.NET 7 had a template that enabled creating a Blazor WebAssembly app that is hosted inside a regular web application. The advantage of this setup is that all the client code runs on client side, and the server can do server tasks, like provide API-s to the client. It's like any other SPA backend setup - but with complete C# goodies jar and VS-backed debugging of the WASM .NET Core code running in the browser.
Now the new server-interactivity is nice, but I need to separate authentication on the client side from the server completely.
My setup is as follows: the server runs on Windows and all the clients are on Windows too - in the same domain, and I want to take advantage of the good old NTLM auth but with a bit of foresight, by "translating" the negotiate result and the directory identity group memberships to a JWT token.
For that, I have an endpoint that uses negotiate auth and returns a JWT token with selected group memberships as roles. From this point on the token is the only thing that matters.
However, for this to work, the client has to do the call to that endpoint. Then it can use the received token to set client-side auth state, and use the token for all subsequent calls to the server-exposed APIs as bearer token.
From what I can tell, these new interactive modes only concern rendering. The logic seems to run completely on the server side even when WebAssembly is involved. And the server doing the call on behalf of the client breaks my NTLM-based flow. And there is no (factory) template in the workload that resembles this one from .NET 7. PWA is also only for standalone Blazor WASM projects, which makes sense if all the logic stays on the server side anyway.
- Why isn't there a similar template going forward? It seems that the
UseBlazorFrameworkFilesextension method exists in .NET 9 as well, hence everything is given. - How can I reproduce the same setup, by combining a standalone Blazor wasm project and an ASP.NET Core Web API project?
- Is there any custom (nuget) template that can be used instead?
Blazor.BFF.AzureAD.Templatelooks to be something similar, but tailored for EntraId.
The best I was able to come up with was using the Upgrade assistant on a freshly created .NET 7 solution.
To @mrc-aka-shaun-curtis
Please see this image related to my comment below. This is absolutely legit in the .NET 7 version, as there was a clear separation of the client and server project. The following attempts were made with a clean project you have suggested: standard Blazor web app with WebAssembly rendering and global interactivity.
Although registering it on the server side instead doesn't make it any better:
(Adding as scoped makes no difference here.)
The only way I could inject that service was by registering on both the client and the server. And when I called the code of the service from the component the log was on the server side, not on the client side:
That's totally not how the .NET 7 template works.
Dear @marc_s: WebAssembly is not web assembly (see: https://webassembly.org/), please don't edit something you are not familiar with!