Preparation of First Release (Part 5/7) (#13)

* Preparation of First Release (Part 5/7)

* Add Complete Refresh Flow Especially For PureOpaque and Hybrid Auth Mode

* Add PKCE for Login Flow

* Add PKCE form login & Failed Behavior

* PKCE Polish & Cleanup

* Fix SessionId Cookie MaxAge on Hybrid Auth Mode

* Add DeviceId Support & Big Refactoring

* Minor Fixes

* Fix Tests

Author: mckaragoz

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub.csproj

@@ -9,11 +9,12 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="CodeBeam.MudBlazor.Extensions" Version="9.0.0-preview.1" />
+    <PackageReference Include="CodeBeam.MudBlazor.Extensions" Version="9.0.0-preview.3" />
     <PackageReference Include="MudBlazor" Version="9.0.0-preview.1" />
   </ItemGroup>
 
   <ItemGroup>
+    <ProjectReference Include="..\..\..\src\CodeBeam.UltimateAuth.Client\CodeBeam.UltimateAuth.Client.csproj" />
     <ProjectReference Include="..\..\..\src\CodeBeam.UltimateAuth.Core\CodeBeam.UltimateAuth.Core.csproj" />
     <ProjectReference Include="..\..\..\src\CodeBeam.UltimateAuth.Server\CodeBeam.UltimateAuth.Server.csproj" />
     <ProjectReference Include="..\..\..\src\credentials\CodeBeam.UltimateAuth.Credentials.InMemory\CodeBeam.UltimateAuth.Credentials.InMemory.csproj" />

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Layout/MainLayout.razor

@@ -1,4 +1,12 @@
-@inherits LayoutComponentBase
+@using CodeBeam.UltimateAuth.Core.Abstractions
+@using CodeBeam.UltimateAuth.Server.Infrastructure
+@inherits LayoutComponentBase
+
+<UAuthClientProvider />
+<MudThemeProvider />
+<MudPopoverProvider />
+<MudDialogProvider />
+<MudSnackbarProvider />
 
 @Body
 

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Layout/MainLayout.razor.cs

@@ -0,0 +1,7 @@
+namespace CodeBeam.UltimateAuth.Sample.UAuthHub.Components.Layout
+{
+    public partial class MainLayout
+    {
+        
+    }
+}

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Layout/MainLayout.razor.css

@@ -1,7 +1,68 @@
 @page "/"
+@page "/login"
+@using CodeBeam.UltimateAuth.Client
+@using CodeBeam.UltimateAuth.Client.Authentication
+@using CodeBeam.UltimateAuth.Client.Diagnostics
+@using CodeBeam.UltimateAuth.Client.Utilities
+@using CodeBeam.UltimateAuth.Core.Abstractions
+@using CodeBeam.UltimateAuth.Core.Contracts
+@using CodeBeam.UltimateAuth.Core.Domain
+@using CodeBeam.UltimateAuth.Core.Runtime
+@using CodeBeam.UltimateAuth.Server.Abstractions
+@using CodeBeam.UltimateAuth.Server.Cookies
+@using CodeBeam.UltimateAuth.Server.Infrastructure
+@using CodeBeam.UltimateAuth.Server.Services
+@using CodeBeam.UltimateAuth.Server.Stores
+@inject IUAuthStateManager StateManager
+@inject IHubFlowReader HubFlowReader
+@inject IHubCredentialResolver HubCredentialResolver
+@inject IAuthStore AuthStore
+@inject IBrowserStorage BrowserStorage
+@inject IUAuthFlowService<UserKey> Flow
+@inject ISnackbar Snackbar
+@inject IFlowCredentialResolver CredentialResolver
+@inject IUAuthClient UAuthClient
+@inject NavigationManager Nav
+@inject IUAuthProductInfoProvider ProductInfo
+@inject AuthenticationStateProvider AuthStateProvider
+@inject UAuthClientDiagnostics Diagnostics
 
