Enable nullable reference types and refactor code (#217)

This commit introduces nullable reference types across various files, enhancing code safety by explicitly indicating which properties can be null. Key changes include:

- Updated `AspNetExtensions.cs` to use the null-forgiving operator `!` for method calls and property accesses.
- Changed a private field in `AuthAgent.cs` from mutable to readonly to prevent modification after initialization.
- Modified `WeatherForecastAgent` and `WeatherForecastAgentResponse` classes to use nullable types for properties.
- Updated project files (`.csproj`) to enable nullable reference types.
- Cleaned up `Program.cs` files by removing unnecessary using directives and ensuring configuration values are treated as non-nullable.
- Minor refactoring for improved readability and maintainability, including the use of target-typed `new()` expressions.

These changes collectively aim to improve code quality and maintainability.

Author: rido-min

samples/basic/authorization/auto-signin/dotnet/AspNetExtensions.cs

@@ -19,8 +19,6 @@
 using System.Net.Http;
 using System.Threading.Tasks;
 
-namespace Microsoft.Agents.AspNetAuthentication;
-
 public static class AspNetExtensions
 {
     private static readonly ConcurrentDictionary<string, ConfigurationManager<OpenIdConnectConfiguration>> _openIdMetadataCache = new();
@@ -56,7 +54,7 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
             return;
         }
 
-        services.AddAgentAspNetAuthentication(tokenValidationSection.Get<TokenValidationOptions>());
+        services.AddAgentAspNetAuthentication(tokenValidationSection.Get<TokenValidationOptions>()!);
     }
 
     /// <summary>
@@ -154,7 +152,7 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
                         return;
                     }
 
-                    string[] parts = authorizationHeader?.Split(' ');
+                    string[] parts = authorizationHeader?.Split(' ')!;
                     if (parts.Length != 2 || parts[0] != "Bearer")
                     {
                         // Default to AadTokenValidation handling
@@ -164,7 +162,7 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
                     }
 
                     JwtSecurityToken token = new(parts[1]);
-                    string issuer = token.Claims.FirstOrDefault(claim => claim.Type == AuthenticationConstants.IssuerClaim)?.Value;
+                    string issuer = token.Claims.FirstOrDefault(claim => claim.Type == AuthenticationConstants.IssuerClaim)?.Value!;
 
                     if (validationOptions.AzureBotServiceTokenHandling && AuthenticationConstants.BotFrameworkTokenIssuer.Equals(issuer))
                     {
@@ -209,17 +207,17 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
 
     public class TokenValidationOptions
     {
-        public IList<string> Audiences { get; set; }
+        public IList<string>? Audiences { get; set; }
 
         /// <summary>
         /// TenantId of the Azure Bot.  Optional but recommended. 
         /// </summary>
-        public string TenantId { get; set; }
+        public string? TenantId { get; set; }
 
         /// <summary>
         /// Additional valid issuers.  Optional, in which case the Public Azure Bot Service issuers are used.
         /// </summary>
-        public IList<string> ValidIssuers { get; set; }
+        public IList<string>? ValidIssuers { get; set; }
 
         /// <summary>
         /// Can be omitted, in which case public Azure Bot Service and Azure Cloud metadata urls are used.
@@ -231,14 +229,14 @@ public class TokenValidationOptions
         /// </summary>
         /// <see cref="AuthenticationConstants.PublicAzureBotServiceOpenIdMetadataUrl"/>
         /// <see cref="AuthenticationConstants.GovAzureBotServiceOpenIdMetadataUrl"/>
-        public string AzureBotServiceOpenIdMetadataUrl { get; set; }
+        public string? AzureBotServiceOpenIdMetadataUrl { get; set; }
 
         /// <summary>
         /// Entra OpenIdMetadataUrl.  Optional, in which case default value depends on IsGov.
         /// </summary>
         /// <see cref="AuthenticationConstants.PublicOpenIdMetadataUrl"/>
         /// <see cref="AuthenticationConstants.GovOpenIdMetadataUrl"/>
-        public string OpenIdMetadataUrl { get; set; }
+        public string? OpenIdMetadataUrl { get; set; }
 
