Closed
Description
Is there an existing issue for this?
- I have searched the existing issues
Describe the bug
I believe I have encountered this same issue: #53286.
RevalidatingAuthenticationStateProvider.ValidateAuthenticationStateAsync is never called.
Expected Behavior
ValidateAuthenticationStateAsync should be called every RevalidationInterval.
Steps To Reproduce
Subclass RevalidatingServerAuthenticationStateProvider
:
public class CustomAuthenticationStateProvider : RevalidatingServerAuthenticationStateProvider
{
public CustomAuthenticationStateProvider(ILoggerFactory loggerFactory) : base(loggerFactory)
{}
protected override TimeSpan RevalidationInterval => TimeSpan.FromSeconds(5);
public override async Task<AuthenticationState> GetAuthenticationStateAsync()
{
return await Task.FromResult(
new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity(
new List<Claim>{new Claim(ClaimTypes.Expiration, DateTime.UtcNow.AddMinutes(1).ToString("o"))},
"CustomAuth"
))));
}
protected override Task<bool> ValidateAuthenticationStateAsync(AuthenticationState authenticationState, CancellationToken cancellationToken)
{
Console.WriteLine("Validating authentication state...");
string? expirationTimestamp = authenticationState.User.Claims.FirstOrDefault(claim => claim.Type == ClaimTypes.Expiration)?.Value;
if (DateTime.TryParse(expirationTimestamp, out var expirationTime))
{
var result = expirationTime < DateTime.UtcNow;
Console.WriteLine(result ? "Authentication state valid." : "Authentication state expired.");
return Task.FromResult(result);
}
Console.WriteLine("Authentication state invalid.");
return Task.FromResult(false);
}
}
Register the subclass in the IServiceCollection
as a scoped service as an implementation class for AuthenticationStateProvider
.
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddRazorPages();
builder.Services.AddServerSideBlazor();
// Register CustomAuthenticationStateProvider:
builder.Services.AddScoped<AuthenticationStateProvider, CustomAuthenticationStateProvider>();
var app = builder.Build();
app.UseStaticFiles();
app.UseRouting();
app.MapBlazorHub();
app.MapFallbackToPage("/_Host");
app.Run();
Add the CascadingAuthenticationState
component and an AuthorizedView
to the app:
@using Microsoft.AspNetCore.Components.Authorization
<Microsoft.AspNetCore.Components.Authorization.CascadingAuthenticationState>
<Router AppAssembly="@typeof(App).Assembly">
<Found Context="routeData">
<AuthorizeView>
<Authorized>
<RouteView RouteData="@routeData" DefaultLayout="@typeof(MainLayout)" />
<FocusOnNavigate RouteData="@routeData" Selector="h1" />
</Authorized>
<NotAuthorized>
<LayoutView Layout="@typeof(MainLayout)">
<p>You're not authorized to view this page.</p>
</LayoutView>
</NotAuthorized>
</AuthorizeView>
</Found>
<NotFound>
<PageTitle>Not found</PageTitle>
<LayoutView Layout="@typeof(MainLayout)">
<p role="alert">Sorry, there's nothing at this address.</p>
</LayoutView>
</NotFound>
</Router>
</Microsoft.AspNetCore.Components.Authorization.CascadingAuthenticationState>
Run the app and observe that RevalidatingAuthenticationStateProvider.ValidateAuthenticationStateAsync
is never called.
Exceptions (if any)
No response
.NET Version
9.0.101
Anything else?
No response