I am trying to figure out correct way to implement JWT auth with Blazor (WASM).After going through the docs a got an idea on how the built in components work but still the whole picture is not clear to me.So in my scenario i have an API sever that will be used, the API server can issue JWT tokens and they can be used to authenticate against the endpoints where required.
So right now i am trying to figure out the correct role for each component.For start we have AuthenticationStateProvider, as i understand this component has the responsibility of obtaining the JWT token either from server or if one stored locally, also it could handle token refresh when required?
Now since i will be using Typed HTTP Clients i will be using IHttpClientFactory, along with that i will have AuthorizationMessageHandler to attach tokens to desired HTTP Client instances.
Things fall apart for me when i am trying to deal with IAccessTokenProvider, as i understand the default implementation will be called once a HTTP Client is created and http request is about to be made.What is not clear is how this IAccessTokenProvider will obtain the token.So the question is whether i should create my own implementation of IAccessTokenProvider and if so how it should handle the tokens.As i said i wont be using any built in authentication providers and will have my own JWT auth system instead.
Thanks.