Architecture
The package works by setting and reading Cookies in User's Browser. The Cookies are used to store the JWT Pair (Access Token and Refresh Token). The Access Token is used to authenticate the User in the Server, and the Refresh Token is used to get a new Access Token when the current one expires.
AuthenticationStateProvider implementations
InteractiveWebAssembly
sequenceDiagram participant client as Blazor Client participant provider as InteractiveWasmAuthenticationStateProvider participant server as Blazor Server client ->>+ provider: GetAuthenticationStateAsync provider ->>+ server: Http request: /auth-state server ->> server: if AccessToken expired: Refresh JwtPair server ->> server: Retrieve Claims from cookies server -->>- provider: Claims note over server,provider: Http response updates browser cookies provider ->> provider: Creates AuthenticationState <br/> from provided claims provider -->>- client: AuthenticationState
InteractiveServer
sequenceDiagram participant client as Blazor Client participant server as Blazor Server participant provider as InteractiveServerAuthenticationStateProvider server ->>+ provider: GetAuthenticationStateAsync provider ->> provider: Generate unique request identifier provider ->>+ server: Subscribe note over server,provider: Subscribe to an HTTP request from client using unique identifier server -->>- provider: provider ->>+ client: RequestClientSideHttpRequestAsync note over client,provider: Request Blazor Client to make an HTTP Request to Blazor Server via JS Interop client -->> provider: note over client: Un-awaited JS promise stays<br/>after JSInterop call is completed provider -->> provider: Wait until OnClientSideHttpRequest<br/>Invokation is complete client -)+ server: HTTP Request deactivate client server ->>+ provider: OnClientSideHttpRequest (id: uniqueIdentifier, request: HttpRequest) provider ->> provider: if AccessToken expired: Refresh JwtPair provider -->>- server: UpdatedCookies server ->> server: Remove Subscription (id: uniqueIdentifier) server ->> server: Update cookies in HttpResponse server -->>- client: OK provider ->> provider: Generate AuthenticationState provider -->>- server: AuthenticationState