To better understand how authentication works in Blazor, I'm playing around with a minimal implementation of AuthenticationStateProvider. As expected, if I implement GetAuthenticationStateAsync() like this, an AuthorizeView displays the not-authorized content:
public override Task<AuthenticationState> GetAuthenticationStateAsync() => Task.FromResult(new AuthenticationState(new ClaimsPrincipal())); // 👈 no identityAnd if I implement it like this, an AuthorizeView displays the authorized content:
public override Task<AuthenticationState> GetAuthenticationStateAsync() => Task.FromResult(new AuthenticationState(new ClaimsPrincipal(new DummyIdentity())));private class DummyIdentity : IIdentity{ public string? AuthenticationType => "Dummy"; public bool IsAuthenticated => true; public string? Name => "Anonymous";}But if I change DummyIdentity.IsAuthenticated to false, I still see the authorized content. What actually matters is AuthenticationType. If it's is null or empty, it's unauthorized. If it's any non-empty string, including whitespace, it's authorized. Is this the expected behavior?