Cleanups

javiercn · javiercn · commit cb391452fb74 · 2020-03-20T05:36:43.000-07:00
diff --git a/src/Components/Web.JS/dist/Release/blazor.server.js b/src/Components/Web.JS/dist/Release/blazor.server.js
diff --git a/src/Servers/Kestrel/Core/src/KestrelServerOptions.cs b/src/Servers/Kestrel/Core/src/KestrelServerOptions.cs
@@ -157,17 +157,17 @@ private void EnsureDefaultCert()
 
                     if (DefaultCertificate != null)
                     {
-                        var (result, message) = CertificateManager.Instance.CheckCertificateState(DefaultCertificate, interactive: false);
-                        if (!result)
+                        var status = CertificateManager.Instance.CheckCertificateState(DefaultCertificate, interactive: false);
+                        if (!status.Result)
                         {
                             // Display a warning indicating to the user that a prompt might appear and provide instructions on what to do in that
                             // case. The underlying implementation of this check is specific to Mac OS and is handled within CheckCertificateState.
-                            logger.DeveloperCertificateFirstRun(message);
+                            logger.DeveloperCertificateFirstRun(status.Message);
 
                             // Now that we've displayed a warning in the logs so that the user gets a notification that a prompt might appear, try
                             // and access the certificate key, which might trigger a prompt.
-                            (result, message) = CertificateManager.Instance.CheckCertificateState(DefaultCertificate, interactive: true);
-                            if (!result)
+                            status = CertificateManager.Instance.CheckCertificateState(DefaultCertificate, interactive: true);
+                            if (!status.Result)
                             {
                                 logger.BadDeveloperCertificateState();
                             }
diff --git a/src/Shared/CertificateGeneration/CertificateManager.cs b/src/Shared/CertificateGeneration/CertificateManager.cs
@@ -70,48 +70,46 @@ public IList<X509Certificate2> ListCertificates(
             var certificates = new List<X509Certificate2>();
             try
             {
-                using (var store = new X509Store(storeName, location))
-                {
-                    store.Open(OpenFlags.ReadOnly);
-                    certificates.AddRange(store.Certificates.OfType<X509Certificate2>());
-                    IEnumerable<X509Certificate2> matchingCertificates = certificates;
-                    matchingCertificates = matchingCertificates
-                        .Where(c => HasOid(c, AspNetHttpsOid));
+                using var store = new X509Store(storeName, location);
+                store.Open(OpenFlags.ReadOnly);
+                certificates.AddRange(store.Certificates.OfType<X509Certificate2>());
+                IEnumerable<X509Certificate2> matchingCertificates = certificates;
+                matchingCertificates = matchingCertificates
+                    .Where(c => HasOid(c, AspNetHttpsOid));
 
-                    Log.DescribeFoundCertificates(ToCertificateDescription(matchingCertificates));
+                Log.DescribeFoundCertificates(ToCertificateDescription(matchingCertificates));
 
-                    if (isValid)
-                    {
-                        // Ensure the certificate hasn't expired, has a private key and its exportable
-                        // (for container/unix scenarios).
-                        Log.CheckCertificatesValidity();
-                        var now = DateTimeOffset.Now;
-                        var validCertificates = matchingCertificates
-                            .Where(c => c.NotBefore <= now &&
-                                now <= c.NotAfter &&
-                                (!requireExportable || IsExportable(c))
-                                && MatchesVersion(c))
-                            .ToArray();
-
-                        var invalidCertificates = matchingCertificates.Except(validCertificates);
-
-                        Log.DescribeValidCertificates(ToCertificateDescription(validCertificates));
-                        Log.DescribeInvalidValidCertificates(ToCertificateDescription(invalidCertificates));
-
-                        matchingCertificates = validCertificates;
-                    }
+                if (isValid)
+                {
+                    // Ensure the certificate hasn't expired, has a private key and its exportable
+                    // (for container/unix scenarios).
+                    Log.CheckCertificatesValidity();
+                    var now = DateTimeOffset.Now;
+                    var validCertificates = matchingCertificates
+                        .Where(c => c.NotBefore <= now &&
+                            now <= c.NotAfter &&
+                            (!requireExportable || IsExportable(c))
+                            && MatchesVersion(c))
+                        .ToArray();
+
+                    var invalidCertificates = matchingCertificates.Except(validCertificates);
+
+                    Log.DescribeValidCertificates(ToCertificateDescription(validCertificates));
+                    Log.DescribeInvalidValidCertificates(ToCertificateDescription(invalidCertificates));
+
+                    matchingCertificates = validCertificates;
+                }
 
-                    // We need to enumerate the certificates early to prevent disposing issues.
-                    matchingCertificates = matchingCertificates.ToList();
+                // We need to enumerate the certificates early to prevent disposing issues.
+                matchingCertificates = matchingCertificates.ToList();
 
-                    var certificatesToDispose = certificates.Except(matchingCertificates);
-                    DisposeCertificates(certificatesToDispose);
+                var certificatesToDispose = certificates.Except(matchingCertificates);
+                DisposeCertificates(certificatesToDispose);
 
-                    store.Close();
+                store.Close();
 
