leastprivilege
commented
1 year ago Blazor Server cannot use the HttpContext and thus not cookies in application code. You need to find different ways to store tokens there (e.g. in a cache or database).
Closed yodasad closed 1 year ago
leastprivilege
commented
1 year ago Blazor Server cannot use the HttpContext and thus not cookies in application code. You need to find different ways to store tokens there (e.g. in a cache or database).
yodasad
commented
1 year ago I'm very sorry for my English)
My question was: why do you set SaveTokens to true in your sample ?
josephdecock
commented
1 year ago That sample is of a Blazor web assembly app, which does not have the same restrictions on HttpContext. It can therefore use the standard architecture for BFF applications, just the same as a spa built with react, angular, etc.
yodasad
commented
1 year ago Thank you, @josephdecock !
This sample is for BlazorServer but SaveTokens is set to true there too.
leastprivilege
commented
1 year ago This might be an oversight. Just try it.
josephdecock
commented
1 year ago Closing, but feel free to reopen if necessary.
BFF Version: 2.0.0 .NET Version: 6
I have a theoretical question.
In a sample for a Blazor Server App
SaveTokensoption in an OIDC configuration is set totrue, so tokens are saved inAuthenticationPropertiesand then these properties are saved in cookies.Is it really needed for a Blazor Server App to store tokens in cookies?