Overview
Explore authentication and authorization in Blazor with this comprehensive NDC London 2021 conference talk. Dive deep into the security model of Blazor, understanding the components involved and the differences between Blazor Server and Web Assembly. Learn how to integrate Blazor applications with Identity Server 4 and use OAuth for secure API calls. Discover the implementation of roles and policies to achieve greater abstraction over user permissions and actions. Examine the changes needed to support offline mode in Progressive Web Applications (PWAs). Cover topics such as the Object Model, Authorization Root View, Authentication State Provider, Blazor Server Providers, Blazor Web Assembly, Access Tokens, Roles implementation, Claims Principle Factory, Identity Server integration, Weather API, Permissions middleware, and custom array claims. Gain practical insights through demonstrations and examples to enhance your Blazor application's security architecture.
Syllabus
Introduction
Agenda
Object Model
Authorization Root View
Authentication State Provider
Blazor Server
Providers
Demo
Blazor Web Assembly
Supported Providers
Blazor
Access Tokens
How it works
Roles
Implementing Roles
Blazor Claims Principle Factory
The Problem with Roles
The Solution
Identity Server
Weather API
Permissions middleware
Blazor example
Blazor authorization policy provider
Blazor custom array claims
Taught by
NDC Conferences