Skip to content
This repository has been archived by the owner on Mar 11, 2020. It is now read-only.

Commit

Permalink
v1.0.0-Preview2
Browse files Browse the repository at this point in the history
  • Loading branch information
henalbrod committed Sep 19, 2019
1 parent 25a394a commit c8222d5
Show file tree
Hide file tree
Showing 10 changed files with 65 additions and 106 deletions.
81 changes: 32 additions & 49 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
# Blazor.Auth0

<img src="https://raw.githubusercontent.com/Pegazux/Blazor.Auth0/master/src/Blazor.Auth0.ClientSide/icon.png" height="150" alt="Blazor Auth0 Library" align="right"/>
<img src="https://raw.githubusercontent.com/henalbrod/Blazor.Auth0/master/src/Blazor.Auth0.ClientSide/icon.png" height="150" alt="Blazor Auth0 Library" align="right"/>

This is a library for Blazor authentication with OIDC Authorization Code-Grant and Implicit-Grant flows, using Auth0's Universal Login and Silent Login for [Blazor](http://blazor.net) over .NET Core v3.0.0-preview8 client & server-side solutions, the idea behind this is to have an easy way of using Auth0's services in Blazor without the need of the auth0.js library.
This is a library for Blazor authentication with OIDC Authorization Code-Grant and Implicit-Grant flows, using Auth0's Universal Login and Silent Login for [Blazor](http://blazor.net) over .NET Core v3.0.0-RC1 client & server-side solutions, the idea behind this is to have an easy way of using Auth0's services in Blazor without the need of the auth0.js library.

[![GitHub license](https://img.shields.io/github/license/Pegazux/Blazor.Auth0?color=blue)](https://github.com/Pegazux/Blazor.Auth0/blob/master/LICENSE)
[![GitHub license](https://img.shields.io/github/license/henalbrod/Blazor.Auth0?color=blue)](https://github.com/henalbrod/Blazor.Auth0/blob/master/LICENSE)
[![Nuget](https://img.shields.io/nuget/v/Blazor-Auth0-ServerSide?color=green&label=Nuget%3A%20Blazor-Auth0-ServerSide)](https://www.nuget.org/packages/Blazor-Auth0-ServerSide)
[![Nuget](https://img.shields.io/nuget/v/Blazor-Auth0-ClientSide?color=green&label=Nuget%3A%20Blazor-Auth0-Clientside)](https://www.nuget.org/packages/Blazor-Auth0-ClientSide)
[![Github Actions](https://github.com/henalbrod/Blazor.Auth0/workflows/Github%20Actions%20CI/badge.svg)](https://github.com/henalbrod/Blazor.Auth0/actions)
Expand Down Expand Up @@ -35,12 +35,12 @@ Install via [NPM](https://www.nuget.org/).

>Server Side
```bash
Install-Package Blazor-Auth0-ServerSide -Version 1.0.0-Preview1
Install-Package Blazor-Auth0-ServerSide -1.0.0-Preview2
````

>Client Side
```bash
Install-Package Blazor-Auth0-ClientSide -Version 1.0.0-Preview1
Install-Package Blazor-Auth0-ClientSide -1.0.0-Preview2
````
## Usage
Expand Down Expand Up @@ -90,56 +90,28 @@ public void ConfigureServices(IServiceCollection services)
// Other code...
}
```
###
Create a new Shell.razor file inside the Shared folder with the following code
> #### Shell.razor

```HTML
@inherits LayoutComponentBase

<Router AppAssembly="typeof(Startup).Assembly">
<NotFoundContent>
<p>Sorry, there's nothing at this address.</p>
</NotFoundContent>
<NotAuthorizedContent>
<h1>Sorry</h1>
<p>You're not authorized to reach this page. You may need to log in as a different user.</p>
</NotAuthorizedContent>
<AuthorizingContent>
<p>Please wait...</p>
</AuthorizingContent>
</Router>
```
###
Replace App.razor content with the following code
> #### App.razor
```HTML
@inject Blazor.Auth0.IAuthenticationService authService
@inject Blazor.Auth0.Models.ClientOptions clientOptions

<CascadingAuthenticationState>

<AuthorizeView>

<Authorized>
<Shell></Shell>
</Authorized>

<NotAuthorized>
@if (authService.SessionState == SessionStates.Undefined || clientOptions.RequireAuthenticatedUser)
{
<p>Determining session state, please wait...</p>
}
else
{
<Shell />
}
</NotAuthorized>

