TransactionProcessing · StuartFerguson · Oct 8, 2025 · Oct 7, 2025 · Oct 8, 2025 · Oct 8, 2025
diff --git a/SecurityService.BusinessLogic/RequestHandlers/UserRequestHandler.cs b/SecurityService.BusinessLogic/RequestHandlers/UserRequestHandler.cs
@@ -110,7 +110,7 @@
                 confirmationToken = UrlEncoder.Default.Encode(confirmationToken);
                 String uri = $"{this.ServiceOptions.PublicOrigin}/Account/EmailConfirmation/Confirm?userName={newIdentityUser.UserName}&confirmationToken={confirmationToken}";
 
-                TokenResponse token = await this.GetToken(cancellationToken);
+                TokenResponse token = await this.GetToken();
                 SendEmailRequest emailRequest = this.BuildEmailConfirmationRequest(newIdentityUser, uri);
                 sendEmailResult = await this.MessagingServiceClient.SendEmail(token.AccessToken, emailRequest, cancellationToken);
                 if (sendEmailResult.IsFailed)
@@ -368,7 +368,7 @@
             resetToken = UrlEncoder.Default.Encode(resetToken);
             String uri = $"{this.ServiceOptions.PublicOrigin}/Account/ForgotPassword/Confirm?userName={user.UserName}&resetToken={resetToken}&clientId={command.ClientId}";
 
-            TokenResponse token = await this.GetToken(cancellationToken);
+            TokenResponse token = await this.GetToken();
             SendEmailRequest emailRequest = this.BuildPasswordResetEmailRequest(user, uri);
 
             Result result = await this.MessagingServiceClient.SendEmail(token.AccessToken, emailRequest, cancellationToken);
@@ -387,7 +387,7 @@
             await this.UserManager.AddPasswordAsync(i, generatedPasswordResult.Data);
 
             // Send Email
-            TokenResponse token = await this.GetToken(cancellationToken);
+            TokenResponse token = await this.GetToken();
             SendEmailRequest emailRequest = this.BuildWelcomeEmail(i.Email, generatedPasswordResult.Data);
             Result result = await this.MessagingServiceClient.SendEmail(token.AccessToken, emailRequest, cancellationToken);
             if (result.IsFailed)
@@ -497,7 +497,7 @@
             return roles.ToList();
         }
 
-        private async Task<TokenResponse> GetToken(CancellationToken cancellationToken){
+        private async Task<TokenResponse> GetToken(){
             // Get a token to talk to the estate service
             String clientId = this.ServiceOptions.ClientId;
             String clientSecret = this.ServiceOptions.ClientSecret;
@@ -527,7 +527,7 @@

 public static class PasswordGenerator
    {
        public static Result<string> GenerateRandomPassword(PasswordOptions? opts = null)
        {
            opts ??= DefaultOptions();


diff --git a/SecurityService.UnitTests/ModelFactoryTests.cs b/SecurityService.UnitTests/ModelFactoryTests.cs
@@ -423,7 +423,8 @@ public void ModelFactory_ConvertFrom_ListUserDetails_ListIsEmpty_NullReturned()
 
             List<DataTransferObjects.Responses.UserDetails> userDetailsDtoList = modelFactory.ConvertFrom(userDetailsModelList);
 
-            userDetailsDtoList.ShouldBeNull();
+            userDetailsDtoList.ShouldNotBeNull();
+            userDetailsDtoList.ShouldBeEmpty();
         }
 
         [Fact]
@@ -435,7 +436,8 @@ public void ModelFactory_ConvertFrom_ListUserDetails_ListIsNull_NullReturned()
 
             List<DataTransferObjects.Responses.UserDetails> userDetailsDtoList = modelFactory.ConvertFrom(userDetailsModelList);
 
-            userDetailsDtoList.ShouldBeNull();
+            userDetailsDtoList.ShouldNotBeNull();
+            userDetailsDtoList.ShouldBeEmpty();
         }
 
         [Fact]

diff --git a/SecurityService.UserInterface/Pages/Account/AccessDenied.cshtml.cs b/SecurityService.UserInterface/Pages/Account/AccessDenied.cshtml.cs
@@ -6,5 +6,6 @@ public class AccessDeniedModel : PageModel
 {
     public void OnGet()
     {
+        // No special processing required
     }
 }
diff --git a/SecurityService.UserInterface/Pages/Account/Login/Index.cshtml.cs b/SecurityService.UserInterface/Pages/Account/Login/Index.cshtml.cs
@@ -130,7 +130,7 @@ public async Task<IActionResult> OnPost()
                 else
                 {
                     // user might have clicked on a malicious link - should be logged
-                    throw new Exception("invalid return URL");
+                    throw new ArgumentException("invalid return URL");
                 }
             }
 

diff --git a/SecurityService/Factories/ModelFactory.cs b/SecurityService/Factories/ModelFactory.cs
@@ -65,7 +65,7 @@ public List<UserDetails> ConvertFrom(List<Models.UserDetails> model)
         {
             if (model == null || model.Any() == false)
             {
-                return null;
+                return new List<UserDetails>();
             }
 
             List<UserDetails> userDetailsList = new List<UserDetails>();
-Original file line number
+Diff line change
@@ Expand Up / @@ -6,5 +6,6 @@ public class AccessDeniedModel : PageModel @@
     {
         public void OnGet()
         {
+            // No special processing required
         }
     }