You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thanks for contributing to Selenium! A PR well described will help maintainers to quickly review and merge it
Before submitting your PR, please check our contributing guidelines.
Avoid large PRs, help reviewers by making them as simple and short as possible.
Description
This fixes a bug where the RemoveVirtualAuthenticator method does not use its parameter, and instead uses the cached authenticator ID value. This blocks scenarios where multiple VA's are running at once.
Additionally, Nullable Reference Type support (as well as improved null checks) have been added. Exceptional scenarios have been documented.
Here are some key observations to aid the review process:
⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪
🧪 PR contains tests
🔒 No security concerns identified
⚡ Recommended focus areas for review
Possible Bug The AddVirtualAuthenticator method assigns the id before returning it, which could lead to race conditions if multiple authenticators are added concurrently
Code Smell The userHandle field is cloned in the UserHandle property but not in the constructor, which could lead to inconsistent defensive copying
Performance Issue The GetCredentials method creates a new list with known capacity but still uses Add() instead of setting indices directly
Fix incorrect authenticator ID being used in removal request
The RemoveVirtualAuthenticator method is using the wrong authenticator ID in the parameters dictionary. It should use the provided authenticatorId parameter instead of this.AuthenticatorId.
Why: Critical bug fix - the method was using the cached authenticator ID instead of the provided parameter, which would cause removal of the wrong authenticator and potential security issues.
10
Add response type validation to prevent runtime casting exceptions
The GetCredentials method should validate the response value type before casting to avoid potential runtime exceptions.
-object[] commandResponse = (object[])this.Execute(driverCommandToExecute: DriverCommand.GetCredentials, parameters).Value;+Response getCredentialsResponse = this.Execute(driverCommandToExecute: DriverCommand.GetCredentials, parameters);+if (getCredentialsResponse.Value is not object?[] credentialsList)+{+ throw new WebDriverException($"Get credentials call succeeded, but the response was not a list of credentials: {getCredentialsResponse.Value}");+}
Apply this suggestion
Suggestion importance[1-10]: 8
Why: Important defensive programming improvement that prevents potential runtime exceptions by validating the response type before casting, making the code more robust and maintainable.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User description
Thanks for contributing to Selenium!
A PR well described will help maintainers to quickly review and merge it
Before submitting your PR, please check our contributing guidelines.
Avoid large PRs, help reviewers by making them as simple and short as possible.
Description
This fixes a bug where the
RemoveVirtualAuthenticatormethod does not use its parameter, and instead uses the cached authenticator ID value. This blocks scenarios where multiple VA's are running at once.Additionally, Nullable Reference Type support (as well as improved null checks) have been added. Exceptional scenarios have been documented.
Motivation and Context
Contributes to #14640
Types of changes
Checklist
PR Type
Bug fix, Enhancement, Tests
Description
RemoveVirtualAuthenticatormethod to correctly use its parameter, allowing multiple virtual authenticators to be managed.Credentialclass and other related classes with nullable reference type support and added null checks.Changes walkthrough 📝
Credential.cs
Enhance Credential class with null checks and NRT supportdotnet/src/webdriver/VirtualAuth/Credential.cs
IHasVirtualAuthenticator.cs
Add exception handling documentation to interface methodsdotnet/src/webdriver/VirtualAuth/IHasVirtualAuthenticator.cs
VirtualAuthenticatorOptions.cs
Enhance VirtualAuthenticatorOptions with detailed documentationdotnet/src/webdriver/VirtualAuth/VirtualAuthenticatorOptions.cs
WebDriver.cs
Fix and enhance WebDriver virtual authenticator methodsdotnet/src/webdriver/WebDriver.cs
VirtualAuthenticatorTest.cs
Add tests for virtual authenticator scenarios and error handlingdotnet/test/common/VirtualAuthn/VirtualAuthenticatorTest.cs