         /// <summary>
         /// Determines if Azure Bot Service tokens are handled.  Defaults to true and should always be true until Azure Bot Service sends Entra ID token.

samples/basic/authorization/auto-signin/dotnet/AuthAgent.cs

@@ -15,13 +15,13 @@
 using System.Threading;
 using System.Threading.Tasks;
 
-
+namespace AutoSignIn;
 public class AuthAgent : AgentApplication
 {
     /// <summary>
     /// Default Sign In Name
     /// </summary>
-    private string _defaultDisplayName = "Unknown User";
+    private readonly string _defaultDisplayName = "Unknown User";
 
     /// <summary>
     /// Describes the agent registration for the Authorization Agent
@@ -83,7 +83,7 @@ private async Task WelcomeMessageAsync(ITurnContext turnContext, ITurnState turn
             if (member.Id != turnContext.Activity.Recipient.Id)
             {
                 string displayName = await GetDisplayName(turnContext);
-                StringBuilder sb = new StringBuilder();
+                StringBuilder sb = new();
                 sb.AppendLine($"Welcome to the AutoSignIn Example, **{displayName}**!");
                 sb.AppendLine("This Agent automatically signs you in when you first connect.");
                 sb.AppendLine("You can use the following commands to interact with the agent:");
@@ -126,13 +126,13 @@ private async Task OnMe(ITurnContext turnContext, ITurnState turnState, Cancella
         }
 
         // Just to verify we in fact have two different tokens.  This wouldn't be needed in a production Agent and here just to verify sample setup.
-        if (await UserAuthorization.GetTurnTokenAsync(turnContext, UserAuthorization.DefaultHandlerName, cancellationToken: cancellationToken) == await UserAuthorization.GetTurnTokenAsync(turnContext, "me"))
+        if (await UserAuthorization.GetTurnTokenAsync(turnContext, UserAuthorization.DefaultHandlerName, cancellationToken: cancellationToken) == await UserAuthorization.GetTurnTokenAsync(turnContext, "me", cancellationToken))
         {
             await turnContext.SendActivityAsync($"It would seem '{UserAuthorization.DefaultHandlerName}' and 'me' are using the same OAuth Connection", cancellationToken: cancellationToken);
             return;
         }
 
-        var meInfo = $"Name: {displayName}\r\nJob Title: {graphInfo["jobTitle"].GetValue<string>()}\r\nEmail: {graphInfo["mail"].GetValue<string>()}";
+        var meInfo = $"Name: {displayName}\r\nJob Title: {graphInfo["jobTitle"]!.GetValue<string>()}\r\nEmail: {graphInfo["mail"]!.GetValue<string>()}";
         await turnContext.SendActivityAsync(meInfo, cancellationToken: cancellationToken);
     }
 
@@ -179,7 +179,7 @@ private async Task OnUserSignInFailure(ITurnContext turnContext, ITurnState turn
     {
         // Raise a notification to the user that the sign-in process failed.  In a production Agent, this would be used
         // to display alternative ways to get help, or in some cases transfer to a live agent.
-        await turnContext.SendActivityAsync($"Sign In: Failed to login to '{handlerName}': {response.Cause}/{response.Error.Message}", cancellationToken: cancellationToken);
+        await turnContext.SendActivityAsync($"Sign In: Failed to login to '{handlerName}': {response.Cause}/{response.Error!.Message}", cancellationToken: cancellationToken);
     }
 
