Blazor-Auth0-ServerSide
0.4.2-beta.2
See the version list below for details.
dotnet add package Blazor-Auth0-ServerSide --version 0.4.2-beta.2
NuGet\Install-Package Blazor-Auth0-ServerSide -Version 0.4.2-beta.2
<PackageReference Include="Blazor-Auth0-ServerSide" Version="0.4.2-beta.2" />
paket add Blazor-Auth0-ServerSide --version 0.4.2-beta.2
#r "nuget: Blazor-Auth0-ServerSide, 0.4.2-beta.2"
// Install Blazor-Auth0-ServerSide as a Cake Addin #addin nuget:?package=Blazor-Auth0-ServerSide&version=0.4.2-beta.2&prerelease // Install Blazor-Auth0-ServerSide as a Cake Tool #tool nuget:?package=Blazor-Auth0-ServerSide&version=0.4.2-beta.2&prerelease
Blazor Auth0 Library
This is a library for Blazor authentication with OIDC Authorization Code-Grant and Implicit-Grant flows, using Auth0's Universal Login and Silent Login for Blazor over .NET Core v3.0.0-preview7 client & server side solutions, the idea behind this is to have an easy way of using Auth0's services in Blazor without the need of the auth0.js library.
Start using it in 3 simple steps!
Note: Following example will implement a "An authenticated user is Required" flow, for a "Login/Logout Buttons" flow please refer to here
- Start by adding a reference to Blazor-Auth0-ClientSide.0.7.0-beta.1 for client side and Blazor-Auth0-ServerSide.0.4.0-beta.1 for server side to your Blazor project
Client Side
Install-Package Blazor-Auth0-ClientSide -Version 0.7.2-beta.2
Server Side
Install-Package Blazor-Auth0-ServerSide -Version 0.4.2-beta.2
- In Startup.cs, register the service inside ConfigureServices method
public void ConfigureServices(IServiceCollection services)
{
// Uncomment for Server Side implementations
// services.AddScoped<HttpClient>();
services.AddScoped((sp) =>
{
return new Blazor.Auth0.Shared.Models.ClientSettings()
{
Auth0Domain = "[Auth0_Domain]",
Auth0ClientId = "[Auth0_Client_Id]",
LoginRequired = true
};
});
services.AddScoped<Blazor.Auth0.[ClientSide|ServerSide].Authentication.AuthenticationService>();
}
Other options include:
AuthenticationGrant: Allows you to choose between authorization_code (recommended) and implicit_grant authentication flows.
RedirectAlwaysToHome: When set to true, forces the redirect_uri param to be the home path, this value overrides Auth0RedirectUri
LoginRequired: When set to true, forces a redirection to the login page in case the user is not authenticated.
GetUserInfoFromIdToken: When set to true, the serivce will use the id_token payload to build the user info, this is good in case all the user info you require is present in the id_token payload and you want avoid doing an extra call to Auth0, in case that tere's no id_token present in the authentication response the service will fall back gracefully to try to get the user info from an API call to auth0, default value is false
- Replace the content of App.razor with the following code
@using Blazor.Auth0.Shared.Models.Enumerations
@using Blazor.Auth0.[ClientSide|ServerSide].Components
@using Blazor.Auth0.[ClientSide|ServerSide].Authentication
@inject AuthenticationService _authService
<AuthComponent ProtectedPaths="protectedPaths">
@*Will render while determining user's session state*@
<AuthorizingContent>
Determining session state, please wait...
</AuthorizingContent>
@*Will render after determining session state*@
<AuthorizedContent>
<Router AppAssembly="typeof(Startup).Assembly">
<NotFoundContent>
<p>Sorry, there's nothing at this address.</p>
</NotFoundContent>
</Router>
</AuthorizedContent>
<NotAuthorizedContent>
ERROR 401: Unauthorized
</NotAuthorizedContent>
</AuthComponent>
@code {
List<string> protectedPaths = new List<string> {
"fetchdata"
};
}
Other options include:
- ProtectedPaths: Allows you to indicate a list of paths that requires an authenticated user, only affects if LoginRequired is set to false.
- LoginRequiredOnProtectedPaths: Alters the ProtectedPaths behavior. When set to true redirect the user to the login page automatically, otherwise, the content from the UnAuthorizedContent fragment will be rendered.
Using it with the built-in Blazor Authentication and Authorization
Since v0.7.0-beta.1 for client side version and v0.4.0-beta.1 for server side version, you can make use of the new built-in Blazor Authentication and Authorization capabilities.
In Startup.cs, register a new AuthenticationStateProvider service inside ConfigureServices method
services.AddScoped<AuthenticationStateProvider, Blazor.Auth0.[ClientSide|ServerSide].Authentication.AuthenticationStateProvider>();
Server Side Only!
In the Configure method of the same file, instructs the app to use Authentication and Authorization
app.UseAuthentication();
app.UseAuthorization();
IMPORTANT!
If you're planning to use built-in Blazor Authorization capabilities like Claims-based and Policy-based authorization, then you will need to indicate an Auth0 audience/api with the "Enable RBAC" and "Add Permissions in the Access Token" settings set to true, here you have some reading about Auth0's RBAC.
The actual mechanism of authenticating the user, i.e., determining their identity using cookies or other information, is the same in Blazor as in any other ASP.NET Core application. So to control and customize any aspect of it, see documentation about authentication in ASP.NET Core.
SteveSandersonMS
Following are great sources of how to implement the Authentication and Authorization:
ASP.NET Core and Blazor updates in .NET Core 3.0 Preview, SteveSandersonMS/blazor-auth.md, Policy-based authorization in ASP.NET Core, Claims-based authorization in ASP.NET Core
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
.NET Core | netcoreapp3.0 is compatible. netcoreapp3.1 was computed. |
-
.NETCoreApp 3.0
- Blazor-Auth0-Shared (>= 0.4.2-beta.2)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories (1)
Showing the top 1 popular GitHub repositories that depend on Blazor-Auth0-ServerSide:
Repository | Stars |
---|---|
henalbrod/Blazor.Auth0
The library for using Auth0 in Blazor applications.
|
Version | Downloads | Last updated |
---|---|---|
2.0.0-Preview5 | 1,584 | 3/4/2020 |
2.0.0-Preview4 | 746 | 11/17/2019 |
2.0.0-Preview3 | 282 | 11/4/2019 |
2.0.0-Preview2 | 265 | 11/4/2019 |
2.0.0-Preview1 | 267 | 10/26/2019 |
1.0.0-Preview3 | 904 | 9/23/2019 |
1.0.0-Preview2 | 344 | 9/19/2019 |
1.0.0-Preview1 | 306 | 8/24/2019 |
0.4.2-beta.2 | 349 | 7/25/2019 |
0.4.0-beta.1 | 358 | 6/15/2019 |
0.3.0-beta-1 | 361 | 6/14/2019 |
0.2.1-alpha-2 | 349 | 6/12/2019 |
0.2.0-alpha-1 | 392 | 6/5/2019 |
0.1.0-alpha-2 | 385 | 5/8/2019 |
0.1.0-alpha-1 | 444 | 4/20/2019 |
Updated to .NET Core 3.0 Preview 7
Bugs Fixed: https://github.com/Pegazux/Blazor.Auth0/issues/12, Fixed error in code_challenge and code_validator generation