What is Blazor? A Tutorial on Building Web Apps with Authentication

Thanks a lot for sharing it with the rest of community!

I have walked through this article which is pretty good BTW, and I am unfortunately not able to get the login to work properly.

When I click the button to login, the Login.cshtml.cs file produces this error message: System.ObjectDisposedException: ā€˜IFeatureCollection has been disposed.
Object name: ā€˜Collectionā€™.ā€™ It doesnā€™t seem that it actually tries to go out and hit the auth0 application at all.

I stepped through several times, but I am thinking that I missed something somewhere, so not sure what other information might be needed.

Currently trying to do this in .Net Core 3.1.4 with Blazor.

Ideas on where to start looking?

Thanks!

Chaitanya

Hi @Chaitanya,
Thank you for reading the tutorial.
Honestly, Iā€™m not sure about the reason for the error. Do you get it also with the code from the GitHub repo?
Anyway, I tested it with .NET Core 3.1.2, and it worked. Currently, the latest official release of .NET Core SDK is 3.1.3. Version 3.1.4 is still in development. I suggest using a stable version of the SDK.
Let me know if this suggestion helps you in fixing the issue.

Sorry, I fat fingered the version number. Iā€™m actually running 3.1.3, not 3.1.4. I did download the GitHub version and it seems to work just fine, so there has to be something that is either configured wrong or that I am missing in my project that is causing the issue. But iā€™m just not sure where to start. This is my first foray into Blazor, so right now itā€™s all part of the learning curve. I guess iā€™ll go through the code again and see if I can figure out what I am missing.

Thanks.

Turns out that it was all me. I found out what the issue was:

public async void OnGet(String redirectUri)
{
await HttpContext.ChallengeAsync(ā€œAuth0ā€, new AuthenticationProperties
{
RedirectUri = redirectUri
});
}

turns out returning a void instead of a Task generates that particular issue.

In case someone else runs across that issue. :slight_smile:

2 Likes

Thanks for sharing it, @Chaitanya! :+1:

Glaad you have figured it out yourself!

Hi.

Like the article.

Since the WebAssembly stuff is now in ā€œRCā€ (3.2.0-rc1.20223.4) do you think you can update the article and code with Blazor WASM examples ?

Like most people probably will have with Blazor, we will have a Blazor client served from ā€œSiteAā€ and an API located on ā€œSiteBā€ so need to see a proper example of how we create an Auth0 API configuration and protect it so we can login on the blazor client served from SiteA and consume the WebAPI hosted in SiteB.

Iā€™m sure most of the article will be relevant, but the WASM piece is important to get right as we donā€™t want to reveal any client secrets in the wrong placesā€¦

Thanks.

1 Like

Hi @paulkiddybytes,
Taking into account authentication for Blazor WASM is in my plans. I hope I can do it soon.
Iā€™ll let you know.
Thanks

Andrea

3 Likes

Thanks for the headsup Andrea!

1 Like

I managed to get a simple version working without a ClientSecret using this article from Microsoft: Secure an ASP.NET Core Blazor WebAssembly standalone app with the Authentication library | Microsoft Learn

Unfortunately it seems to me that the library they now recommend using instead of microsoft.aspnetcore.authentication.openidconnect (that wonā€™t install anymore due to WASM targeting .NET Standard) isnā€™t quite as fully featured. Iā€™m currently stuck trying to force show the login after logout: Login prompt after logout using Auth0 in ASP.NET Blazor Web Assembly client-side app - Stack Overflow

Looking forward to reading the updated article when you get a chance @andrea.chiarelli but for now I think Iā€™ll make my life easier and stick with a server side application.

Hi @jemundy,
Thank you for reading my article and joining the Auth0 Community.

As far as I know, the Microsoft.AspNetCore.Authentication.OpenIdConnect library is intended for the server-side scenario, so you cannot use it in the client-side one within your WASM application.

That said, Iā€™m currently not able to help you with the logout issue. Iā€™m planning to update this article or to write another one focused on Blazor WASM authentication. I will post an announcement here when it is ready.

Thanks for your patience.

2 Likes

Within WASM you must use:
using Microsoft.AspNetCore.Components.WebAssembly.Authentication;

builder.Services.AddOidcAuthentication(options =>
{
builder.Configuration.Bind(ā€œAuth0ā€, options.ProviderOptions);
options.ProviderOptions.PostLogoutRedirectUri = ā€œ/ā€;
options.ProviderOptions.ResponseType = ā€œcodeā€;
});

options.ProviderOptions gets itā€™s settings from the client app appsettings.json.

I can confirm that part is working fine.

The only thing that I still havenā€™t figured out is how to protected the API calls with tokens in a WebAssembly Hosted project.

It would be so much appreciated if someone could help me out with this.

Can you provide the example promised now that Blazor WebAssembly is released for production? Whatā€™s the take on tools like GitHub - henalbrod/Blazor.Auth0: The library for using Auth0 in Blazor applications. (which seem to give a working example of Auth0 with Blazor WebAssembly)?

Hey @davy, thank you for sharing this code snippet.
As said in a previous response, Iā€™m planning to update this post. It will also contain guidelines for API calls. Thanks for your patience.

2 Likes

Hey @nissan.dookeran, I hope to give you news about the update soon. Sorry for the delay.
Regarding, the tool you mentioned, I havenā€™t used it and, of course, Auth0 cannot guarantee for it.
But if you feel it is working fine, feel free to use it.

1 Like

Any news/update on this?

Hey @Markus4xD, thanks for your interest.
The update is under review. We found a few issues that needed to be solved.
Thanks for your patience.

Weā€™ll let you know @Markus4xD once itā€™s there!

In case you want to add Auth0 in a Blazor WebAssembly project, you could just use the documentation from Microsoft.

However when using this for Auth0, there is one catch:

Or you can use my NuGet package : WebAssembly.Authentication.Auth0 which does support the Audience parameter.

More details van be found here:

And a full working example can be found here: