Update test app to cover more complex scenarios

Author: javiercn

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/OidcAccount.cs

@@ -0,0 +1,11 @@
+using System.Text.Json.Serialization;
+using Microsoft.AspNetCore.Components.WebAssembly.Authentication;
+
+namespace Wasm.Authentication.Client
+{
+    public class OidcAccount : RemoteUserAccount
+    {
+        [JsonPropertyName("amr")]
+        public string[] AuthenticationMethod { get; set; }
+    }
+}

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/Pages/AdminSettings.razor

@@ -0,0 +1,47 @@
+@page "/admin-settings"
+@attribute [Authorize(Roles = "admin")]
+@inject IAccessTokenProvider TokenProvider
+@inject NavigationManager Navigation
+
+@if(_error == null)
+{
+    <button id="admin-action" @onclick="AdminAction">Perform admin action</button>
+}
+else if(_error == true)
+{
+    <p>Could not get the access token.</p>
+}
+else if (_error == false)
+{
+    <p id="admin-success">Successfully perfomed admin action.</p>
+}
+
+@code {
+
+    private bool? _error;
+
+    public async Task AdminAction()
+    {
+        var tokenResult = await TokenProvider.RequestAccessToken();
+
+        if (tokenResult.TryGetToken(out var token))
+        {
+            var client = new HttpClient() { BaseAddress = new Uri(Navigation.BaseUri) };
+            var request = new HttpRequestMessage(HttpMethod.Post, "Roles/AdminOnly");
+            request.Headers.Add("Authorization", $"Bearer {token.Value}");
+            var response = await client.SendAsync(request);
+            if (response.StatusCode != System.Net.HttpStatusCode.OK)
+            {
+                _error = true;
+            }
+            else
+            {
+                _error = false;
+            }
+        }
+        else
+        {
+            _error = true;
+        }
+    }
+}

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/Pages/Authentication.razor

@@ -1,7 +1,43 @@
 @page "/authentication/{action}"
+@inject StateService State
+@inject AuthenticationStateProvider AuthenticationStateProvider
+@inject NavigationManager Navigation
 
-<RemoteAuthenticatorView Action="@Action" />
+<RemoteAuthenticatorViewCore TAuthenticationState="RemoteAppState"
+                             AuthenticationState="AppState"
+                             OnLogInSucceeded="CompleteLogin"
+                             Action="@Action" />
 
 @code{
     [Parameter] public string Action { get; set; }
+
+    public RemoteAppState AppState { get; set; } = new RemoteAppState();
+
+    protected override void OnInitialized()
+    {
+        if (RemoteAuthenticationActions.IsAction(RemoteAuthenticationActions.LogIn, Action))
+        {
+            AppState.State = State.GetCurrentState();
+        }
+
+        base.OnInitialized();
+    }
+
+    public async Task CompleteLogin(RemoteAppState remoteState)
+    {
+        if (RemoteAuthenticationActions.IsAction(RemoteAuthenticationActions.LogInCallback, Action))
+        {
+            State.RestoreCurrentState(remoteState.State);
+        }
+
+        var userState = await AuthenticationStateProvider.GetAuthenticationStateAsync();
+        var user = userState.User;
+
+        if (user.HasClaim("NewUser", "true"))
+        {
+            var originalReturnUrl = remoteState.ReturnUrl;
+            var preferencesUrl = Navigation.ToAbsoluteUri("preferences");
+            remoteState.ReturnUrl = $"{preferencesUrl}?returnUrl={Uri.EscapeDataString(originalReturnUrl)}";
+        }
+    }
 }

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/Pages/Index.razor

@@ -1,5 +1,27 @@
 @page "/"
-
+@inject StateService State
+@inject IJSRuntime JS
 <h1>Hello, world!</h1>
 
