Merge to Live (#35561)

guardrex · web-flow · commit a28b6baa7985 · 2025-06-02T09:13:09.000-05:00
diff --git a/aspnetcore/blazor/security/additional-scenarios.md b/aspnetcore/blazor/security/additional-scenarios.md
@@ -34,19 +34,21 @@ using Microsoft.AspNetCore.Authentication;
 
 public class AuthenticationProcessor(IHttpContextAccessor httpContextAccessor)
 {
-    public string? GetAccessToken()
+    public async Task<string?> GetAccessToken()
     {
+        if (httpContextAccessor.HttpContext is null)
+        {
+            throw new Exception("HttpContext not available");
+        }
+
         // Approach 1: Call 'GetTokenAsync'
-        var accessToken = httpContextAccessor.HttpContext?
-            .GetTokenAsync("access_token").Result ??
-            throw new Exception("No access token");
+        var accessToken = await httpContextAccessor.HttpContext
+            .GetTokenAsync("access_token");
 
         // Approach 2: Authenticate the user and call 'GetTokenValue'
         /*
-        var authResult = httpContextAccessor.HttpContext?
-            .AuthenticateAsync().Result;
-        var accessToken = authResult?.Properties?
-            .GetTokenValue("access_token");
+        var authResult = await httpContextAccessor.HttpContext.AuthenticateAsync();
+        var accessToken = authResult?.Properties?.GetTokenValue("access_token");
         */
 
         return accessToken;
@@ -121,9 +123,17 @@ public class TokenHandler(IHttpContextAccessor httpContextAccessor) :
     protected override async Task<HttpResponseMessage> SendAsync(
         HttpRequestMessage request, CancellationToken cancellationToken)
     {
-        var accessToken = httpContextAccessor.HttpContext?
-            .GetTokenAsync("access_token").Result ?? 
+        if (httpContextAccessor.HttpContext is null)
+        {
+            throw new Exception("HttpContext not available");
+        }
+
+        var accessToken = await httpContextAccessor.HttpContext.GetTokenAsync("access_token");
+
+        if (accessToken is null)
+        {
             throw new Exception("No access token");
+        }
 
         request.Headers.Authorization =
             new AuthenticationHeaderValue("Bearer", accessToken);
@@ -178,15 +188,15 @@ At this point, an <xref:System.Net.Http.HttpClient> created by a component can m
 
 ```csharp
 using var request = new HttpRequestMessage(HttpMethod.Get, "{REQUEST URI}");
-using var client = ClientFactory.CreateClient("{HTTP CLIENT NAME}");
+var client = ClientFactory.CreateClient("{HTTP CLIENT NAME}");
 using var response = await client.SendAsync(request);
 ```
 
 Example:
 
 ```csharp
 using var request = new HttpRequestMessage(HttpMethod.Get, "/weather-forecast");
-using var client = ClientFactory.CreateClient("ExternalApi");
+var client = ClientFactory.CreateClient("ExternalApi");
 using var response = await client.SendAsync(request);
 ```
 
@@ -868,7 +878,14 @@ public class AuthenticationStateHandler(
     {
         var authStateProvider = circuitServicesAccessor.Services?
             .GetRequiredService<AuthenticationStateProvider>();
-        var authState = authStateProvider?.GetAuthenticationStateAsync().Result;
+
+        if (authStateProvider is null)
+        {
+            throw new Exception("AuthenticationStateProvider not available");
+        }
+
+        var authState = await authStateProvider.GetAuthenticationStateAsync();
+
         var user = authState?.User;
 
         if (user?.Identity is not null && user.Identity.IsAuthenticated)
diff --git a/aspnetcore/blazor/security/webassembly/additional-scenarios.md b/aspnetcore/blazor/security/webassembly/additional-scenarios.md
@@ -349,7 +349,7 @@ The configured <xref:System.Net.Http.HttpClient> is used to make authorized requ
     {
         try
         {
-            using var client = ClientFactory.CreateClient("WebAPI");
+            var client = ClientFactory.CreateClient("WebAPI");
 
             var examples = 
                 await client.GetFromJsonAsync<ExampleType[]>("ExampleAPIMethod");
@@ -551,7 +551,7 @@ A component creates the <xref:System.Net.Http.HttpClient> from the <xref:System.
 @code {
     protected override async Task OnInitializedAsync()
     {
-        using var client = ClientFactory.CreateClient("WebAPI.NoAuthenticationClient");
+        var client = ClientFactory.CreateClient("WebAPI.NoAuthenticationClient");
 
         var examples = await client.GetFromJsonAsync<ExampleType[]>(
             "ExampleNoAuthentication");

Original file line number	Diff line number	Diff line change
`@@ -349,7 +349,7 @@ The configured <xref:System.Net.Http.HttpClient> is used to make authorized requ`
`349`	`349`	`{`
`350`	`350`	`try`
`351`	`351`	`{`
`352`		`- using var client = ClientFactory.CreateClient("WebAPI");`
	`352`	`+ var client = ClientFactory.CreateClient("WebAPI");`
`353`	`353`
`354`	`354`	`var examples =`
`355`	`355`	`await client.GetFromJsonAsync<ExampleType[]>("ExampleAPIMethod");`
`@@ -551,7 +551,7 @@ A component creates the <xref:System.Net.Http.HttpClient> from the <xref:System.`
`551`	`551`	`@code {`
`552`	`552`	`protected override async Task OnInitializedAsync()`
`553`	`553`	`{`
`554`		`- using var client = ClientFactory.CreateClient("WebAPI.NoAuthenticationClient");`
	`554`	`+ var client = ClientFactory.CreateClient("WebAPI.NoAuthenticationClient");`
`555`	`555`
`556`	`556`	`var examples = await client.GetFromJsonAsync<ExampleType[]>(`
`557`	`557`	`"ExampleNoAuthentication");`