Code Refactoring & Polishing

src/CodeBeam.UltimateAuth.Client/Extensions/UltimateAuthClientServiceCollectionExtensions.cs

@@ -102,6 +102,7 @@ private static IServiceCollection AddUltimateAuthClientInternal(this IServiceCol
             services.TryAddScoped<IFlowClient, DefaultFlowClient>();
             services.TryAddScoped<IUserClient, DefaultUserClient>();
             services.TryAddScoped<IUserIdentifierClient, DefaultUserIdentifierClient>();
+            services.TryAddScoped<ICredentialClient, DefaultCredentialClient>();
             services.TryAddScoped<IAuthorizationClient, DefaultAuthorizationClient>();
 
             services.AddScoped<ISessionCoordinator>(sp =>

src/CodeBeam.UltimateAuth.Client/Services/DefaultCredentialClient.cs

@@ -7,12 +7,12 @@
 
 namespace CodeBeam.UltimateAuth.Client.Services
 {
-    internal sealed class DefaultUserCredentialClient : ICredentialClient
+    internal sealed class DefaultCredentialClient : ICredentialClient
     {
         private readonly IUAuthRequestClient _request;
         private readonly UAuthClientOptions _options;
 
-        public DefaultUserCredentialClient(IUAuthRequestClient request, IOptions<UAuthClientOptions> options)
+        public DefaultCredentialClient(IUAuthRequestClient request, IOptions<UAuthClientOptions> options)
         {
             _request = request;
             _options = options.Value;

src/CodeBeam.UltimateAuth.Client/Services/DefaultFlowClient.cs

@@ -6,6 +6,7 @@
 using CodeBeam.UltimateAuth.Client.Options;
 using CodeBeam.UltimateAuth.Core.Contracts;
 using CodeBeam.UltimateAuth.Core.Domain;
+using CodeBeam.UltimateAuth.Core.Infrastructure;
 using CodeBeam.UltimateAuth.Core.Options;
 using Microsoft.AspNetCore.Components;
 using Microsoft.Extensions.Options;
@@ -200,22 +201,14 @@ private Task NavigateToHubLoginAsync(string authorizationCode, string codeVerifi
         private static string CreateVerifier()
         {
             var bytes = RandomNumberGenerator.GetBytes(32);
-            return Base64UrlEncode(bytes);
+            return Base64Url.Encode(bytes);
         }
 
         private static string CreateChallenge(string verifier)
         {
             using var sha256 = SHA256.Create();
             var hash = sha256.ComputeHash(Encoding.ASCII.GetBytes(verifier));
-            return Base64UrlEncode(hash);
-        }
-
-        private static string Base64UrlEncode(byte[] input)
-        {
-            return Convert.ToBase64String(input)
-                .TrimEnd('=')
-                .Replace('+', '-')
-                .Replace('/', '_');
+            return Base64Url.Encode(hash);
         }
     }
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Authority/IAccessAuthority.cs

@@ -1,10 +1,8 @@
 using CodeBeam.UltimateAuth.Core.Contracts;
 
-namespace CodeBeam.UltimateAuth.Core.Abstractions
-{
-    public interface IAccessAuthority
-    {
-        AccessDecision Decide(AccessContext context, IEnumerable<IAccessPolicy> runtimePolicies);
-    }
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
 
+public interface IAccessAuthority
+{
+    AccessDecision Decide(AccessContext context, IEnumerable<IAccessPolicy> runtimePolicies);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Authority/IAccessInvariant.cs

@@ -1,9 +1,8 @@
 using CodeBeam.UltimateAuth.Core.Contracts;
 
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+public interface IAccessInvariant
 {
-    public interface IAccessInvariant
-    {
-        AccessDecision Decide(AccessContext context);
-    }
+    AccessDecision Decide(AccessContext context);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Authority/IAccessPolicy.cs

@@ -1,10 +1,9 @@
 using CodeBeam.UltimateAuth.Core.Contracts;
 
