Test Bump

Author: joelsteventurner

Modules/Intent.Modules.Blazor.Authentication/Templates/Templates/Client/AccessTokenResponse/AccessTokenResponseTemplatePartial.cs

@@ -1,4 +1,6 @@
-using Intent.Engine;
+using System;
+using System.Collections.Generic;
+using Intent.Engine;
 using Intent.Modules.Blazor.Authentication.Settings;
 using Intent.Modules.Blazor.Settings;
 using Intent.Modules.Common;
@@ -7,8 +9,6 @@
 using Intent.Modules.Common.Templates;
 using Intent.RoslynWeaver.Attributes;
 using Intent.Templates;
-using System;
-using System.Collections.Generic;
 
 [assembly: DefaultIntentManaged(Mode.Fully)]
 [assembly: IntentTemplate("Intent.ModuleBuilder.CSharp.Templates.CSharpTemplatePartial", Version = "1.0")]
@@ -113,10 +113,11 @@ public AccessTokenResponseTemplate(IOutputTarget outputTarget, object model = nu
 
         public override bool CanRunTemplate()
         {
-            //2 Template need this
-            //JWT Service 
-            //PersistentAuthenticationStateProviderTemplate
-            return base.CanRunTemplate() && (!ExecutionContext.GetSettings().GetBlazor().RenderMode().IsInteractiveServer() || ExecutionContext.GetSettings().GetBlazor().Authentication().IsJwt());
+            //3 Templates need this
+            // JWT Auth Service 
+            // OICD Auth Service
+            // PersistentAuthenticationStateProviderTemplate
+            return base.CanRunTemplate() && (!ExecutionContext.GetSettings().GetBlazor().RenderMode().IsInteractiveServer() || ExecutionContext.GetSettings().GetBlazor().Authentication().IsJwt() || ExecutionContext.GetSettings().GetBlazor().Authentication().IsOidc());
         }
 
         [IntentManaged(Mode.Fully)]

Modules/Intent.Modules.Blazor.Authentication/Templates/Templates/Client/PersistentAuthenticationStateProvider/PersistentAuthenticationStateProviderTemplatePartial.cs

@@ -30,6 +30,7 @@ public PersistentAuthenticationStateProviderTemplate(IOutputTarget outputTarget,
                 .AddUsing("System.Threading.Tasks")
                 .AddUsing("Microsoft.AspNetCore.Components.WebAssembly.Authentication")
                 .AddUsing("System")
+                .AddUsing("System.Net.Http.Json")
                 .AddClass($"PersistentAuthenticationStateProvider", @class =>
                 {
                     @class.WithBaseType("AuthenticationStateProvider");
@@ -45,7 +46,8 @@ public PersistentAuthenticationStateProviderTemplate(IOutputTarget outputTarget,
                         f.WithAssignment(new CSharpStatement("_defaultUnauthenticatedTask"));
                     });
                     @class.AddField("Uri?", "_identityUrl", p => p.PrivateReadOnly());
-                    @class.AddField("HttpClient", "_refreshClient", p => p.PrivateReadOnly().WithAssignment("new HttpClient()"));
+
+                    @class.AddField(UseType("System.Net.Http.HttpClient"), "_refreshClient", p => p.PrivateReadOnly().WithAssignment("new HttpClient()"));
                     @class.AddField("string?", "_accessToken", p => p.Private());
                     @class.AddField("string?", "_refreshToken", p => p.Private());
                     @class.AddField("DateTimeOffset", "_accessTokenExpiresAt", p => p.Private().WithAssignment("DateTimeOffset.MinValue"));

Modules/Intent.Modules.Blazor.Authentication/Templates/Templates/Server/OidcAuthServiceConcrete/OidcAuthServiceConcreteTemplatePartial.cs

@@ -76,6 +76,10 @@ public OidcAuthServiceConcreteTemplate(IOutputTarget outputTarget, object model
                 throw new InvalidOperationException(""OIDC authentication options are not configured correctly."");
             }", s => s.SeparatedFromNext());
 
+                        method.AddStatement("var httpContext = _httpContextAccessor.HttpContext ?? throw new InvalidOperationException(\"No active HttpContext found.\");");
+                        method.AddStatement("await httpContext.SignOutAsync();", s => s.SeparatedFromNext());
+
+
                         method.AddStatements(@"var tokenRequest = new Dictionary<string, string>
                         {
                             { ""grant_type"", ""password"" },
@@ -90,13 +94,16 @@ public OidcAuthServiceConcreteTemplate(IOutputTarget outputTarget, object model
 
