Notifications on AuthenticationState update & expiry (#55)

YuriyDurov · web-flow · commit 70532cfc12cd · 2025-10-16T17:28:41.000+04:00
diff --git a/src/BitzArt.Blazor.Auth.Client/Extensions/ClientSideAddBlazorAuthExtension.cs b/src/BitzArt.Blazor.Auth.Client/Extensions/ClientSideAddBlazorAuthExtension.cs
@@ -14,9 +14,16 @@ public static class ClientSideAddBlazorAuthExtension
     /// Adds client-side Blazor.Auth services to the specified <see cref="WebAssemblyHostBuilder"/>.
     /// </summary>
     /// <param name="builder">The <see cref="WebAssemblyHostBuilder"/> to add services to.</param>
+    /// <param name="configure">An <see cref="Action"/> to configure <see cref="BlazorAuthOptions"/>.</param>
     /// <returns><see cref="WebAssemblyHostBuilder"/> to allow chaining.</returns>
-    public static WebAssemblyHostBuilder AddBlazorAuth(this WebAssemblyHostBuilder builder)
+    public static WebAssemblyHostBuilder AddBlazorAuth(this WebAssemblyHostBuilder builder, Action<BlazorAuthOptions>? configure = null)
     {
+        var options = new BlazorAuthOptions();
+
+        configure?.Invoke(options);
+
+        builder.Services.AddSingleton(options);
+
         builder.AddBlazorCookies();
         builder.Services.AddScoped<IBlazorAuthLogger, BlazorAuthLogger>();
 
diff --git a/src/BitzArt.Blazor.Auth.Client/Services/BlazorHostHttpClient.cs b/src/BitzArt.Blazor.Auth.Client/Services/BlazorHostHttpClient.cs
@@ -25,6 +25,14 @@ public async Task<TResponse> PostAsync<TResponse>(string requestUri, object valu
         return result;
     }
 
+    public async Task<TResponse> PostAsync<TResponse>(string requestUri, CancellationToken cancellationToken = default)
+    {
+        var response = await _httpClient.PostAsync(requestUri, null, cancellationToken);
+        var result = await ParseResponseAsync<TResponse>(response, cancellationToken);
+
+        return result;
+    }
+
     public async Task<HttpResponseMessage> GetAsync(string requestUri, CancellationToken cancellationToken = default)
         => await _httpClient.PostAsync(requestUri, null, cancellationToken);
 
diff --git a/src/BitzArt.Blazor.Auth.Client/Services/UserService.cs b/src/BitzArt.Blazor.Auth.Client/Services/UserService.cs
@@ -4,10 +4,15 @@
 namespace BitzArt.Blazor.Auth.Client;
 
 // Client-side implementation of the user service.
-internal class UserService(BlazorHostHttpClient hostClient) : IUserService
+internal class UserService(BlazorHostHttpClient hostClient) : IUserService, IAuthStateUpdateNotifier
 {
     private protected readonly BlazorHostHttpClient HostClient = hostClient;
 
+    public event IAuthStateUpdateNotifier.AuthenticationStateUpdatedEventHandler? AuthenticationStateUpdated;
+
+    protected void NotifyAuthenticationStateUpdated(AuthenticationOperationInfo? authInfo)
+        => AuthenticationStateUpdated?.Invoke(this, authInfo);
+
     public async Task<AuthenticationState> GetAuthenticationStateAsync(CancellationToken cancellationToken = default)
     {
         var response = await HostClient.GetAsync<ClaimsPrincipalDto>("/_auth/me", cancellationToken);
@@ -19,17 +24,30 @@ public async Task<AuthenticationState> GetAuthenticationStateAsync(CancellationT
         return new AuthenticationState(principal);
     }
 
+    public async Task<AuthenticationOperationInfo> RefreshJwtPairAsync(CancellationToken cancellationToken = default)
+    {
+        var result = await HostClient.PostAsync<AuthenticationOperationInfo>("/_auth/refresh", cancellationToken);
+
+        NotifyAuthenticationStateUpdated(result);
+
+        return result;
+    }
+
     public async Task<AuthenticationOperationInfo> RefreshJwtPairAsync(string refreshToken, CancellationToken cancellationToken = default)
     {
         var result = await HostClient.PostAsync<AuthenticationOperationInfo>("/_auth/refresh", refreshToken, cancellationToken);
 
+        NotifyAuthenticationStateUpdated(result);
+
         return result;
     }
 
     public async Task SignOutAsync(CancellationToken cancellationToken = default)
     {
         var response = await HostClient.PostAsync("/_auth/sign-out", cancellationToken);
 
+        NotifyAuthenticationStateUpdated(null);
+
         response.Validate();
     }
 }
@@ -41,6 +59,8 @@ public async Task<AuthenticationOperationInfo> SignInAsync(TSignInPayload signIn
     {
         var result = await HostClient.PostAsync<AuthenticationOperationInfo>("/_auth/sign-in", signInPayload!, cancellationToken);
 
+        NotifyAuthenticationStateUpdated(result);
+
         return result;
     }
 }
@@ -52,6 +72,8 @@ public async Task<AuthenticationOperationInfo> SignUpAsync(TSignUpPayload signUp
     {
         var result = await HostClient.PostAsync<AuthenticationOperationInfo>("/_auth/sign-up", signUpPayload!, cancellationToken);
 
+        NotifyAuthenticationStateUpdated(result);
+
         return result;
     }
 }
diff --git a/src/BitzArt.Blazor.Auth.Server/Endpoints/MapAuthEndpointsExtension.Refresh.cs b/src/BitzArt.Blazor.Auth.Server/Endpoints/MapAuthEndpointsExtension.Refresh.cs
@@ -2,6 +2,8 @@
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Routing;
+using Microsoft.Extensions.DependencyInjection;
+using System.Diagnostics;
 using System.Text.Json;
 
 namespace BitzArt.Blazor.Auth.Server;
@@ -11,19 +13,29 @@ public static partial class MapAuthEndpointsExtension
     private static IEndpointRouteBuilder MapAuthRefreshEndpoint(this IEndpointRouteBuilder builder)
     {
         builder.MapPost("/_auth/refresh", async (
-            [FromServices] IAuthenticationService authService,
+            [FromServices] IServiceProvider serviceProvider,
             [FromServices] IHttpContextAccessor httpContextAccessor,
             CancellationToken cancellationToken = default) =>
         {
-            var context = httpContextAccessor.HttpContext;
-            using StreamReader reader = new(context!.Request.Body);
+            var userService = serviceProvider.GetRequiredService<StaticUserService>();
+
+            var context = httpContextAccessor.HttpContext
+                    ?? throw new InvalidOperationException("The HttpContext is not available.");
+
+            using StreamReader reader = new(context.Request.Body);
             var bodyAsString = await reader.ReadToEndAsync(cancellationToken);
-            var refreshToken = JsonSerializer.Deserialize<string>(bodyAsString, Constants.JsonSerializerOptions);
 
-            var result = await authService.RefreshJwtPairAsync(refreshToken!, cancellationToken);
-            var info = result.GetInfo();
+            var refreshToken = string.IsNullOrWhiteSpace(bodyAsString)
+                ? null
+                : JsonSerializer.Deserialize<string?>(bodyAsString, Constants.JsonSerializerOptions);
+
+            var result = refreshToken switch
+            {
+                null => await userService.RefreshJwtPairAsync(cancellationToken),
+                string => await userService.RefreshJwtPairAsync(refreshToken, cancellationToken)
+            };
 
-            return Results.Ok(info);
+            return Results.Ok(result);
         });
 
         return builder;
diff --git a/src/BitzArt.Blazor.Auth.Server/Endpoints/MapAuthEndpointsExtension.SignIn.cs b/src/BitzArt.Blazor.Auth.Server/Endpoints/MapAuthEndpointsExtension.SignIn.cs
@@ -23,8 +23,7 @@ private static IEndpointRouteBuilder MapAuthSignInEndpoint(this IEndpointRouteBu
                 if (payloadType is null)
                     return Results.BadRequest("The registered IAuthenticationService does not implement Sign-In functionality.");
 