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+public interface IAccessPolicy
 {
-    public interface IAccessPolicy
-    {
-        bool AppliesTo(AccessContext context);
-        AccessDecision Decide(AccessContext context);
-    }
+    bool AppliesTo(AccessContext context);
+    AccessDecision Decide(AccessContext context);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Authority/IAuthAuthority.cs

@@ -1,9 +1,8 @@
 using CodeBeam.UltimateAuth.Core.Contracts;
 
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+public interface IAuthAuthority
 {
-    public interface IAuthAuthority
-    {
-        AccessDecisionResult Decide(AuthContext context, IEnumerable<IAuthorityPolicy>? policies = null);
-    }
+    AccessDecisionResult Decide(AuthContext context, IEnumerable<IAuthorityPolicy>? policies = null);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Authority/IAuthorityInvariant.cs

@@ -1,9 +1,8 @@
 using CodeBeam.UltimateAuth.Core.Contracts;
 
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+public interface IAuthorityInvariant
 {
-    public interface IAuthorityInvariant
-    {
-        AccessDecisionResult Decide(AuthContext context);
-    }
+    AccessDecisionResult Decide(AuthContext context);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Authority/IAuthorityPolicy.cs

@@ -1,10 +1,9 @@
 using CodeBeam.UltimateAuth.Core.Contracts;
 
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+public interface IAuthorityPolicy
 {
-    public interface IAuthorityPolicy
-    {
-        bool AppliesTo(AuthContext context);
-        AccessDecisionResult Decide(AuthContext context);
-    }
+    bool AppliesTo(AuthContext context);
+    AccessDecisionResult Decide(AuthContext context);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Hub/IHubCapabilities.cs

@@ -1,7 +1,6 @@
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+public interface IHubCapabilities
 {
-    public interface IHubCapabilities
-    {
-        bool SupportsPkce { get; }
-    }
+    bool SupportsPkce { get; }
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Hub/IHubCredentialResolver.cs

@@ -1,9 +1,8 @@
 using CodeBeam.UltimateAuth.Core.Domain;
 
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+public interface IHubCredentialResolver
 {
-    public interface IHubCredentialResolver
-    {
-        Task<HubCredentials?> ResolveAsync(HubSessionId hubSessionId, CancellationToken ct = default);
-    }
+    Task<HubCredentials?> ResolveAsync(HubSessionId hubSessionId, CancellationToken ct = default);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Hub/IHubFlowReader.cs

@@ -1,9 +1,8 @@
 using CodeBeam.UltimateAuth.Core.Domain;
 
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+public interface IHubFlowReader
 {
-    public interface IHubFlowReader
-    {
-        Task<HubFlowState?> GetStateAsync(HubSessionId hubSessionId, CancellationToken ct = default);
-    }
+    Task<HubFlowState?> GetStateAsync(HubSessionId hubSessionId, CancellationToken ct = default);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Infrastructure/IClock.cs

@@ -1,11 +1,10 @@
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+/// <summary>
+/// Provides an abstracted time source for the system.
+/// Used to improve testability and ensure consistent time handling.
+/// </summary>
+public interface IClock
 {
-    /// <summary>
-    /// Provides an abstracted time source for the system.
-    /// Used to improve testability and ensure consistent time handling.
-    /// </summary>
-    public interface IClock
-    {
-        DateTimeOffset UtcNow { get; }
-    }
+    DateTimeOffset UtcNow { get; }
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Infrastructure/ITokenHasher.cs

@@ -1,12 +1,11 @@
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+/// <summary>
+/// Hashes and verifies sensitive tokens.
+/// Used for refresh tokens, session ids, opaque tokens.
+/// </summary>
+public interface ITokenHasher
 {
-    /// <summary>
-    /// Hashes and verifies sensitive tokens.
-    /// Used for refresh tokens, session ids, opaque tokens.
-    /// </summary>
-    public interface ITokenHasher
-    {
-        string Hash(string plaintext);
-        bool Verify(string plaintext, string hash);
-    }
+    string Hash(string plaintext);
+    bool Verify(string plaintext, string hash);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Infrastructure/IUAuthPasswordHasher.cs