                         method.AddIfStatement("tokenResponse.IsSuccessStatusCode", @if =>
                         {
-                            @if.AddAssignmentStatement("var tokens", new CSharpStatement("await tokenResponse.Content.ReadFromJsonAsync<AccessTokenResponse>();"));
+                            @if.AddAssignmentStatement("var loginResponse", new CSharpStatement($"await tokenResponse.Content.ReadFromJsonAsync<{this.GetAccessTokenResponseTemplateName()}>();"));
                             @if.AddStatements(@"var claims = new List<Claim>
                             {
                                 new Claim(ClaimTypes.NameIdentifier, username),
                                 new Claim(ClaimTypes.Email, username),
-                                new Claim(""access_token"", tokens.AccessToken),
-                                new Claim(""refresh_token"", tokens.RefreshToken)
+                                new Claim(""access_token"", loginResponse.AccessToken),
+                                new Claim(""refresh_token"", loginResponse.RefreshToken),
+                                new Claim(""token_type"", loginResponse.TokenType ?? ""Bearer""),
+                                new Claim(""expires_at"", (loginResponse.ExpiresIn ?? DateTime.UtcNow.AddHours(1)).ToString(""o""))
+
                             };".ConvertToStatements());
                             @if.AddAssignmentStatement("var claimsIdentity", new CSharpStatement("new ClaimsIdentity(claims);"));
                             @if.AddAssignmentStatement("var claimsPrincipal", new CSharpStatement("new ClaimsPrincipal(claimsIdentity);"));
@@ -107,14 +114,6 @@ public OidcAuthServiceConcreteTemplate(IOutputTarget outputTarget, object model
                             @else.AddStatement("throw new Exception(\"Error: Invalid login attempt.\");");
                         });
                     });
-
-                    @class.AddNestedClass("AccessTokenResponse", nested =>
-                    {
-                        nested.AddProperty("string", "AccessToken");
-                        nested.AddProperty("string", "RefreshToken");
-                        nested.AddProperty("string", "TokenType");
-                        nested.AddProperty("DateTime", "ExpiresIn");
-                    });
                 });
         }
 

Modules/Intent.Modules.Blazor.Authentication/release-notes.md

@@ -1,6 +1,10 @@
-### Version 1.0.5
+### Version 1.0.6
 
 - Improvement: Fixed AntiForgery exception when re-logging in.
+- Improvement: Refresh token support for WASM / JWT authentication.
+
+### Version 1.0.5
+
 - Improvement: Updated module documentation to use centralized documentation site.
 
 ### Version 1.0.4

Modules/Intent.Modules.Blazor/Intent.Blazor.imodspec

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <package>
   <id>Intent.Blazor</id>
-  <version>1.0.6-pre.1</version>
+  <version>1.0.7-pre.0</version>
   <supportedClientVersions>[4.5.0-a, 5.0.0-a)</supportedClientVersions>
   <summary>Automates the bootstrapping and core patterns of a Blazor web application.</summary>
   <description>Automates the bootstrapping and core patterns of a Blazor web application.</description>

Modules/Intent.Modules.Blazor/release-notes.md

@@ -1,7 +1,11 @@
+### Version 1.0.7
+
+- Improvement: Improved WASM configuration for debugging.
+- Improvement: Help Topic around routing parameters..
+
 ### Version 1.0.6
 
 - Improvement: Updated module documentation to use centralized documentation site.
-- Improvement: Improved WASM configuration for debugging.
 
 ### Version 1.0.5
 

Tests/Blazor.InteractiveAuto.AspNetCoreIdentity/Blazor.InteractiveAuto.AspNetCoreIdentity.Client/Common/PersistentAuthenticationStateProvider.cs

@@ -1,4 +1,6 @@
+using System.Net.Http.Json;
 using System.Security.Claims;
+using Blazor.InteractiveAuto.AspNetCoreIdentity.Client.Components.Account;
 using Blazor.InteractiveAuto.AspNetCoreIdentity.Client.Components.Account.Shared;
 using Intent.RoslynWeaver.Attributes;
 using Microsoft.AspNetCore.Components;
@@ -12,47 +14,137 @@ namespace Blazor.InteractiveAuto.AspNetCoreIdentity.Client.Common
 {
     public class PersistentAuthenticationStateProvider : AuthenticationStateProvider, IAccessTokenProvider
     {
-        private static readonly Task<AuthenticationState> defaultUnauthenticatedTask = Task.FromResult(new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity())));
-        private readonly Task<AuthenticationState> authenticationStateTask = defaultUnauthenticatedTask;
+        private static readonly Task<AuthenticationState> _defaultUnauthenticatedTask = Task.FromResult(new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity())));
+        private readonly Task<AuthenticationState> _authenticationStateTask = _defaultUnauthenticatedTask;
+        private readonly Uri? _identityUrl;
+        private readonly HttpClient _refreshClient = new HttpClient();
+        private readonly NavigationManager _nav;
+        private string? _accessToken;
+        private string? _refreshToken;
+        private DateTimeOffset _accessTokenExpiresAt = DateTimeOffset.MinValue;
 
