Fix all warnings & Trim (#2226)

* Fix AutoFishing crash
* Fix all warnings
* Remove DotNetZip.
* Fix the usage of HttpClient.

MinecraftClient/Protocol/Session/SessionCache.cs

@@ -1,5 +1,4 @@
-using MinecraftClient.Protocol;
-using System;
+using System;
 using System.Collections.Generic;
 using System.IO;
 using System.Runtime.Serialization;
@@ -23,11 +22,11 @@ namespace MinecraftClient.Protocol.Session
             "launcher_profiles.json"
         );
 
-        private static FileMonitor cachemonitor;
-        private static Dictionary<string, SessionToken> sessions = new Dictionary<string, SessionToken>();
-        private static Timer updatetimer = new Timer(100);
-        private static List<KeyValuePair<string, SessionToken>> pendingadds = new List<KeyValuePair<string, SessionToken>>();
-        private static BinaryFormatter formatter = new BinaryFormatter();
+        private static FileMonitor? cachemonitor;
+        private static readonly Dictionary<string, SessionToken> sessions = new();
+        private static readonly Timer updatetimer = new(100);
+        private static readonly List<KeyValuePair<string, SessionToken>> pendingadds = new();
+        private static readonly BinaryFormatter formatter = new();
 
         /// <summary>
         /// Retrieve whether SessionCache contains a session for the given login.
@@ -102,12 +101,12 @@ namespace MinecraftClient.Protocol.Session
         /// </summary>
         /// <param name="sender">Sender</param>
         /// <param name="e">Event data</param>
-        private static void HandlePending(object sender, ElapsedEventArgs e)
+        private static void HandlePending(object? sender, ElapsedEventArgs e)
         {
             updatetimer.Stop();
             LoadFromDisk();
 
-            foreach(KeyValuePair<string, SessionToken> pending in pendingadds.ToArray())
+            foreach (KeyValuePair<string, SessionToken> pending in pendingadds.ToArray())
             {
                 Store(pending.Key, pending.Value);
                 pendingadds.Remove(pending);
@@ -125,7 +124,7 @@ namespace MinecraftClient.Protocol.Session
             {
                 if (Settings.DebugMessages)
                     ConsoleIO.WriteLineFormatted(Translations.Get("cache.loading", Path.GetFileName(SessionCacheFileMinecraft)));
-                Json.JSONData mcSession = new Json.JSONData(Json.JSONData.DataType.String);
+                Json.JSONData mcSession = new(Json.JSONData.DataType.String);
                 try
                 {
                     mcSession = Json.ParseJson(File.ReadAllText(SessionCacheFileMinecraft));
@@ -135,12 +134,11 @@ namespace MinecraftClient.Protocol.Session
                     && mcSession.Properties.ContainsKey("clientToken")
                     && mcSession.Properties.ContainsKey("authenticationDatabase"))
                 {
-                    Guid temp;
                     string clientID = mcSession.Properties["clientToken"].StringValue.Replace("-", "");
                     Dictionary<string, Json.JSONData> sessionItems = mcSession.Properties["authenticationDatabase"].Properties;
                     foreach (string key in sessionItems.Keys)
                     {
-                        if (Guid.TryParseExact(key, "N", out temp))
+                        if (Guid.TryParseExact(key, "N", out Guid temp))
                         {
                             Dictionary<string, Json.JSONData> sessionItem = sessionItems[key].Properties;
                             if (sessionItem.ContainsKey("displayName")
@@ -176,15 +174,16 @@ namespace MinecraftClient.Protocol.Session
 
                 try
                 {
-                    using (FileStream fs = new FileStream(SessionCacheFileSerialized, FileMode.Open, FileAccess.Read, FileShare.Read))
+                    using FileStream fs = new(SessionCacheFileSerialized, FileMode.Open, FileAccess.Read, FileShare.Read);
+#pragma warning disable SYSLIB0011 // BinaryFormatter.Deserialize() is obsolete
+                    // Possible risk of information disclosure or remote code execution. The impact of this vulnerability is limited to the user side only.
+                    Dictionary<string, SessionToken> sessionsTemp = (Dictionary<string, SessionToken>)formatter.Deserialize(fs);
+#pragma warning restore SYSLIB0011 // BinaryFormatter.Deserialize() is obsolete
+                    foreach (KeyValuePair<string, SessionToken> item in sessionsTemp)
                     {
-                        Dictionary<string, SessionToken> sessionsTemp = (Dictionary<string, SessionToken>)formatter.Deserialize(fs);
-                        foreach (KeyValuePair<string, SessionToken> item in sessionsTemp)
-                        {
-                            if (Settings.DebugMessages)
-                                ConsoleIO.WriteLineFormatted(Translations.Get("cache.loaded", item.Key, item.Value.ID));
-                            sessions[item.Key] = item.Value;
-                        }
+                        if (Settings.DebugMessages)
+                            ConsoleIO.WriteLineFormatted(Translations.Get("cache.loaded", item.Key, item.Value.ID));
+                        sessions[item.Key] = item.Value;
                     }
                 }
                 catch (IOException ex)
@@ -250,9 +249,11 @@ namespace MinecraftClient.Protocol.Session
             if (Settings.DebugMessages)
                 Translations.WriteLineFormatted("cache.saving");
 
