Merge pull request #1401 from DuendeSoftware/dom/update-to-net8-preview7

brockallen · web-flow · commit f69718e8d0dd · 2023-09-15T12:27:50.000-04:00
Updates for .NET8 Preview 7
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -32,7 +32,7 @@ jobs:
       uses: actions/setup-dotnet@v2
       with:
         dotnet-version: |
-          8.0.100-preview.6.23330.14
+          8.0.100-preview.7.23376.3
     
     - run: dotnet --info
     
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -41,7 +41,7 @@ jobs:
       uses: actions/setup-dotnet@v2
       with:
         dotnet-version: |
-          8.0.100-preview.6.23330.14
+          8.0.100-preview.7.23376.3
       
     - run: dotnet --info
 
diff --git a/Directory.Build.targets b/Directory.Build.targets
@@ -15,10 +15,10 @@
     </PropertyGroup>-->
 
     <PropertyGroup Condition=" '$(TargetFramework)' == 'net8.0'">
-        <FrameworkVersion>8.0.0-preview.6.23329.11</FrameworkVersion>
-        <ExtensionsVersion>8.0.0-preview.6.23329.7</ExtensionsVersion>
-        <EntityFrameworkVersion>8.0.0-preview.6.23329.4</EntityFrameworkVersion>
-        <WilsonVersion>6.15.1</WilsonVersion>
+        <FrameworkVersion>8.0.0-preview.7.23375.9</FrameworkVersion>
+        <ExtensionsVersion>8.0.0-preview.7.23375.6</ExtensionsVersion>
+        <EntityFrameworkVersion>8.0.0-preview.7.23375.4</EntityFrameworkVersion>
+        <WilsonVersion>7.0.0</WilsonVersion>
     </PropertyGroup>
 
     <ItemGroup>
diff --git a/global.json b/global.json
@@ -1,6 +1,6 @@
 {
   "sdk": {
-    "version": "8.0.100-preview.6.23330.14",
+    "version": "8.0.100-preview.7.23376.3",
     "rollForward": "latestMajor",
     "allowPrerelease": true
   }
diff --git a/hosts/AspNetIdentity/GlobalSuppressions.cs b/hosts/AspNetIdentity/GlobalSuppressions.cs
@@ -13,9 +13,8 @@
 [assembly: SuppressMessage("Design", "CA1054:URI-like parameters should not be strings", Justification = "Consistent with the IdentityServer APIs")]
 [assembly: SuppressMessage("Design", "CA1056:URI-like properties should not be strings", Justification = "Consistent with the IdentityServer APIs")]
 [assembly: SuppressMessage("Naming", "CA1716:Identifiers should not match keywords", Justification = "This namespace is just for organization, and won't be referenced elsewhere", Scope = "namespace", Target = "~N:IdentityServerHost.Pages.Error")]
-[assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Namespaces of pages are not likely to be used elsewhere, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Pages.Ciba.Consent")]
 [assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Namespaces of pages are not likely to be used elsewhere, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Pages.Extensions")]
-[assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Resources is only used for initalization, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Configuration.Resources")]
+[assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Resources is only used for initialization, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Configuration.Resources")]
 [assembly: SuppressMessage("Performance", "CA1805:Do not initialize unnecessarily", Justification = "This is for clarity and consistency with the surrounding code", Scope = "member", Target = "~F:IdentityServerHost.Pages.Logout.LogoutOptions.AutomaticRedirectAfterSignOut")]
 [assembly: SuppressMessage("Reliability", "CA2007:Consider calling ConfigureAwait on the awaited task", Justification = "No need for ConfigureAwait in ASP.NET Core application code, as there is no SynchronizationContext.")]
 