-                var userService = serviceProvider.GetRequiredService<StaticUserService>()
-                    ?? throw new UnreachableException();
+                var userService = serviceProvider.GetRequiredService<StaticUserService>();
 
                 var context = httpContextAccessor.HttpContext
                     ?? throw new InvalidOperationException("The HttpContext is not available.");
diff --git a/src/BitzArt.Blazor.Auth.Server/Endpoints/MapAuthEndpointsExtension.SignUp.cs b/src/BitzArt.Blazor.Auth.Server/Endpoints/MapAuthEndpointsExtension.SignUp.cs
@@ -23,8 +23,7 @@ private static IEndpointRouteBuilder MapAuthSignUpEndpoint(this IEndpointRouteBu
             if (payloadType is null)
                 return Results.BadRequest("The registered IAuthenticationService does not implement Sign-Up functionality.");
 
-            var userService = serviceProvider.GetRequiredService<StaticUserService>()
-                ?? throw new UnreachableException();
+            var userService = serviceProvider.GetRequiredService<StaticUserService>();
 
             var context = httpContextAccessor.HttpContext
                 ?? throw new InvalidOperationException("The HttpContext is not available.");
diff --git a/src/BitzArt.Blazor.Auth.Server/Extensions/AddUserServiceExtensions.cs b/src/BitzArt.Blazor.Auth.Server/Extensions/AddUserServiceExtensions.cs
@@ -2,7 +2,7 @@
 
 namespace BitzArt.Blazor.Auth.Server;
 
-internal static class AddUserServiceExtension
+internal static class AddUserServiceExtensions
 {
     public static IServiceCollection AddUserService(this IServiceCollection services, AuthenticationServiceSignature authServiceSignature)
     {
diff --git a/src/BitzArt.Blazor.Auth.Server/Extensions/ServerSideAddBlazorAuthExtensions.cs b/src/BitzArt.Blazor.Auth.Server/Extensions/ServerSideAddBlazorAuthExtensions.cs
@@ -44,8 +44,11 @@ public static IHostApplicationBuilder AddBlazorAuth<TAuthenticationService, TIde
         where TIdentityClaimsService : class, IIdentityClaimsService
     {
         var options = new BlazorAuthServerOptions();
+
         configure?.Invoke(options);
+
         builder.Services.AddSingleton(options);
+        builder.Services.AddSingleton<BlazorAuthOptions>(options);
 
         builder.AddBlazorCookies();
         builder.Services.AddScoped<IBlazorAuthLogger, BlazorAuthLogger>();
diff --git a/src/BitzArt.Blazor.Auth.Server/Options/BlazorAuthServerOptions.cs b/src/BitzArt.Blazor.Auth.Server/Options/BlazorAuthServerOptions.cs
@@ -3,7 +3,7 @@
 /// <summary>
 /// Options for the Blazor Auth Server.
 /// </summary>
-public class BlazorAuthServerOptions
+public class BlazorAuthServerOptions : BlazorAuthOptions
 {
     /// <summary>
     /// Allows the app to operate in a non-HTTPS environment.
diff --git a/src/BitzArt.Blazor.Auth.Server/Services/InteractiveUserService.cs b/src/BitzArt.Blazor.Auth.Server/Services/InteractiveUserService.cs
@@ -10,12 +10,17 @@ namespace BitzArt.Blazor.Auth.Server;
 internal class InteractiveUserService(
     IBlazorAuthLogger logger,
     NavigationManager navigation,
-    IJSRuntime js) : IUserService
+    IJSRuntime js) : IUserService, IAuthStateUpdateNotifier
 {
     private protected readonly IBlazorAuthLogger Logger = logger;
     private protected readonly NavigationManager Navigation = navigation;
     private protected readonly IJSRuntime Js = js;
 