 Welcome to your new app.
+
+Current state is:
+<p id="app-state">@State.GetCurrentState()</p>
+
+<!-- Elements to help testing functionality -->
+<p id="test-helpers">
+    <button id="test-clear-storage" @onclick="ClearStorage">Clear storage</button>
+    <button id="test-refresh-page" @onclick="TriggerPageRefresh">Refresh page</button>
+</p>
+
+@code{
+    public async Task ClearStorage()
+    {
+        await JS.InvokeVoidAsync("sessionStorage.clear");
+    }
+
+    public async Task TriggerPageRefresh()
+    {
+        await JS.InvokeVoidAsync("location.reload", true);
+    }
+}

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/Pages/MakeAdmin.razor

@@ -0,0 +1,37 @@
+@page "/new-admin"
+@attribute [Authorize]
+@inject IAccessTokenProvider TokenProvider
+@inject NavigationManager Navigation
+
+@if (_error == true)
+{
+    <p>Could not get the access token.</p>
+}
+else if (_error == false)
+{
+    <p>Successfully added to the admin group.</p>
+}
+
+@code {
+
+    private bool? _error;
+
+    protected override async Task OnInitializedAsync()
+    {
+        var tokenResult = await TokenProvider.RequestAccessToken();
+
+        if (tokenResult.TryGetToken(out var token))
+        {
+            var client = new HttpClient() { BaseAddress = new Uri(Navigation.BaseUri) };
+            var request = new HttpRequestMessage(HttpMethod.Post, "Roles/MakeAdmin");
+            request.Headers.Add("Authorization", $"Bearer {token.Value}");
+            var response = await client.SendAsync(request);
+            response.EnsureSuccessStatusCode();
+
+        }
+        else
+        {
+            _error = true;
+        }
+    }
+}

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/Pages/UserPreferences.razor

@@ -0,0 +1,47 @@
+@page "/preferences"
+@attribute [Authorize]
+@using System.Text.Json;
+@using System.Text;
+@using System.Net.Http.Headers;
+
+@inject NavigationManager Navigation
+@inject IAccessTokenProvider AccessTokenProvider
+
+<p>User preferences</p>
+
+<input id="color-preference" type="text" @bind="Color" />
+<button id="submit-preference" @onclick="SendPreferences">Send</button>
+
+@code {
+    public string Color { get; set; }
+
+    public async Task SendPreferences()
+    {
+        var content = new StringContent(JsonSerializer.Serialize(new UserPreferences { Color = Color }), Encoding.UTF8, "application/json");
+        var tokenResponse = await AccessTokenProvider.RequestAccessToken();
+        if (tokenResponse.TryGetToken(out var token))
+        {
+            var client = new HttpClient { BaseAddress = new Uri(Navigation.BaseUri) };
+            var request = new HttpRequestMessage(HttpMethod.Post, "Preferences/AddPreferences");
+            request.Content = content;
+
+            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token.Value);
+
+            var response = await client.SendAsync(request);
+            if (response.IsSuccessStatusCode)
+            {
+                var query = new Uri(Navigation.Uri).Query;
+                var hasReturnUrl = System.Text.RegularExpressions.Regex.Match(query, ".*?returnUrl=([^&]+).*");
+                if (hasReturnUrl.Success)
+                {
+                    var returnUrl = hasReturnUrl.Groups[1];
+                    Navigation.NavigateTo(Uri.UnescapeDataString(returnUrl.Value));
+                }
+            }
+            else
+            {
+                Navigation.NavigateTo("/");
+            }
+        }
+    }
+}