-            List<string> sessionCacheLines = new List<string>();
-            sessionCacheLines.Add("# Generated by MCC v" + Program.Version + " - Keep it secret & Edit at own risk!");
-            sessionCacheLines.Add("# Login=SessionID,PlayerName,UUID,ClientID,RefreshToken,ServerIDhash,ServerPublicKey");
+            List<string> sessionCacheLines = new()
+            {
+                "# Generated by MCC v" + Program.Version + " - Keep it secret & Edit at own risk!",
+                "# Login=SessionID,PlayerName,UUID,ClientID,RefreshToken,ServerIDhash,ServerPublicKey"
+            };
             foreach (KeyValuePair<string, SessionToken> entry in sessions)
                 sessionCacheLines.Add(entry.Key + '=' + entry.Value.ToString());
 

MinecraftClient/Protocol/Session/SessionToken.cs

@@ -1,7 +1,6 @@
 using System;
-using System.Collections.Generic;
-using System.Text.RegularExpressions;
 using System.IO;
+using System.Text.RegularExpressions;
 using System.Threading.Tasks;
 
 namespace MinecraftClient.Protocol.Session
@@ -9,7 +8,7 @@ namespace MinecraftClient.Protocol.Session
     [Serializable]
     public class SessionToken
     {
-        private static readonly Regex JwtRegex = new Regex("^[A-Za-z0-9-_]+\\.[A-Za-z0-9-_]+\\.[A-Za-z0-9-_]+$");
+        private static readonly Regex JwtRegex = new("^[A-Za-z0-9-_]+\\.[A-Za-z0-9-_]+\\.[A-Za-z0-9-_]+$");
 
         public string ID { get; set; }
         public string PlayerName { get; set; }
@@ -34,11 +33,10 @@ namespace MinecraftClient.Protocol.Session
 
         public bool SessionPreCheck()
         {
-            if (this.ID == string.Empty || this.PlayerID == String.Empty || this.ServerPublicKey == null)
+            if (ID == string.Empty || PlayerID == String.Empty || ServerPublicKey == null)
                 return false;
-            if (Crypto.CryptoHandler.ClientAESPrivateKey == null)
-                Crypto.CryptoHandler.ClientAESPrivateKey = Crypto.CryptoHandler.GenerateAESPrivateKey();
-            string serverHash = Crypto.CryptoHandler.getServerHash(ServerIDhash, ServerPublicKey, Crypto.CryptoHandler.ClientAESPrivateKey);
+            Crypto.CryptoHandler.ClientAESPrivateKey ??= Crypto.CryptoHandler.GenerateAESPrivateKey();
+            string serverHash = Crypto.CryptoHandler.GetServerHash(ServerIDhash, ServerPublicKey, Crypto.CryptoHandler.ClientAESPrivateKey);
             if (ProtocolHandler.SessionCheck(PlayerID, ID, serverHash))
                 return true;
             return false;
@@ -46,7 +44,7 @@ namespace MinecraftClient.Protocol.Session
 
         public override string ToString()
         {
-            return String.Join(",", ID, PlayerName, PlayerID, ClientID, RefreshToken, ServerIDhash, 
+            return String.Join(",", ID, PlayerName, PlayerID, ClientID, RefreshToken, ServerIDhash,
                 (ServerPublicKey == null) ? String.Empty : Convert.ToBase64String(ServerPublicKey));
         }
 
@@ -56,11 +54,13 @@ namespace MinecraftClient.Protocol.Session
             if (fields.Length < 4)
                 throw new InvalidDataException("Invalid string format");
 
-            SessionToken session = new SessionToken();
-            session.ID = fields[0];
-            session.PlayerName = fields[1];
-            session.PlayerID = fields[2];
-            session.ClientID = fields[3];
+            SessionToken session = new()
+            {
+                ID = fields[0],
+                PlayerName = fields[1],
+                PlayerID = fields[2],
+                ClientID = fields[3]
+            };
             // Backward compatible with old session file without refresh token field
             if (fields.Length > 4)
                 session.RefreshToken = fields[4];
@@ -83,15 +83,13 @@ namespace MinecraftClient.Protocol.Session
             }
             else
                 session.ServerPublicKey = null;
-
-            Guid temp;
             if (!JwtRegex.IsMatch(session.ID))
                 throw new InvalidDataException("Invalid session ID");
             if (!ChatBot.IsValidName(session.PlayerName))
                 throw new InvalidDataException("Invalid player name");
-            if (!Guid.TryParseExact(session.PlayerID, "N", out temp))
+            if (!Guid.TryParseExact(session.PlayerID, "N", out _))
                 throw new InvalidDataException("Invalid player ID");
-            if (!Guid.TryParseExact(session.ClientID, "N", out temp))
+            if (!Guid.TryParseExact(session.ClientID, "N", out _))
                 throw new InvalidDataException("Invalid client ID");
             // No validation on refresh token because it is custom format token (not Jwt)