Reputation: 3
Blazor client: token from OIDC, but roles from backend API, unable to do that properly
I have a project written in Blazor WASM on .NET 8.0. I use OpenID Connect to receive a token for authentication (which works fine!). I want to use my backend for authorization, roles management.
On the backend it was easy to set it up by creating a custom IAuthorizationFilter. Alas! While I can create a custom AuthorizeAttribute on the client, I can't make it a proper filter, like on the backend. I then found that creating a custom AuthenticationStateProvider should be the way.
But according to this post, it doesn't work anymore: .NET 7 Blazor WebAssembly - IAuthorizationHandler not being called when policy is used
I even tried Copilot, basically it produces either code that doesn't work for Blazor WASM, or it propose stuff that isn't optimal, like creating a component for authorization that would redirect (but the page would almost be loaded, API would be called, resulting in errors popping up to the user!).
If a custom AuthenticationStateProvider doesn't work, I am thinking creating a custom AuthorizeView component that would call a service that check the rights on the server. But that means recreating a lot of existing core component! Not optimal at all!
Input greatly appreciated!
Thank you!
Upvotes: 0
Views: 61
Answers (0)
Related Questions
- Blazor WASM and SSR problem of rendering using authentication
- Publish a .NET 8 Blazor WebAssembly standalone app for static site deployment
- Blazor Web App in .NET 8 and OnInitializedAsync
- Incorporating Blazor custom elements into an ASP.NET MVC application
- Microsoft.Azure.Devices.Client ModuleClient change default HttpClientHandler
- Blazor Standalone WASM Unable to get Access Token with MSAL
- What's the purpose of "ASP.NET Core hosted" in Blazor WASM app?