstructor_ReusesDictionaries()
         {
-            var items = new Dictionary<string, string>
+            var items = new Dictionary<string, string?>
             {
                 ["foo"] = "bar",
             };
-            var parameters = new Dictionary<string, object>
+            var parameters = new Dictionary<string, object?>
             {
                 ["number"] = 1234,
                 ["list"] = new List<string> { "a", "b", "c" },
@@ -119,7 +119,7 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
             Assert.Equal("foo bar", props.Parameters["foo"]);
             Assert.Equal(1, props.Parameters.Count);
 
-            props.SetParameter<string>("foo", null);
+            props.SetParameter<string?>("foo", null);
             Assert.Null(props.GetParameter<string>("foo"));
             Assert.Null(props.Parameters["foo"]);
             Assert.Equal(1, props.Parameters.Count);
@@ -156,7 +156,7 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
             Assert.Same(list, props.Parameters["foo"]);
             Assert.Equal(1, props.Parameters.Count);
 
-            props.SetParameter<ICollection<string>>("foo", null);
+            props.SetParameter<ICollection<string>?>("foo", null);
             Assert.Null(props.GetParameter<ICollection<string>>("foo"));
             Assert.Null(props.Parameters["foo"]);
             Assert.Equal(1, props.Parameters.Count);

src/Http/Authentication.Core/test/AuthenticationSchemeProviderTests.cs

@@ -41,11 +41,11 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
             }).BuildServiceProvider();
 
             var provider = services.GetRequiredService<IAuthenticationSchemeProvider>();
-            Assert.Equal("B", (await provider.GetDefaultForbidSchemeAsync()).Name);
+            Assert.Equal("B", (await provider.GetDefaultForbidSchemeAsync())!.Name);
-            Assert.Equal("B", (await provider.GetDefaultAuthenticateSchemeAsync()).Name);
+            Assert.Equal("B", (await provider.GetDefaultAuthenticateSchemeAsync())!.Name);
-            Assert.Equal("B", (await provider.GetDefaultChallengeSchemeAsync()).Name);
+            Assert.Equal("B", (await provider.GetDefaultChallengeSchemeAsync())!.Name);
-            Assert.Equal("B", (await provider.GetDefaultSignInSchemeAsync()).Name);
+            Assert.Equal("B", (await provider.GetDefaultSignInSchemeAsync())!.Name);
-            Assert.Equal("B", (await provider.GetDefaultSignOutSchemeAsync()).Name);
+            Assert.Equal("B", (await provider.GetDefaultSignOutSchemeAsync())!.Name);
         }
 
 
@@ -62,7 +62,7 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
             var provider = services.GetRequiredService<IAuthenticationSchemeProvider>();
             var scheme = await provider.GetDefaultSignOutSchemeAsync();
             Assert.NotNull(scheme);
-            Assert.Equal("signin", scheme.Name);
+            Assert.Equal("signin", scheme!.Name);
         }
 
         [Fact]
@@ -78,7 +78,7 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
             var provider = services.GetRequiredService<IAuthenticationSchemeProvider>();
             var scheme = await provider.GetDefaultForbidSchemeAsync();
             Assert.NotNull(scheme);
-            Assert.Equal("challenge", scheme.Name);
+            Assert.Equal("challenge", scheme!.Name);
         }
 
         [Fact]
@@ -99,11 +99,11 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
             }).BuildServiceProvider();
 
             var provider = services.GetRequiredService<IAuthenticationSchemeProvider>();
-            Assert.Equal("B", (await provider.GetDefaultForbidSchemeAsync()).Name);
+            Assert.Equal("B", (await provider.GetDefaultForbidSchemeAsync())!.Name);
-            Assert.Equal("C", (await provider.GetDefaultAuthenticateSchemeAsync()).Name);
+            Assert.Equal("C", (await provider.GetDefaultAuthenticateSchemeAsync())!.Name);
-            Assert.Equal("A", (await provider.GetDefaultChallengeSchemeAsync()).Name);
+            Assert.Equal("A", (await provider.GetDefaultChallengeSchemeAsync())!.Name);
-            Assert.Equal("C", (await provider.GetDefaultSignInSchemeAsync()).Name);
+            Assert.Equal("C", (await provider.GetDefaultSignInSchemeAsync())!.Name);
-            Assert.Equal("A", (await provider.GetDefaultSignOutSchemeAsync()).Name);
+            Assert.Equal("A", (await provider.GetDefaultSignOutSchemeAsync())!.Name);
         }
 
         [Fact]
@@ -176,12 +176,12 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
                 throw new NotImplementedException();
             }
 
-            public Task ChallengeAsync(AuthenticationProperties properties)
+            public Task ChallengeAsync(AuthenticationProperties? properties)
             {
                 throw new NotImplementedException();
             }
 
