BlazorWebAppOidcServer: How to get access_token to pass to API? #500
Comments
|
Hello @Schoof-T ... First of all, it's best not to refer to "Blazor Server." It's a Blazor Web App. I've been looking into how the guidance can be updated on this point at ... My first attempt with Stephen Halter's remark at ... dotnet/aspnetcore#52390 (comment) ... didn't go well. I had a limited amount of time to work on it due to other priorities, and my quick attempt to make that work failed 😢. However, I intend to try again soon. There's a lot of workaround discussion on the two product unit issues for this scenario ...
I'm going to analyze all of that discussion and see if I can get the scenario working. If so, I'll pitch coverage in the article and see if Halter agrees with the text and code that I place. You can do the same and see if those techniques, especially what Halter said in his remark, can compose into a working approach. You may get it figured out before I do. I'll get to this ASAP, but it might take me up to two weeks. WRT the product unit fixing it with a framework feature, Dan just said that they won't have time to permanently address the problem for .NET 10 this November. It will probably be addressed for .NET 11 (November, 2026). That makes it even more important that we get documentation into place that will work. Because this is already tracked by dotnet/AspNetCore.Docs#31691, I'll close here. |
|
... and BTW ... I just updated the text in that section to reflect the current state of things. It's on ... ... and I will publish that in the live article right now. It should appear in a few minutes in the article. I'll try to get to the docs issue as soon as I can. 🏃♂ |
|
Thanks @guardrex ! Appreciate the quick response. :) |
|
@guardrex Just for reference, how I have managed to get it to work in the past is with the following: https://stackoverflow.com/questions/72868249/how-to-handle-user-oidc-tokens-in-blazor-server-when-the-browser-is-refreshed-an/72868250#72868250 |
|
Thanks for mentioning that. I hadn't seen that SO discussion. I think that I've seen that approach (or something similar to it) in the discussion that developers had with the product unit. If you work it out for one of the sample apps here before I reach the issue and want to post code snippets at dotnet/AspNetCore.Docs#35067 to wire it up for one of the samples, that would be helpful and speed up coverage. |
Describe the issue
I would like an example on how to get the access_token, to be able to pass it to the API for authentication.
In Blazor Server you are not allowed to use HttpContext, so how will we get the access_token?
Maybe the CookieOidcRefresher should be updated to store the tokens in a storage somewhere?
I feel like this is something that's really missing from this example, and it's difficult to find something about this on the internet.
Expected behavior
A clear and concise description of how to get the access_token in a Blazor Server application, secured with Oidc
Issue Details
⚠ Do not edit this section. It is required for issue processing.
The text was updated successfully, but these errors were encountered: