This template can be used to create a Blazor WASM application hosted in an ASP.NET Core Web app using OpenID Connect to authenticate using the BFF security architecture. (server authentication) This removes the tokens from the browser and uses cookies with each HTTP request, response. The template also adds the required security headers as best it can for a Blazor application.
- WASM hosted in ASP.NET Core 9
- BFF with OpenID Connect
- OAuth2 and OpenID Connect OIDC
- No tokens in the browser
dotnet new install Blazor.BFF.OpenIDConnect.Template
dotnet new blazorbffoidc -n YourCompany.Bff --HttpsPortCustom 44348
Use the -n
or --name
parameter to change the name of the output created. This string is also used to substitute the namespace name in the .cs file for the project.
Add the OpenID Connect registration settings
"OpenIDConnectSettings": {
"Authority": "--your-authority--",
"ClientId": "--client ID--",
"ClientSecret": "--client-secret (user secrets)--"
},
dotnet new uninstall Blazor.BFF.OpenIDConnect.Template
https://docs.microsoft.com/en-us/dotnet/core/tutorials/create-custom-template
dotnet pack -o ./publish -c Release -p:PackageVersion=3.0.7 --no-build
Locally built nupkg:
dotnet new install Blazor.BFF.OpenIDConnect.Template.3.0.7.nupkg
Local folder:
dotnet new install <PATH>
Where <PATH>
is the path to the folder containing .template.config.
- NetEscapades.AspNetCore.SecurityHeaders
https://documentation.openiddict.com/
https://github.com/andrewlock/NetEscapades.AspNetCore.SecurityHeaders