Add PKCE for Login Flow

Author: mckaragoz

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub.csproj

@@ -9,11 +9,12 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="CodeBeam.MudBlazor.Extensions" Version="9.0.0-preview.1" />
+    <PackageReference Include="CodeBeam.MudBlazor.Extensions" Version="9.0.0-preview.3" />
     <PackageReference Include="MudBlazor" Version="9.0.0-preview.1" />
   </ItemGroup>
 
   <ItemGroup>
+    <ProjectReference Include="..\..\..\src\CodeBeam.UltimateAuth.Client\CodeBeam.UltimateAuth.Client.csproj" />
     <ProjectReference Include="..\..\..\src\CodeBeam.UltimateAuth.Core\CodeBeam.UltimateAuth.Core.csproj" />
     <ProjectReference Include="..\..\..\src\CodeBeam.UltimateAuth.Server\CodeBeam.UltimateAuth.Server.csproj" />
     <ProjectReference Include="..\..\..\src\credentials\CodeBeam.UltimateAuth.Credentials.InMemory\CodeBeam.UltimateAuth.Credentials.InMemory.csproj" />

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Layout/MainLayout.razor

@@ -1,4 +1,12 @@
-@inherits LayoutComponentBase
+@using CodeBeam.UltimateAuth.Core.Abstractions
+@inherits LayoutComponentBase
+@inject IUAuthHubContextInitializer HubContextInitializer
+
+<UAuthClientProvider />
+<MudThemeProvider />
+<MudPopoverProvider />
+<MudDialogProvider />
+<MudSnackbarProvider />
 
 @Body
 

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Layout/MainLayout.razor.cs

@@ -0,0 +1,13 @@
+namespace CodeBeam.UltimateAuth.Sample.UAuthHub.Components.Layout
+{
+    public partial class MainLayout
+    {
+        protected override async Task OnAfterRenderAsync(bool firstRender)
+        {
+            if (firstRender)
+            {
+                await HubContextInitializer.EnsureInitializedAsync();
+            }
+        }
+    }
+}

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Layout/MainLayout.razor.css

@@ -1,7 +1,58 @@
 @page "/"
+@page "/login"
+@using CodeBeam.UltimateAuth.Client
+@using CodeBeam.UltimateAuth.Client.Authentication
+@using CodeBeam.UltimateAuth.Client.Diagnostics
+@using CodeBeam.UltimateAuth.Core.Abstractions
+@using CodeBeam.UltimateAuth.Core.Domain
+@using CodeBeam.UltimateAuth.Core.Runtime
+@using CodeBeam.UltimateAuth.Server.Abstractions
+@using CodeBeam.UltimateAuth.Server.Cookies
+@using CodeBeam.UltimateAuth.Server.Infrastructure
+@using CodeBeam.UltimateAuth.Server.Services
+@using CodeBeam.UltimateAuth.Server.Stores
+@inject IUAuthStateManager StateManager
+@inject IAuthStore AuthStore
+@inject UAuthHubContextAccessor HubContextAccessor
+@inject IUAuthFlowService<UserId> Flow
+@inject ISnackbar Snackbar
+@inject ISessionQueryService<UserId> SessionQuery
+@inject IFlowCredentialResolver CredentialResolver
+@inject IUAuthClient UAuthClient
+@inject NavigationManager Nav
+@inject IUAuthProductInfoProvider ProductInfo
+@inject AuthenticationStateProvider AuthStateProvider
+@inject UAuthClientDiagnostics Diagnostics
 
-<PageTitle>Home</PageTitle>
 
-<h1>Hello, world!</h1>
+<div class="uauth-page d-flex align-center justify-center">
+    <MudStack Class="uauth-stack">
+        <UALoginForm @ref="_form" Identifier="@_username" Secret="@_password">
+            <MudStack>
+                <MudText Typo="Typo.h4">Welcome to UltimateAuth!</MudText>
+                <MudTextField @bind-Value="@_username" Variant="Variant.Outlined" Label="Username" Immediate="true" HelperText="Default: Admin" />
+                <MudPasswordField @bind-Value="@_password" Variant="Variant.Outlined" Label="Password" Immediate="true" HelperText="Default: Password!" />
+                <MudButton Variant="Variant.Filled" Color="Color.Primary" ButtonType="ButtonType.Submit">Login</MudButton>
+            </MudStack>
+        </UALoginForm>
+
+        <MudStack Class="mud-width-full">
+            <MudButton Variant="Variant.Filled" Color="Color.Info" OnClick="ProgrammaticPkceLogin">Programmatic Pkce Login</MudButton>
+        </MudStack>
+
+        <MudStack Spacing="0">
+            <MudText><b>@ProductInfo.Get().ProductName</b> v @ProductInfo.Get().Version</MudText>
+            <MudText>Client Profile: @ProductInfo.Get().ClientProfile.ToString()</MudText>
+        </MudStack>
+
+        <MudStack Spacing="0">
+            <MudText>Hub SessionId: @HubContextAccessor?.Current?.HubSessionId</MudText>
+            <MudText>Client Profile: @HubContextAccessor?.Current?.ClientProfile</MudText>
+            <MudText>Return Url: @HubContextAccessor?.Current?.ReturnUrl</MudText>
+            <MudText>Flow Type: @HubContextAccessor?.Current?.FlowType</MudText>
+            <MudText>Created At: @HubContextAccessor?.Current?.CreatedAt</MudText>
+        </MudStack>
+    </MudStack>
+
+</div>
 
-Welcome to your new app.

