Fix for PasswordlessEmailRequest passing literal NULL when no client_secre…

[kailash-b]

…t was provided

Changes

• Fixes PasswordlessEmailRequest passes literal null when no ClientSecret provided for SPAs #797

The problem

• We are internally constructing an ExpandoObject from the request and passing this as body to the API call.
• Although we use the serialiser setting NullValueHandling = NullValueHandling.Ignore to ignore NULL values, we observed that the NULL value (for client_secret) in this case was still considered during serialisation.
• On further analysis, it seems the ExpandoObject instance is treated more like a Dictionary than an instance of a class and in NewtonSoft.JSON, by design, the NullValueHandling = NullValueHandling.Ignore is only for instances of classes and not for objects like Dictionaries. A similar issue raised on NewtonSoft.Json

The Fix

• We have added a NULL check, wherever applicable, before we add a field to the ExpandoObject. This removes the field from the body and hence would not send any un-warranted data to the API as part of the request.

References 📚

Please include relevant links supporting this change such as a:

• SDK-5859
• NullValueHandling.Ignore not working as expected with ExpandoObject JamesNK/Newtonsoft.Json#951
• PasswordlessEmailRequest passes literal null when no ClientSecret provided for SPAs #797

Testing

Added a test case that reproduces the scenario mentioned in #797

• This change adds unit test coverage

• This change adds integration test coverage

• This change has been tested on the latest version of the platform/language or why not

Checklist ☑️

• I have read the Auth0 general contribution guidelines

• I have read the Auth0 Code of Conduct

• All existing and new tests complete without errors

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 2 lines in your changes missing coverage. Please review.

Project coverage is 74.06%. Comparing base (d0fbc53) to head (c7fc626).
Report is 2 commits behind head on master.

Files with missing lines	Patch %	Lines
...Auth0.AuthenticationApi/AuthenticationApiClient.cs	0.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #800      +/-   ##
==========================================
- Coverage   74.09%   74.06%   -0.04%     
==========================================
  Files         438      438              
  Lines        5663     5664       +1     
  Branches      346      347       +1     
==========================================
- Hits         4196     4195       -1     
- Misses       1315     1317       +2     
  Partials      152      152              

Flag	Coverage Δ
authIntTests	30.08% <0.00%> (-0.01%)	⬇️
mgmtIntTests	57.34% <0.00%> (-0.03%)	⬇️
unittests	3.95% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.