+    public event IAuthStateUpdateNotifier.AuthenticationStateUpdatedEventHandler? AuthenticationStateUpdated;
+
+    protected void NotifyAuthenticationStateUpdated(AuthenticationOperationInfo? authInfo)
+        => AuthenticationStateUpdated?.Invoke(this, authInfo);
+
     public async Task<AuthenticationState> GetAuthenticationStateAsync(CancellationToken cancellationToken = default)
         => await DoWhileLogging(async ()
             => await DoWithJsModule(async (module)
@@ -34,6 +39,25 @@ public async Task<AuthenticationState> GetAuthenticationStateAsync(CancellationT
                     return new AuthenticationState(principal);
                 }));
 
+    public async Task<AuthenticationOperationInfo> RefreshJwtPairAsync(CancellationToken cancellationToken = default)
+        => await DoWhileLogging(async ()
+            => await DoWithJsModule(async (module)
+                =>
+            {
+                var baseUri = GetBaseUri();
+                var url = $"{baseUri.TrimEnd('/')}/_auth/refresh";
+
+                var result = await module.InvokeAsync<AuthenticationOperationInfo>(
+                    "requestAsync",
+                    cancellationToken: cancellationToken,
+                    [url, HttpMethod.Post.Method, null, "json"])
+                    ?? throw new InvalidOperationException("Failed to deserialize the authentication result info.");
+
+                NotifyAuthenticationStateUpdated(result);
+
+                return result;
+            }));
+
     public async Task<AuthenticationOperationInfo> RefreshJwtPairAsync(string refreshToken, CancellationToken cancellationToken = default)
         => await DoWhileLogging(async ()
             => await DoWithJsModule(async (module)
@@ -48,6 +72,8 @@ public async Task<AuthenticationOperationInfo> RefreshJwtPairAsync(string refres
                         [url, HttpMethod.Post.Method, refreshToken, "json"])
                         ?? throw new InvalidOperationException("Failed to deserialize the authentication result info.");
 
+                    NotifyAuthenticationStateUpdated(result);
+
                     return result;
                 }));
 
@@ -64,6 +90,8 @@ await module.InvokeVoidAsync(
                         cancellationToken: cancellationToken,
                         [url, HttpMethod.Post.Method, null, null]);
 
+                    NotifyAuthenticationStateUpdated(null);
+
                     return true;
                 }));
 
diff --git a/src/BitzArt.Blazor.Auth.Server/Services/StaticUserService.cs b/src/BitzArt.Blazor.Auth.Server/Services/StaticUserService.cs
@@ -61,6 +61,20 @@ public async Task<AuthenticationState> GetAuthenticationStateAsync(CancellationT
         return UnauthorizedState;
     }
 
+    public async Task<AuthenticationOperationInfo> RefreshJwtPairAsync(CancellationToken cancellationToken = default)
+    {
+        var refreshTokenCookie = await cookieService.GetAsync(Cookies.RefreshToken);
+
+        if (refreshTokenCookie is null || string.IsNullOrWhiteSpace(refreshTokenCookie!.Value))
+        {
+            return new AuthenticationOperationInfo(false, "Refresh token was not found in cookies.");
+        }
+
+        logger.LogDebug("Refresh token was found in cookies. Refreshing the user's JWT pair...");
+
+        return await RefreshJwtPairAsync(refreshTokenCookie!.Value!, cancellationToken);
+    }
+
     public async Task<AuthenticationOperationInfo> RefreshJwtPairAsync(string refreshToken, CancellationToken cancellationToken = default)
     {
         var authResult = await authService.RefreshJwtPairAsync(refreshToken, cancellationToken)
diff --git a/src/BitzArt.Blazor.Auth.Server/wwwroot/auth.js b/src/BitzArt.Blazor.Auth.Server/wwwroot/auth.js
@@ -13,7 +13,7 @@ export async function requestAsync(url, method, body, outputType = "json") {
     const response = await fetch(request);
 
     if (!response.ok) {
-        throw new Error(`Server responded with a non-success status code: '${response.status}'`);
+        throw new Error(`Server responded with non-success status code: '${response.status}'`);
     }
 
