Move SignOutManager inside RemoteAuthenticatorViewCore

Author: javiercn

src/Components/Blazor/WebAssembly.Authentication/src/Microsoft.AspNetCore.Components.WebAssembly.Authentication.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk.Razor">
+<Project Sdk="Microsoft.NET.Sdk.Razor">
 
   <Sdk Name="Yarn.MSBuild" />
 
@@ -12,6 +12,7 @@
 
   <ItemGroup>
     <Reference Include="Microsoft.AspNetCore.Components.Authorization" />
+    <Reference Include="Microsoft.AspNetCore.Components.Web" />
   </ItemGroup>
 
   <ItemGroup>

src/Components/Blazor/WebAssembly.Authentication/src/RemoteAuthenticatorViewCore.cs

@@ -99,10 +99,16 @@ public class RemoteAuthenticatorViewCore<TAuthenticationState> : ComponentBase w
         /// </summary>
         [Inject] public AuthenticationStateProvider AuthenticationProvider { get; set; }
 
+        /// <summary>
+        /// Gets or sets a default <see cref="AuthenticationStateProvider"/> with the current user.
+        /// </summary>
+        [Inject] public SignOutSessionStateManager SignOutManager { get; set; }
+
         /// <summary>
         /// Gets or sets the <see cref="RemoteAuthenticationApplicationPathsOptions"/> with the paths to different authentication pages.
         /// </summary>
-        [Parameter] public RemoteAuthenticationApplicationPathsOptions ApplicationPaths
+        [Parameter]
+        public RemoteAuthenticationApplicationPathsOptions ApplicationPaths
         {
             get => _applicationPaths ?? RemoteApplicationPathsProvider.ApplicationPaths;
             set => _applicationPaths = value;
@@ -249,10 +255,18 @@ private async Task ProcessLogInCallback()
 
         private async Task ProcessLogOut(string returnUrl)
         {
+            if (!await SignOutManager.ValidateSignOutState())
+            {
+                var uri = $"{Navigation.ToAbsoluteUri(ApplicationPaths.LogOutFailedPath)}?message={Uri.EscapeDataString("The logout was not initiated from within the page.")}";
+                Navigation.NavigateTo(uri);
+
+                return;
+            }
+
             AuthenticationState.ReturnUrl = returnUrl;
+
             var state = await AuthenticationProvider.GetAuthenticationStateAsync();
             var isauthenticated = state.User.Identity.IsAuthenticated;
-
             if (isauthenticated)
             {
                 var result = await AuthenticationService.SignOutAsync(new RemoteAuthenticationContext<TAuthenticationState> { State = AuthenticationState });

src/Components/Blazor/WebAssembly.Authentication/src/Services/SignOutSessionStateManager.cs

@@ -19,18 +19,13 @@ public class SignOutSessionStateManager
             PropertyNameCaseInsensitive = true,
         };
 
-        /// <summary>
-        /// Gets the validity of the sign out state.
-        /// </summary>
-        public bool ValidSignOutState { get; private set; } = false;
-
         public SignOutSessionStateManager(IJSRuntime jsRuntime) => _jsRuntime = jsRuntime;
 
         /// <summary>
         /// Sets up some state in session storage to allow for logouts from within the <see cref="RemoteAuthenticationDefaults.LogoutPath"/> page.
         /// </summary>
         /// <returns>A <see cref="ValueTask"/> that completes when the state has been saved to session storage.</returns>
-        public ValueTask SetSignOutState()
+        public virtual ValueTask SetSignOutState()
         {
             return _jsRuntime.InvokeVoidAsync(
                 "sessionStorage.setItem",
@@ -43,16 +38,16 @@ public ValueTask SetSignOutState()
         /// logouts from within the <see cref="RemoteAuthenticationDefaults.LogoutPath"/> page.
         /// </summary>
         /// <returns>A <see cref="ValueTask{bool}"/> that completes when the state has been validated and indicates the validity of the state.</returns>
-        public async Task<bool> ValidateSignOutState()
+        public virtual async Task<bool> ValidateSignOutState()
         {
             var state = await GetSignOutState();
             if (state.Local)
             {
                 await ClearSignOutState();
-                ValidSignOutState = true;
+                return true;
             }
 
-            return ValidSignOutState;
+            return false;
         }
 
         private async ValueTask<SignOutState> GetSignOutState()

src/Components/Blazor/WebAssembly.Authentication/src/SignOut.razor

@@ -0,0 +1,20 @@
+@using Microsoft.AspNetCore.Components
+@using Microsoft.AspNetCore.Components.Web
+@using Microsoft.AspNetCore.Components.WebAssembly.Authentication.Infrastructure
+@OnSignOut(BeginSignOut)
+@code {
+
+    [Parameter] public RenderFragment<Func<MouseEventArgs,Task>> OnSignOut { get; set; }
+
+    [Inject] public SignOutSessionStateManager SignOutManager { get; set; }
+
+    [Inject] public NavigationManager Navigation { get; set; }
+
+    [Inject] public IRemoteAuthenticationPathsProvider Paths { get; set; }
+
+    public async Task BeginSignOut(MouseEventArgs args)
+    {
+        await SignOutManager.SetSignOutState();
+        Navigation.NavigateTo(Paths.ApplicationPaths.LogOutPath);
+    }
+}