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/PreferencesUserFactory.cs

@@ -0,0 +1,62 @@
+using System;
+using System.Net;
+using System.Net.Http;
+using System.Net.Http.Headers;
+using System.Security.Claims;
+using System.Text.Json;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Components;
+using Microsoft.AspNetCore.Components.WebAssembly.Authentication;
+using Microsoft.AspNetCore.Components.WebAssembly.Authentication.Internal;
+
+namespace Wasm.Authentication.Client
+{
+    public class PreferencesUserFactory : UserFactory<OidcAccount>
+    {
+        private readonly HttpClient _httpClient;
+
+        public PreferencesUserFactory(NavigationManager navigationManager, IAccessTokenProviderAccessor accessor)
+            : base(accessor)
+        {
+            _httpClient = new HttpClient { BaseAddress = new Uri(navigationManager.BaseUri) };
+        }
+
+        public async override ValueTask<ClaimsPrincipal> CreateUserAsync(
+            OidcAccount account,
+            RemoteAuthenticationUserOptions options)
+        {
+            var initialUser = await base.CreateUserAsync(account, options);
+
+            if (initialUser.Identity.IsAuthenticated)
+            {
+                foreach (var value in account.AuthenticationMethod)
+                {
+                    ((ClaimsIdentity)initialUser.Identity).AddClaim(new Claim("amr", value));
+                }
+
+                var tokenResponse = await TokenProvider.RequestAccessToken();
+                if (tokenResponse.TryGetToken(out var token))
+                {
+                    var request = new HttpRequestMessage(HttpMethod.Get, "Preferences/HasCompletedAdditionalInformation");
+                    request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token.Value);
+
+                    var response = await _httpClient.SendAsync(request);
+                    if (response.StatusCode != HttpStatusCode.OK)
+                    {
+                        throw new InvalidOperationException("Error accessing additional user info.");
+                    }
+
+                    var hasInfo = JsonSerializer.Deserialize<bool>(await response.Content.ReadAsStringAsync());
+                    if (!hasInfo)
+                    {
+                        // The actual pattern would be to cache this info to avoid constant queries to the server per auth update.
+                        // (By default once every minute)
+                        ((ClaimsIdentity)initialUser.Identity).AddClaim(new Claim("NewUser", "true"));
+                    }
+                }
+            }
+
+            return initialUser;
+        }
+    }
+}

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/Program.cs

@@ -2,6 +2,7 @@
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Components.WebAssembly.Authentication;
 using Microsoft.AspNetCore.Components.WebAssembly.Hosting;
 using Microsoft.Extensions.DependencyInjection;
 
@@ -13,7 +14,10 @@ public static async Task Main(string[] args)
         {
             var builder = WebAssemblyHostBuilder.CreateDefault(args);
 
-            builder.Services.AddApiAuthorization();
+            builder.Services.AddApiAuthorization<RemoteAppState, OidcAccount>()
+                .AddUserFactory<RemoteAppState, OidcAccount, PreferencesUserFactory>();
+
+            builder.Services.AddSingleton<StateService>();
 
             builder.RootComponents.Add<App>("app");
 

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/RemoteAppState.cs

@@ -0,0 +1,13 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Components.WebAssembly.Authentication;
+
+namespace Wasm.Authentication.Client
+{
+    public class RemoteAppState : RemoteAuthenticationState
+    {
+        public string State { get; set; }
+    }
+}

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/Shared/NavMenu.razor

@@ -27,6 +27,17 @@
                 <span class="oi oi-list-rich" aria-hidden="true"></span> User
             </NavLink>
         </li>
+        <li class="nav-item px-3">
+            <NavLink class="nav-link" href="new-admin">
+                <span class="oi oi-list-rich" aria-hidden="true"></span> Make admin
+            </NavLink>
+        </li>
+        <li class="nav-item px-3">
+            <NavLink class="nav-link" href="admin-settings">
+                <span class="oi oi-list-rich" aria-hidden="true"></span> Settings
+            </NavLink>
+        </li>
+
     </ul>
 </div>
 

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/StateService.cs

@@ -0,0 +1,16 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace Wasm.Authentication.Client
+{
+    public class StateService
+    {
+        private string _state;
+
+        public string GetCurrentState() => _state != null ? _state : (_state = Guid.NewGuid().ToString());
+
+        public void RestoreCurrentState(string state) => _state = state;
+    }
+}

src/Components/WebAssembly/testassets/Wasm.Authentication.Client/wwwroot/index.html

@@ -21,5 +21,4 @@
     <script src="_content/Microsoft.AspNetCore.Components.WebAssembly.Authentication/AuthenticationService.js"></script>
     <script src="_framework/blazor.webassembly.js"></script>
 </body>
-
 </html>