     switch (outputType) {
diff --git a/src/BitzArt.Blazor.Auth/Interfaces/IAuthStateUpdateNotifier.cs b/src/BitzArt.Blazor.Auth/Interfaces/IAuthStateUpdateNotifier.cs
@@ -0,0 +1,7 @@
+﻿namespace BitzArt.Blazor.Auth;
+
+internal interface IAuthStateUpdateNotifier
+{
+    public delegate void AuthenticationStateUpdatedEventHandler(IUserService? sender, AuthenticationOperationInfo? operationInfo);
+    public event AuthenticationStateUpdatedEventHandler? AuthenticationStateUpdated;
+}
diff --git a/src/BitzArt.Blazor.Auth/Interfaces/IUserService.cs b/src/BitzArt.Blazor.Auth/Interfaces/IUserService.cs
@@ -18,6 +18,14 @@ public interface IUserService
     /// </summary>
     /// <returns>An <see cref="AuthenticationOperationInfo"/> received
     /// after refreshing the User's JWT Pair and updating the Authentication State.</returns>
+    public Task<AuthenticationOperationInfo> RefreshJwtPairAsync(CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// Refresh the current User's JWT pair.
+    /// </summary>
+    /// <returns>An <see cref="AuthenticationOperationInfo"/> received
+    /// after refreshing the User's JWT Pair and updating the Authentication State.</returns>
+    [Obsolete("Use RefreshJwtPairAsync overload without refreshToken parameter instead.")]
     public Task<AuthenticationOperationInfo> RefreshJwtPairAsync(string refreshToken, CancellationToken cancellationToken = default);
 
     /// <summary>
diff --git a/src/BitzArt.Blazor.Auth/Options/BlazorAuthOptions.cs b/src/BitzArt.Blazor.Auth/Options/BlazorAuthOptions.cs
@@ -0,0 +1,25 @@
+﻿namespace BitzArt.Blazor.Auth;
+
+/// <summary>
+/// Options for configuring <b>Blazor.Auth</b>
+/// </summary>
+public class BlazorAuthOptions
+{
+    /// <summary>
+    /// An option to disable automatic expiration handling.
+    /// </summary>
+    /// <remarks>
+    /// <para>
+    /// By default, the authentication state provider automatically handles token expiration
+    /// by setting up a timer to refresh the authentication state when the token expires.
+    /// </para>
+    /// <para>
+    /// Setting this option to <see langword="true"/> disables this automatic behavior, allowing
+    /// for manual handling of token expiration.
+    /// </para>
+    /// <para>
+    /// Default: <see langword="false"/>
+    /// </para>
+    /// </remarks>
+    public bool DisableAutoExpirationHandling { get; set; } = false;
+}
diff --git a/src/BitzArt.Blazor.Auth/Providers/BlazorAuthAuthenticationStateProvider.cs b/src/BitzArt.Blazor.Auth/Providers/BlazorAuthAuthenticationStateProvider.cs
diff --git a/src/BitzArt.Blazor.Auth/Services/BlazorAuthAuthenticationStateProvider.cs b/src/BitzArt.Blazor.Auth/Services/BlazorAuthAuthenticationStateProvider.cs

