Blazor-Auth0-ClientSide 0.7.2-beta.2

.NET Standard 2.0 This package targets .NET Standard 2.0. The package is compatible with this framework or higher.
This is a prerelease version of Blazor-Auth0-ClientSide.
There is a newer prerelease version of this package available.
See the version list below for details. 
dotnet add package Blazor-Auth0-ClientSide --version 0.7.2-beta.2                

                    
                

            
NuGet\Install-Package Blazor-Auth0-ClientSide -Version 0.7.2-beta.2
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Blazor-Auth0-ClientSide" Version="0.7.2-beta.2" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
paket add Blazor-Auth0-ClientSide --version 0.7.2-beta.2                

                    
                

            
#r "nuget: Blazor-Auth0-ClientSide, 0.7.2-beta.2"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
// Install Blazor-Auth0-ClientSide as a Cake Addin
#addin nuget:?package=Blazor-Auth0-ClientSide&version=0.7.2-beta.2&prerelease

// Install Blazor-Auth0-ClientSide as a Cake Tool
#tool nuget:?package=Blazor-Auth0-ClientSide&version=0.7.2-beta.2&prerelease

Blazor Auth0 Library

This is a library for Blazor authentication with OIDC Authorization Code-Grant and Implicit-Grant flows, using Auth0's Universal Login and Silent Login for Blazor over .NET Core v3.0.0-preview7 client & server side solutions, the idea behind this is to have an easy way of using Auth0's services in Blazor without the need of the auth0.js library.

Start using it in 3 simple steps!

Note: Following example will implement a "An authenticated user is Required" flow, for a "Login/Logout Buttons" flow please refer to here

  1. Start by adding a reference to Blazor-Auth0-ClientSide.0.7.0-beta.1 for client side and Blazor-Auth0-ServerSide.0.4.0-beta.1 for server side to your Blazor project

Client Side

Install-Package Blazor-Auth0-ClientSide -Version 0.7.2-beta.2

Server Side

Install-Package Blazor-Auth0-ServerSide -Version 0.4.2-beta.2

  1. In Startup.cs, register the service inside ConfigureServices method
        public void ConfigureServices(IServiceCollection services)
        {
            // Uncomment for Server Side implementations
            // services.AddScoped<HttpClient>();

            services.AddScoped((sp) =>
            {
                return new Blazor.Auth0.Shared.Models.ClientSettings()
                {
                    Auth0Domain = "[Auth0_Domain]",
                    Auth0ClientId = "[Auth0_Client_Id]",
					LoginRequired = true
                };
            });

            services.AddScoped<Blazor.Auth0.[ClientSide|ServerSide].Authentication.AuthenticationService>();
        }

Other options include:

  • AuthenticationGrant: Allows you to choose between authorization_code (recommended) and implicit_grant authentication flows.

  • RedirectAlwaysToHome: When set to true, forces the redirect_uri param to be the home path, this value overrides Auth0RedirectUri

  • LoginRequired: When set to true, forces a redirection to the login page in case the user is not authenticated.

  • GetUserInfoFromIdToken: When set to true, the serivce will use the id_token payload to build the user info, this is good in case all the user info you require is present in the id_token payload and you want avoid doing an extra call to Auth0, in case that tere's no id_token present in the authentication response the service will fall back gracefully to try to get the user info from an API call to auth0, default value is false

  1. Replace the content of App.razor with the following code
@using Blazor.Auth0.Shared.Models.Enumerations
@using Blazor.Auth0.[ClientSide|ServerSide].Components
@using Blazor.Auth0.[ClientSide|ServerSide].Authentication

@inject AuthenticationService _authService

<AuthComponent ProtectedPaths="protectedPaths">

	@*Will render while determining user's session state*@
	<AuthorizingContent>
		Determining session state, please wait...
	</AuthorizingContent>

	@*Will render after determining session state*@
	<AuthorizedContent>

		<Router AppAssembly="typeof(Startup).Assembly">

			<NotFoundContent>
				<p>Sorry, there's nothing at this address.</p>
			</NotFoundContent>

		</Router>

	</AuthorizedContent>

	<NotAuthorizedContent>
		ERROR 401: Unauthorized
	</NotAuthorizedContent>

</AuthComponent>

@code {

    List<string> protectedPaths = new List<string> {
        "fetchdata"
    };

}

Other options include:

  • ProtectedPaths: Allows you to indicate a list of paths that requires an authenticated user, only affects if LoginRequired is set to false.
  • LoginRequiredOnProtectedPaths: Alters the ProtectedPaths behavior. When set to true redirect the user to the login page automatically, otherwise, the content from the UnAuthorizedContent fragment will be rendered.

Using it with the built-in Blazor Authentication and Authorization

Since v0.7.0-beta.1 for client side version and v0.4.0-beta.1 for server side version, you can make use of the new built-in Blazor Authentication and Authorization capabilities.

In Startup.cs, register a new AuthenticationStateProvider service inside ConfigureServices method


services.AddScoped<AuthenticationStateProvider, Blazor.Auth0.[ClientSide|ServerSide].Authentication.AuthenticationStateProvider>();

Server Side Only!

In the Configure method of the same file, instructs the app to use Authentication and Authorization


app.UseAuthentication();
app.UseAuthorization();

IMPORTANT!

If you're planning to use built-in Blazor Authorization capabilities like Claims-based and Policy-based authorization, then you will need to indicate an Auth0 audience/api with the "Enable RBAC" and "Add Permissions in the Access Token" settings set to true, here you have some reading about Auth0's RBAC.

The actual mechanism of authenticating the user, i.e., determining their identity using cookies or other information, is the same in Blazor as in any other ASP.NET Core application. So to control and customize any aspect of it, see documentation about authentication in ASP.NET Core.

SteveSandersonMS

Following are great sources of how to implement the Authentication and Authorization:

ASP.NET Core and Blazor updates in .NET Core 3.0 Preview, SteveSandersonMS/blazor-auth.md, Policy-based authorization in ASP.NET Core, Claims-based authorization in ASP.NET Core

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on Blazor-Auth0-ClientSide:

Package Downloads
Blazor-OpenId

OpenId library for Balzor

GitHub repositories (1)

Showing the top 1 popular GitHub repositories that depend on Blazor-Auth0-ClientSide:

Repository Stars
henalbrod/Blazor.Auth0
The library for using Auth0 in Blazor applications.
Version Downloads Last updated
2.0.0-Preview5 1,382 3/4/2020
2.0.0-Preview4 756 11/17/2019
2.0.0-Preview3 300 11/4/2019
2.0.0-Preview2 292 11/4/2019
2.0.0-Preview1 272 10/26/2019
1.0.0-Preview3 996 9/23/2019
1.0.0-Preview2 297 9/19/2019
1.0.0-Preview1 313 8/24/2019
0.7.2-beta.2 343 7/25/2019
0.7.0-beta.1 336 6/15/2019
0.6.0-beta-1 300 6/14/2019
0.5.1-alpha-2 356 6/12/2019
0.5.0-alpha-1 400 6/5/2019
0.4.0-alpha-2 421 5/8/2019
0.4.0-alpha-1 477 4/20/2019
0.3.0-alpha-3 433 4/20/2019

Updated to .NET Core 3.0 Preview 7

Bugs Fixed: https://github.com/Pegazux/Blazor.Auth0/issues/12, Fixed error in code_challenge and code_validator generation