AzureAD · brentschmaltz · Jul 26, 2024 · Jul 24, 2024
@@ -19,6 +19,9 @@ internal JsonClaimSet CreatePayloadClaimSet(byte[] bytes, int length)
 
         internal JsonClaimSet CreatePayloadClaimSet(ReadOnlySpan<byte> byteSpan)
         {
+            if (byteSpan.Length == 0)
+                return new JsonClaimSet([]);
+
             Utf8JsonReader reader = new(byteSpan);
             if (!JsonSerializerPrimitives.IsReaderAtTokenType(ref reader, JsonTokenType.StartObject, true))
                 throw LogHelper.LogExceptionMessage(

@@ -114,7 +114,7 @@ public JsonWebToken(ReadOnlyMemory<char> encodedTokenMemory)
         /// Initializes a new instance of the <see cref="JsonWebToken"/> class where the header contains the crypto algorithms applied to the encoded header and payload.
         /// </summary>
         /// <param name="header">A string containing JSON which represents the cryptographic operations applied to the JWT and optionally any additional properties of the JWT.</param>
-        /// <param name="payload">A string containing JSON which represents the claims contained in the JWT. Each claim is a JSON object of the form { Name, Value }.</param>
+        /// <param name="payload">A string containing JSON which represents the claims contained in the JWT. Each claim is a JSON object of the form { Name, Value }. Can be the empty.</param>
         /// <remarks>
         /// See: <see href="https://datatracker.ietf.org/doc/html/rfc7519"/> (JWT).
         /// See: <see href="https://datatracker.ietf.org/doc/html/rfc7515"/> (JWS).
@@ -124,14 +124,13 @@ public JsonWebToken(ReadOnlyMemory<char> encodedTokenMemory)
         /// </para>
         /// </remarks>
         /// <exception cref="ArgumentNullException">Thrown if <paramref name="header"/> is null or empty.</exception>
-        /// <exception cref="ArgumentNullException">Thrown if <paramref name="payload"/> is null or empty.</exception>
+        /// <exception cref="ArgumentNullException">Thrown if <paramref name="payload"/> is null.</exception>
         public JsonWebToken(string header, string payload)
         {
             if (string.IsNullOrEmpty(header))
                 throw LogHelper.LogArgumentNullException(nameof(header));
 
-            if (string.IsNullOrEmpty(payload))
-                throw LogHelper.LogArgumentNullException(nameof(payload));
+            _ = payload ?? throw LogHelper.LogArgumentNullException(nameof(payload));
 
             var encodedHeader = Base64UrlEncoder.Encode(header);
             var encodedPayload = Base64UrlEncoder.Encode(payload);

@@ -13,7 +13,6 @@
 using Microsoft.IdentityModel.Abstractions;
 using Microsoft.IdentityModel.Logging;
 using Microsoft.IdentityModel.Tokens;
-using Microsoft.IdentityModel.Tokens.Json;
 using JsonPrimitives = Microsoft.IdentityModel.Tokens.Json.JsonSerializerPrimitives;
 using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages;
 
@@ -34,10 +33,9 @@ public partial class JsonWebTokenHandler : TokenHandler
         /// <returns>A JWS in Compact Serialization format.</returns>
         public virtual string CreateToken(string payload)
         {
-            if (string.IsNullOrEmpty(payload))
-                throw LogHelper.LogArgumentNullException(nameof(payload));
+            _ = payload ?? throw LogHelper.LogArgumentNullException(nameof(payload));
 
-                return CreateToken(
+            return CreateToken(
                     payload,
                     null,
                     null,
@@ -59,9 +57,7 @@ public virtual string CreateToken(
             string payload,
             IDictionary<string, object> additionalHeaderClaims)
         {
-            if (string.IsNullOrEmpty(payload))
-                throw LogHelper.LogArgumentNullException(nameof(payload));
-
+            _ = payload ?? throw LogHelper.LogArgumentNullException(nameof(payload));
             _ = additionalHeaderClaims ?? throw LogHelper.LogArgumentNullException(nameof(additionalHeaderClaims));
 
             return CreateToken(payload,
@@ -85,9 +81,7 @@ public virtual string CreateToken(
             string payload,
             SigningCredentials signingCredentials)
         {
-            if (string.IsNullOrEmpty(payload))
-                throw LogHelper.LogArgumentNullException(nameof(payload));
-
+            _ = payload ?? throw LogHelper.LogArgumentNullException(nameof(payload));
             _ = signingCredentials ?? throw LogHelper.LogArgumentNullException(nameof(signingCredentials));
 
             return CreateToken(
@@ -118,9 +112,7 @@ public virtual string CreateToken(
             SigningCredentials signingCredentials,
             IDictionary<string, object> additionalHeaderClaims)
         {
-            if (string.IsNullOrEmpty(payload))
-                throw LogHelper.LogArgumentNullException(nameof(payload));
-
+            _ = payload ?? throw LogHelper.LogArgumentNullException(nameof(payload));
             _ = signingCredentials ?? throw LogHelper.LogArgumentNullException(nameof(signingCredentials));
             _ = additionalHeaderClaims ?? throw LogHelper.LogArgumentNullException(nameof(additionalHeaderClaims));
 