Original file line number	Diff line number	Diff line change
`@@ -4,10 +4,15 @@`
`4`	`4`	`namespace BitzArt.Blazor.Auth.Client;`
`5`	`5`
`6`	`6`	`// Client-side implementation of the user service.`
`7`		`-internal class UserService(BlazorHostHttpClient hostClient) : IUserService`
	`7`	`+internal class UserService(BlazorHostHttpClient hostClient) : IUserService, IAuthStateUpdateNotifier`
`8`	`8`	`{`
`9`	`9`	`private protected readonly BlazorHostHttpClient HostClient = hostClient;`
`10`	`10`
	`11`	`+ public event IAuthStateUpdateNotifier.AuthenticationStateUpdatedEventHandler? AuthenticationStateUpdated;`
	`12`	`+`
	`13`	`+ protected void NotifyAuthenticationStateUpdated(AuthenticationOperationInfo? authInfo)`
	`14`	`+ => AuthenticationStateUpdated?.Invoke(this, authInfo);`
	`15`	`+`
`11`	`16`	`public async Task<AuthenticationState> GetAuthenticationStateAsync(CancellationToken cancellationToken = default)`
`12`	`17`	`{`
`13`	`18`	`var response = await HostClient.GetAsync<ClaimsPrincipalDto>("/_auth/me", cancellationToken);`
`@@ -19,17 +24,30 @@ public async Task<AuthenticationState> GetAuthenticationStateAsync(CancellationT`
`19`	`24`	`return new AuthenticationState(principal);`
`20`	`25`	`}`
`21`	`26`
	`27`	`+ public async Task<AuthenticationOperationInfo> RefreshJwtPairAsync(CancellationToken cancellationToken = default)`
	`28`	`+ {`
	`29`	`+ var result = await HostClient.PostAsync<AuthenticationOperationInfo>("/_auth/refresh", cancellationToken);`
	`30`	`+`
	`31`	`+ NotifyAuthenticationStateUpdated(result);`
	`32`	`+`
	`33`	`+ return result;`
	`34`	`+ }`
	`35`	`+`
`22`	`36`	`public async Task<AuthenticationOperationInfo> RefreshJwtPairAsync(string refreshToken, CancellationToken cancellationToken = default)`
`23`	`37`	`{`
`24`	`38`	`var result = await HostClient.PostAsync<AuthenticationOperationInfo>("/_auth/refresh", refreshToken, cancellationToken);`
`25`	`39`
	`40`	`+ NotifyAuthenticationStateUpdated(result);`
	`41`	`+`
`26`	`42`	`return result;`
`27`	`43`	`}`
`28`	`44`
`29`	`45`	`public async Task SignOutAsync(CancellationToken cancellationToken = default)`
`30`	`46`	`{`
`31`	`47`	`var response = await HostClient.PostAsync("/_auth/sign-out", cancellationToken);`
`32`	`48`
	`49`	`+ NotifyAuthenticationStateUpdated(null);`
	`50`	`+`
`33`	`51`	`response.Validate();`
`34`	`52`	`}`
`35`	`53`	`}`
`@@ -41,6 +59,8 @@ public async Task<AuthenticationOperationInfo> SignInAsync(TSignInPayload signIn`
`41`	`59`	`{`
`42`	`60`	`var result = await HostClient.PostAsync<AuthenticationOperationInfo>("/_auth/sign-in", signInPayload!, cancellationToken);`
`43`	`61`
	`62`	`+ NotifyAuthenticationStateUpdated(result);`
	`63`	`+`
`44`	`64`	`return result;`
`45`	`65`	`}`
`46`	`66`	`}`
`@@ -52,6 +72,8 @@ public async Task<AuthenticationOperationInfo> SignUpAsync(TSignUpPayload signUp`
`52`	`72`	`{`
`53`	`73`	`var result = await HostClient.PostAsync<AuthenticationOperationInfo>("/_auth/sign-up", signUpPayload!, cancellationToken);`
`54`	`74`
	`75`	`+ NotifyAuthenticationStateUpdated(result);`
	`76`	`+`
`55`	`77`	`return result;`
`56`	`78`	`}`
`57`	`79`	`}`
Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,7 @@`
`2`	`2`
`3`	`3`	`namespace BitzArt.Blazor.Auth.Server;`
`4`	`4`
`5`		`-internal static class AddUserServiceExtension`
	`5`	`+internal static class AddUserServiceExtensions`
`6`	`6`	`{`
`7`	`7`	`public static IServiceCollection AddUserService(this IServiceCollection services, AuthenticationServiceSignature authServiceSignature)`
`8`	`8`	`{`
Original file line number	Diff line number	Diff line change
`@@ -3,7 +3,7 @@`
`3`	`3`	`/// <summary>`
`4`	`4`	`/// Options for the Blazor Auth Server.`
`5`	`5`	`/// </summary>`
`6`		`-public class BlazorAuthServerOptions`
	`6`	`+public class BlazorAuthServerOptions : BlazorAuthOptions`
`7`	`7`	`{`
`8`	`8`	`/// <summary>`
`9`	`9`	`/// Allows the app to operate in a non-HTTPS environment.`