search

dotnet / aspnetcore

ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux.
https://asp.net
MIT License
35.4k stars 10k forks source link

[Blazor] DefaultAuthorizationService Authorization failed after update to preview9 #13877

Closed xperiandri closed 5 years ago

xperiandri commented 5 years ago

Describe the bug

After I updated Blazor WASM from preview8 to preview9 I get DefaultAuthorizationService Authorization failed in browser console Could you tell how to fix or how to find a root cause?

To Reproduce

App.razor

<Router AppAssembly="typeof(Program).Assembly">
    <Found Context="routeData">
        <AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)" />
    </Found>
    <NotFound>
        <CascadingAuthenticationState>
            <p>Sorry, there's nothing at this address.</p>
        </CascadingAuthenticationState>
    </NotFound>
</Router>

AuthenticationStateProvider implementation

using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Text.RegularExpressions;
using System.Threading.Tasks;
using Blazor.Fluxor;
using Microsoft.AspNetCore.Components.Authorization;

namespace Waggrx.Client
{
    public class WaggrxAuthenticationStateProvider : AuthenticationStateProvider
    {
        private readonly IState<Authentication.State> state;

        public WaggrxAuthenticationStateProvider(IState<Authentication.State> state)
        {
            this.state = state;
            state.StateChanged += OnStateChanged;
        }

        private void OnStateChanged(object sender, Authentication.State e)
         => NotifyAuthenticationStateChanged(GetAuthenticationStateAsync());

        public override Task<AuthenticationState> GetAuthenticationStateAsync()
        {
            ClaimsIdentity identity;
            switch (state.Value)
            {
                case Authentication.State.User userState
                    when userState.SubState is Authentication.SignInUser.State.SignedIn signedIn:
                    var data = signedIn.Data;
                    identity = new ClaimsIdentity(new[]
                                {
                                    new Claim(ClaimTypes.Email, data.EmailAddress),
                                    new Claim(ClaimTypes.Name, data.FirstName),
                                    new Claim(ClaimTypes.GivenName, data.LastName),
                                    new Claim(ClaimTypes.Gender, data.Gender.ToString()),
                                    new Claim(ClaimTypes.MobilePhone, data.Phone),
                                }, "waggrx", ClaimTypes.Email, ClaimTypes.Role);
                    break;
                // TODO: Handle all cases
                //case Authentication.State.SignOutError error:
                //case Authentication.State.SignInError error:
                case Authentication.State state:
                default:
                    identity = new ClaimsIdentity();
                    break;
            }

            var user = new ClaimsPrincipal(identity);

            return Task.FromResult(new AuthenticationState(user));
        }
    }
}

Expected behavior

Information in browser console is enough to determine the cause of authentication fail https://github.com/aspnet/AspNetCore/issues/7789

Additional context

.NET Core SDK (reflecting any global.json):
 Version:   3.0.100-preview9-014004
 Commit:    8e7ef240a5

Runtime Environment:
 OS Name:     Windows
 OS Version:  10.0.18362
 OS Platform: Windows
 RID:         win10-x64
 Base Path:   C:\Program Files\dotnet\sdk\3.0.100-preview9-014004\

Host (useful for support):
  Version: 3.0.0-preview9-19423-09
  Commit:  2be172345a

.NET Core SDKs installed:
  2.1.800 [C:\Program Files\dotnet\sdk]
  2.2.400 [C:\Program Files\dotnet\sdk]
  2.2.401 [C:\Program Files\dotnet\sdk]
  3.0.100-preview9-014004 [C:\Program Files\dotnet\sdk]