diff --git a/hosts/Configuration/GlobalSuppressions.cs b/hosts/Configuration/GlobalSuppressions.cs
@@ -16,7 +16,7 @@
 [assembly: SuppressMessage("Naming", "CA1716:Identifiers should not match keywords", Justification = "This namespace is just for organization, and won't be referenced elsewhere", Scope = "namespace", Target = "~N:IdentityServerHost.Pages.Error")]
 [assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Namespaces of pages are not likely to be used elsewhere, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Pages.Ciba.Consent")]
 [assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Namespaces of pages are not likely to be used elsewhere, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Pages.Extensions")]
-[assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Resources is only used for initalization, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Configuration.Resources")]
+[assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Resources is only used for initialization, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Configuration.Resources")]
 [assembly: SuppressMessage("Performance", "CA1805:Do not initialize unnecessarily", Justification = "This is for clarity and consistency with the surrounding code", Scope = "member", Target = "~F:IdentityServerHost.Pages.Logout.LogoutOptions.AutomaticRedirectAfterSignOut")]
 [assembly: SuppressMessage("Reliability", "CA2007:Consider calling ConfigureAwait on the awaited task", Justification = "No need for ConfigureAwait in ASP.NET Core application code, as there is no SynchronizationContext.")]
 [assembly: SuppressMessage("Performance", "CA1812:Avoid uninstantiated internal classes", Justification = "CustomClientRegistrationProcessor is created through DI", Scope = "type", Target = "~T:IdentityServerHost.CustomClientRegistrationProcessor")]
diff --git a/hosts/EntityFramework/Pages/Admin/ApiScopes/ApiScopeRepository.cs b/hosts/EntityFramework/Pages/Admin/ApiScopes/ApiScopeRepository.cs
@@ -82,7 +82,12 @@ public async Task CreateAsync(ApiScopeModel model)
             scope.UserClaims = claims.ToList();
         }
 
+#pragma warning disable CA1849 // Call async methods when in an async method
+// CA1849 Suppressed because AddAsync is only needed for value generators that
+// need async database access (e.g., HiLoValueGenerator), and we don't use those
+// generators
         _context.ApiScopes.Add(scope.ToEntity());
+#pragma warning restore CA1849 // Call async methods when in an async method
         await _context.SaveChangesAsync();
     }
 
diff --git a/hosts/EntityFramework/Pages/Admin/Clients/ClientRepository.cs b/hosts/EntityFramework/Pages/Admin/Clients/ClientRepository.cs
@@ -137,7 +137,12 @@ public async Task CreateAsync(CreateClientModel model)
             client.AllowOfflineAccess = true;
         }
 
+#pragma warning disable CA1849 // Call async methods when in an async method
+// CA1849 Suppressed because AddAsync is only needed for value generators that
+// need async database access (e.g., HiLoValueGenerator), and we don't use those
+// generators
         _context.Clients.Add(client.ToEntity());
+#pragma warning restore CA1849 // Call async methods when in an async method
         await _context.SaveChangesAsync();
     }
 
diff --git a/hosts/EntityFramework/Pages/Admin/IdentityScopes/IdentityScopeRepository.cs b/hosts/EntityFramework/Pages/Admin/IdentityScopes/IdentityScopeRepository.cs
@@ -81,8 +81,12 @@ public async Task CreateAsync(IdentityScopeModel model)
         {
             scope.UserClaims = claims.ToList();
         }
-
+#pragma warning disable CA1849 // Call async methods when in an async method
+// CA1849 Suppressed because AddAsync is only needed for value generators that
+// need async database access (e.g., HiLoValueGenerator), and we don't use those
+// generators
         _context.IdentityResources.Add(scope.ToEntity());
+#pragma warning restore CA1849
         await _context.SaveChangesAsync();
     }
 
