Removed obsolete code

src/IdentityServer4/src/Configuration/DependencyInjection/BuilderExtensions/Core.cs

@@ -126,11 +126,6 @@ public static IIdentityServerBuilder AddCoreServices(this IIdentityServerBuilder
             builder.Services.AddTransient<BearerTokenUsageValidator>();
             builder.Services.AddTransient<JwtRequestValidator>();
 
-            // todo: remove in 3.0
-#pragma warning disable CS0618 // Type or member is obsolete
-            builder.Services.AddTransient<BackChannelHttpClient>();
-#pragma warning restore CS0618 // Type or member is obsolete
-
             builder.Services.AddTransient<ReturnUrlParser>();
             builder.Services.AddTransient<IdentityServerTools>();
 

src/IdentityServer4/src/Configuration/DependencyInjection/Options/AuthenticationOptions.cs

@@ -40,13 +40,6 @@ public class AuthenticationOptions
         /// </summary>
         public string CheckSessionCookieName { get; set; } = IdentityServerConstants.DefaultCheckSessionCookieName;
 
-        /// <summary>
-        /// Gets or sets the timeout on the back channel logout HTTP call.
-        /// </summary>
-        // todo: remove in 3.0
-        [Obsolete("Replaced by the use of BackChannelLogoutHttpClient. Use the new AddBackChannelLogoutHttpClient to configure the HttpClient settings.")]
-        public TimeSpan BackChannelLogoutTimeOut { get; set; } = TimeSpan.FromSeconds(30);
-
         /// <summary>
         /// If set, will require frame-src CSP headers being emitting on the end session callback endpoint which renders iframes to clients for front-channel signout notification.
         /// </summary>

src/IdentityServer4/src/Hosting/IdentityServerAuthenticationService.cs

@@ -50,26 +50,10 @@ public IdentityServerAuthenticationService(
             _logger = logger;
         }
 
-        // todo: remove this in 3.0 and use extension method on http context
-        private async Task<string> GetCookieAuthenticationSchemeAsync()
-        {
-            if (_options.Authentication.CookieAuthenticationScheme != null)
-            {
-                return _options.Authentication.CookieAuthenticationScheme;
-            }
-
-            var scheme = await _schemes.GetDefaultAuthenticateSchemeAsync();
-            if (scheme == null)
-            {
-                throw new InvalidOperationException("No DefaultAuthenticateScheme found.");
-            }
-            return scheme.Name;
-        }
-
         public async Task SignInAsync(HttpContext context, string scheme, ClaimsPrincipal principal, AuthenticationProperties properties)
         {
             var defaultScheme = await _schemes.GetDefaultSignInSchemeAsync();
-            var cookieScheme = await GetCookieAuthenticationSchemeAsync();
+            var cookieScheme = await context.GetCookieAuthenticationSchemeAsync();
 
             if ((scheme == null && defaultScheme?.Name == cookieScheme) || scheme == cookieScheme)
             {
@@ -93,7 +77,7 @@ private void AugmentPrincipal(ClaimsPrincipal principal)
         public async Task SignOutAsync(HttpContext context, string scheme, AuthenticationProperties properties)
         {
             var defaultScheme = await _schemes.GetDefaultSignOutSchemeAsync();
-            var cookieScheme = await GetCookieAuthenticationSchemeAsync();
+            var cookieScheme = await context.GetCookieAuthenticationSchemeAsync();
 
             if ((scheme == null && defaultScheme?.Name == cookieScheme) || scheme == cookieScheme)
             {

src/IdentityServer4/src/Services/Default/DefaultUserSession.cs

@@ -27,11 +27,6 @@ public class DefaultUserSession : IUserSession
         /// </summary>
         protected readonly IHttpContextAccessor HttpContextAccessor;
 
-        /// <summary>
-        /// The schemes
-        /// </summary>
-        protected readonly IAuthenticationSchemeProvider Schemes;
-
         /// <summary>
         /// The handlers
         /// </summary>
@@ -89,37 +84,18 @@ public class DefaultUserSession : IUserSession
         /// <param name="logger">The logger.</param>
         public DefaultUserSession(
             IHttpContextAccessor httpContextAccessor,
-            IAuthenticationSchemeProvider schemes,
             IAuthenticationHandlerProvider handlers,
             IdentityServerOptions options,
             ISystemClock clock,
             ILogger<IUserSession> logger)
         {
             HttpContextAccessor = httpContextAccessor;
-            Schemes = schemes;
             Handlers = handlers;
             Options = options;
             Clock = clock;
             Logger = logger;
         }
 
-        // todo: remove this in 3.0 and use extension method on http context
-        private async Task<string> GetCookieSchemeAsync()
-        {
-            if (Options.Authentication.CookieAuthenticationScheme != null)
-            {
-                return Options.Authentication.CookieAuthenticationScheme;
-            }
-
-            var defaultScheme = await Schemes.GetDefaultAuthenticateSchemeAsync();
-            if (defaultScheme == null)
-            {
-                throw new InvalidOperationException("No DefaultAuthenticateScheme found.");
-            }
-
-            return defaultScheme.Name;
-        }
-
         // we need this helper (and can't call HttpContext.AuthenticateAsync) so we don't run
         // claims transformation when we get the principal. this also ensures that we don't
         // re-issue a cookie that includes the claims from claims transformation.
@@ -137,7 +113,7 @@ protected virtual async Task AuthenticateAsync()
         {
             if (Principal == null || Properties == null)
             {
-                var scheme = await GetCookieSchemeAsync();
+                var scheme = await HttpContext.GetCookieAuthenticationSchemeAsync();
 
                 var handler = await Handlers.GetHandlerAsync(HttpContext, scheme);
                 if (handler == null)
@@ -359,7 +335,7 @@ private async Task SetClientListPropertyValueAsync(string value)
                 Properties.Items[ClientListKey] = value;
             }
 
