TransactionProcessing · StuartFerguson · Oct 3, 2025 · Oct 3, 2025 · Oct 3, 2025 · Oct 3, 2025
diff --git a/SecurityService.UserInterface/Pages/Account/ForgotPassword/Index.cshtml.cs b/SecurityService.UserInterface/Pages/Account/ForgotPassword/Index.cshtml.cs
@@ -48,9 +48,9 @@ public async Task<IActionResult> OnPost(CancellationToken cancellationToken)
             return Redirect("Login/Index");
         }
         SecurityServiceCommands.ProcessPasswordResetRequestCommand command = new(Input.Username, Input.EmailAddress, Input.ClientId);
-        var result = await this.Mediator.Send(command, cancellationToken);
-        // TODO: handle the result
-
+
+        await this.Mediator.Send(command, cancellationToken);
+        
         View = new ViewModel() {
                                    UserMessage = "Password Reset sent, please check your registered email for further instructions."
                                };

diff --git a/SecurityService.UserInterface/Pages/ExternalLogin/Callback.cshtml.cs b/SecurityService.UserInterface/Pages/ExternalLogin/Callback.cshtml.cs
@@ -1,3 +1,4 @@
+using System.Security.Authentication;
 using Duende.IdentityServer;
 using Duende.IdentityServer.Events;
 using Duende.IdentityServer.Services;
@@ -48,7 +49,7 @@ public async Task<IActionResult> OnGet()
         var result = await HttpContext.AuthenticateAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme);
         if (result?.Succeeded != true)
         {
-            throw new Exception("External authentication error");
+            throw new AuthenticationException("External authentication error");
         }
 
         var externalUser = result.Principal;
@@ -65,7 +66,7 @@ public async Task<IActionResult> OnGet()
         // depending on the external provider, some other claim type might be used
         var userIdClaim = externalUser.FindFirst(JwtClaimTypes.Subject) ??
                           externalUser.FindFirst(ClaimTypes.NameIdentifier) ??
-                          throw new Exception("Unknown userid");
+                          throw new AuthenticationException("Unknown userid");
 
         var provider = result.Properties.Items["scheme"];
         var providerUserId = userIdClaim.Value;
@@ -162,16 +163,16 @@ private async Task<ApplicationUser> AutoProvisionUserAsync(string provider, stri
         }
 
         var identityResult = await _userManager.CreateAsync(user);
-        if (!identityResult.Succeeded) throw new Exception(identityResult.Errors.First().Description);
+        if (!identityResult.Succeeded) throw new AuthenticationException(identityResult.Errors.First().Description);
 
         if (filtered.Any())
         {
             identityResult = await _userManager.AddClaimsAsync(user, filtered);
-            if (!identityResult.Succeeded) throw new Exception(identityResult.Errors.First().Description);
+            if (!identityResult.Succeeded) throw new AuthenticationException(identityResult.Errors.First().Description);
         }
 
         identityResult = await _userManager.AddLoginAsync(user, new UserLoginInfo(provider, providerUserId, provider));
-        if (!identityResult.Succeeded) throw new Exception(identityResult.Errors.First().Description);
+        if (!identityResult.Succeeded) throw new AuthenticationException(identityResult.Errors.First().Description);
 
         return user;
     }

diff --git a/SecurityService.UserInterface/Pages/ExternalLogin/Challenge.cshtml.cs b/SecurityService.UserInterface/Pages/ExternalLogin/Challenge.cshtml.cs
@@ -27,7 +27,7 @@ public IActionResult OnGet(string scheme, string returnUrl)
         if (Url.IsLocalUrl(returnUrl) == false && _interactionService.IsValidReturnUrl(returnUrl) == false)
         {
             // user might have clicked on a malicious link - should be logged
-            throw new Exception("invalid return URL");
+            throw new ArgumentException("invalid return URL");
         }
 
         // start challenge and roundtrip the return URL and scheme 

diff --git a/SecurityService/Config.cs b/SecurityService/Config.cs
@@ -91,7 +91,7 @@ public static List<TestUser> Users
                             new Claim(JwtClaimTypes.FamilyName, "Smith"),
                             new Claim(JwtClaimTypes.Email, "[email protected]"),
                             new Claim(JwtClaimTypes.EmailVerified, "true", ClaimValueTypes.Boolean),
-                            new Claim(JwtClaimTypes.WebSite, "http://alice.com"),
+                            new Claim(JwtClaimTypes.WebSite, "https://alice.com"),
                             new Claim(JwtClaimTypes.Address, JsonSerializer.Serialize(address), IdentityServerConstants.ClaimValueTypes.Json)
                         }
                     },
@@ -107,7 +107,7 @@ public static List<TestUser> Users
                             new Claim(JwtClaimTypes.FamilyName, "Smith"),
                             new Claim(JwtClaimTypes.Email, "[email protected]"),
                             new Claim(JwtClaimTypes.EmailVerified, "true", ClaimValueTypes.Boolean),
-                            new Claim(JwtClaimTypes.WebSite, "http://bob.com"),
+                            new Claim(JwtClaimTypes.WebSite, "https://bob.com"),
                             new Claim(JwtClaimTypes.Address, JsonSerializer.Serialize(address), IdentityServerConstants.ClaimValueTypes.Json)
                         }
                     }