diff --git a/hosts/main/GlobalSuppressions.cs b/hosts/main/GlobalSuppressions.cs
@@ -16,7 +16,7 @@
 [assembly: SuppressMessage("Naming", "CA1716:Identifiers should not match keywords", Justification = "This namespace is just for organization, and won't be referenced elsewhere", Scope = "namespace", Target = "~N:IdentityServerHost.Pages.Error")]
 [assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Namespaces of pages are not likely to be used elsewhere, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Pages.Ciba.Consent")]
 [assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Namespaces of pages are not likely to be used elsewhere, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Pages.Extensions")]
-[assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Resources is only used for initalization, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Configuration.Resources")]
+[assembly: SuppressMessage("Naming", "CA1724:Type names should not match namespaces", Justification = "Resources is only used for initialization, so there is little chance of confusion", Scope = "type", Target = "~T:IdentityServerHost.Configuration.Resources")]
 [assembly: SuppressMessage("Performance", "CA1805:Do not initialize unnecessarily", Justification = "This is for clarity and consistency with the surrounding code", Scope = "member", Target = "~F:IdentityServerHost.Pages.Logout.LogoutOptions.AutomaticRedirectAfterSignOut")]
 [assembly: SuppressMessage("Reliability", "CA2007:Consider calling ConfigureAwait on the awaited task", Justification = "No need for ConfigureAwait in ASP.NET Core application code, as there is no SynchronizationContext.")]
 
diff --git a/src/Configuration/Extensions/ConfigurationEndpointExtensions.cs b/src/Configuration/Extensions/ConfigurationEndpointExtensions.cs
@@ -36,7 +36,7 @@ internal static void CheckLicense(this IEndpointRouteBuilder endpoints)
             var loggerFactory = endpoints.ServiceProvider.GetRequiredService<ILoggerFactory>();
             var options = endpoints.ServiceProvider.GetRequiredService<IOptions<IdentityServerConfigurationOptions>>().Value;
 
-            ConfigurationLicenseValidator.Instance.Initalize(loggerFactory, options);
+            ConfigurationLicenseValidator.Instance.Initialize(loggerFactory, options);
         }
 
         _licenseChecked = true;
diff --git a/src/Configuration/Licensing/ConfigurationLicense.cs b/src/Configuration/Licensing/ConfigurationLicense.cs
@@ -23,12 +23,12 @@ public ConfigurationLicense()
     // for testing
     internal ConfigurationLicense(params Claim[] claims)
     {
-        Initalize(new ClaimsPrincipal(new ClaimsIdentity(claims)));
+        Initialize(new ClaimsPrincipal(new ClaimsIdentity(claims)));
     }
 
-    internal override void Initalize(ClaimsPrincipal claims)
+    internal override void Initialize(ClaimsPrincipal claims)
     {
-        base.Initalize(claims);
+        base.Initialize(claims);
 
         ConfigApiFeature = claims.HasClaim("feature", "config_api");
         switch (Edition)
diff --git a/src/Configuration/Licensing/ConfigurationLicenseValidator.cs b/src/Configuration/Licensing/ConfigurationLicenseValidator.cs
@@ -15,9 +15,9 @@ internal class ConfigurationLicenseValidator : LicenseValidator<ConfigurationLic
 {
     internal readonly static ConfigurationLicenseValidator Instance = new ConfigurationLicenseValidator();
 
-    public void Initalize(ILoggerFactory loggerFactory, IdentityServerConfigurationOptions options)
+    public void Initialize(ILoggerFactory loggerFactory, IdentityServerConfigurationOptions options)
     {
-        Initalize(loggerFactory, "IdentityServer.Configuration", options.LicenseKey);
+        Initialize(loggerFactory, "IdentityServer.Configuration", options.LicenseKey);
         ValidateLicense();
     }
 
diff --git a/src/Configuration/Licensing/License.cs b/src/Configuration/Licensing/License.cs
@@ -25,7 +25,7 @@ protected License()
     /// <summary>
     /// Initializes the license from the claims in the key.
     /// </summary>
-    internal virtual void Initalize(ClaimsPrincipal claims)
+    internal virtual void Initialize(ClaimsPrincipal claims)
     {
         Claims = claims;
 
diff --git a/src/Configuration/Licensing/LicenseValidator.cs b/src/Configuration/Licensing/LicenseValidator.cs
@@ -37,12 +37,12 @@ public T GetLicense()
         if (_copy == null && License != null)
         {
             _copy = new T();
-            _copy.Initalize(License.Claims.Clone());
+            _copy.Initialize(License.Claims.Clone());
         }
         return _copy;
     }
 
