Merge pull request #4 from SubathraKaliamoorthy/main

Updated target framework version

Author: kmuthukumarmkm

App.razor

@@ -1,20 +1,18 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
-
-  <PropertyGroup>
-    <TargetFramework>net7.0</TargetFramework>
-    <Nullable>enable</Nullable>
-    <ImplicitUsings>enable</ImplicitUsings>
-  </PropertyGroup>
-
-  <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="7.0.15" />
-    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="7.0.15" />
-    <PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="7.0.15" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="7.0.15" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="7.0.15">
-      <PrivateAssets>all</PrivateAssets>
-      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-    </PackageReference>
-  </ItemGroup>
-
-</Project>
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>net9.0</TargetFramework>
+    <Nullable>enable</Nullable>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <UserSecretsId>aspnet-BlazorAppAuthentication-ef272b2a-aadd-4010-961b-8cabcbf74820</UserSecretsId>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="9.0.7" />
+    <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="9.0.7" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="9.0.7" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="9.0.7" />
+    <PackageReference Include="Syncfusion.Blazor" Version="*" />
+  </ItemGroup>
+
+</Project>

Areas/Identity/Pages/Account/LogOut.cshtml

@@ -0,0 +1,113 @@
+using System.Security.Claims;
+using System.Text.Json;
+using BlazorAppAuthentication.Components.Account.Pages;
+using BlazorAppAuthentication.Components.Account.Pages.Manage;
+using BlazorAppAuthentication.Data;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Components.Authorization;
+using Microsoft.AspNetCore.Http.Extensions;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Primitives;
+
+namespace Microsoft.AspNetCore.Routing
+{
+    internal static class IdentityComponentsEndpointRouteBuilderExtensions
+    {
+        // These endpoints are required by the Identity Razor components defined in the /Components/Account/Pages directory of this project.
+        public static IEndpointConventionBuilder MapAdditionalIdentityEndpoints(this IEndpointRouteBuilder endpoints)
+        {
+            ArgumentNullException.ThrowIfNull(endpoints);
+
+            var accountGroup = endpoints.MapGroup("/Account");
+
+            accountGroup.MapPost("/PerformExternalLogin", (
+                HttpContext context,
+                [FromServices] SignInManager<ApplicationUser> signInManager,
+                [FromForm] string provider,
+                [FromForm] string returnUrl) =>
+            {
+                IEnumerable<KeyValuePair<string, StringValues>> query = [
+                    new("ReturnUrl", returnUrl),
+                    new("Action", ExternalLogin.LoginCallbackAction)];
+
+                var redirectUrl = UriHelper.BuildRelative(
+                    context.Request.PathBase,
+                    "/Account/ExternalLogin",
+                    QueryString.Create(query));
+
+                var properties = signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
+                return TypedResults.Challenge(properties, [provider]);
+            });
+
+            accountGroup.MapPost("/Logout", async (
+                ClaimsPrincipal user,
+                [FromServices] SignInManager<ApplicationUser> signInManager,
+                [FromForm] string returnUrl) =>
+            {
+                await signInManager.SignOutAsync();
+                return TypedResults.LocalRedirect($"~/{returnUrl}");
+            });
+
+            var manageGroup = accountGroup.MapGroup("/Manage").RequireAuthorization();
+
+            manageGroup.MapPost("/LinkExternalLogin", async (
+                HttpContext context,
+                [FromServices] SignInManager<ApplicationUser> signInManager,
+                [FromForm] string provider) =>
+            {
+                // Clear the existing external cookie to ensure a clean login process
+                await context.SignOutAsync(IdentityConstants.ExternalScheme);
+
+                var redirectUrl = UriHelper.BuildRelative(
+                    context.Request.PathBase,
+                    "/Account/Manage/ExternalLogins",
+                    QueryString.Create("Action", ExternalLogins.LinkLoginCallbackAction));
+
+                var properties = signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl, signInManager.UserManager.GetUserId(context.User));
+                return TypedResults.Challenge(properties, [provider]);
+            });
+
+            var loggerFactory = endpoints.ServiceProvider.GetRequiredService<ILoggerFactory>();
+            var downloadLogger = loggerFactory.CreateLogger("DownloadPersonalData");
+
+            manageGroup.MapPost("/DownloadPersonalData", async (
+                HttpContext context,
+                [FromServices] UserManager<ApplicationUser> userManager,
+                [FromServices] AuthenticationStateProvider authenticationStateProvider) =>
+            {
+                var user = await userManager.GetUserAsync(context.User);
+                if (user is null)
+                {
+                    return Results.NotFound($"Unable to load user with ID '{userManager.GetUserId(context.User)}'.");
+                }
+
+                var userId = await userManager.GetUserIdAsync(user);
+                downloadLogger.LogInformation("User with ID '{UserId}' asked for their personal data.", userId);
+
+                // Only include personal data for download
+                var personalData = new Dictionary<string, string>();
+                var personalDataProps = typeof(ApplicationUser).GetProperties().Where(
+                    prop => Attribute.IsDefined(prop, typeof(PersonalDataAttribute)));
+                foreach (var p in personalDataProps)
+                {
+                    personalData.Add(p.Name, p.GetValue(user)?.ToString() ?? "null");
+                }
+
+                var logins = await userManager.GetLoginsAsync(user);
+                foreach (var l in logins)
+                {
+                    personalData.Add($"{l.LoginProvider} external login provider key", l.ProviderKey);
+                }
+
+                personalData.Add("Authenticator Key", (await userManager.GetAuthenticatorKeyAsync(user))!);
+                var fileBytes = JsonSerializer.SerializeToUtf8Bytes(personalData);
+
+                context.Response.Headers.TryAdd("Content-Disposition", "attachment; filename=PersonalData.json");
+                return TypedResults.File(fileBytes, contentType: "application/json", fileDownloadName: "PersonalData.json");
+            });
+
+            return accountGroup;
+        }
+    }
+}