-            var scheme = await GetCookieSchemeAsync();
+            var scheme = await HttpContext.GetCookieAuthenticationSchemeAsync();
             await HttpContext.SignInAsync(scheme, Principal, Properties);
         }
 

src/IdentityServer4/src/Validation/Default/DefaultClientConfigurationValidator.cs

@@ -14,15 +14,6 @@ public class DefaultClientConfigurationValidator : IClientConfigurationValidator
     {
         private readonly IdentityServerOptions _options;
 
-        // todo: default ctor for backwards compat; remove in 3.0
-
-        /// <summary>
-        /// Constructor for DefaultClientConfigurationValidator
-        /// </summary>
-        public DefaultClientConfigurationValidator()
-        {
-        }
-
         /// <summary>
         /// Constructor for DefaultClientConfigurationValidator
         /// </summary>
@@ -189,30 +180,26 @@ protected virtual Task ValidateAllowedCorsOriginsAsync(ClientConfigurationValida
         /// <returns></returns>
         protected virtual Task ValidateUriSchemesAsync(ClientConfigurationValidationContext context)
         {
-            // todo: null check for backwards compat; remove in 3.0
-            if (_options != null)
+            if (context.Client.RedirectUris?.Any() == true)
             {
-                if (context.Client.RedirectUris?.Any() == true)
+                foreach (var uri in context.Client.RedirectUris)
                 {
-                    foreach (var uri in context.Client.RedirectUris)
+                    if (_options.Validation.InvalidRedirectUriPrefixes
+                            .Any(scheme => uri?.StartsWith(scheme, StringComparison.OrdinalIgnoreCase) == true))
                     {
-                        if (_options.Validation.InvalidRedirectUriPrefixes
-                                .Any(scheme => uri?.StartsWith(scheme, StringComparison.OrdinalIgnoreCase) == true))
-                        {
-                            context.SetError($"RedirectUri '{uri}' uses invalid scheme. If this scheme should be allowed, then configure it via ValidationOptions.");
-                        }
+                        context.SetError($"RedirectUri '{uri}' uses invalid scheme. If this scheme should be allowed, then configure it via ValidationOptions.");
                     }
                 }
+            }
 
-                if (context.Client.PostLogoutRedirectUris?.Any() == true)
+            if (context.Client.PostLogoutRedirectUris?.Any() == true)
+            {
+                foreach (var uri in context.Client.PostLogoutRedirectUris)
                 {
-                    foreach (var uri in context.Client.PostLogoutRedirectUris)
+                    if (_options.Validation.InvalidRedirectUriPrefixes
+                            .Any(scheme => uri.StartsWith(scheme, StringComparison.OrdinalIgnoreCase)))
                     {
-                        if (_options.Validation.InvalidRedirectUriPrefixes
-                                .Any(scheme => uri.StartsWith(scheme, StringComparison.OrdinalIgnoreCase)))
-                        {
-                            context.SetError($"PostLogoutRedirectUri '{uri}' uses invalid scheme. If this scheme should be allowed, then configure it via ValidationOptions.");
-                        }
+                        context.SetError($"PostLogoutRedirectUri '{uri}' uses invalid scheme. If this scheme should be allowed, then configure it via ValidationOptions.");
                     }
                 }
             }

src/IdentityServer4/test/IdentityServer.UnitTests/Common/MockHttpContextAccessor.cs

@@ -7,6 +7,7 @@
 using IdentityServer4.Services;
 using IdentityServer4.Stores;
 using Microsoft.AspNetCore.Authentication;
+using IdentityServer.UnitTests.Common;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.DependencyInjection;
 
@@ -17,6 +18,8 @@ internal class MockHttpContextAccessor : IHttpContextAccessor
         private HttpContext _context = new DefaultHttpContext();
         public MockAuthenticationService AuthenticationService { get; set; } = new MockAuthenticationService();
 
+        public MockAuthenticationSchemeProvider Schemes { get; set; } = new MockAuthenticationSchemeProvider();
+
         public MockHttpContextAccessor(
             IdentityServerOptions options = null,
             IUserSession userSession = null,
@@ -27,10 +30,12 @@ public MockHttpContextAccessor(
             var services = new ServiceCollection();
             services.AddSingleton(options);
 
+            services.AddSingleton<IAuthenticationSchemeProvider>(Schemes);
             services.AddSingleton<IAuthenticationService>(AuthenticationService);
+
             services.AddAuthentication(auth =>
             {
-                auth.DefaultAuthenticateScheme = "foo";
+                auth.DefaultAuthenticateScheme = Schemes.Default;
             });
 
             if (userSession == null)

src/IdentityServer4/test/IdentityServer.UnitTests/Services/Default/DefaultUserSessionTests.cs

@@ -22,7 +22,6 @@ public class DefaultUserSessionTests
     {
         private DefaultUserSession _subject;
         private MockHttpContextAccessor _mockHttpContext = new MockHttpContextAccessor();
-        private MockAuthenticationSchemeProvider _mockAuthenticationSchemeProvider = new MockAuthenticationSchemeProvider();
         private MockAuthenticationHandlerProvider _mockAuthenticationHandlerProvider = new MockAuthenticationHandlerProvider();
         private MockAuthenticationHandler _mockAuthenticationHandler = new MockAuthenticationHandler();
 
@@ -37,7 +36,6 @@ public DefaultUserSessionTests()
             _user = new IdentityServerUser("123").CreatePrincipal();
             _subject = new DefaultUserSession(
                 _mockHttpContext, 
-                _mockAuthenticationSchemeProvider,
                 _mockAuthenticationHandlerProvider,
                 _options,
                 new StubClock(),