-    protected void Initalize(ILoggerFactory loggerFactory, string productName, string key)
+    protected void Initialize(ILoggerFactory loggerFactory, string productName, string key)
     {
         Logger = loggerFactory.CreateLogger($"Duende.{productName}.License");
 
@@ -166,11 +166,11 @@ internal T ValidateKey(string licenseKey)
                 ValidateLifetime = false
             };
 
-            var validateResult = handler.ValidateToken(licenseKey, parms);
+            var validateResult = handler.ValidateTokenAsync(licenseKey, parms).Result;
             if (validateResult.IsValid)
             {
                 var license = new T();
-                license.Initalize(new ClaimsPrincipal(validateResult.ClaimsIdentity));
+                license.Initialize(new ClaimsPrincipal(validateResult.ClaimsIdentity));
                 return license;
             }
             else
diff --git a/src/IdentityServer/Configuration/IdentityServerApplicationBuilderExtensions.cs b/src/IdentityServer/Configuration/IdentityServerApplicationBuilderExtensions.cs
@@ -76,7 +76,7 @@ internal static void Validate(this IApplicationBuilder app)
 
             var options = serviceProvider.GetRequiredService<IdentityServerOptions>();
             var env = serviceProvider.GetRequiredService<IHostEnvironment>();
-            IdentityServerLicenseValidator.Instance.Initalize(loggerFactory, options, env.IsDevelopment());
+            IdentityServerLicenseValidator.Instance.Initialize(loggerFactory, options, env.IsDevelopment());
 
             TestService(serviceProvider, typeof(IPersistedGrantStore), logger, "No storage mechanism for grants specified. Use the 'AddInMemoryPersistedGrants' extension method to register a development version.");
             TestService(serviceProvider, typeof(IClientStore), logger, "No storage mechanism for clients specified. Use the 'AddInMemoryClients' extension method to register a development version.");
diff --git a/src/IdentityServer/Hosting/LocalApiAuthentication/LocalApiAuthenticationHandler.cs b/src/IdentityServer/Hosting/LocalApiAuthentication/LocalApiAuthenticationHandler.cs
@@ -255,9 +255,14 @@ protected override Task HandleChallengeAsync(AuthenticationProperties properties
 
         if (sb.Length > 0)
         {
-            Response.Headers.Add(HeaderNames.WWWAuthenticate, sb.ToString());
+            if(Response.Headers.ContainsKey(HeaderNames.WWWAuthenticate))
+            {
+
+                throw new InvalidOperationException("Attempted to set the WWW-Authenticate header when it is already set");
+            }
+            Response.Headers[HeaderNames.WWWAuthenticate] = sb.ToString();
         }
 
         return Task.CompletedTask;
     }
-}
+} 
diff --git a/src/IdentityServer/Licensing/IdentityServerLicense.cs b/src/IdentityServer/Licensing/IdentityServerLicense.cs
@@ -24,12 +24,12 @@ public IdentityServerLicense()
     // for testing
     internal IdentityServerLicense(params Claim[] claims)
     {
-        Initalize(new ClaimsPrincipal(new ClaimsIdentity(claims)));
+        Initialize(new ClaimsPrincipal(new ClaimsIdentity(claims)));
     }
 
-    internal override void Initalize(ClaimsPrincipal claims)
+    internal override void Initialize(ClaimsPrincipal claims)
     {
-        base.Initalize(claims);
+        base.Initialize(claims);
         
         RedistributionFeature = claims.HasClaim("feature", "isv") || claims.HasClaim("feature", "redistribution");
 
diff --git a/src/IdentityServer/Licensing/IdentityServerLicenseValidator.cs b/src/IdentityServer/Licensing/IdentityServerLicenseValidator.cs
@@ -22,11 +22,11 @@ internal class IdentityServerLicenseValidator : LicenseValidator<IdentityServerL
     ConcurrentDictionary<string, byte> _clientIds = new ConcurrentDictionary<string, byte>();
     ConcurrentDictionary<string, byte> _issuers = new ConcurrentDictionary<string, byte>();
 