-        public PersistentAuthenticationStateProvider(PersistentComponentState state)
+        public PersistentAuthenticationStateProvider(PersistentComponentState state, NavigationManager nav)
         {
+            _nav = nav;
             if (!state.TryTakeFromJson<UserInfo>(nameof(UserInfo), out var userInfo) || userInfo is null)
             {
                 return;
             }
             Claim[] claims = [
                                         new Claim(ClaimTypes.NameIdentifier, userInfo.UserId),
                                         new Claim(ClaimTypes.Email, userInfo.Email),
-                                        new Claim(ClaimTypes.Email, userInfo.Email),
                                         new Claim("access_token", userInfo.AccessToken == null ? "" : userInfo.AccessToken) ];
-            authenticationStateTask = Task.FromResult(
+            _authenticationStateTask = Task.FromResult(
                                         new AuthenticationState(new ClaimsPrincipal(new ClaimsIdentity(claims,
                                             authenticationType: nameof(PersistentAuthenticationStateProvider)))));
+
+            if (!string.IsNullOrWhiteSpace(userInfo.AccessToken))
+            {
+                _accessToken = userInfo.AccessToken;
+                _refreshToken = userInfo.RefreshToken;
+
+                if (userInfo.AccessTokenExpiresAt.HasValue)
+                {
+                    _accessTokenExpiresAt = userInfo.AccessTokenExpiresAt.Value;
+                }
+
+                if (!string.IsNullOrEmpty(userInfo.RefreshUrl))
+                {
+                    _identityUrl = new Uri(userInfo.RefreshUrl, UriKind.Absolute);
+                }
+            }
         }
 
         public override Task<AuthenticationState> GetAuthenticationStateAsync()
         {
-            return authenticationStateTask;
+            return _authenticationStateTask;
         }
 
-        public async ValueTask<AccessTokenResult> RequestAccessToken()
+        public ValueTask<AccessTokenResult> RequestAccessToken()
+=> RequestAccessToken(new AccessTokenRequestOptions());
+
+        public async ValueTask<AccessTokenResult> RequestAccessToken(AccessTokenRequestOptions options)
         {
-            var state = await this.GetAuthenticationStateAsync();
-            var token = state.User.FindFirst("access_token");
+            var missingToken = string.IsNullOrWhiteSpace(_accessToken);
+            var expired = _accessTokenExpiresAt > DateTimeOffset.MinValue && _accessTokenExpiresAt <= DateTimeOffset.UtcNow;
 
-            if (token == null)
+            if (missingToken || expired)
             {
-                return new AccessTokenResult(AccessTokenResultStatus.RequiresRedirect, null, "auth/login", null);
+                // Try to refresh if we have a refresh token
+                if (!string.IsNullOrWhiteSpace(_refreshToken))
+                {
+                    var refreshed = await TryRefreshAccessTokenAsync();
+                    if (refreshed)
+                    {
+                        // we now have a new _accessToken / _accessTokenExpiresAt
+                        var at = new AccessToken
+                        {
+                            Value = _accessToken!,
+                            Expires = _accessTokenExpiresAt
+                        };
+
+                        return new AccessTokenResult(AccessTokenResultStatus.Success, at, null, null);
+                    }
+                }
+
+                // No refresh token OR refresh failed → send user to login
+                var current = _nav.ToBaseRelativePath(_nav.Uri);
+                var returnUrl = "/" + current;
+                var loginUrl = $"/account/login?returnUrl={Uri.EscapeDataString(returnUrl)}";
+
+                _nav.NavigateTo(loginUrl, forceLoad: true);
+
+                return new AccessTokenResult(
+                    AccessTokenResultStatus.RequiresRedirect, null, loginUrl, null);
             }
-            var accessToken = new AccessToken { Expires = DateTimeOffset.MaxValue, Value = token.Value };
-            var result = new AccessTokenResult(AccessTokenResultStatus.Success, accessToken, null, null);
-            return result;
+
+            // Token present and we consider it valid
+            var expires = _accessTokenExpiresAt > DateTimeOffset.MinValue
+                            ? _accessTokenExpiresAt
+                            : DateTimeOffset.UtcNow.AddMinutes(5);
+
+            var accessToken = new AccessToken
+            {
+                Value = _accessToken!,
+                Expires = expires
+            };
+            return new AccessTokenResult(AccessTokenResultStatus.Success, accessToken, null, null);
         }
 
