AuthenticationStateProvider 的初始状态

Question

在the documentation 之后，我创建了我的自定义 AuthenticationStateProvider，如下所示：

public class ApiAuthStateProvider : AuthenticationStateProvider
{
    private static AuthenticationState anonymousState = ?

    private AuthenticationState _authState;

    public ApiAuthStateProvider()
    {
        _authState = anonymousState;
    }

    public void SetAuthenticationState(AuthenticationState authState)
    {
        _authState = authState ?? anonymousState;
        NotifyAuthenticationStateChanged(GetAuthenticationStateAsync());
    }

    public override Task<AuthenticationState> GetAuthenticationStateAsync()
    {
        return Task.FromResult(_authState);
    }
}

问题是如何初始化匿名状态，使 _authState.User.Identity.IsAuthenticated 为 false。如文档中所示，以下将产生经过身份验证的用户：

private static AuthenticationState anonymousState = 
    new AuthenticationState(new ClaimsPrincipal(
    new ClaimsIdentity(new Claim[] {}, "none")));

即使是以下导致认证的用户：

public class AnonymousIdentity : IIdentity
{
    public string AuthenticationType => "none";
    public bool IsAuthenticated => false;
    public string Name => string.Empty;
}

private static AuthenticationState anonymousState;

static ApiAuthStateProvider()
{
    var anonymousIdentity = new AnonymousIdentity();
    var user = new ClaimsIdentity(anonymousIdentity);
    anonymousState = new AuthenticationState(
        new ClaimsPrincipal(user));
}

我在这里错过了什么？

Answer 1

嗯，在.net core source我找到了

public virtual bool IsAuthenticated
{
    get { return !string.IsNullOrEmpty(_authenticationType); }
}

这意味着我应该像下面这样更改我的代码：

private static AuthenticationState anonymousState = 
    new AuthenticationState(new ClaimsPrincipal(
    new ClaimsIdentity(new Claim[] {}, "")));

    // Or, can be even shorter like below
    // private static AuthenticationState anonymousState = 
    //     new AuthenticationState(new ClaimsPrincipal());

这使我的 Blazor 应用程序无法正常显示，但我想这是一个不同的问题。

Answer 2

是的，只需使用：

new AuthenticationState(new ClaimsPrincipal());

此代码适用于我：

    public class CustomAuthenticationProvider : AuthenticationStateProvider
    {
        private readonly HttpClient _httpClient;
        public CustomAuthenticationProvider(HttpClient httpClient)
        {
            _httpClient = httpClient;
        }
        public override async Task<AuthenticationState>
            GetAuthenticationStateAsync()
        {
            ClaimsPrincipal user;
            // Call the GetUser method to get the status
            // This only sets things like the AuthorizeView
            // and the AuthenticationState CascadingParameter
            var result =
                await _httpClient.GetJsonAsync<BlazorUser>("api/user/GetUser");
            // Was a UserName returned?
            if (result.UserName != "")
            {
                // Create a ClaimsPrincipal for the user
                var identity = new ClaimsIdentity(new[]
                {
                   new Claim(ClaimTypes.Name, result.UserName),
                }, "AzureAdAuth");
                user = new ClaimsPrincipal(identity);
            }
            else
            {
                user = new ClaimsPrincipal(); // Not logged in
            }
            return await Task.FromResult(new AuthenticationState(user));
        }
    }

见：Client Side Blazor Authentication Using Azure AD and a Custom AuthenticationStateProvider