Skip to content

fix(Layout): authorization failure in virtual directory mode #6086

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
May 23, 2025
Merged

fix(Layout): authorization failure in virtual directory mode #6086

merged 8 commits into from
May 23, 2025
+37 −3

Conversation

@ArgoZhang
Copy link
Member

@ArgoZhang ArgoZhang commented May 23, 2025
edited by sourcery-ai bot
Loading

Link issues

fixes #6055

Summary By Copilot

Regression?

  • Yes
  • No

Risk

  • High
  • Medium
  • Low

Verification

  • Manual (required)
  • Automated

Packaging changes reviewed?

  • Yes
  • No
  • N/A

☑️ Self Check before Merge

⚠️ Please check all items below before review. ⚠️

  • Doc is updated/provided or not needed
  • Demo is updated/provided or not needed
  • Merge the latest code from the main branch

Summary by Sourcery

Add a utility method to NavigationManager to strip query strings and fragments, update layout logic to use it for route matching, and add tests to fix authorization failures in virtual directory mode.

Bug Fixes:

  • Fix authorization in virtual directory mode by ignoring query strings and fragments when matching routes.

Enhancements:

  • Introduce ToBaseRelativePathWithoutQueryAndFragment extension on NavigationManager.
  • Update Layout component to use the new method for route context creation.

Tests:

  • Add unit tests for the ToBaseRelativePathWithoutQueryAndFragment extension.

@sourcery-ai
Copy link
Contributor

sourcery-ai bot commented May 23, 2025
edited
Loading

Reviewer's Guide

This PR introduces a new extension to normalize navigation paths by removing query strings and fragments, updates the Layout component to use it for authorization in virtual directory scenarios, and adds unit tests to validate the new logic.

Sequence Diagram: Layout Component Authorization Flow with URL Normalization

sequenceDiagram
    participant L as LayoutComponent
    participant NM as NavigationManager
    participant RTF as RouteTableFactory
    participant AuthH as AuthorizationHandler

    L->>NM: Call ToBaseRelativePathWithoutQueryAndFragment()
    activate NM
    NM-->>L: returns normalizedUrl
    deactivate NM

    L->>RTF: Create(AdditionalAssemblies, normalizedUrl)
    activate RTF
    RTF-->>L: returns routeContext
    deactivate RTF

    L->>AuthH: routeContext.Handler.IsAuthorizedAsync(...)
    activate AuthH
    AuthH-->>L: returns isAuthenticated
    deactivate AuthH
Loading

Class Diagram: Navigation Path Normalization Feature

classDiagram
    class NavigationManagerExtensions {
        +static ToBaseRelativePathWithoutQueryAndFragment(NavigationManager navigationManager) string
    }
    class Layout {
        <<Blazor Component>>
        #OnInitializedAsync() void
        -NavigationManager Navigation
    }
    Layout ..> NavigationManagerExtensions : uses
    Layout *-- NavigationManager : aggregation
Loading

File-Level Changes

Change Details Files
Add method to strip query strings and fragments from base-relative paths
  • Defined ToBaseRelativePathWithoutQueryAndFragment extension
  • Extracted path via ToBaseRelativePath
  • Removed content after '?' and '#'
  • Returned the cleaned relative URL
 src/BootstrapBlazor/Extensions/NavigationManagerExtensions.cs
Replace absolute URI handling in Layout with normalized relative path
  • Called ToBaseRelativePathWithoutQueryAndFragment instead of ToAbsoluteUri and LocalPath
  • Passed cleaned path into RouteTableFactory.Create
 src/BootstrapBlazor/Components/Layout/Layout.razor.cs
Add unit tests for new path normalization method
  • Created tests for query string stripping
  • Created tests for fragment stripping
  • Asserted expected base-relative output
 test/UnitTest/Extensions/NavigationManagerExtensionsTest.cs

Assessment against linked issues

Issue Objective Addressed Explanation
#6055 Fix authorization failure when the website is deployed in an IIS sub-path with Keycloak authentication.
#6055 Ensure the Layout component correctly validates the URL for authentication in the specified deployment scenario.

Possibly linked issues

Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@bb-auto bb-auto bot added the question Question that needs to be answered label May 23, 2025
@bb-auto bb-auto bot added this to the v9.6.0 milestone May 23, 2025
@ArgoZhang ArgoZhang added bug Something isn't working and removed question Question that needs to be answered labels May 23, 2025
@codecov
Copy link

codecov bot commented May 23, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (2b7554a) to head (661115e).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff            @@
##              main     #6086   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files          701       701           
  Lines        30956     30970   +14     
  Branches      4378      4380    +2     
=========================================
+ Hits         30956     30970   +14

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

sourcery-ai[bot]
sourcery-ai bot previously approved these changes May 23, 2025
View reviewed changes
Copy link
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @ArgoZhang - I've reviewed your changes and they look great!

Here's what I looked at during the review
  • 🟡 General issues: 1 issue found
  • 🟢 Security: all looks good
  • 🟢 Testing: all looks good
  • 🟢 Complexity: all looks good
  • 🟢 Documentation: all looks good
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@ArgoZhang
Copy link
Member Author

ArgoZhang commented May 23, 2025

@sourcery-ai review

@ArgoZhang ArgoZhang enabled auto-merge (squash) May 23, 2025 11:51
@ArgoZhang
Copy link
Member Author

ArgoZhang commented May 23, 2025

@sourcery-ai review

@ArgoZhang ArgoZhang disabled auto-merge May 23, 2025 11:56
@ArgoZhang ArgoZhang merged commit a86514f into main May 23, 2025
6 checks passed
@ArgoZhang ArgoZhang deleted the fix-layout branch May 23, 2025 11:56
sourcery-ai[bot]
sourcery-ai bot approved these changes May 23, 2025
View reviewed changes
Copy link
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @ArgoZhang - I've reviewed your changes and they look great!

Here's what I looked at during the review
  • 🟢 General issues: all looks good
  • 🟢 Security: all looks good
  • 🟡 Testing: 1 issue found
  • 🟢 Complexity: all looks good
  • 🟢 Documentation: all looks good
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

sourcery-ai[bot]
sourcery-ai bot approved these changes May 23, 2025
View reviewed changes
Copy link
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @ArgoZhang - I've reviewed your changes and they look great!

Here's what I looked at during the review
  • 🟢 General issues: all looks good
  • 🟢 Security: all looks good
  • 🟢 Testing: all looks good
  • 🟢 Complexity: all looks good
  • 🟢 Documentation: all looks good
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] approved these changes

Assignees

@ArgoZhang ArgoZhang

Labels

bug Something isn't working

Projects

None yet

Milestone

v9.6.0

Development

Successfully merging this pull request may close these issues.

bug(Layout): 虚拟目录发布模式授权失败

2 participants

@ArgoZhang