Finalize First Working Login Flow on Blazor Server

Author: mckaragoz

samples/blazor-server/UltimateAuth.BlazorServer/Components/Pages/Home.razor

@@ -1,14 +1,21 @@
 @page "/"
+@inject IUAuthFlowService<UserId> FlowService
+@inject ISnackbar Snackbar
+@inject IHttpClientFactory Http
 
 <div class="uauth-page d-flex align-center justify-center">
     <MudStack Class="uauth-stack">
-        <MudText Typo="Typo.h4">Welcome to UltimateAuth!</MudText>
-        <MudStack>
-            <MudTextField @bind-Value="@_username" Variant="Variant.Outlined" Label="Username" />
-            <MudPasswordField @bind-Value="@_password" Variant="Variant.Outlined" Label="Password" />
-            <MudButton Variant="Variant.Filled" Color="Color.Primary" OnClick="LoginAsync">Login</MudButton>
-        </MudStack>
-        
+        <form method="post" action="/auth/login">
+            <MudText Typo="Typo.h4">Welcome to UltimateAuth!</MudText>
+            <!-- Hidden fields -->
+            <input type="hidden" name="Identifier" value="@_username" />
+            <input type="hidden" name="Secret" value="@_password" />
+
+            <!-- UI -->
+            <MudTextField @bind-Value="@_username" Variant="Variant.Outlined" Label="Username" Immediate="true" />
+            <MudPasswordField @bind-Value="@_password" Variant="Variant.Outlined" Label="Password" Immediate="true" />
+
+            <MudButton Variant="Variant.Filled" Color="Color.Primary" ButtonType="ButtonType.Submit">Login</MudButton>
+        </form>
     </MudStack>
-    
 </div>

samples/blazor-server/UltimateAuth.BlazorServer/Components/Pages/Home.razor.cs

@@ -1,4 +1,9 @@
-namespace UltimateAuth.BlazorServer.Components.Pages
+using CodeBeam.UltimateAuth.Core.Contracts;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Http;
+using MudBlazor;
+
+namespace UltimateAuth.BlazorServer.Components.Pages
 {
     public partial class Home
     {
@@ -8,6 +13,35 @@ public partial class Home
         private async Task LoginAsync()
         {
 
+            try
+            {
+                //var result = await FlowService.LoginAsync(new LoginRequest
+                //{
+                //    Identifier = _username!,
+                //    Secret = _password!
+                //});
+                var client = Http.CreateClient();
+                var result = await client.PostAsJsonAsync(
+                    "https://localhost:7213/auth/login",
+                    new LoginRequest
+                    {
+                        Identifier = _username!,
+                        Secret = _password!
+                    });
+
+
+                if (!result.IsSuccessStatusCode)
+                {
+                    Snackbar.Add("Login failed.", Severity.Info);
+                    return;
+                }
+
+                Snackbar.Add("Successfully logged in!", Severity.Success);
+            }
+            catch (Exception ex)
+            {
+                Snackbar.Add(ex.ToString(), Severity.Error);
+            }
         }
     }
 }

samples/blazor-server/UltimateAuth.BlazorServer/Components/_Imports.razor

@@ -9,5 +9,8 @@
 @using UltimateAuth.BlazorServer
 @using UltimateAuth.BlazorServer.Components
 
+@using CodeBeam.UltimateAuth.Core.Abstractions
+@using CodeBeam.UltimateAuth.Core.Domain
+
 @using MudBlazor
 @using MudExtensions

samples/blazor-server/UltimateAuth.BlazorServer/Program.cs

@@ -3,6 +3,7 @@
 using CodeBeam.UltimateAuth.Server.Extensions;
 using CodeBeam.UltimateAuth.Sessions.InMemory;
 using CodeBeam.UltimateAuth.Tokens.InMemory;
+using Microsoft.AspNetCore.Components;
 using MudBlazor.Services;
 using MudExtensions.Services;
 using UltimateAuth.BlazorServer.Components;
@@ -19,19 +20,28 @@
 builder.Services.AddAuthentication();
 builder.Services.AddAuthorization();
 
+builder.Services.AddHttpContextAccessor();
+
 
 builder.Services.AddUltimateAuthServer()
     .AddInMemoryCredentials()
     .AddUltimateAuthInMemorySessions()
     .AddUltimateAuthInMemoryTokens()
     .AddUltimateAuthArgon2();
 
-
 builder.Services.AddHttpClient("AuthApi", client =>
 {
-    client.BaseAddress = new Uri(builder.Configuration["App:BaseUrl"]!);
+    client.BaseAddress = new Uri("https://localhost:7213");
+})
+.ConfigurePrimaryHttpMessageHandler(() =>
+{
+    return new HttpClientHandler
+    {
+        UseCookies = true
+    };
 });
 