-    public void Initalize(ILoggerFactory loggerFactory, IdentityServerOptions options, bool isDevelopment = false)
+    public void Initialize(ILoggerFactory loggerFactory, IdentityServerOptions options, bool isDevelopment = false)
     {
         _options = options;
 
-        Initalize(loggerFactory, "IdentityServer", options.LicenseKey);
+        Initialize(loggerFactory, "IdentityServer", options.LicenseKey);
 
         if (License?.RedistributionFeature == true && !isDevelopment)
         {
diff --git a/src/IdentityServer/Licensing/License.cs b/src/IdentityServer/Licensing/License.cs
@@ -26,7 +26,7 @@ protected License()
     /// <summary>
     /// Initializes the license from the claims in the key.
     /// </summary>
-    internal virtual void Initalize(ClaimsPrincipal claims)
+    internal virtual void Initialize(ClaimsPrincipal claims)
     {
         Claims = claims;
 
diff --git a/src/IdentityServer/Licensing/LicenseValidator.cs b/src/IdentityServer/Licensing/LicenseValidator.cs
@@ -40,12 +40,12 @@ public T GetLicense()
         if (_copy == null && License != null)
         {
             _copy = new T();
-            _copy.Initalize(License.Claims.Clone());
+            _copy.Initialize(License.Claims.Clone());
         }
         return _copy;
     }
 
-    protected void Initalize(ILoggerFactory loggerFactory, string productName, string key)
+    protected void Initialize(ILoggerFactory loggerFactory, string productName, string key)
     {
         //if (Logger != null) throw new InvalidOperationException("LicenseValidator already initialized.");
 
@@ -171,11 +171,11 @@ internal T ValidateKey(string licenseKey)
                 ValidateLifetime = false
             };
 
-            var validateResult = handler.ValidateToken(licenseKey, parms);
+            var validateResult = handler.ValidateTokenAsync(licenseKey, parms).Result;
             if (validateResult.IsValid)
             {
                 var license = new T();
-                license.Initalize(new ClaimsPrincipal(validateResult.ClaimsIdentity));
+                license.Initialize(new ClaimsPrincipal(validateResult.ClaimsIdentity));
                 return license;
             }
             else
diff --git a/src/IdentityServer/Validation/Default/DefaultDPoPProofValidator.cs b/src/IdentityServer/Validation/Default/DefaultDPoPProofValidator.cs
@@ -154,7 +154,7 @@ protected virtual Task ValidateHeaderAsync(DPoPProofValidatonContext context, DP
             return Task.CompletedTask;
         }
 
-        if (!token.TryGetHeaderValue<IDictionary<string, object>>(JwtClaimTypes.JsonWebKey, out var jwkValues))
+        if (!token.TryGetHeaderValue<JsonElement>(JwtClaimTypes.JsonWebKey, out var jwkValues))
         {
             result.IsError = true;
             result.ErrorDescription = "Invalid 'jwk' value.";
@@ -193,7 +193,7 @@ protected virtual Task ValidateHeaderAsync(DPoPProofValidatonContext context, DP
     /// <summary>
     /// Validates the signature.
     /// </summary>
-    protected virtual Task ValidateSignatureAsync(DPoPProofValidatonContext context, DPoPProofValidatonResult result)
+    protected virtual async Task ValidateSignatureAsync(DPoPProofValidatonContext context, DPoPProofValidatonResult result)
     {
         Microsoft.IdentityModel.Tokens.TokenValidationResult tokenValidationResult;
 
@@ -209,27 +209,27 @@ protected virtual Task ValidateSignatureAsync(DPoPProofValidatonContext context,
             };
 
             var handler = new JsonWebTokenHandler();
-            tokenValidationResult = handler.ValidateToken(context.ProofToken, tvp);
+            tokenValidationResult = await handler.ValidateTokenAsync(context.ProofToken, tvp);
         }
         catch (Exception ex)
         {
             Logger.LogDebug("Error parsing DPoP token: {error}", ex.Message);
             result.IsError = true;
             result.ErrorDescription = "Invalid signature on DPoP token.";
-            return Task.CompletedTask;
+            return;
         }
 
         if (tokenValidationResult.Exception != null)
         {
             Logger.LogDebug("Error parsing DPoP token: {error}", tokenValidationResult.Exception.Message);
             result.IsError = true;
             result.ErrorDescription = "Invalid signature on DPoP token.";
-            return Task.CompletedTask;
+            return;
         }
 
         result.Payload = tokenValidationResult.Claims;
 
