Blazor:自定义 AuthenticationStateProvider 从不 returns 授权状态
Blazor: Custom AuthenticationStateProvider never returns authorised state
我有一个非常基本的 blazor 项目设置,可以通过实现 AuthenticationStateProvider 通过自定义身份验证机制测试授权。
我已将授权状态伪造为始终 return 伪造的登录用户,并将 @attribute [Authorized] 添加到我的可路由页面组件,但在导航到时它始终显示“未授权”消息。
通过在 Startup.cs
中添加必要的初始化开始
app.UseAuthentication();
app.UseAuthorization();
我实现了一个自定义 AuthenticationStateProvider,它总是 return 登录用户:
public class LocalStorageAuthenticationStateProvider : AuthenticationStateProvider
{
public override Task<AuthenticationState> GetAuthenticationStateAsync()
{
var identity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Email, "user@fake.com","apiauth_type_email")
});
var user = new ClaimsPrincipal(identity);
return Task.FromResult(new AuthenticationState(user));
}
}
..我已经注册了我的自定义提供商:
services.AddScoped<AuthenticationStateProvider, LocalStorageAuthenticationStateProvider>();
..我已经将 AuthorizeRouteView 添加到 App.razor
<CascadingAuthenticationState>
<Router AppAssembly="@typeof(Program).Assembly" PreferExactMatches="@true">
<Found Context="routeData">
<AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)" />
</Found>
<NotFound>
<LayoutView Layout="@typeof(MainLayout)">
<p>Sorry, there's nothing at this address.</p>
</LayoutView>
</NotFound>
</Router>
</CascadingAuthenticationState>
最后,我将授权属性添加到我的可路由页面:
@page "/personal/dashboard"
@attribute [Authorize]
但是当我导航到那里时,我总是会看到“未经授权”的消息。我在这里错过了什么?
您的问题在这里:
var identity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Email, "user@fake.com","apiauth_type_email")
});
您有拼写错误,没有为 ClaimsIdentity 提供 authenticationType。您的代码应如下所示:
var identity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Email, "user@fake.com")
}, "apiauth_type_email");
我有一个非常基本的 blazor 项目设置,可以通过实现 AuthenticationStateProvider 通过自定义身份验证机制测试授权。
我已将授权状态伪造为始终 return 伪造的登录用户,并将 @attribute [Authorized] 添加到我的可路由页面组件,但在导航到时它始终显示“未授权”消息。
通过在 Startup.cs
中添加必要的初始化开始 app.UseAuthentication();
app.UseAuthorization();
我实现了一个自定义 AuthenticationStateProvider,它总是 return 登录用户:
public class LocalStorageAuthenticationStateProvider : AuthenticationStateProvider
{
public override Task<AuthenticationState> GetAuthenticationStateAsync()
{
var identity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Email, "user@fake.com","apiauth_type_email")
});
var user = new ClaimsPrincipal(identity);
return Task.FromResult(new AuthenticationState(user));
}
}
..我已经注册了我的自定义提供商:
services.AddScoped<AuthenticationStateProvider, LocalStorageAuthenticationStateProvider>();
..我已经将 AuthorizeRouteView 添加到 App.razor
<CascadingAuthenticationState>
<Router AppAssembly="@typeof(Program).Assembly" PreferExactMatches="@true">
<Found Context="routeData">
<AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)" />
</Found>
<NotFound>
<LayoutView Layout="@typeof(MainLayout)">
<p>Sorry, there's nothing at this address.</p>
</LayoutView>
</NotFound>
</Router>
</CascadingAuthenticationState>
最后,我将授权属性添加到我的可路由页面:
@page "/personal/dashboard"
@attribute [Authorize]
但是当我导航到那里时,我总是会看到“未经授权”的消息。我在这里错过了什么?
您的问题在这里:
var identity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Email, "user@fake.com","apiauth_type_email")
});
您有拼写错误,没有为 ClaimsIdentity 提供 authenticationType。您的代码应如下所示:
var identity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Email, "user@fake.com")
}, "apiauth_type_email");