</AuthorizeView>

</CascadingAuthenticationState>
<Router AppAssembly="@typeof(Program).Assembly">
<Found Context="routeData">
<AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)">
<Authorizing>
<p>>Determining session state, please wait...</p>
</Authorizing>
<NotAuthorized>
<h1>Sorry</h1>
<p>You're not authorized to reach this page. You may need to log in as a different user.</p>
</NotAuthorized>
</AuthorizeRouteView>
</Found>
<NotFound>
<p>Sorry, there's nothing at this address.</p>
</NotFound>
</Router>
```
## Support
If you found a bug, have a consultation or a feature request please feel free to [open an issue](https://github.com/henalbrod/Blazor.Auth0/issues).
Expand All @@ -164,6 +136,11 @@ Pull requests are welcome. For major changes, please open an issue first to disc
## Authors
**Henry Alberto Rodriguez** - _Initial work_ - [GitHub](https://github.com/henalbrod) - [Twitter](https://twitter.com/henalbrod) - [Linkedin](https://www.linkedin.com/in/henalbrod/)

* Especial thanks for its contributions to:

**jbomhold3** [GitHub](https://github.com/jbomhold3)
**TopSwagCode** [GitHub](https://github.com/TopSwagCode)

## License

This project is licensed under the MIT License - see the [LICENSE.md](https://github.com/henalbrod/Blazor.Auth0/blob/master/LICENSE) file for details.
Expand All @@ -176,6 +153,12 @@ This project is licensed under the MIT License - see the [LICENSE.md](https://gi

## Release History

**v1.0.0-Preview2**
* Overall upgrade to .Net Core 3.0 RC1
* Removed Shell.razor in Example projects
* Simplified App.razor in Example projects
* Removed local _imports.razor in Example projects

**v0.1.0.0-Preview1**
* Upgraded to .Net Core 3.0.0-preview8
* Removed AuthComponent
Expand Down
41 changes: 16 additions & 25 deletions examples/Examples.AspNetCoreHosted/Client/App.razor
Original file line number Diff line number Diff line change
@@ -1,25 +1,16 @@
@inject Blazor.Auth0.IAuthenticationService authService
@inject Blazor.Auth0.Models.ClientOptions clientOptions

<CascadingAuthenticationState>

<AuthorizeView>

<Authorized>
<Shell></Shell>
</Authorized>

<NotAuthorized>
@if (authService.SessionState == SessionStates.Undefined || clientOptions.RequireAuthenticatedUser)
{
<p>Determining session state, please wait...</p>
}
else
{
<Shell></Shell>
}
</NotAuthorized>

</AuthorizeView>

</CascadingAuthenticationState>
<Router AppAssembly="@typeof(Program).Assembly">
<Found Context="routeData">
<AuthorizeRouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)">
<Authorizing>
<p>>Determining session state, please wait...</p>
</Authorizing>
<NotAuthorized>
<h1>Sorry</h1>
<p>You're not authorized to reach this page. You may need to log in as a different user.</p>
</NotAuthorized>
</AuthorizeRouteView>
</Found>
<NotFound>
<p>Sorry, there's nothing at this address.</p>
</NotFound>
</Router>
6 changes: 3 additions & 3 deletions examples/Examples.AspNetCoreHosted/Client/Startup.cs
Original file line number Diff line number Diff line change
Expand Up @@ -11,13 +11,13 @@ public void ConfigureServices(IServiceCollection services)
services.AddBlazorAuth0(options =>
{
// Required
options.Domain = "blazor-auth0.auth0.com";
options.Domain = "[Auth0_Domain]";

// Required
options.ClientId = "W6zJ2E5noUKYdnNblZh0M8imCCM5WT0z";
options.ClientId = "[Auth0_client_Id]";

//// Required if you want to make use of Auth0's RBAC
options.Audience = "https://blazor-auth0-serverside.com";
options.Audience = "[Auth0_Audience]";

// PLEASE! PLEASE! PLEASE! DO NOT USE SECRETS IN CLIENT-SIDE APPS... https://medium.com/chingu/protect-application-assets-how-to-secure-your-secrets-a4165550c5fb
// options.ClientSecret = "NEVER!!";
Expand Down
2 changes: 1 addition & 1 deletion examples/Examples.AspNetCoreHosted/Server/appsettings.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"Auth0": {
"Domain": "[Auth0_Audience]",
"Domain": "[Auth0_Domain]",
"Audience": "[Auth0_Audience]"
},

Expand Down
6 changes: 3 additions & 3 deletions examples/Examples.ClientSide/Startup.cs
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,13 @@ public void ConfigureServices(IServiceCollection services)
services.AddBlazorAuth0(options =>
{
// Required
options.Domain = "blazor-auth0.auth0.com";
options.Domain = "[Auth0_Domain]";

// Required
options.ClientId = "Psu6c0Sa4MC1QvdK2OJPONlON8JvaSQt";
options.ClientId = "[Auth0_client_Id]";