-            public Task ForbidAsync(AuthenticationProperties properties)
+            public Task ForbidAsync(AuthenticationProperties? properties)
             {
                 throw new NotImplementedException();
             }
@@ -194,12 +194,12 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
 
         private class SignInHandler : Handler, IAuthenticationSignInHandler
         {
-            public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
+            public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties)
             {
                 throw new NotImplementedException();
             }
 
-            public Task SignOutAsync(AuthenticationProperties properties)
+            public Task SignOutAsync(AuthenticationProperties? properties)
             {
                 throw new NotImplementedException();
             }
@@ -207,7 +207,7 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
 
         private class SignOutHandler : Handler, IAuthenticationSignOutHandler
         {
-            public Task SignOutAsync(AuthenticationProperties properties)
+            public Task SignOutAsync(AuthenticationProperties? properties)
             {
                 throw new NotImplementedException();
             }

src/Http/Authentication.Core/test/AuthenticationServiceTests.cs

@@ -264,12 +264,12 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
                         "whatever")));
             }
 
-            public Task ChallengeAsync(AuthenticationProperties properties)
+            public Task ChallengeAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
 
-            public Task ForbidAsync(AuthenticationProperties properties)
+            public Task ForbidAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
@@ -287,12 +287,12 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
                 return Task.FromResult(AuthenticateResult.NoResult());
             }
 
-            public Task ChallengeAsync(AuthenticationProperties properties)
+            public Task ChallengeAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
 
-            public Task ForbidAsync(AuthenticationProperties properties)
+            public Task ForbidAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
@@ -302,12 +302,12 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
                 return Task.FromResult(0);
             }
 
-            public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
+            public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
 
-            public Task SignOutAsync(AuthenticationProperties properties)
+            public Task SignOutAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
@@ -320,12 +320,12 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
                 return Task.FromResult(AuthenticateResult.NoResult());
             }
 
-            public Task ChallengeAsync(AuthenticationProperties properties)
+            public Task ChallengeAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
 
-            public Task ForbidAsync(AuthenticationProperties properties)
+            public Task ForbidAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
@@ -335,7 +335,7 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
                 return Task.FromResult(0);
             }
 
-            public Task SignOutAsync(AuthenticationProperties properties)
+            public Task SignOutAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
@@ -348,12 +348,12 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
                 return Task.FromResult(AuthenticateResult.NoResult());
             }
 
-            public Task ChallengeAsync(AuthenticationProperties properties)
+            public Task ChallengeAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
 
-            public Task ForbidAsync(AuthenticationProperties properties)
+            public Task ForbidAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
@@ -368,12 +368,12 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
                 return Task.FromResult(0);
             }
 
-            public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
+            public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
 
-            public Task SignOutAsync(AuthenticationProperties properties)
+            public Task SignOutAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
@@ -386,12 +386,12 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
                 throw new NotImplementedException();
             }
 
-            public Task ChallengeAsync(AuthenticationProperties properties)
+            public Task ChallengeAsync(AuthenticationProperties? properties)
             {
                 throw new NotImplementedException();
             }
 
-            public Task ForbidAsync(AuthenticationProperties properties)
+            public Task ForbidAsync(AuthenticationProperties? properties)
             {
                 return Task.FromResult(0);
             }
@@ -406,12 +406,12 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
                 return Task.FromResult(0);
             }
 
-            public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
+            public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties)
             {
                 throw new NotImplementedException();
             }
 
-            public Task SignOutAsync(AuthenticationProperties properties)
+            public Task SignOutAsync(AuthenticationProperties? properties)
             {
                 throw new NotImplementedException();
             }

src/Http/Authentication.Core/test/Microsoft.AspNetCore.Authentication.Core.Test.csproj

@@ -2,6 +2,7 @@
 
   <PropertyGroup>
     <TargetFramework>$(DefaultNetCoreTargetFramework)</TargetFramework>
+    <Nullable>enable</Nullable>
   </PropertyGroup>
 
   <ItemGroup>

src/Http/Authentication.Core/test/TokenExtensionTests.cs

@@ -170,12 +170,12 @@ namespace Microsoft.AspNetCore.Authentication.Core.Test
                 return Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(new ClaimsPrincipal(), props, "simple")));
             }
 
-            public Task ChallengeAsync(AuthenticationProperties properties)
+            public Task ChallengeAsync(AuthenticationProperties? properties)
             {
                 throw new NotImplementedException();
             }
 
-            public Task ForbidAsync(AuthenticationProperties properties)
+            public Task ForbidAsync(AuthenticationProperties? properties)
             {
                 throw new NotImplementedException();
             }