-                    Log.ListCertificatesEnd();
-                    return (IList<X509Certificate2>)matchingCertificates;
-                }
+                Log.ListCertificatesEnd();
+                return (IList<X509Certificate2>)matchingCertificates;
             }
             catch (Exception e)
             {
@@ -174,6 +172,7 @@ public EnsureCertificateResult EnsureAspNetCoreHttpsDevelopmentCertificate(
             if (certificates.Any())
             {
                 certificate = certificates.First();
+                var failedToFixCertificateState = false;
                 if (isInteractive)
                 {
                     // Skip this step if the command is not interactive,
@@ -193,12 +192,16 @@ public EnsureCertificateResult EnsureAspNetCoreHttpsDevelopmentCertificate(
                             {
                                 Log.CorrectCertificateStateError(e.ToString());
                                 result = EnsureCertificateResult.FailedToMakeKeyAccessible;
-                                return result;
+                                // We don't return early on this type of failure to allow for tooling to
+                                // export or trust the certificate even in this situation, as that enables
+                                // exporting the certificate to perform any necessary fix with native tooling.
+                                failedToFixCertificateState = true;
                             }
                         }
                     }
                 }
-                else
+
+                if (!failedToFixCertificateState)
                 {
                     Log.ValidCertificatesFound(ToCertificateDescription(certificates));
                     certificate = certificates.First();
@@ -244,8 +247,10 @@ public EnsureCertificateResult EnsureAspNetCoreHttpsDevelopmentCertificate(
                     catch (Exception e)
                     {
                         Log.CorrectCertificateStateError(e.ToString());
+                        // We don't return early on this type of failure to allow for tooling to
+                        // export or trust the certificate even in this situation, as that enables
+                        // exporting the certificate to perform any necessary fix with native tooling.
                         result = EnsureCertificateResult.FailedToMakeKeyAccessible;
-                        return result;
                     }
                 }
             }
@@ -259,7 +264,11 @@ public EnsureCertificateResult EnsureAspNetCoreHttpsDevelopmentCertificate(
                 catch (Exception e)
                 {
                     Log.ExportCertificateError(e.ToString());
-                    result = EnsureCertificateResult.ErrorExportingTheCertificate;
+                    // We don't want to mask the original source of the error here.
+                    result = result != EnsureCertificateResult.Succeeded || result != EnsureCertificateResult.ValidCertificatePresent ?
+                        result :
+                        EnsureCertificateResult.ErrorExportingTheCertificate;
+
                     return result;
                 }
             }
@@ -751,12 +760,6 @@ public CheckCertificateStateResult(bool result, string message)
                 Result = result;
                 Message = message;
             }
-
-            public void Deconstruct(out bool result, out string message)
-            {
-                result = Result;
-                message = Message;
-            }
         }
 
         internal enum RemoveLocations
diff --git a/src/Shared/CertificateGeneration/MacOSCertificateManager.cs b/src/Shared/CertificateGeneration/MacOSCertificateManager.cs
@@ -1,6 +1,5 @@
 
 using System;
-using System.Buffers.Text;
 using System.Collections.Generic;
 using System.Diagnostics;
 using System.IO;
@@ -35,7 +34,7 @@ internal class MacOSCertificateManager : CertificateManager
             "On macOS or Windows, use 'dotnet dev-certs https --trust' to trust the new certificate.";
 
         public const string KeyNotAccessibleWithoutUserInteraction =
-            "Kestrel is trying to access the ASP.NET Core developer certificate key. " +
+            "The application is trying to access the ASP.NET Core developer certificate key. " +
             "A prompt might appear to ask for permission to access the key. " +
             "When that happens, select 'Always Allow' to grant 'dotnet' access to the certificate key in the future.";
 

Original file line number	Diff line number	Diff line change
`@@ -157,17 +157,17 @@ private void EnsureDefaultCert()`
`157`	`157`
`158`	`158`	`if (DefaultCertificate != null)`
`159`	`159`	`{`
`160`		`- var (result, message) = CertificateManager.Instance.CheckCertificateState(DefaultCertificate, interactive: false);`
`161`		`- if (!result)`
	`160`	`+ var status = CertificateManager.Instance.CheckCertificateState(DefaultCertificate, interactive: false);`
	`161`	`+ if (!status.Result)`
`162`	`162`	`{`
`163`	`163`	`// Display a warning indicating to the user that a prompt might appear and provide instructions on what to do in that`
`164`	`164`	`// case. The underlying implementation of this check is specific to Mac OS and is handled within CheckCertificateState.`
`165`		`- logger.DeveloperCertificateFirstRun(message);`
	`165`	`+ logger.DeveloperCertificateFirstRun(status.Message);`
`166`	`166`
`167`	`167`	`// Now that we've displayed a warning in the logs so that the user gets a notification that a prompt might appear, try`
`168`	`168`	`// and access the certificate key, which might trigger a prompt.`
`169`		`- (result, message) = CertificateManager.Instance.CheckCertificateState(DefaultCertificate, interactive: true);`
`170`		`- if (!result)`
	`169`	`+ status = CertificateManager.Instance.CheckCertificateState(DefaultCertificate, interactive: true);`
	`170`	`+ if (!status.Result)`
`171`	`171`	`{`
`172`	`172`	`logger.BadDeveloperCertificateState();`
`173`	`173`	`}`