     /// <summary>
@@ -191,7 +191,7 @@ private async Task<string> GetDisplayName(ITurnContext turnContext)
         var graphInfo = await GetGraphInfo(turnContext, UserAuthorization.DefaultHandlerName);
         if (graphInfo != null)
         {
-            displayName = graphInfo!["displayName"].GetValue<string>();
+            displayName = graphInfo!["displayName"]!.GetValue<string>();
         }
         return displayName;
     }
@@ -208,14 +208,14 @@ private async Task<JsonNode> GetGraphInfo(ITurnContext turnContext, string handl
             if (response.IsSuccessStatusCode)
             {
                 var content = await response.Content.ReadAsStringAsync();
-                return JsonNode.Parse(content);
+                return JsonNode.Parse(content)!;
             }
         }
         catch (Exception ex)
         {
             // Handle error response from Graph API
             System.Diagnostics.Trace.WriteLine($"Error getting display name: {ex.Message}");
         }
-        return null;
+        return null!;
     }
 }

samples/basic/authorization/auto-signin/dotnet/AutoSignIn.csproj

@@ -3,6 +3,7 @@
 	<PropertyGroup>
 		<TargetFramework>net8.0</TargetFramework>
 		<LangVersion>latest</LangVersion>
+		<Nullable>enable</Nullable>
 	</PropertyGroup>
 
 	<ItemGroup>

samples/basic/authorization/auto-signin/dotnet/Program.cs

@@ -1,7 +1,7 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
-using Microsoft.Agents.AspNetAuthentication;
+using AutoSignIn;
 using Microsoft.Agents.Builder;
 using Microsoft.Agents.Hosting.AspNetCore;
 using Microsoft.Agents.Storage;

samples/basic/authorization/obo-authorization/dotnet/AspNetExtensions.cs

@@ -19,8 +19,6 @@
 using System.Net.Http;
 using System.Threading.Tasks;
 
-namespace Microsoft.Agents.AspNetAuthentication;
-
 public static class AspNetExtensions
 {
     private static readonly ConcurrentDictionary<string, ConfigurationManager<OpenIdConnectConfiguration>> _openIdMetadataCache = new();
@@ -56,7 +54,7 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
             return;
         }
 
-        services.AddAgentAspNetAuthentication(tokenValidationSection.Get<TokenValidationOptions>());
+        services.AddAgentAspNetAuthentication(tokenValidationSection.Get<TokenValidationOptions>()!);
     }
 
     /// <summary>
@@ -154,7 +152,7 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
                         return;
                     }
 
-                    string[] parts = authorizationHeader?.Split(' ');
+                    string[] parts = authorizationHeader?.Split(' ')!;
                     if (parts.Length != 2 || parts[0] != "Bearer")
                     {
                         // Default to AadTokenValidation handling
@@ -164,7 +162,7 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
                     }
 
                     JwtSecurityToken token = new(parts[1]);
-                    string issuer = token.Claims.FirstOrDefault(claim => claim.Type == AuthenticationConstants.IssuerClaim)?.Value;
+                    string issuer = token.Claims.FirstOrDefault(claim => claim.Type == AuthenticationConstants.IssuerClaim)?.Value!;
 
                     if (validationOptions.AzureBotServiceTokenHandling && AuthenticationConstants.BotFrameworkTokenIssuer.Equals(issuer))
                     {
@@ -209,17 +207,17 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
 
     public class TokenValidationOptions
     {
-        public IList<string> Audiences { get; set; }
+        public IList<string>? Audiences { get; set; }
 
         /// <summary>
         /// TenantId of the Azure Bot.  Optional but recommended. 
         /// </summary>
-        public string TenantId { get; set; }
+        public string? TenantId { get; set; }
 
         /// <summary>
         /// Additional valid issuers.  Optional, in which case the Public Azure Bot Service issuers are used.
         /// </summary>
-        public IList<string> ValidIssuers { get; set; }
+        public IList<string>? ValidIssuers { get; set; }
 
         /// <summary>
         /// Can be omitted, in which case public Azure Bot Service and Azure Cloud metadata urls are used.
@@ -231,14 +229,14 @@ public class TokenValidationOptions
         /// </summary>
         /// <see cref="AuthenticationConstants.PublicAzureBotServiceOpenIdMetadataUrl"/>
         /// <see cref="AuthenticationConstants.GovAzureBotServiceOpenIdMetadataUrl"/>
-        public string AzureBotServiceOpenIdMetadataUrl { get; set; }
+        public string? AzureBotServiceOpenIdMetadataUrl { get; set; }
 
