在 ASP.NET 核心托管的 Blazor 应用程序中对服务器进行匿名调用

Make anonymous call to Server in ASP.NET Core hosted Blazor App

我使用授权和 ASP.NET 核心托管选项从 VS 中包含的模板创建了一个 Blazor Webassembly 应用程序,如下所示:

我希望能够在不经过身份验证的情况下向服务器发出 http 请求。我通过注释掉 [Authorize] 属性(甚至添加了 [AllowAnonymous] 属性)更改了 WeatherForecastController 中的代码:

//[Authorize] CHANGED
[AllowAnonymous] //CHANGED
[ApiController]
[Route("[controller]")]
public class WeatherForecastController : ControllerBase
{
    private static readonly string[] Summaries = new[]
    {
        "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
    };

    private readonly ILogger<WeatherForecastController> _logger;

    public WeatherForecastController(ILogger<WeatherForecastController> logger)
    {
        _logger = logger;
    }

    [HttpGet]
    public IEnumerable<WeatherForecast> Get()
    {
        var rng = new Random();
        return Enumerable.Range(1, 5).Select(index => new WeatherForecast
        {
            Date = DateTime.Now.AddDays(index),
            TemperatureC = rng.Next(-20, 55),
            Summary = Summaries[rng.Next(Summaries.Length)]
        })
        .ToArray();
    }
}

FetchData.razor 页面中,连同代码中注明的其他更改,我注释掉了 @attribute [Authorize]:

@page "/fetchdata"
@using Microsoft.AspNetCore.Authorization
@using Microsoft.AspNetCore.Components.WebAssembly.Authentication
@using WhosebugAuthProblem.Shared
@*@attribute [Authorize]*@ @*CHANGED*@
@inject HttpClient Http

@*CHANGED Html removed for brevity*@

<div>Exception message: @exceptionMessage</div>

@code {
    private WeatherForecast[] forecasts;

    string exceptionMessage; //CHANGED

    protected override async Task OnInitializedAsync()
    {
        try
        {
            forecasts = await Http.GetFromJsonAsync<WeatherForecast[]>("WeatherForecast");
        }
        catch (AccessTokenNotAvailableException exception)
        {
            exceptionMessage = exception.Message; //CHANGED returns an empty string

            exceptionMessage = exception.ToString(); //CHANGED returns
                //Microsoft.AspNetCore.Components.WebAssembly.Authentication.AccessTokenNotAvailableException: '' at
                //Microsoft.AspNetCore.Components.WebAssembly.Authentication.AuthorizationMessageHandler.SendAsync(HttpRequestMessage request,
                //CancellationToken cancellationToken) at Microsoft.Extensions.Http.Logging.LoggingScopeHttpMessageHandler.SendAsync(
                //    HttpRequestMessage request, CancellationToken cancellationToken)
                //at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request,
                //HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop,
                //CancellationToken cancellationToken) 
                //at System.Net.Http.Json.HttpClientJsonExtensions.<GetFromJsonAsyncCore>d__9`1[[WhosebugAuthProblem.Shared.WeatherForecast[],
                //WhosebugAuthProblem.Shared, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]].MoveNext()
                //at WhosebugAuthProblem.Client.Pages.FetchData.OnInitializedAsync()
                //in E:\Whosebug\WhosebugAuthProblem\WhosebugAuthProblem\Client\Pages\FetchData.razor:line 53

            //exception.Redirect(); CHANGE
        }
    }
}

我得到的异常是在上面的代码中。我怀疑问题出在 App.razor 页面,但无法弄清楚。

有什么帮助吗?

有人在这里发帖然后删除了一个回答,说问题出在客户端项目 Program.cs 文件的以下行中:

builder.Services.AddHttpClient("RclConsumer.ServerAPI", client => client.BaseAddress = new 
   Uri(builder.HostEnvironment.BaseAddress))
   .AddHttpMessageHandler<BaseAddressAuthorizationMessageHandler>();

肯定有我遗漏的东西,否则我会忍不住认为这是一个重大疏忽,没有经过身份验证就无法访问 API 端点。

public static class HttpClientService
{
    public static HttpClient AnonymousHttpClient { get; set; }

    static HttpClientService()
    {
        AnonymousHttpClient = new HttpClient();

#if DEBUG
        AnonymousHttpClient.BaseAddress = new Uri("https://localhost:44395/");
#else
        throw new Exception("Need the Base address here");
#endif

    }
}

我将其放入自己的 class 库的原因是我计划添加 Razor Class 库,并且我希望在整个解决方案中使用 HttpClient 的单个实例因为 problem with sockets