fix tsa issues (#827)

* fix tsa issues

* pass empty options

src/Microsoft.Identity.Web.UI/Areas/MicrosoftIdentity/Controllers/AccountController.cs

@@ -74,7 +74,7 @@ public IActionResult Challenge(
                 { Constants.Claims, claims },
                 { Constants.Policy, policy },
             };
-            Dictionary<string, object> parameters = new Dictionary<string, object>
+            Dictionary<string, object?> parameters = new Dictionary<string, object?>
             {
                 { Constants.LoginHint, loginHint },
                 { Constants.DomainHint, domainHint },

src/Microsoft.Identity.Web/WebApiExtensions/MicrosoftIdentityWebApiAuthenticationBuilderExtensions.cs

@@ -219,7 +219,7 @@ private static void AddMicrosoftIdentityWebApiImplementation(
                     var tokenValidatedHandler = options.Events.OnTokenValidated;
                     options.Events.OnTokenValidated = async context =>
                     {
-                        if (!microsoftIdentityOptions.AllowWebApiToBeAuthorizedByACL && !context.Principal.Claims.Any(x => x.Type == ClaimConstants.Scope)
+                        if (!microsoftIdentityOptions.AllowWebApiToBeAuthorizedByACL && !context!.Principal.Claims.Any(x => x.Type == ClaimConstants.Scope)
                             && !context.Principal.Claims.Any(y => y.Type == ClaimConstants.Scp)
                             && !context.Principal.Claims.Any(y => y.Type == ClaimConstants.Roles)
                             && !context.Principal.Claims.Any(y => y.Type == ClaimConstants.Role))

src/Microsoft.Identity.Web/WebAppExtensions/MicrosoftIdentityWebAppAuthenticationBuilder.cs

@@ -121,7 +121,7 @@ internal static void WebAppCallsWebApiImplementation(
                        var codeReceivedHandler = options.Events.OnAuthorizationCodeReceived;
                        options.Events.OnAuthorizationCodeReceived = async context =>
                        {
-                           var tokenAcquisition = context.HttpContext.RequestServices.GetRequiredService<ITokenAcquisitionInternal>();
+                           var tokenAcquisition = context!.HttpContext.RequestServices.GetRequiredService<ITokenAcquisitionInternal>();
                            await tokenAcquisition.AddAccountToCacheFromAuthorizationCodeAsync(context, options.Scope).ConfigureAwait(false);
                            await codeReceivedHandler(context).ConfigureAwait(false);
                        };
@@ -130,16 +130,16 @@ internal static void WebAppCallsWebApiImplementation(
                        var onTokenValidatedHandler = options.Events.OnTokenValidated;
                        options.Events.OnTokenValidated = async context =>
                        {
-                           string? clientInfo = context.ProtocolMessage?.GetParameter(ClaimConstants.ClientInfo);
+                           string? clientInfo = context!.ProtocolMessage?.GetParameter(ClaimConstants.ClientInfo);
 
                            if (!string.IsNullOrEmpty(clientInfo))
                            {
                                ClientInfo? clientInfoFromServer = ClientInfo.CreateFromJson(clientInfo);
 
                                if (clientInfoFromServer != null)
                                {
-                                   context.Principal.Identities.FirstOrDefault()?.AddClaim(new Claim(ClaimConstants.UniqueTenantIdentifier, clientInfoFromServer.UniqueTenantIdentifier));
-                                   context.Principal.Identities.FirstOrDefault()?.AddClaim(new Claim(ClaimConstants.UniqueObjectIdentifier, clientInfoFromServer.UniqueObjectIdentifier));
+                                   context!.Principal.Identities.FirstOrDefault()?.AddClaim(new Claim(ClaimConstants.UniqueTenantIdentifier, clientInfoFromServer.UniqueTenantIdentifier));
+                                   context!.Principal.Identities.FirstOrDefault()?.AddClaim(new Claim(ClaimConstants.UniqueObjectIdentifier, clientInfoFromServer.UniqueObjectIdentifier));
                                }
                            }
 

src/Microsoft.Identity.Web/WebAppExtensions/MicrosoftIdentityWebAppAuthenticationBuilderExtensions.cs

@@ -116,7 +116,7 @@ public static MicrosoftIdentityWebAppAuthenticationBuilder AddMicrosoftIdentityW
             Action<MicrosoftIdentityOptions> configureMicrosoftIdentityOptions,
             Action<CookieAuthenticationOptions>? configureCookieAuthenticationOptions = null,
             string openIdConnectScheme = OpenIdConnectDefaults.AuthenticationScheme,
-            string cookieScheme = CookieAuthenticationDefaults.AuthenticationScheme,
+            string? cookieScheme = CookieAuthenticationDefaults.AuthenticationScheme,
             bool subscribeToOpenIdConnectMiddlewareDiagnosticsEvents = false)
         {
             if (builder == null)
@@ -186,7 +186,7 @@ private static MicrosoftIdentityWebAppAuthenticationBuilder AddMicrosoftWebAppWi
         Action<MicrosoftIdentityOptions> configureMicrosoftIdentityOptions,
         Action<CookieAuthenticationOptions>? configureCookieAuthenticationOptions,
         string openIdConnectScheme,
-        string cookieScheme,
+        string? cookieScheme,
         bool subscribeToOpenIdConnectMiddlewareDiagnosticsEvents)
         {
             if (!AppServicesAuthenticationInformation.IsAppServicesAadAuthenticationEnabled)
@@ -237,7 +237,8 @@ private static void AddMicrosoftIdentityWebAppInternal(
 
             if (!string.IsNullOrEmpty(cookieScheme))
             {
-                builder.AddCookie(cookieScheme, configureCookieAuthenticationOptions);
+                Action<CookieAuthenticationOptions> emptyOption = option => { };
+                builder.AddCookie(cookieScheme, configureCookieAuthenticationOptions ?? emptyOption);
             }
 
             builder.Services.TryAddSingleton<MicrosoftIdentityIssuerValidatorFactory>();