Skip to content

Comments

Blazor Web (InteractiveAuto) with BFF + YARP and token exchange api call sample#384

Open
m3nax wants to merge 34 commits intoopeniddict:devfrom
m3nax:blazor-web-auto-exchange-sample
Open

Blazor Web (InteractiveAuto) with BFF + YARP and token exchange api call sample#384
m3nax wants to merge 34 commits intoopeniddict:devfrom
m3nax:blazor-web-auto-exchange-sample

Conversation

@m3nax
Copy link
Contributor

@m3nax m3nax commented Feb 10, 2026
edited
Loading

Esempio blazor che fa uso di BFF with YARP e token exchange.

Pages:

  • Home page with a brief explanation of the purpose of the example
  • Unauthenticated page counter
  • Authenticated weather page that uses token exchange
  • AdminOnly page that shows how to propagate user roles to the webassembly client when InteractiveMode is enabled

Related to #367

m3nax added 22 commits February 6, 2026 09:27
@m3nax
Addes Ui, Auth, Aspire projects
1266bac
@m3nax
Fixed aspire project naming and folder structure
dfd7865
@m3nax
Added api project, configured project startup ordering
25d84eb
@m3nax
Updated aspire to the latest version
c049384
@m3nax
Added db creation
7b4bb47
@m3nax
Implemented Auth project
eb518a8
@m3nax
Added example user seeding
d83801d
@m3nax
Added sample admin user seeding
0f4aa66
@m3nax
Added auth stack to UI.Client
ecc4660
@m3nax
Disable UI auto opening
3248d82
@m3nax
Added login/logout buttons
393481e
@m3nax
Configured OpenIddict client
de461a1
@m3nax
Added UI client seeding
12b78ea
@m3nax
Add Authorize attribute to Weather.razor page
dadd848
@m3nax
Simplyfied callback registration
99bcaab
@m3nax
Added simple example of user roles
e670cc6
@m3nax
Updated the api project
f9e9f98
@m3nax
Removed unsed code
48b52a0
@m3nax
Fixed data seeding
bcf81c9
@m3nax
Updated UserClaims page
2b620a2
@m3nax
Updated the description of page Weather.razor
e7b0c97
@m3nax
Updated page description
d377e31
kevinchalet
kevinchalet reviewed Feb 10, 2026
View reviewed changes
Copy link
Member

@kevinchalet kevinchalet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this great PR! 👏🏻

samples/Geonosis/Geonosis.Ui/Geonosis.Ui/AuthenticationEndpointsExtensions.cs Outdated
var sanitizedUrl = returnUrl switch
{
null or "" => baseRoute,
_ when !Uri.IsWellFormedUriString(returnUrl, UriKind.Relative) =>
Copy link
Member

@kevinchalet kevinchalet Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI: we now avoid Uri.IsWellFormedUriString() like the plague as it returns false negatives for correctly encoded URIs.

Since we're in a minimal API context, let's just use RedirectHttpResult.IsLocalUrl() instead (it internally uses a much safer logic).

Copy link
Contributor Author

@m3nax m3nax Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good to know

@kevinchalet kevinchalet self-assigned this Feb 10, 2026
kevinchalet
kevinchalet reviewed Feb 10, 2026
View reviewed changes
@m3nax m3nax mentioned this pull request Feb 10, 2026
Merged
@m3nax m3nax requested a review from kevinchalet February 11, 2026 19:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kevinchalet kevinchalet Awaiting requested review from kevinchalet

Assignees

@kevinchalet kevinchalet

Labels

enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@m3nax @kevinchalet