         /// <summary>
         /// Entra OpenIdMetadataUrl.  Optional, in which case default value depends on IsGov.
         /// </summary>
         /// <see cref="AuthenticationConstants.PublicOpenIdMetadataUrl"/>
         /// <see cref="AuthenticationConstants.GovOpenIdMetadataUrl"/>
-        public string OpenIdMetadataUrl { get; set; }
+        public string? OpenIdMetadataUrl { get; set; }
 
         /// <summary>
         /// Determines if Azure Bot Service tokens are handled.  Defaults to true and should always be true until Azure Bot Service sends Entra ID token.

samples/basic/authorization/obo-authorization/dotnet/OBOAuthorization.csproj

@@ -3,6 +3,7 @@
 	<PropertyGroup>
 		<TargetFramework>net8.0</TargetFramework>
 		<LangVersion>latest</LangVersion>
+		<Nullable>enable</Nullable>
 	</PropertyGroup>
 
 	<ItemGroup>

samples/basic/authorization/obo-authorization/dotnet/Program.cs

@@ -1,7 +1,6 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
-using Microsoft.Agents.AspNetAuthentication;
 using Microsoft.Agents.Builder;
 using Microsoft.Agents.Builder.App;
 using Microsoft.Agents.CopilotStudio.Client;
@@ -45,7 +44,7 @@ CopilotClient GetClient(AgentApplication app, ITurnContext turnContext)
 
         return new CopilotClient(
             settings,
-            sp.GetService<IHttpClientFactory>(),
+            sp.GetService<IHttpClientFactory>()!,
             tokenProviderFunction: async (s) =>
             {
                 // In this sample, the Azure Bot OAuth Connection is configured to return an 
@@ -106,7 +105,7 @@ CopilotClient GetClient(AgentApplication app, ITurnContext turnContext)
     // Called when the OAuth flow fails
     app.UserAuthorization.OnUserSignInFailure(async (turnContext, turnState, handlerName, response, initiatingActivity, cancellationToken) =>
     {
-        await turnContext.SendActivityAsync($"SignIn failed with '{handlerName}': {response.Cause}/{response.Error.Message}", cancellationToken: cancellationToken);
+        await turnContext.SendActivityAsync($"SignIn failed with '{handlerName}': {response.Cause}/{response.Error!.Message}", cancellationToken: cancellationToken);
     });
 
     return app;

samples/basic/azureai-streaming-poem-agent/dotnet/AspNetExtensions.cs

@@ -19,8 +19,6 @@
 using System.Net.Http;
 using System.Threading.Tasks;
 
-namespace Microsoft.Agents.AspNetAuthentication;
-
 public static class AspNetExtensions
 {
     private static readonly ConcurrentDictionary<string, ConfigurationManager<OpenIdConnectConfiguration>> _openIdMetadataCache = new();
@@ -56,7 +54,7 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
             return;
         }
 
-        services.AddAgentAspNetAuthentication(tokenValidationSection.Get<TokenValidationOptions>());
+        services.AddAgentAspNetAuthentication(tokenValidationSection.Get<TokenValidationOptions>()!);
     }
 
     /// <summary>
@@ -154,7 +152,7 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
                         return;
                     }
 
-                    string[] parts = authorizationHeader?.Split(' ');
+                    string[] parts = authorizationHeader?.Split(' ')!;
                     if (parts.Length != 2 || parts[0] != "Bearer")
                     {
                         // Default to AadTokenValidation handling
@@ -164,7 +162,7 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
                     }
 
