Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Blazor Wasm AD B2C] Authentication OnLogInSucceeded event fired multiple times.

See original GitHub issue

Is there an existing issue for this?

I have searched the existing issues

Describe the bug

There seems to be a few related issues:

By default the same token network request with scope: openid profile offline_access, grant_type: refresh_token is being called twice (is this necessary?). The authentication response time is already quite slow so this is pretty painful.
By default the OnLogInSucceeded event in RemoteAuthenticatorView is firing twice.
Passing [CascadingParameter] public Task<AuthenticationState>? AuthenticationState { get; set; } causes OnLogInSucceeded to fire three times. Is there a better way of retrieving the user claims here?
For application insights we need to set the AuthenticatedUserContext. By calling SetAuthenticatedUserContext the OnLoginSucceeded is being called four times!

Full code:

<RemoteAuthenticatorView Action="@Action" OnLogInSucceeded="OnLogInSucceeded" OnLogOutSucceeded="OnLogOutSucceeded" >
    <LogInFailed>
        <ErrorDisplay Title="Sorry, your login failed." RetryText="logging in again" RetryAction="RedirectToLogin" 
            OnError="@(() => LogError("LogInFailed"))" />
    </LogInFailed>
    <LogOutFailed>
        <ErrorDisplay Title="Sorry, log out operation failed." RetryText="refreshing the page" RetryAction="RefreshPage" 
            OnError="@(() => LogError("LogOutFailed"))" />
    </LogOutFailed>
</RemoteAuthenticatorView>

@code{

    [Parameter] public string? Action { get; set; }
    [CascadingParameter] public Task<AuthenticationState>? AuthenticationState { get; set; }

    private async Task OnLogInSucceeded()
    {
        Console.WriteLine("onlogin");
        var user = (await AuthenticationState!).User;
        await AppInsights.SetAuthenticatedUserContext(user.Id(), storeInCookie: true);
    }

    private async Task OnLogOutSucceeded()
    {
        Console.WriteLine("onlogout");
        await AppInsights.ClearAuthenticatedUserContext();
    }

Expected Behavior

scope: openid profile offline_access, grant_type: refresh_token token network request to be called once
OnLoginSucceeded to only be called once

Steps To Reproduce

Blazor WebAssembly standalone with Azure AD B2C

Exceptions (if any)

No response

.NET Version

6.0.101

Anything else?

No response

Issue Analytics

State:
Created 2 years ago
Reactions:2
Comments:11 (2 by maintainers)

Top GitHub Comments

2reactions

stephajncommented, Aug 11, 2022

Even if this issue won’t be fixed for .NET 7, the least Microsoft could do is provide some guidance on a workaround or recommended best practice to mitigate this issue. A list of do’s and don’ts even? Or an alternative way to do post-login work if there is one?

Anything would be helpful for this rather than leaving us out to dry on this because this can’t possibly be an edge use case for most developers.

2reactions

stephajncommented, Mar 7, 2022

This needs to be fixed sooner than .NET 7 planning stage. We are having this exact same issue. .NET 6.0.2 using Azure AD B2C. OnLoginSucceeded fires multiple times, which means that some post-login work we want to do can happen multiple times. It should happen just once and be dependable to fire only once, especially if we need to do any long running tasks during login like downloading some information from a Web API after the user has authenticated successfully.

Right now, I have to check the nonce value that comes back on the AdditionalProperties dictionary of the RemoteUserAccount and compare it to previous calls to know if I have done work before.

Lastly, shouldn’t OnLoginSucceeded complete before the application tries to initialize a destination page it is trying to navigate to?

Top Results From Across the Web

Using RemoteAuthenticatorView OnLogInSucceeded gives ...

For this application I use Azure B2C to auth, and I'm using redirect ... The event can trigger multiple times when being redirected...

Using RemoteAuthenticatorView OnLogInSucceeded gives a ...

Thanks to Zack Blazor Webassembly Authenticated Event, I was sent in a ... can trigger multiple times when being redirected from the Authentication...

Blazor WebAssembly Hosted app using Azure AD B2C

I have a Blazor WebAssembly Hosted C# application (.NET 6.0) using Azure AD B2C. On the B2C login screen, if the user clicks...

Secure a hosted ASP.NET Core Blazor WebAssembly app ...

This article explains how to create a hosted Blazor WebAssembly solution that uses Azure Active Directory (AAD) B2C for authentication.

Blazor Azure B2C Authentication and Authorization - YouTube

Blazor Azure B2C Authentication and Authorization. 8.4K views · 1 year ago #dotnet ... Blazor WebAssembly authentication with Azure AD.