[Blazor] Server security - Inject AuthenticationStateProvider for services scoped to a component - section removal

hakenr · web-flow · commit 7c17a3b75de3 · 2024-11-07T01:27:24.000+01:00
diff --git a/aspnetcore/blazor/security/server/index.md b/aspnetcore/blazor/security/server/index.md
@@ -284,118 +284,6 @@ To store additional claims from external providers, see <xref:security/authentic
 
 Specify the issuer explicitly when deploying to Azure App Service on Linux with Identity Server. For more information, see <xref:security/authentication/identity/spa#azure-app-service-on-linux>.
 
-## Inject `AuthenticationStateProvider` for services scoped to a component
-
-Don't attempt to resolve <xref:Microsoft.AspNetCore.Components.Authorization.AuthenticationStateProvider> within a custom scope because it results in the creation of a new instance of the <xref:Microsoft.AspNetCore.Components.Authorization.AuthenticationStateProvider> that isn't correctly initialized.
-
-To access the <xref:Microsoft.AspNetCore.Components.Authorization.AuthenticationStateProvider> within a service scoped to a component, inject the <xref:Microsoft.AspNetCore.Components.Authorization.AuthenticationStateProvider> with the [`@inject` directive](xref:mvc/views/razor#inject) or the [`[Inject]` attribute](xref:Microsoft.AspNetCore.Components.InjectAttribute) and pass it to the service as a parameter. This approach ensures that the correct, initialized instance of the <xref:Microsoft.AspNetCore.Components.Authorization.AuthenticationStateProvider> is used for each user app instance.
-  
-`ExampleService.cs`:
-
-```csharp
-public class ExampleService
-{
-    public async Task<string> ExampleMethod(AuthenticationStateProvider authStateProvider)
-    {
-        var authState = await authStateProvider.GetAuthenticationStateAsync();
-        var user = authState.User;
-
-        if (user.Identity is not null && user.Identity.IsAuthenticated)
-        {
-            return $"{user.Identity.Name} is authenticated.";
-        }
-        else
-        {
-            return "The user is NOT authenticated.";
-        }
-    }
-}
-```
-  
-Register the service as scoped. In a server-side Blazor app, scoped services have a lifetime equal to the duration of the client connection [circuit](xref:blazor/hosting-models#blazor-server).
-
-:::moniker range=">= aspnetcore-6.0"
-
-In the `Program` file:
-
-```csharp
-builder.Services.AddScoped<ExampleService>();
-```
-
-:::moniker-end
-
-:::moniker range="< aspnetcore-6.0"
-
-In `Startup.ConfigureServices` of `Startup.cs`:
-
-```csharp
-services.AddScoped<ExampleService>();
-```
-
-:::moniker-end
-
-In the following `InjectAuthStateProvider` component:
-
-* The component inherits <xref:Microsoft.AspNetCore.Components.OwningComponentBase>.
-* The <xref:Microsoft.AspNetCore.Components.Authorization.AuthenticationStateProvider> is injected and passed to `ExampleService.ExampleMethod`.
-* `ExampleService` is resolved with <xref:Microsoft.AspNetCore.Components.OwningComponentBase.ScopedServices?displayProperty=nameWithType> and <xref:Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService%2A>, which returns the correct, initialized instance of `ExampleService` that exists for the lifetime of the user's circuit.
-
-`InjectAuthStateProvider.razor`:
-
-:::moniker range=">= aspnetcore-8.0"
-
-```razor
-@page "/inject-auth-state-provider"
-@inherits OwningComponentBase
-@inject AuthenticationStateProvider AuthenticationStateProvider
-
-<h1>Inject <code>AuthenticationStateProvider</code> Example</h1>
-
-<p>@message</p>
-
-@code {
-    private string? message;
-    private ExampleService? ExampleService { get; set; }
-
-    protected override async Task OnInitializedAsync()
-    {
-        ExampleService = ScopedServices.GetRequiredService<ExampleService>();
-
-        message = await ExampleService.ExampleMethod(AuthenticationStateProvider);
-    }
-}
-```
-
-:::moniker-end
-
-:::moniker range="< aspnetcore-8.0"
-
-```razor
-@page "/inject-auth-state-provider"
-@inject AuthenticationStateProvider AuthenticationStateProvider
-@inherits OwningComponentBase
-
-<h1>Inject <code>AuthenticationStateProvider</code> Example</h1>
-
-<p>@message</p>
-
-@code {
-    private string? message;
-    private ExampleService? ExampleService { get; set; }
-
-    protected override async Task OnInitializedAsync()
-    {
-        ExampleService = ScopedServices.GetRequiredService<ExampleService>();
-
-        message = await ExampleService.ExampleMethod(AuthenticationStateProvider);
-    }
-}
-```
-
-:::moniker-end
-
-For more information, see the guidance on <xref:Microsoft.AspNetCore.Components.OwningComponentBase> in <xref:blazor/fundamentals/dependency-injection#owningcomponentbase>.
-
 ## Unauthorized content display while prerendering with a custom `AuthenticationStateProvider`
 
 To avoid showing unauthorized content, for example content in an [`AuthorizeView` component](xref:blazor/security/index#authorizeview-component), while prerendering with a [custom `AuthenticationStateProvider`](xref:blazor/security/authentication-state#implement-a-custom-authenticationstateprovider), adopt ***one*** of the following approaches:
