What is the minimal configuration for [Authorize] to work on Blazor template Home page?

I'm learning how authentication works in Blazor by playing around with a minimal implementation. By changing my dummy AuthenticationStateProvider to return claims principals with or without an identity, I can see that AuthorizeView works as expected on the Home, Counter, and Weather pages. @attribute [Authorize] also works as expected on the Counter and Weather pages, but not on the Home page. Why does [Authorize] behave differently on the Home page, and what do I need to add to make it work there?

I started with the Server template with auth "None" and the familiar Counter and Weather sample pages. I added a dummy AuthenticationStateProvider as shown below and changed the RouteView in Routes.razor to an AuthorizeRouteView without any additional configuration. I suspect this is where something else is required.

If I use [Authorize] on the Home page, I get this error:

InvalidOperationException: Unable to find the required 'IAuthenticationService' service. Please add all the required services by calling 'IServiceCollection.AddAuthentication' in the application startup code.

With AddAuthentication(), the error changes:

InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found. The default schemes can be set using either AddAuthentication(string defaultScheme) or AddAuthentication(Action configureOptions).

With dummy scheme names, this error remains the same.

public class DummyAuthStateProvider : AuthenticationStateProvider{    public override Task<AuthenticationState> GetAuthenticationStateAsync()    {        return Task.FromResult(new AuthenticationState(new ClaimsPrincipal(new DummyIdentity())));    }    private class DummyIdentity : IIdentity    {        public string? AuthenticationType => "dummy";        public bool IsAuthenticated => true;        public string? Name => "dummy";    }}

builder.Services.AddScoped<AuthenticationStateProvider, DummyAuthStateProvider>();

Update: I tried adding an AuthenticationHandler as suggested in an answer. The results are strange.

• When the app starts, the AuthenticationHandler and the AuthenticationStateProvider are both called.
• As before, the AuthenticationStateProvider is only called once or twice per circuit depending on whether pre-rendering is enabled.
• The AuthenticationHandler is called five times.
• If the AuthenticationHandler returns an un-authenticated user (i.e., a ClaimsPrincipal without an IIdentity) then Home is just a blank white page instead of the Blazor "Not authorized" message that [Authorize] produces on other pages.
• If the AuthenticationHandler returns an authenticated user but the AuthenticationStateProvider returns an un-authenticated user, the un-authenticated user takes precedence for all things Blazor, including the Home page, which becomes the standard "Not authorized" message.

I still suspect that AuthorizeRouteView just doesn't handle the "/" route properly without some additional configuration that I haven't discovered.