Areas/Identity/Pages/Shared/_LoginPartial.cshtml

@@ -0,0 +1,21 @@
+using BlazorAppAuthentication.Data;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity.UI.Services;
+
+namespace BlazorAppAuthentication.Components.Account
+{
+    // Remove the "else if (EmailSender is IdentityNoOpEmailSender)" block from RegisterConfirmation.razor after updating with a real implementation.
+    internal sealed class IdentityNoOpEmailSender : IEmailSender<ApplicationUser>
+    {
+        private readonly IEmailSender emailSender = new NoOpEmailSender();
+
+        public Task SendConfirmationLinkAsync(ApplicationUser user, string email, string confirmationLink) =>
+            emailSender.SendEmailAsync(email, "Confirm your email", $"Please confirm your account by <a href='{confirmationLink}'>clicking here</a>.");
+
+        public Task SendPasswordResetLinkAsync(ApplicationUser user, string email, string resetLink) =>
+            emailSender.SendEmailAsync(email, "Reset your password", $"Please reset your password by <a href='{resetLink}'>clicking here</a>.");
+
+        public Task SendPasswordResetCodeAsync(ApplicationUser user, string email, string resetCode) =>
+            emailSender.SendEmailAsync(email, "Reset your password", $"Please reset your password using the following code: {resetCode}");
+    }
+}

Areas/Identity/RevalidatingIdentityAuthenticationStateProvider.cs

@@ -0,0 +1,59 @@
+using System.Diagnostics.CodeAnalysis;
+using Microsoft.AspNetCore.Components;
+
+namespace BlazorAppAuthentication.Components.Account
+{
+    internal sealed class IdentityRedirectManager(NavigationManager navigationManager)
+    {
+        public const string StatusCookieName = "Identity.StatusMessage";
+
+        private static readonly CookieBuilder StatusCookieBuilder = new()
+        {
+            SameSite = SameSiteMode.Strict,
+            HttpOnly = true,
+            IsEssential = true,
+            MaxAge = TimeSpan.FromSeconds(5),
+        };
+
+        [DoesNotReturn]
+        public void RedirectTo(string? uri)
+        {
+            uri ??= "";
+
+            // Prevent open redirects.
+            if (!Uri.IsWellFormedUriString(uri, UriKind.Relative))
+            {
+                uri = navigationManager.ToBaseRelativePath(uri);
+            }
+
+            // During static rendering, NavigateTo throws a NavigationException which is handled by the framework as a redirect.
+            // So as long as this is called from a statically rendered Identity component, the InvalidOperationException is never thrown.
+            navigationManager.NavigateTo(uri);
+            throw new InvalidOperationException($"{nameof(IdentityRedirectManager)} can only be used during static rendering.");
+        }
+
+        [DoesNotReturn]
+        public void RedirectTo(string uri, Dictionary<string, object?> queryParameters)
+        {
+            var uriWithoutQuery = navigationManager.ToAbsoluteUri(uri).GetLeftPart(UriPartial.Path);
+            var newUri = navigationManager.GetUriWithQueryParameters(uriWithoutQuery, queryParameters);
+            RedirectTo(newUri);
+        }
+
+        [DoesNotReturn]
+        public void RedirectToWithStatus(string uri, string message, HttpContext context)
+        {
+            context.Response.Cookies.Append(StatusCookieName, message, StatusCookieBuilder.Build(context));
+            RedirectTo(uri);
+        }
+
+        private string CurrentPath => navigationManager.ToAbsoluteUri(navigationManager.Uri).GetLeftPart(UriPartial.Path);
+
+        [DoesNotReturn]
+        public void RedirectToCurrentPage() => RedirectTo(CurrentPath);
+
+        [DoesNotReturn]
+        public void RedirectToCurrentPageWithStatus(string message, HttpContext context)
+            => RedirectToWithStatus(CurrentPath, message, context);
+    }
+}