//// Required if you want to make use of Auth0's RBAC
options.Audience = "https://blazor-auth0-serverside.com";
options.Audience = "[Auth0_Audience]";

// PLEASE! PLEASE! PLEASE! DO NOT USE SECRETS IN CLIENT-SIDE APPS... https://medium.com/chingu/protect-application-assets-how-to-secure-your-secrets-a4165550c5fb
// options.ClientSecret = "NEVER!!";
Expand Down
5 changes: 5 additions & 0 deletions src/Blazor.Auth0.ClientSide/Authentication.cs
Original file line number Diff line number Diff line change
Expand Up @@ -313,6 +313,11 @@ public static void ValidateAuthorizationResponse(AuthorizationResponse authoriza

errorDescription = "Login Required";

break;
case "consent_required":

errorDescription = "Consent Required";

break;
default:
errorDescription = authorizationResponse.ErrorDescription;
Expand Down
2 changes: 1 addition & 1 deletion src/Blazor.Auth0.ClientSide/AuthenticationService.cs
Original file line number Diff line number Diff line change
Expand Up @@ -461,7 +461,7 @@ private AuthorizeOptions BuildAuthorizeOptions()
CodeChallengeMethods codeChallengeMethod = !isUsingSecret && responseType == ResponseTypes.Code ? CodeChallengeMethods.S256 : CodeChallengeMethods.None;
string codeVerifier = codeChallengeMethod != CodeChallengeMethods.None ? CommonAuthentication.GenerateNonce(this.clientOptions.KeyLength) : null;
string codeChallenge = codeChallengeMethod != CodeChallengeMethods.None ? Utils.GetSha256(codeVerifier) : null;
string nonce = this.RequiresNonce ? CommonAuthentication.GenerateNonce(this.clientOptions.KeyLength) : string.Empty;
string nonce = CommonAuthentication.GenerateNonce(this.clientOptions.KeyLength);

return new AuthorizeOptions
{
Expand Down
7 changes: 2 additions & 5 deletions src/Blazor.Auth0.ClientSide/Blazor.Auth0.ClientSide.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,8 @@
<PackageRequireLicenseAcceptance>true</PackageRequireLicenseAcceptance>
<PackageIconUrl>https://raw.githubusercontent.com/henalbrod/Blazor.Auth0/master/src/Blazor.Auth0.ClientSide/icon.png</PackageIconUrl>
<PackageId>Blazor-Auth0-ClientSide</PackageId>
<PackageReleaseNotes>
Upgraded to .Net Core 3.0.0-preview8
Removed AuthComponent
New One-Liner instantiation
</PackageReleaseNotes>
<PackageReleaseNotes>Upgraded to .Net Core 3.0.0-RC1
</PackageReleaseNotes>
<GeneratePackageOnBuild>true</GeneratePackageOnBuild>
</PropertyGroup>

Expand Down
10 changes: 1 addition & 9 deletions src/Blazor.Auth0.ServerSide/Blazor.Auth0.ServerSide.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -15,15 +15,7 @@
<PackageRequireLicenseAcceptance>true</PackageRequireLicenseAcceptance>
<PackageIconUrl>https://raw.githubusercontent.com/henalbrod/Blazor.Auth0/master/src/Blazor.Auth0.ClientSide/icon.png</PackageIconUrl>
<PackageId>Blazor-Auth0-ServerSide</PackageId>
<PackageReleaseNotes>Upgraded to .Net Core 3.0.0-preview8
Removed AuthComponent
New One-Liner instantiation
Server Side full rewrite
- Better server-side Blazor Authentication compatibility/integration
- Cookie-based session (No more silent login iframe in server-side)
- Refresh token support (Refreshing and Revoking)
- Client secret
- Server-side sliding expiration</PackageReleaseNotes>
<PackageReleaseNotes>Upgraded to .Net Core 3.0.0-RC1</PackageReleaseNotes>
<GeneratePackageOnBuild>true</GeneratePackageOnBuild>
</PropertyGroup>

Expand Down
11 changes: 1 addition & 10 deletions src/Blazor.Auth0.Shared/Blazor.Auth0.Shared.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -15,16 +15,7 @@
<PackageRequireLicenseAcceptance>true</PackageRequireLicenseAcceptance>
<PackageIconUrl>https://raw.githubusercontent.com/henalbrod/Blazor.Auth0/master/src/Blazor.Auth0.ClientSide/icon.png</PackageIconUrl>
<PackageId>Blazor-Auth0-Shared</PackageId>
<PackageReleaseNotes>Upgraded to .Net Core 3.0.0-preview8
Removed AuthComponent
New One-Liner instantiation
Server Side full rewrite
- Better server-side Blazor Authentication compatibility/integration
- Cookie-based session (No more silent login iframe in server-side)
- Refresh token support (Refreshing and Revoking)
- Client secret
- Server-side sliding expiration
</PackageReleaseNotes>
<PackageReleaseNotes>Upgraded to .Net Core 3.0.0-RC1</PackageReleaseNotes>
<GeneratePackageOnBuild>true</GeneratePackageOnBuild>

</PropertyGroup>
Expand Down

0 comments on commit c8222d5

Please sign in to comment.