-        return Task.CompletedTask;
+        return;
     }
 
     /// <summary>
diff --git a/src/IdentityServer/Validation/Default/JwtRequestValidator.cs b/src/IdentityServer/Validation/Default/JwtRequestValidator.cs
@@ -179,7 +179,7 @@ protected virtual async Task<JsonWebToken> ValidateJwtAsync(JwtRequestValidation
             tokenValidationParameters.ValidTypes = new[] { JwtClaimTypes.JwtTypes.AuthorizationRequest };
         }
 
-        var result = Handler.ValidateToken(context.JwtTokenString, tokenValidationParameters);
+        var result = await Handler.ValidateTokenAsync(context.JwtTokenString, tokenValidationParameters);
         if (!result.IsValid)
         {
             throw result.Exception;
diff --git a/src/IdentityServer/Validation/Default/PrivateKeyJwtSecretValidator.cs b/src/IdentityServer/Validation/Default/PrivateKeyJwtSecretValidator.cs
@@ -120,7 +120,7 @@ await _issuerNameService.GetCurrentAsync(),
         };
 
         var handler = new JsonWebTokenHandler() { MaximumTokenSizeInBytes = _options.InputLengthRestrictions.Jwt };
-        var result = handler.ValidateToken(jwtTokenString, tokenValidationParameters);
+        var result = await handler.ValidateTokenAsync(jwtTokenString, tokenValidationParameters);
         if (!result.IsValid)
         {
             _logger.LogError(result.Exception, "JWT token validation error");
diff --git a/src/IdentityServer/Validation/Default/TokenValidator.cs b/src/IdentityServer/Validation/Default/TokenValidator.cs
@@ -300,7 +300,7 @@ private async Task<TokenValidationResult> ValidateJwtAsync(string jwtString,
             }
         }
             
-        var result = handler.ValidateToken(jwtString, parameters);
+        var result = await handler.ValidateTokenAsync(jwtString, parameters);
         if (!result.IsValid)
         {
             if (result.Exception is SecurityTokenExpiredException expiredException)
diff --git a/test/IdentityServer.IntegrationTests/Endpoints/Authorize/JwtRequestAuthorizeTests.cs b/test/IdentityServer.IntegrationTests/Endpoints/Authorize/JwtRequestAuthorizeTests.cs
diff --git a/test/IdentityServer.IntegrationTests/Endpoints/Ciba/CibaTests.cs b/test/IdentityServer.IntegrationTests/Endpoints/Ciba/CibaTests.cs
diff --git a/test/IdentityServer.IntegrationTests/Endpoints/Token/DPoPTokenEndpointTests.cs b/test/IdentityServer.IntegrationTests/Endpoints/Token/DPoPTokenEndpointTests.cs
diff --git a/test/IdentityServer.IntegrationTests/Hosting/DynamicProvidersTests.cs b/test/IdentityServer.IntegrationTests/Hosting/DynamicProvidersTests.cs
diff --git a/test/IdentityServer.IntegrationTests/Hosting/LocalApiAuthentication/LocalApiAuthenticationTests.cs b/test/IdentityServer.IntegrationTests/Hosting/LocalApiAuthentication/LocalApiAuthenticationTests.cs
diff --git a/test/IdentityServer.IntegrationTests/IdentityServer.IntegrationTests.csproj b/test/IdentityServer.IntegrationTests/IdentityServer.IntegrationTests.csproj