                     JwtSecurityToken token = new(parts[1]);
-                    string issuer = token.Claims.FirstOrDefault(claim => claim.Type == AuthenticationConstants.IssuerClaim)?.Value;
+                    string issuer = token.Claims.FirstOrDefault(claim => claim.Type == AuthenticationConstants.IssuerClaim)?.Value!;
 
                     if (validationOptions.AzureBotServiceTokenHandling && AuthenticationConstants.BotFrameworkTokenIssuer.Equals(issuer))
                     {
@@ -209,17 +207,17 @@ public static void AddAgentAspNetAuthentication(this IServiceCollection services
 
     public class TokenValidationOptions
     {
-        public IList<string> Audiences { get; set; }
+        public IList<string>? Audiences { get; set; }
 
         /// <summary>
         /// TenantId of the Azure Bot.  Optional but recommended. 
         /// </summary>
-        public string TenantId { get; set; }
+        public string? TenantId { get; set; }
 
         /// <summary>
         /// Additional valid issuers.  Optional, in which case the Public Azure Bot Service issuers are used.
         /// </summary>
-        public IList<string> ValidIssuers { get; set; }
+        public IList<string>? ValidIssuers { get; set; }
 
         /// <summary>
         /// Can be omitted, in which case public Azure Bot Service and Azure Cloud metadata urls are used.
@@ -231,14 +229,14 @@ public class TokenValidationOptions
         /// </summary>
         /// <see cref="AuthenticationConstants.PublicAzureBotServiceOpenIdMetadataUrl"/>
         /// <see cref="AuthenticationConstants.GovAzureBotServiceOpenIdMetadataUrl"/>
-        public string AzureBotServiceOpenIdMetadataUrl { get; set; }
+        public string? AzureBotServiceOpenIdMetadataUrl { get; set; }
 
         /// <summary>
         /// Entra OpenIdMetadataUrl.  Optional, in which case default value depends on IsGov.
         /// </summary>
         /// <see cref="AuthenticationConstants.PublicOpenIdMetadataUrl"/>
         /// <see cref="AuthenticationConstants.GovOpenIdMetadataUrl"/>
-        public string OpenIdMetadataUrl { get; set; }
+        public string? OpenIdMetadataUrl { get; set; }
 
         /// <summary>
         /// Determines if Azure Bot Service tokens are handled.  Defaults to true and should always be true until Azure Bot Service sends Entra ID token.

samples/basic/azureai-streaming-poem-agent/dotnet/Program.cs

@@ -2,7 +2,6 @@
 // Licensed under the MIT License.
 
 using Azure.AI.OpenAI;
-using Microsoft.Agents.AspNetAuthentication;
 using Microsoft.Agents.Builder;
 using Microsoft.Agents.Hosting.AspNetCore;
 using Microsoft.Agents.Storage;
@@ -23,8 +22,8 @@
 builder.Services.AddTransient<ChatClient>(sp =>
 {
     return new AzureOpenAIClient(
-            new Uri(builder.Configuration["AIServices:AzureOpenAI:Endpoint"]),
-            new ApiKeyCredential(builder.Configuration["AIServices:AzureOpenAI:ApiKey"]))
+            new Uri(builder.Configuration["AIServices:AzureOpenAI:Endpoint"]!),
+            new ApiKeyCredential(builder.Configuration["AIServices:AzureOpenAI:ApiKey"]!))
     .GetChatClient(builder.Configuration["AIServices:AzureOpenAI:DeploymentName"]);
 });
 

samples/basic/azureai-streaming-poem-agent/dotnet/StreamingAgent.cs

@@ -14,7 +14,7 @@ namespace StreamingMessageAgent;
 
 public class StreamingAgent : AgentApplication
 {
-    private ChatClient _chatClient;
+    private readonly ChatClient _chatClient;
 
     /// <summary>
     /// Example of a streaming response agent using the Azure OpenAI ChatClient.
@@ -90,7 +90,7 @@ You break your poems into stanzas
                 if (update.ContentUpdate.Count > 0)
                 {
                     if (!string.IsNullOrEmpty(update.ContentUpdate[0]?.Text))
-                        turnContext.StreamingResponse.QueueTextChunk(update.ContentUpdate[0]?.Text);
+                        turnContext.StreamingResponse.QueueTextChunk(update.ContentUpdate[0]?.Text!);
                 }
             }
         }