-<PageTitle>Home</PageTitle>
 
-<h1>Hello, world!</h1>
+<div class="uauth-page d-flex align-center justify-center">
+    <MudStack Class="uauth-stack">
+        @if (_state == null || !_state.IsActive)
+        {
+            <MudText>
+                This page cannot be accessed directly. 
+                UAuthHub login flows can only be initiated by an authorized client application.
+            </MudText>
+            return;
+        }
+        <UALoginForm Identifier="@_username" Secret="@_password" LoginType="UAuthLoginType.Pkce">
+            <MudStack>
+                <MudText Typo="Typo.h4">Welcome to UltimateAuth!</MudText>
+                <MudTextField @bind-Value="@_username" Variant="Variant.Outlined" Label="Username" Immediate="true" HelperText="Default: Admin" />
+                <MudPasswordField @bind-Value="@_password" Variant="Variant.Outlined" Label="Password" Immediate="true" HelperText="Default: Password!" />
+                <MudButton Variant="Variant.Filled" Color="Color.Primary" ButtonType="ButtonType.Submit">Login</MudButton>
+            </MudStack>
+        </UALoginForm>
+
+        <MudStack Class="mud-width-full">
+            <MudButton Variant="Variant.Filled" Color="Color.Info" OnClick="ProgrammaticPkceLogin">Programmatic Pkce Login</MudButton>
+        </MudStack>
+
+        <MudStack Spacing="0">
+            <MudText><b>@ProductInfo.Get().ProductName</b> v @ProductInfo.Get().Version</MudText>
+            <MudText>Client Profile: @ProductInfo.Get().ClientProfile.ToString()</MudText>
+        </MudStack>
+
+        <MudStack Spacing="0">
+            <MudText>Hub SessionId: @_state?.HubSessionId</MudText>
+            <MudText>Client Profile: @_state?.ClientProfile</MudText>
+            <MudText>Return Url: @_state?.ReturnUrl</MudText>
+            <MudText>Flow Type: @_state?.FlowType</MudText>
+            <MudText>IsActive: @_state?.IsActive</MudText>
+        </MudStack>
+    </MudStack>
+</div>
 
-Welcome to your new app.

