Aspnetcore: [Blazor] Support AllowAnonymous on Blazor

We've moved this issue to the Backlog milestone. This means that it is not going to be worked on for the coming release. We will reassess the backlog following the current release and consider this item at that time. To learn more about our issue management process and to have better expectation regarding different types of issues you can read our Triage Process.

Thanks for contacting us.
We're moving this issue to the Next sprint planning milestone for future evaluation / consideration. We will evaluate the request when we are planning the work for the next milestone. To learn more about what to expect next and how this issue will be handled you can read more about our triage process here.

I would like to help here but after quick check at this and discover this is already working
https://github.com/dotnet/aspnetcore/blob/40869f8969dbbf24b7668f0284c6abbf40ce093c/src/Components/Authorization/src/AttributeAuthorizeDataCache.cs#L28-L39

Am I missing something? @javiercn

@barahonajm we might have fixed this and forgot to close the issue.

I'm a bit puzzled, I would have swore this didn't work, (hence why I filed the issue at the time).

Yes, that's because I was getting a bit crazy because of the dates indicating this was already working before the issue was reported.

The issue here might be that AuthorizeView doesn't work properly with IAllowAnonymous since there is no way to bypass it. AuthorizeRouteView does the right thing, but AuthorizeView doesn't offer the option to use IAllowAnonymous, so I think I need to think a bit about it.

I'll have to give this a try I think to ensure it matches my expectations.

I see, I have not tried with AuthorizeView since I assumed this will be a valid code:

@page "/"
@attribute [Microsoft.AspNetCore.Authorization.AllowAnonymous]


<p>But you will see this</p>

<AuthorizeView>
    <h1>Hello, @context.User.Identity.Name!</h1>
    <p>You can only see this content if you're authenticated.</p>
</AuthorizeView>

Considering you have added [Authorize] into _imports.razor

Oh, is it possible that you are thinking on something like this:

@page "/"

<h1>Hello, @context.User.Identity.Name!</h1>
<p>You can only see this content if you're authenticated.</p>

<AuthorizeView AllowAnonymous>
    <p>You will see this</p>
</AuthorizeView>

Considering again that you have added [Authorize] into _imports.razor

@barahonajm yes, something like that. I lost context from the original issue that prompted me to file this issue, that's mainly why I need to go ahead and just try it out. It can also be that someone forces the user to be authenticated in the default authorization policy.

I honestly don't remember the exact details so I need to play with it.

Sure, after you remember the details, I can start working on this if it is still easy 🦊 😃

According to @javiercn, this issue no longer repros on the latest versions of Blazor so we've already resolved here.

@barahonajm Thanks for your interest in fixing this!