Invalidate Cached WASM Auth Token on Authentication State Change #36358
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ghost
added
the
javiercn
reviewed
Sep 10, 2021
...omponents/WebAssembly/WebAssembly.Authentication/src/Services/AuthorizationMessageHandler.cs
Outdated
Show resolved
Hide resolved
javiercn
reviewed
Sep 10, 2021
...omponents/WebAssembly/WebAssembly.Authentication/src/Services/AuthorizationMessageHandler.cs
Show resolved
Hide resolved
javiercn
approved these changes
Sep 10, 2021
campersau
reviewed
Sep 10, 2021
| @@ -16,10 +13,11 @@ namespace Microsoft.AspNetCore.Components.WebAssembly.Authentication | |||
| /// Access tokens will only be added when the request URI is within one of the base addresses configured using | |||
| /// <see cref="ConfigureHandler(IEnumerable{string}, IEnumerable{string}, string)"/>. | |||
| /// </summary> | |||
| public class AuthorizationMessageHandler : DelegatingHandler | |||
| public class AuthorizationMessageHandler : DelegatingHandler, IDisposable | |||
There was a problem hiding this comment.
HttpMessageHandler from which DelegatingHandler inherits already implements IDisposable so you could just override the existing protected virtual void Dispose(bool disposing) method.
There was a problem hiding this comment.
That's what I'd originally done prior to e2351d3. The issue with that approach is it requires adding a new public API, which at this stage of the release is a bit tougher.
TanayParikh
commented
Sep 10, 2021
| { | ||
| authStateProvider.AuthenticationStateChanged -= _authenticationStateChangedHandler; | ||
| } | ||
| Dispose(disposing: true); |
There was a problem hiding this comment.
Defaulted this to true.
|
/backport to release/6.0 |
|
Started backporting to release/6.0: https://github.com/dotnet/aspnetcore/actions/runs/1225280935 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes: #35888
This should work. I'm unable to validate it as for some reason the
AuthenticationStateChangedevent is never invoked (should be invoked on sign in/out). I'm assuming this is some issue with the debugger. I've validated that the event does in fact attach (line 44).