+
 var app = builder.Build();
 
 // Configure the HTTP request pipeline.

src/CodeBeam.UltimateAuth.Core/Infrastructure/Authority/DefaultAuthAuthority.cs

@@ -8,6 +8,12 @@ public sealed class DefaultAuthAuthority : IAuthAuthority
         private readonly IEnumerable<IAuthorityInvariant> _invariants;
         private readonly IEnumerable<IAuthorityPolicy> _policies;
 
+        public DefaultAuthAuthority(IEnumerable<IAuthorityInvariant> invariants, IEnumerable<IAuthorityPolicy> policies)
+        {
+            _invariants = invariants ?? Array.Empty<IAuthorityInvariant>();
+            _policies = policies ?? Array.Empty<IAuthorityPolicy>();
+        }
+
         public AuthorizationResult Decide(AuthContext context)
         {
             // 1. Invariants

src/CodeBeam.UltimateAuth.Core/Infrastructure/UAuthRefreshTokenResolver.cs

@@ -3,28 +3,20 @@
 
 namespace CodeBeam.UltimateAuth.Core.Infrastructure
 {
-    internal sealed class StoreRefreshTokenResolver<TUserId>
-        : IRefreshTokenResolver<TUserId>
+    public sealed class UAuthRefreshTokenResolver<TUserId> : IRefreshTokenResolver<TUserId>
     {
         private readonly ISessionStoreFactory _sessionStoreFactory;
         private readonly ITokenStoreFactory _tokenStoreFactory;
         private readonly ITokenHasher _hasher;
 
-        public StoreRefreshTokenResolver(
-            ISessionStoreFactory sessionStoreFactory,
-            ITokenStoreFactory tokenStoreFactory,
-            ITokenHasher hasher)
+        public UAuthRefreshTokenResolver(ISessionStoreFactory sessionStoreFactory, ITokenStoreFactory tokenStoreFactory, ITokenHasher hasher)
         {
             _sessionStoreFactory = sessionStoreFactory;
             _tokenStoreFactory = tokenStoreFactory;
             _hasher = hasher;
         }
 
-        public async Task<ResolvedRefreshSession<TUserId>?> ResolveAsync(
-            string? tenantId,
-            string refreshToken,
-            DateTimeOffset now,
-            CancellationToken ct = default)
+        public async Task<ResolvedRefreshSession<TUserId>?> ResolveAsync(string? tenantId, string refreshToken, DateTimeOffset now, CancellationToken ct = default)
         {
             var tokenHash = _hasher.Hash(refreshToken);
 

src/CodeBeam.UltimateAuth.Server/Endpoints/DefaultLoginEndpointHandler.cs

@@ -2,6 +2,7 @@
 using CodeBeam.UltimateAuth.Core.Contracts;
 using CodeBeam.UltimateAuth.Server.Abstractions;
 using CodeBeam.UltimateAuth.Server.Contracts;
+using CodeBeam.UltimateAuth.Server.Cookies;
 using CodeBeam.UltimateAuth.Server.Endpoints;
 using CodeBeam.UltimateAuth.Server.Extensions;
 using CodeBeam.UltimateAuth.Server.MultiTenancy;
@@ -13,26 +14,39 @@ public sealed class DefaultLoginEndpointHandler<TUserId> : ILoginEndpointHandler
     private readonly IDeviceResolver _deviceResolver;
     private readonly ITenantResolver _tenantResolver;
     private readonly IClock _clock;
+    private readonly IUAuthSessionCookieManager _cookieManager;
 
     public DefaultLoginEndpointHandler(
         IUAuthFlowService<TUserId> flow,
         IDeviceResolver deviceResolver,
         ITenantResolver tenantResolver,
-        IClock clock)
+        IClock clock,
+        IUAuthSessionCookieManager cookieManager)
     {
         _flow = flow;
         _deviceResolver = deviceResolver;
         _tenantResolver = tenantResolver;
         _clock = clock;
+        _cookieManager = cookieManager;
     }
 
     public async Task<IResult> LoginAsync(HttpContext ctx)
     {
-        var request = await ctx.Request.ReadFromJsonAsync<LoginRequest>();
-        if (request is null)
-            return Results.BadRequest("Invalid login request.");
+        if (!ctx.Request.HasFormContentType)
+            return Results.BadRequest("Invalid content type.");
+
+        var form = await ctx.Request.ReadFormAsync();
+
+        var request = new LoginRequest
+        {
+            Identifier = form["Identifier"],
+            Secret = form["Secret"]
+        };
+
+        if (string.IsNullOrWhiteSpace(request.Identifier) ||
+            string.IsNullOrWhiteSpace(request.Secret))
+            return Results.Redirect("/login?error=invalid");
 
