Skip to content
This repository has been archived by the owner on Nov 18, 2022. It is now read-only.

Dependencies to HttpContext prevent use of this library in Blazor server side apps #121

Closed
ViRuSTriNiTy opened this issue Jun 17, 2020 · 3 comments
Closed

Dependencies to HttpContext prevent use of this library in Blazor server side apps #121

ViRuSTriNiTy opened this issue Jun 17, 2020 · 3 comments

Comments

@ViRuSTriNiTy
Copy link
Contributor

ViRuSTriNiTy commented Jun 17, 2020
edited
Loading

Hi there,

i was looking for a way to refresh access tokens in a Blazor server side apps. The code in this library fits perfectly except the dependencies to HttpContext which is not available in Blazor server side.

My idea is to remove these dependencies where possible and make it compatible with the aforementioned scenario. The AccessTokenManagementService can then be used in a RevalidatingServerAuthenticationStateProvider to refresh the access token (and the id token along the way) periodically like

public class BlazorServerAuthenticationStateProvider : RevalidatingServerAuthenticationStateProvider
{
    protected override Task<bool> ValidateAuthenticationStateAsync(AuthenticationState authenticationState, CancellationToken cancellationToken)
    {
        ...

        // gets and refreshes access token based on the "expires_at" claim when necessary,
        // id token is refreshed in the process as original authorize request included the open_id scope
        var accessToken = _accessTokenManagementService.GetUserAccessTokenAsync(user);

I created PR #120 that includes the necessary changes.

Now one can simply add the following code to a Blazor server side app to refresh the access token right before a HTTP request is made via UserAccessTokenHandler:

Startup.cs

        // add custom user token store to avoid that AddAccessTokenManagement() registers its
        // own store based on HttpContext (HttpContext is not available in blazor server side)
        services.AddTransient<IUserTokenStore, UserTokenStore>();

        var tokenBuilder = services.AddAccessTokenManagement(options =>
        {
            options.User.Scheme = AzureADB2CDefaults.OpenIdScheme;
            options.User.RefreshBeforeExpiration = TimeSpan.FromMinutes(60).Subtract(TimeSpan.FromSeconds(30));
        });

        tokenBuilder.ConfigureBackchannelHttpClient();

       ...

        services
            // add a shared HttpClient ...
            .AddHttpClient("MyHttpClient", (serviceProvider, httpClient) =>
            {
               httpClient.BaseAddress = ...
            })
            // ... that is injected into the following typed clients ...
            .AddTypedClient<...>()
            ...
            // ... supported by a handler that adds the access token to requests
            .AddUserAccessTokenHandler();
@ViRuSTriNiTy ViRuSTriNiTy mentioned this issue Jun 17, 2020
Merged
@leastprivilege
Copy link
Contributor

merged. thanks!

@ViRuSTriNiTy
Copy link
Contributor Author

@leastprivilege When will this be included in a new nuget package? Currently i'm working with a git submodule pointing to my fork of your repo but that's not ideal.

@ViRuSTriNiTy ViRuSTriNiTy mentioned this issue Jun 22, 2020
Closed
@ViRuSTriNiTy ViRuSTriNiTy mentioned this issue Jul 10, 2020
Open
@github-actions
Copy link

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 20, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@leastprivilege @ViRuSTriNiTy