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"sdk": {`
`3`		`- "version": "8.0.100-preview.6.23330.14",`
	`3`	`+ "version": "8.0.100-preview.7.23376.3",`
`4`	`4`	`"rollForward": "latestMajor",`
`5`	`5`	`"allowPrerelease": true`
`6`	`6`	`}`
Original file line number	Diff line number	Diff line change
`@@ -82,7 +82,12 @@ public async Task CreateAsync(ApiScopeModel model)`
`82`	`82`	`scope.UserClaims = claims.ToList();`
`83`	`83`	`}`
`84`	`84`
	`85`	`+#pragma warning disable CA1849 // Call async methods when in an async method`
	`86`	`+// CA1849 Suppressed because AddAsync is only needed for value generators that`
	`87`	`+// need async database access (e.g., HiLoValueGenerator), and we don't use those`
	`88`	`+// generators`
`85`	`89`	`_context.ApiScopes.Add(scope.ToEntity());`
	`90`	`+#pragma warning restore CA1849 // Call async methods when in an async method`
`86`	`91`	`await _context.SaveChangesAsync();`
`87`	`92`	`}`
`88`	`93`
Original file line number	Diff line number	Diff line change
`@@ -137,7 +137,12 @@ public async Task CreateAsync(CreateClientModel model)`
`137`	`137`	`client.AllowOfflineAccess = true;`
`138`	`138`	`}`
`139`	`139`
	`140`	`+#pragma warning disable CA1849 // Call async methods when in an async method`
	`141`	`+// CA1849 Suppressed because AddAsync is only needed for value generators that`
	`142`	`+// need async database access (e.g., HiLoValueGenerator), and we don't use those`
	`143`	`+// generators`
`140`	`144`	`_context.Clients.Add(client.ToEntity());`
	`145`	`+#pragma warning restore CA1849 // Call async methods when in an async method`
`141`	`146`	`await _context.SaveChangesAsync();`
`142`	`147`	`}`
`143`	`148`
Original file line number	Diff line number	Diff line change
`@@ -81,8 +81,12 @@ public async Task CreateAsync(IdentityScopeModel model)`
`81`	`81`	`{`
`82`	`82`	`scope.UserClaims = claims.ToList();`
`83`	`83`	`}`
`84`		`-`
	`84`	`+#pragma warning disable CA1849 // Call async methods when in an async method`
	`85`	`+// CA1849 Suppressed because AddAsync is only needed for value generators that`
	`86`	`+// need async database access (e.g., HiLoValueGenerator), and we don't use those`
	`87`	`+// generators`
`85`	`88`	`_context.IdentityResources.Add(scope.ToEntity());`
	`89`	`+#pragma warning restore CA1849`
`86`	`90`	`await _context.SaveChangesAsync();`
`87`	`91`	`}`
`88`	`92`
Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,7 @@ internal static void CheckLicense(this IEndpointRouteBuilder endpoints)`
`36`	`36`	`var loggerFactory = endpoints.ServiceProvider.GetRequiredService<ILoggerFactory>();`
`37`	`37`	`var options = endpoints.ServiceProvider.GetRequiredService<IOptions<IdentityServerConfigurationOptions>>().Value;`
`38`	`38`
`39`		`- ConfigurationLicenseValidator.Instance.Initalize(loggerFactory, options);`
	`39`	`+ ConfigurationLicenseValidator.Instance.Initialize(loggerFactory, options);`
`40`	`40`	`}`
`41`	`41`
`42`	`42`	`_licenseChecked = true;`
Original file line number	Diff line number	Diff line change
`@@ -23,12 +23,12 @@ public ConfigurationLicense()`
`23`	`23`	`// for testing`
`24`	`24`	`internal ConfigurationLicense(params Claim[] claims)`
`25`	`25`	`{`
`26`		`- Initalize(new ClaimsPrincipal(new ClaimsIdentity(claims)));`
	`26`	`+ Initialize(new ClaimsPrincipal(new ClaimsIdentity(claims)));`
`27`	`27`	`}`
`28`	`28`
`29`		`- internal override void Initalize(ClaimsPrincipal claims)`