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Pages/Counter.razor

@@ -0,0 +1,133 @@
+using CodeBeam.UltimateAuth.Client.Contracts;
+using CodeBeam.UltimateAuth.Client.Utilities;
+using CodeBeam.UltimateAuth.Core.Contracts;
+using CodeBeam.UltimateAuth.Core.Domain;
+using CodeBeam.UltimateAuth.Server.Stores;
+using Microsoft.AspNetCore.Components;
+using Microsoft.AspNetCore.WebUtilities;
+using MudBlazor;
+
+namespace CodeBeam.UltimateAuth.Sample.UAuthHub.Components.Pages
+{
+    public partial class Home
+    {
+        [SupplyParameterFromQuery(Name = "hub")]
+        public string? HubKey { get; set; }
+
+        private string? _username;
+        private string? _password;
+
+        private HubFlowState? _state;
+
+        protected override async Task OnParametersSetAsync()
+        {
+            if (string.IsNullOrWhiteSpace(HubKey))
+            {
+                _state = null;
+                return;
+            }
+
+            _state = await HubFlowReader.GetStateAsync(new HubSessionId(HubKey));
+        }
+
+        protected override async Task OnAfterRenderAsync(bool firstRender)
+        {
+            if (!firstRender)
+                return;
+
+            var currentError = await BrowserStorage.GetAsync(StorageScope.Session, "uauth:last_error");
+
+            if (!string.IsNullOrWhiteSpace(currentError))
+            {
+                Snackbar.Add(ResolveErrorMessage(currentError), Severity.Error);
+                await BrowserStorage.RemoveAsync(StorageScope.Session, "uauth:last_error");
+            }
+
+            var uri = Nav.ToAbsoluteUri(Nav.Uri);
+            var query = QueryHelpers.ParseQuery(uri.Query);
+
+            if (query.TryGetValue("__uauth_error", out var error))
+            {
+                await BrowserStorage.SetAsync(StorageScope.Session, "uauth:last_error", error.ToString());
+            }
+            
+            if (string.IsNullOrWhiteSpace(HubKey))
+            {
+                return;
+            }
+
+            if (_state is null || !_state.Exists)
+                return;
+
+            if (_state?.IsActive != true)
+            {
+                await StartNewPkceAsync();
+                return;
+            }
+        }
+
+        // For testing & debugging
+        private async Task ProgrammaticPkceLogin()
+        {
+            var hub = _state;
+
+            if (hub is null)
+                return;
+
+            var credentials = await HubCredentialResolver.ResolveAsync(new HubSessionId(HubKey));
+
+            var request = new PkceLoginRequest
+            {
+                Identifier = "Admin",
+                Secret = "Password!",
+                AuthorizationCode = credentials?.AuthorizationCode ?? string.Empty,
+                CodeVerifier = credentials?.CodeVerifier ?? string.Empty,
+                ReturnUrl = _state?.ReturnUrl ?? string.Empty
+            };
+            await UAuthClient.CompletePkceLoginAsync(request);
+        }
+
+        private async Task StartNewPkceAsync()
+        {
+            var returnUrl = await ResolveReturnUrlAsync();
+            await UAuthClient.BeginPkceAsync(returnUrl);
+        }
+
+        private async Task<string> ResolveReturnUrlAsync()
+        {
+            var fromContext = _state?.ReturnUrl;
+            if (!string.IsNullOrWhiteSpace(fromContext))
+                return fromContext;
+
+            var uri = Nav.ToAbsoluteUri(Nav.Uri);
+            var query = Microsoft.AspNetCore.WebUtilities.QueryHelpers.ParseQuery(uri.Query);
+
+            if (query.TryGetValue("return_url", out var ru) && !string.IsNullOrWhiteSpace(ru))
+                return ru!;
+
+            if (query.TryGetValue("hub", out var hubKey) && !string.IsNullOrWhiteSpace(hubKey))
+            {
+                var artifact = await AuthStore.GetAsync(new AuthArtifactKey(hubKey!));
+                if (artifact is HubFlowArtifact flow && !string.IsNullOrWhiteSpace(flow.ReturnUrl))
+                    return flow.ReturnUrl!;
+            }
+
+            // Config default (recommend adding to options)
+            //if (!string.IsNullOrWhiteSpace(_options.Login.DefaultReturnUrl))
+            //    return _options.Login.DefaultReturnUrl!;
+
+            return Nav.Uri;
+        }
+        
+        private string ResolveErrorMessage(string? errorKey)
+        {
+            if (errorKey == "invalid")
+            {
+                return "Login failed.";
+            }
+
+            return "Failed attempt.";
+        }
+
+    }
+}

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Pages/Home.razor

@@ -1,6 +1,8 @@
-<Router AppAssembly="typeof(Program).Assembly" NotFoundPage="typeof(Pages.NotFound)">
-    <Found Context="routeData">
-        <RouteView RouteData="routeData" DefaultLayout="typeof(Layout.MainLayout)" />
-        <FocusOnNavigate RouteData="routeData" Selector="h1" />
-    </Found>
-</Router>
+<CascadingAuthenticationState>
+    <Router AppAssembly="typeof(Program).Assembly" NotFoundPage="typeof(Pages.NotFound)">
+        <Found Context="routeData">
+            <AuthorizeRouteView RouteData="routeData" DefaultLayout="typeof(Layout.MainLayout)" />
+            <FocusOnNavigate RouteData="routeData" Selector="h1" />
+        </Found>
+    </Router>
+</CascadingAuthenticationState>

samples/UAuthHub/CodeBeam.UltimateAuth.Sample.UAuthHub/Components/Pages/Home.razor.cs

@@ -5,7 +5,12 @@
 @using Microsoft.AspNetCore.Components.Web
 @using static Microsoft.AspNetCore.Components.Web.RenderMode
 @using Microsoft.AspNetCore.Components.Web.Virtualization
+@using Microsoft.AspNetCore.Components.Authorization
 @using Microsoft.JSInterop
-@using UltimateAuth.Sample.UAuthHub
-@using UltimateAuth.Sample.UAuthHub.Components
-@using UltimateAuth.Sample.UAuthHub.Components.Layout
+@using CodeBeam.UltimateAuth.Sample.UAuthHub
+@using CodeBeam.UltimateAuth.Sample.UAuthHub.Components
+@using CodeBeam.UltimateAuth.Sample.UAuthHub.Components.Layout
+@using CodeBeam.UltimateAuth.Client
+
+@using MudBlazor
+@using MudExtensions