-        public async ValueTask<AccessTokenResult> RequestAccessToken(AccessTokenRequestOptions options)
+        private async Task<bool> TryRefreshAccessTokenAsync()
         {
-            return await RequestAccessToken();
+            if (string.IsNullOrWhiteSpace(_refreshToken) || _identityUrl == null)
+                return false;
+
+            try
+            {
+                var refreshUri = new Uri(_identityUrl, "refresh"); // e.g. https://ids.example.com/refresh
+
+                var response = await _refreshClient.PostAsJsonAsync(refreshUri, new
+                {
+                    refreshToken = _refreshToken
+                });
+
+                if (!response.IsSuccessStatusCode)
+                    return false;
+
+                var dto = await response.Content.ReadFromJsonAsync<AccessTokenResponse>();
+                if (dto is null || string.IsNullOrWhiteSpace(dto.AccessToken))
+                    return false;
+
+                _accessToken = dto.AccessToken;
+                _refreshToken = string.IsNullOrWhiteSpace(dto.RefreshToken)
+                                ? _refreshToken // keep old if not rotated
+                                : dto.RefreshToken;
+
+                // compute expiry
+                _accessTokenExpiresAt = new DateTimeOffset(dto.ExpiresIn!.Value, TimeSpan.Zero);
+                return true;
+            }
+            catch
+            {
+                return false;
+            }
         }
     }
 }

Tests/Blazor.InteractiveAuto.AspNetCoreIdentity/Blazor.InteractiveAuto.AspNetCoreIdentity.Client/Components/Account/AccessTokenResponse.cs

@@ -0,0 +1,78 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
+using Intent.RoslynWeaver.Attributes;
+
+[assembly: DefaultIntentManaged(Mode.Fully)]
+[assembly: IntentTemplate("Intent.Blazor.Authentication.Templates.Client.AccessTokenResponseTemplate", Version = "1.0")]
+
+namespace Blazor.InteractiveAuto.AspNetCoreIdentity.Client.Components.Account
+{
+    public class AccessTokenResponse
+    {
+        public string AccessToken { get; set; }
+        public string RefreshToken { get; set; }
+        public string? TokenType { get; set; }
+        [JsonConverter(typeof(NullableExpiresInConverter))]
+        public DateTime? ExpiresIn { get; set; }
+        public class NullableExpiresInConverter : JsonConverter<DateTime?>
+        {
+            public override DateTime? Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
+            {
+                // JSON null → null
+                if (reader.TokenType == JsonTokenType.Null)
+                    return null;
+
+                // Number → seconds
+                if (reader.TokenType == JsonTokenType.Number)
+                {
+                    if (reader.TryGetInt64(out var seconds))
+                        return DateTime.UtcNow.AddSeconds(seconds);
+
+                    throw new JsonException("expiresIn number is not Int64.");
+                }
+
+                // String (ISO date, seconds, empty, or null-like)
+                if (reader.TokenType == JsonTokenType.String)
+                {
+                    var raw = reader.GetString();
+
+                    // "" or "null" → null
+                    if (string.IsNullOrWhiteSpace(raw) || raw.Equals("null", StringComparison.OrdinalIgnoreCase))
+                        return null;
+
+                    // ISO timestamp
+                    if (DateTimeOffset.TryParse(raw, out var dto))
+                        return dto.UtcDateTime;
+
+                    // seconds as string
+                    if (long.TryParse(raw, out var seconds))
+                        return DateTime.UtcNow.AddSeconds(seconds);
+
+                    throw new JsonException($"Cannot parse expiresIn value: {raw}");
+                }
+
+                throw new JsonException(
+                    $"Unexpected token type for expiresIn: {reader.TokenType}");
+            }
+
+            public override void Write(Utf8JsonWriter writer, DateTime? value, JsonSerializerOptions options)
+            {
+                if (value == null)
+                {
+                    writer.WriteNullValue();
+                    return;
+                }
+
+                var utc = value.Value.Kind == DateTimeKind.Utc
+                    ? value.Value
+                    : value.Value.ToUniversalTime();
+
+                long seconds = (long)Math.Max(
+                    0,
+                    (utc - DateTime.UtcNow).TotalSeconds);
+
+                writer.WriteNumberValue(seconds);
+            }
+        }
+    }
+}

Tests/Blazor.InteractiveAuto.AspNetCoreIdentity/Blazor.InteractiveAuto.AspNetCoreIdentity.Client/Components/Account/Shared/UserInfo.cs

@@ -10,5 +10,8 @@ public class UserInfo
         public required string UserId { get; set; }
         public required string Email { get; set; }
         public string? AccessToken { get; set; }
+        public string? RefreshToken { get; set; }
+        public string? RefreshUrl { get; set; }
+        public DateTime? AccessTokenExpiresAt { get; set; }
     }
 }