	`29`	`+ internal override void Initialize(ClaimsPrincipal claims)`
`30`	`30`	`{`
`31`		`- base.Initalize(claims);`
	`31`	`+ base.Initialize(claims);`
`32`	`32`
`33`	`33`	`ConfigApiFeature = claims.HasClaim("feature", "config_api");`
`34`	`34`	`switch (Edition)`
Original file line number	Diff line number	Diff line change
`@@ -15,9 +15,9 @@ internal class ConfigurationLicenseValidator : LicenseValidator<ConfigurationLic`
`15`	`15`	`{`
`16`	`16`	`internal readonly static ConfigurationLicenseValidator Instance = new ConfigurationLicenseValidator();`
`17`	`17`
`18`		`- public void Initalize(ILoggerFactory loggerFactory, IdentityServerConfigurationOptions options)`
	`18`	`+ public void Initialize(ILoggerFactory loggerFactory, IdentityServerConfigurationOptions options)`
`19`	`19`	`{`
`20`		`- Initalize(loggerFactory, "IdentityServer.Configuration", options.LicenseKey);`
	`20`	`+ Initialize(loggerFactory, "IdentityServer.Configuration", options.LicenseKey);`
`21`	`21`	`ValidateLicense();`
`22`	`22`	`}`
`23`	`23`
Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,7 @@ protected License()`
`25`	`25`	`/// <summary>`
`26`	`26`	`/// Initializes the license from the claims in the key.`
`27`	`27`	`/// </summary>`
`28`		`- internal virtual void Initalize(ClaimsPrincipal claims)`
	`28`	`+ internal virtual void Initialize(ClaimsPrincipal claims)`
`29`	`29`	`{`
`30`	`30`	`Claims = claims;`
`31`	`31`
Original file line number	Diff line number	Diff line change
`@@ -37,12 +37,12 @@ public T GetLicense()`
`37`	`37`	`if (_copy == null && License != null)`
`38`	`38`	`{`
`39`	`39`	`_copy = new T();`
`40`		`- _copy.Initalize(License.Claims.Clone());`
	`40`	`+ _copy.Initialize(License.Claims.Clone());`
`41`	`41`	`}`
`42`	`42`	`return _copy;`
`43`	`43`	`}`
`44`	`44`
`45`		`- protected void Initalize(ILoggerFactory loggerFactory, string productName, string key)`
	`45`	`+ protected void Initialize(ILoggerFactory loggerFactory, string productName, string key)`
`46`	`46`	`{`
`47`	`47`	`Logger = loggerFactory.CreateLogger($"Duende.{productName}.License");`
`48`	`48`
`@@ -166,11 +166,11 @@ internal T ValidateKey(string licenseKey)`
`166`	`166`	`ValidateLifetime = false`
`167`	`167`	`};`
`168`	`168`
`169`		`- var validateResult = handler.ValidateToken(licenseKey, parms);`
	`169`	`+ var validateResult = handler.ValidateTokenAsync(licenseKey, parms).Result;`
`170`	`170`	`if (validateResult.IsValid)`
`171`	`171`	`{`
`172`	`172`	`var license = new T();`
`173`		`- license.Initalize(new ClaimsPrincipal(validateResult.ClaimsIdentity));`
	`173`	`+ license.Initialize(new ClaimsPrincipal(validateResult.ClaimsIdentity));`
`174`	`174`	`return license;`
`175`	`175`	`}`
`176`	`176`	`else`
Original file line number	Diff line number	Diff line change
`@@ -255,9 +255,14 @@ protected override Task HandleChallengeAsync(AuthenticationProperties properties`
`255`	`255`
`256`	`256`	`if (sb.Length > 0)`
`257`	`257`	`{`
`258`		`- Response.Headers.Add(HeaderNames.WWWAuthenticate, sb.ToString());`
	`258`	`+ if(Response.Headers.ContainsKey(HeaderNames.WWWAuthenticate))`
	`259`	`+ {`
	`260`	`+`
	`261`	`+ throw new InvalidOperationException("Attempted to set the WWW-Authenticate header when it is already set");`
	`262`	`+ }`
	`263`	`+ Response.Headers[HeaderNames.WWWAuthenticate] = sb.ToString();`
`259`	`264`	`}`
`260`	`265`
`261`	`266`	`return Task.CompletedTask;`
`262`	`267`	`}`
`263`		`-}`
	`268`	`+}`