@@ -1,13 +1,12 @@
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+/// <summary>
+/// Securely hashes and verifies user passwords.
+/// Designed for slow, adaptive, memory-hard algorithms
+/// such as Argon2 or bcrypt.
+/// </summary>
+public interface IUAuthPasswordHasher
 {
-    /// <summary>
-    /// Securely hashes and verifies user passwords.
-    /// Designed for slow, adaptive, memory-hard algorithms
-    /// such as Argon2 or bcrypt.
-    /// </summary>
-    public interface IUAuthPasswordHasher
-    {
-        string Hash(string password);
-        bool Verify(string hash, string secret);
-    }
+    string Hash(string password);
+    bool Verify(string hash, string secret);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Issuers/IJwtTokenGenerator.cs

@@ -1,13 +1,12 @@
 using CodeBeam.UltimateAuth.Core.Domain;
 
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+/// <summary>
+/// Low-level JWT creation abstraction.
+/// Can be replaced for asymmetric keys, external KMS, etc.
+/// </summary>
+public interface IJwtTokenGenerator
 {
-    /// <summary>
-    /// Low-level JWT creation abstraction.
-    /// Can be replaced for asymmetric keys, external KMS, etc.
-    /// </summary>
-    public interface IJwtTokenGenerator
-    {
-        string CreateToken(UAuthJwtTokenDescriptor descriptor);
-    }
+    string CreateToken(UAuthJwtTokenDescriptor descriptor);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Issuers/IOpaqueTokenGenerator.cs

@@ -1,11 +1,10 @@
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+/// <summary>
+/// Generates cryptographically secure random tokens
+/// for opaque identifiers, refresh tokens, session ids.
+/// </summary>
+public interface IOpaqueTokenGenerator
 {
-    /// <summary>
-    /// Generates cryptographically secure random tokens
-    /// for opaque identifiers, refresh tokens, session ids.
-    /// </summary>
-    public interface IOpaqueTokenGenerator
-    {
-        string Generate(int byteLength = 32);
-    }
+    string Generate(int byteLength = 32);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Issuers/ISessionIssuer.cs

@@ -1,20 +1,19 @@
 using CodeBeam.UltimateAuth.Core.Contracts;
 using CodeBeam.UltimateAuth.Core.Domain;
 
-namespace CodeBeam.UltimateAuth.Core.Abstractions
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+public interface ISessionIssuer
 {
-    public interface ISessionIssuer
-    {
-        Task<IssuedSession> IssueLoginSessionAsync(AuthenticatedSessionContext context, CancellationToken cancellationToken = default);
+    Task<IssuedSession> IssueLoginSessionAsync(AuthenticatedSessionContext context, CancellationToken cancellationToken = default);
 
-        Task<IssuedSession> RotateSessionAsync(SessionRotationContext context, CancellationToken cancellationToken = default);
+    Task<IssuedSession> RotateSessionAsync(SessionRotationContext context, CancellationToken cancellationToken = default);
 
-        Task RevokeSessionAsync(string? tenantId, AuthSessionId sessionId, DateTimeOffset at, CancellationToken cancellationToken = default);
+    Task RevokeSessionAsync(string? tenantId, AuthSessionId sessionId, DateTimeOffset at, CancellationToken cancellationToken = default);
 
-        Task RevokeChainAsync(string? tenantId, SessionChainId chainId, DateTimeOffset at, CancellationToken cancellationToken = default);
+    Task RevokeChainAsync(string? tenantId, SessionChainId chainId, DateTimeOffset at, CancellationToken cancellationToken = default);
 
-        Task RevokeAllChainsAsync(string? tenantId, UserKey userKey, SessionChainId? exceptChainId, DateTimeOffset at, CancellationToken ct = default);
+    Task RevokeAllChainsAsync(string? tenantId, UserKey userKey, SessionChainId? exceptChainId, DateTimeOffset at, CancellationToken ct = default);
 
-        Task RevokeRootAsync(string? tenantId, UserKey userKey, DateTimeOffset at,CancellationToken ct = default);
-    }
+    Task RevokeRootAsync(string? tenantId, UserKey userKey, DateTimeOffset at,CancellationToken ct = default);
 }