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Pages/Counter.razor

@@ -0,0 +1,117 @@
+using CodeBeam.UltimateAuth.Client;
+using CodeBeam.UltimateAuth.Core.Contracts;
+using CodeBeam.UltimateAuth.Core.Domain;
+using CodeBeam.UltimateAuth.Server.Stores;
+using Microsoft.AspNetCore.Components;
+using Microsoft.AspNetCore.Components.Authorization;
+using MudBlazor;
+
+namespace CodeBeam.UltimateAuth.Sample.UAuthHub.Components.Pages
+{
+    public partial class Home
+    {
+        [SupplyParameterFromQuery(Name = "hub")]
+        public string? HubKey { get; set; }
+
+        private string _authorizationCode = default!;
+        private string _codeVerifier = default!;
+
+        private string? _username;
+        private string? _password;
+
+        private UALoginForm _form = null!;
+
+        protected bool Ready;
+        protected string? Error;
+
+        protected override async Task OnAfterRenderAsync(bool firstRender)
+        {
+            if (firstRender)
+            {
+                //await HubContextInitializer.EnsureInitializedAsync();
+            }
+        }
+
+        private async Task InitializeHubContext()
+        {
+            if (string.IsNullOrWhiteSpace(HubKey))
+                return;
+
+            var artifact = await AuthStore.ConsumeAsync(new AuthArtifactKey(HubKey));
+
+            if (artifact is not HubFlowArtifact flow)
+                return;
+
+            var context = new UAuthHubContext(
+                hubSessionId: flow.HubSessionId,
+                flowType: flow.FlowType,
+                clientProfile: flow.ClientProfile,
+                tenantId: flow.TenantId,
+                returnUrl: flow.ReturnUrl,
+                payload: flow.Payload,
+                createdAt: DateTimeOffset.UtcNow);
+
+            HubContextAccessor.Initialize(context);
+
+            StateHasChanged();
+        }
+
+        private async Task ProgrammaticPkceLogin()
+        {
+            var hub = HubContextAccessor.Current;
+
+            if (hub is null)
+                return;
+
+            hub.Payload.TryGet("authorization_code", out string? authorizationCode);
+            hub.Payload.TryGet("code_verifier", out string? codeVerifier);
+            hub.Payload.TryGet("return_url", out string? returnUrl);
+
+            var request = new PkceLoginRequest
+            {
+                Identifier = "Admin",
+                Secret = "Password!",
+                AuthorizationCode = authorizationCode ?? string.Empty,
+                CodeVerifier = codeVerifier ?? string.Empty,
+                ReturnUrl = hub.ReturnUrl ?? string.Empty
+            };
+            await UAuthClient.CompletePkceLoginAsync(request);
+        }
+
+        //protected override void OnAfterRender(bool firstRender)
+        //{
+        //    if (firstRender)
+        //    {
+        //        var uri = Nav.ToAbsoluteUri(Nav.Uri);
+        //        var query = Microsoft.AspNetCore.WebUtilities.QueryHelpers.ParseQuery(uri.Query);
+
+        //        if (query.TryGetValue("error", out var error))
+        //        {
+        //            ShowLoginError(error.ToString());
+        //            ClearQueryString();
+        //        }
+        //    }
+        //}
+
+        private void ShowLoginError(string code)
+        {
+            var message = code switch
+            {
+                "invalid" => "Invalid username or password.",
+                "locked" => "Your account is locked.",
+                "mfa" => "Multi-factor authentication required.",
+                _ => "Login failed."
+            };
+
+            Snackbar.Add(message, Severity.Error);
+        }
+
+        private void ClearQueryString()
+        {
+            var uri = new Uri(Nav.Uri);
+            var clean = uri.GetLeftPart(UriPartial.Path);
+            Nav.NavigateTo(clean, replace: true);
+        }
+
+    }
+}

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Pages/Home.razor

@@ -1,6 +1,8 @@
-<Router AppAssembly="typeof(Program).Assembly" NotFoundPage="typeof(Pages.NotFound)">
-    <Found Context="routeData">
-        <RouteView RouteData="routeData" DefaultLayout="typeof(Layout.MainLayout)" />
-        <FocusOnNavigate RouteData="routeData" Selector="h1" />
-    </Found>
-</Router>
+<CascadingAuthenticationState>
+    <Router AppAssembly="typeof(Program).Assembly" NotFoundPage="typeof(Pages.NotFound)">
+        <Found Context="routeData">
+            <AuthorizeRouteView RouteData="routeData" DefaultLayout="typeof(Layout.MainLayout)" />
+            <FocusOnNavigate RouteData="routeData" Selector="h1" />
+        </Found>
+    </Router>
+</CascadingAuthenticationState>

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Pages/Home.razor.cs

@@ -5,7 +5,12 @@
 @using Microsoft.AspNetCore.Components.Web
 @using static Microsoft.AspNetCore.Components.Web.RenderMode
 @using Microsoft.AspNetCore.Components.Web.Virtualization
+@using Microsoft.AspNetCore.Components.Authorization
 @using Microsoft.JSInterop
-@using UltimateAuth.Sample.UAuthHub
-@using UltimateAuth.Sample.UAuthHub.Components
-@using UltimateAuth.Sample.UAuthHub.Components.Layout
+@using CodeBeam.UltimateAuth.Sample.UAuthHub
+@using CodeBeam.UltimateAuth.Sample.UAuthHub.Components
+@using CodeBeam.UltimateAuth.Sample.UAuthHub.Components.Layout
+@using CodeBeam.UltimateAuth.Client
+
+@using MudBlazor
+@using MudExtensions