.NET Core runtimes installed:
  Microsoft.AspNetCore.All 2.1.12 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All]
  Microsoft.AspNetCore.All 2.2.6 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All]
  Microsoft.AspNetCore.App 2.1.12 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
  Microsoft.AspNetCore.App 2.2.6 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
  Microsoft.AspNetCore.App 3.0.0-preview9.19424.4 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
  Microsoft.NETCore.App 2.1.12 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
  Microsoft.NETCore.App 2.2.6 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
  Microsoft.NETCore.App 3.0.0-preview9-19423-09 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
  Microsoft.WindowsDesktop.App 3.0.0-preview9-19423-09 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]

Project file

<Project Sdk="Microsoft.NET.Sdk.Web">

  <PropertyGroup>
    <TargetFramework>netstandard2.0</TargetFramework>
    <OutputType>Exe</OutputType>
    <LangVersion>7.3</LangVersion>
    <RazorLangVersion>3.0</RazorLangVersion>
  </PropertyGroup>

  <ItemGroup>
    <PackageReference Include="Blazor.Extensions.Logging" Version="0.4.0" />
    <PackageReference Include="Blazor.Fluxor" Version="0.31.0-pre" />
    <PackageReference Include="FSharp.Control.FusionTasks" Version="2.0.2" />
    <!--<PackageReference Include="FSharp.SystemTextJson" Version="0.3.1-preview7" />-->
    <PackageReference Include="IdentityModel" Version="4.0.0" />
    <PackageReference Include="Microsoft.AspNetCore.Blazor" Version="3.0.0-preview9.19424.4" />
    <PackageReference Include="Microsoft.AspNetCore.Blazor.Build" Version="3.0.0-preview9.19424.4" PrivateAssets="all" />
    <PackageReference Include="Microsoft.AspNetCore.Blazor.HttpClient" Version="3.0.0-preview9.19424.4" />
    <PackageReference Include="Microsoft.AspNetCore.Blazor.DevServer" Version="3.0.0-preview9.19424.4" PrivateAssets="all" />
    <PackageReference Include="Microsoft.AspNetCore.Components.Authorization" Version="3.0.0-preview9.19424.4" />
    <PackageReference Include="Microsoft.AspNetCore.WebUtilities" Version="2.2.0" />
    <PackageReference Include="System.Collections.Immutable" Version="1.6.0-preview9.19421.4" />
  </ItemGroup>
  <ItemGroup>
    <ProjectReference Include="..\..\FSharp.SystemTextJson\src\FSharp.SystemTextJson\FSharp.SystemTextJson.fsproj" />
    <ProjectReference Include="..\Shared\Waggrx.Shared.csproj" />
    <ProjectReference Include="..\Store\Waggrx.Store.fsproj" />
  </ItemGroup>

</Project>
agusibrahim commented 5 years ago

just add nuget Microsoft.AspNetCore.Components.Authorization to your client

xperiandri commented 5 years ago

@agusibrahim, but it is present. As you can see from csproj contents above Did I miss something else?

mkArtakMSFT commented 5 years ago

@xperiandri besides seeing the message, does the rest actually work, or not? The only change we've made in this area during Preview9 was to increase log level. If this is not working for you, feel free to provide us a minimal repro project so that we can look into it, when we get time.

xperiandri commented 5 years ago

@xperiandri besides seeing the message, does the rest actually work, or not?

It does not work. At least AuthorizeView uses NotAuthorized part. OK, I'll create a repro

xperiandri commented 5 years ago

@mkArtakMSFT, could you give your email? I will send repro privately

pranavkm commented 5 years ago

@xperiandri could you share a minimal repro and post it on Github?

xperiandri commented 5 years ago

@mkArtakMSFT, have a look into Gitter private messages

xperiandri commented 5 years ago

@pranavkm, well I would prefer to show my real project in private. And if it does not help then create simple repro. I can't see anything difficult running of my project on any environment. It only has authentication, nothing else special

pranavkm commented 5 years ago

We would prefer a simple repro. Thanks!

xperiandri commented 5 years ago

My issue was caused by Fluxor state reducers not being called and AuthenticationStateProvider.NotifyAuthenticationStateChanged not being invoked