-        // Middleware should have already resolved the tenant
         var tenantCtx = ctx.GetTenantContext();
 
         var flowRequest = request with
@@ -44,23 +58,54 @@ public async Task<IResult> LoginAsync(HttpContext ctx)
 
         var result = await _flow.LoginAsync(flowRequest, ctx.RequestAborted);
 
-        return result.Status switch
-        {
-            LoginStatus.Success => Results.Ok(new LoginResponse
-            {
-                SessionId = result.SessionId,
-                AccessToken = result.AccessToken,
-                RefreshToken = result.RefreshToken
-            }),
-
-            LoginStatus.RequiresContinuation => Results.Ok(new LoginResponse
-            {
-                Continuation = result.Continuation
-            }),
+        if (!result.IsSuccess)
+            return Results.Redirect("/login?error=invalid");
 
-            LoginStatus.Failed => Results.Unauthorized(),
+        _cookieManager.Issue(ctx, result.SessionId!.Value);
 
-            _ => Results.StatusCode(StatusCodes.Status500InternalServerError)
-        };
+        return Results.Redirect("/");
     }
+
+    //public async Task<IResult> LoginAsync(HttpContext ctx)
+    //{
+    //    var request = await ctx.Request.ReadFromJsonAsync<LoginRequest>();
+    //    if (request is null)
+    //        return Results.BadRequest("Invalid login request.");
+
+    //    // Middleware should have already resolved the tenant
+    //    var tenantCtx = ctx.GetTenantContext();
+
+    //    var flowRequest = request with
+    //    {
+    //        TenantId = tenantCtx.TenantId,
+    //        At = _clock.UtcNow,
+    //        DeviceInfo = _deviceResolver.Resolve(ctx)
+    //    };
+
+    //    var result = await _flow.LoginAsync(flowRequest, ctx.RequestAborted);
+
+    //    if (result.IsSuccess)
+    //    {
+    //        _cookieManager.Issue(ctx, result.SessionId.Value);
+    //    }
+
+    //    return result.Status switch
+    //    {
+    //        LoginStatus.Success => Results.Ok(new LoginResponse
+    //        {
+    //            SessionId = result.SessionId,
+    //            AccessToken = result.AccessToken,
+    //            RefreshToken = result.RefreshToken
+    //        }),
+
+    //        LoginStatus.RequiresContinuation => Results.Ok(new LoginResponse
+    //        {
+    //            Continuation = result.Continuation
+    //        }),
+
+    //        LoginStatus.Failed => Results.Unauthorized(),
+
+    //        _ => Results.StatusCode(StatusCodes.Status500InternalServerError)
+    //    };
+    //}
 }

src/CodeBeam.UltimateAuth.Server/Endpoints/LoginEndpointHandlerBridge.cs

@@ -0,0 +1,19 @@
+using CodeBeam.UltimateAuth.Core.Domain;
+using Microsoft.AspNetCore.Http;
+
+namespace CodeBeam.UltimateAuth.Server.Endpoints
+{
+    internal sealed class LoginEndpointHandlerBridge : ILoginEndpointHandler
+    {
+        private readonly DefaultLoginEndpointHandler<UserId> _inner;
+
+        public LoginEndpointHandlerBridge(DefaultLoginEndpointHandler<UserId> inner)
+        {
+            _inner = inner;
+        }
+
+        public Task<IResult> LoginAsync(HttpContext ctx)
+            => _inner.LoginAsync(ctx);
+    }
+
+}

src/CodeBeam.UltimateAuth.Server/Endpoints/UAuthEndpointDefaultsMap.cs

@@ -9,8 +9,15 @@ namespace CodeBeam.UltimateAuth.Server.Endpoints
     /// </summary>
     internal static class UAuthEndpointDefaultsMap
     {
-        public static UAuthEndpointDefaults ForMode(UAuthMode mode)
+        public static UAuthEndpointDefaults ForMode(UAuthMode? mode)
         {
+            if (!mode.HasValue)
+            {
+                throw new InvalidOperationException(
+                    "UAuthMode must be resolved before endpoint mapping. " +
+                    "Ensure ClientProfile defaults are applied.");
+            }
+
             return mode switch
             {
                 UAuthMode.PureOpaque => new UAuthEndpointDefaults

src/CodeBeam.UltimateAuth.Server/Endpoints/UAuthEndpointRegistrar.cs

@@ -11,6 +11,7 @@ public interface IAuthEndpointRegistrar
         void MapEndpoints(RouteGroupBuilder rootGroup, UAuthServerOptions options);
     }
 
+    // TODO: Add Scalar/Swagger integration
     public class UAuthEndpointRegistrar : IAuthEndpointRegistrar
     {
         public void MapEndpoints(RouteGroupBuilder rootGroup, UAuthServerOptions options)