Blazor Streaming Rendering does not show intermediate state when @attribute [Authorize(Roles = "group1")] is used

[flennic]

Is there an existing issue for this?

• [x] I have searched the existing issues

Describe the bug

Given a Blazor component with Streaming Rendering enabled, everything works as expected. When data is loaded in the OnInitializedAsync() method, each async update and call to StateHasChanged() works as expected and the list shows one entry being added at the time. Note: I am aware stateStateHasChanged() does not guarantee an UI update. This is more or less also the example shown during the demo when Blazor 8 was announced.

@page "/weather"
@using TestApplication.Extensions
@using TestApplication.Services
@using TestApplication.Client.Models
@attribute [StreamRendering]
@inject IDocumentService DocumentService

<PageTitle>Weather</PageTitle>

<h1>Weather</h1>

<p>This component demonstrates showing data.</p>

<div class="container">
    @if (Documents == null)
    {
        <p>No data yet.</p>
    }
    else
    {
        <table class="table">
            <thead>
                <tr>
                    <th>Id</th>
                    <th>Name</th>
                </tr>
            </thead>
            <tbody>

            @foreach (var document in Documents)
            {
                <tr>
                    <td><p>@document.Id</p></td>
                    <td><p>@document.Name</p></td>
                </tr>
            }
            </tbody>
        </table>
    }
</div>

@code {

    //[CascadingParameter] public HttpContext? HttpContext { get; set; }
    //public Document? MainDocument { get; set; }

    public List<Document>? Documents { get; set; }

    protected override async Task OnInitializedAsync()
    {
        //var accessToken = await HttpContext?.GetAccessToken()!;
        Documents = []; //await DocumentService.GetDocuments(accessToken);
        StateHasChanged();

        for (var i = 0; i < 5; i++)
        {
            await Task.Delay(1000);
            Documents.Add(new Document { Id = i, Name = $"Document {i}" });
            StateHasChanged();
            await Task.Yield();
        }
    }
}

If now the attribute

@attribute [Authorize(Roles = "group1")]

is added, it breaks the intermediate steps of Streaming Rendering. The last state, with all documents in the list, is shown, but no intermediate updates. When looking at the network tab and the actual HTTP being sent to the client, it can be seen that the updated HTML (like you see that every second more HTML is being sent, the same way as during the Demo of Blazor 8 with curl) reaches the browser, so the server part of Streaming Rendering works as expected. But the client is not picking up the intermediate steps, as one would expect.

Is this an intended behavior, something I am missing with how authentication works, or actually a bug? As this is server side and were some authentication issue, then I would not expect the server to actually stream the correct data to the browser.

If you need any more information, please let me know.

Expected Behavior

All intermediate state changes during the streaming rendering are also reflected in HTML and visible to the user, but they are not.

Steps To Reproduce

Create a Blazor 8 application with Cookie authentication. There is some more custom authentication stuff ongoing which I do not want to share in public. But none of that should prevent the client from showing the HTML in the HTTP call which is actually being sent to the client, here the web browser.

I left some commented code in the example which I started removing to pin it down to the Authorize attribute.

Exceptions (if any)

No response

.NET Version

8.0.205

Anything else?

dotnet --info
.NET SDK:
 Version:           8.0.205
 Commit:            3e1383b780
 Workload version:  8.0.200-manifests.818b3449

Runtime Environment:
 OS Name:     Windows
 OS Version:  10.0.22631
 OS Platform: Windows
 RID:         win-x64
 Base Path:   C:\Program Files\dotnet\sdk\8.0.205\

.NET workloads installed:
There are no installed workloads to display.

Host:
  Version:      8.0.5
  Architecture: x64
  Commit:       087e15321b

.NET SDKs installed:
  6.0.420 [C:\Program Files\dotnet\sdk]
  8.0.203 [C:\Program Files\dotnet\sdk]
  8.0.205 [C:\Program Files\dotnet\sdk]

.NET runtimes installed:
  Microsoft.AspNetCore.App 6.0.28 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
  Microsoft.AspNetCore.App 8.0.3 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
  Microsoft.AspNetCore.App 8.0.5 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App]
  Microsoft.NETCore.App 6.0.28 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
  Microsoft.NETCore.App 8.0.3 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
  Microsoft.NETCore.App 8.0.5 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
  Microsoft.WindowsDesktop.App 6.0.28 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
  Microsoft.WindowsDesktop.App 8.0.3 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]
  Microsoft.WindowsDesktop.App 8.0.5 [C:\Program Files\dotnet\shared\Microsoft.WindowsDesktop.App]

Other architectures found:
  x86   [C:\Program Files (x86)\dotnet]
    registered at [HKLM\SOFTWARE\dotnet\Setup\InstalledVersions\x86\InstallLocation]

Environment variables:
  Not set

global.json file:
  Not found

Learn more:
  https://aka.ms/dotnet/info

Download .NET:
  https://aka.ms/dotnet/download

[flennic]

This issue got tagged with author feedback. Anything I can contribute with?

[mkArtakMSFT]

In order for us to investigate this issue, please provide a minimalistic repro project that illustrates the problem.

[dotnet-policy-service[bot]]

Hi @flennic. We have added the "Needs: Author Feedback" label to this issue, which indicates that we have an open question for you before we can take further action. This issue will be closed automatically in 7 days if we do not hear back from you by then - please feel free to re-open it if you come back to this issue after that time.