@@ -296,9 +288,7 @@ public virtual string CreateToken(
             string payload,
             EncryptingCredentials encryptingCredentials)
         {
-            if (string.IsNullOrEmpty(payload))
-                throw LogHelper.LogArgumentNullException(nameof(payload));
-
+            _ = payload ?? throw LogHelper.LogArgumentNullException(nameof(payload));
             _ = encryptingCredentials ?? throw LogHelper.LogArgumentNullException(nameof(encryptingCredentials));
 
             return CreateToken(
@@ -329,9 +319,7 @@ public virtual string CreateToken(
             EncryptingCredentials encryptingCredentials,
             IDictionary<string, object> additionalHeaderClaims)
         {
-            if (string.IsNullOrEmpty(payload))
-                throw LogHelper.LogArgumentNullException(nameof(payload));
-
+            _ = payload ?? throw LogHelper.LogArgumentNullException(nameof(payload));
             _ = encryptingCredentials ?? throw LogHelper.LogArgumentNullException(nameof(encryptingCredentials));
             _ = additionalHeaderClaims ?? throw LogHelper.LogArgumentNullException(nameof(additionalHeaderClaims));
 
@@ -360,9 +348,7 @@ public virtual string CreateToken(
             SigningCredentials signingCredentials,
             EncryptingCredentials encryptingCredentials)
         {
-            if (string.IsNullOrEmpty(payload))
-                throw LogHelper.LogArgumentNullException(nameof(payload));
-
+            _ = payload ?? throw LogHelper.LogArgumentNullException(nameof(payload));
             _ = signingCredentials ?? throw LogHelper.LogArgumentNullException(nameof(signingCredentials));
             _ = encryptingCredentials ?? throw LogHelper.LogArgumentNullException(nameof(encryptingCredentials));
 
@@ -397,9 +383,7 @@ public virtual string CreateToken(
             EncryptingCredentials encryptingCredentials,
             IDictionary<string, object> additionalHeaderClaims)
         {
-            if (string.IsNullOrEmpty(payload))
-                throw LogHelper.LogArgumentNullException(nameof(payload));
-
+            _ = payload ?? throw LogHelper.LogArgumentNullException(nameof(payload));
             _ = signingCredentials ?? throw LogHelper.LogArgumentNullException(nameof(signingCredentials));
             _ = encryptingCredentials ?? throw LogHelper.LogArgumentNullException(nameof(encryptingCredentials));
             _ = additionalHeaderClaims ?? throw LogHelper.LogArgumentNullException(nameof(additionalHeaderClaims));
@@ -420,14 +404,16 @@ public virtual string CreateToken(
         /// <param name="payload">A string containing JSON which represents the JWT token payload.</param>
         /// <param name="encryptingCredentials">The security key and algorithm that will be used to encrypt the JWT.</param>
         /// <param name="compressionAlgorithm">The compression algorithm that will be used to compress the JWT token payload.</param>
+        /// <exception cref="ArgumentNullException">Thrown if <paramref name="payload"/> is null.</exception>
+        /// <exception cref="ArgumentNullException">Thrown if <paramref name="encryptingCredentials"/> is null.</exception>
+        /// <exception cref="ArgumentNullException">Thrown if <paramref name="compressionAlgorithm"/> is null or empty.</exception>
         /// <returns>A JWE in Compact Serialization format.</returns>
         public virtual string CreateToken(
             string payload,
             EncryptingCredentials encryptingCredentials,
             string compressionAlgorithm)
         {
-            if (string.IsNullOrEmpty(payload))
-                throw LogHelper.LogArgumentNullException(nameof(payload));
+            _ = payload ?? throw LogHelper.LogArgumentNullException(nameof(payload));
 
             if (string.IsNullOrEmpty(compressionAlgorithm))
                 throw LogHelper.LogArgumentNullException(nameof(compressionAlgorithm));
@@ -462,7 +448,7 @@ public virtual string CreateToken(
             EncryptingCredentials encryptingCredentials,
             string compressionAlgorithm)
         {
-            if (string.IsNullOrEmpty(payload))
+            if (payload == null)
                 throw LogHelper.LogArgumentNullException(nameof(payload));
 
             if (string.IsNullOrEmpty(compressionAlgorithm))
@@ -507,7 +493,7 @@ public virtual string CreateToken(
             IDictionary<string, object> additionalHeaderClaims,
             IDictionary<string, object> additionalInnerHeaderClaims)
         {
-            if (string.IsNullOrEmpty(payload))
+            if (payload == null)
                 throw LogHelper.LogArgumentNullException(nameof(payload));
 
             if (string.IsNullOrEmpty(compressionAlgorithm))
@@ -552,7 +538,7 @@ public virtual string CreateToken(
             string compressionAlgorithm,
             IDictionary<string, object> additionalHeaderClaims)
         {
-            if (string.IsNullOrEmpty(payload))
+            if (payload == null)
                 throw LogHelper.LogArgumentNullException(nameof(payload));
 
             if (string.IsNullOrEmpty(compressionAlgorithm))