Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Blazor ROPC #33749

Merged
merged 14 commits into from
Oct 8, 2024
Merged

Blazor ROPC #33749

merged 14 commits into from
Oct 8, 2024

Conversation

guardrex
Copy link
Collaborator

@guardrex guardrex commented Sep 30, 2024
edited by github-actions bot
Loading

Fixes #33744
Fixes #33784

I needed a special INCLUDE for Blazor to distinguish between client-side/SPA and server-side Blazor projects. I also prefer to use the word "project" in the BWA/server-side context over "app" because BWA/hosted WASM is a solution of two or more projects that have different security requirements.

Internal previews

Toggle expand/collapse
📄 File 🔗 Preview link
aspnetcore/blazor/blazor-ef-core.md aspnetcore/blazor/blazor-ef-core
aspnetcore/blazor/components/data-binding.md aspnetcore/blazor/components/data-binding
aspnetcore/blazor/security/blazor-web-app-with-oidc.md aspnetcore/blazor/security/blazor-web-app-with-oidc
aspnetcore/blazor/security/index.md aspnetcore/blazor/security/index
aspnetcore/blazor/security/server/account-confirmation-and-password-recovery.md aspnetcore/blazor/security/server/account-confirmation-and-password-recovery
aspnetcore/blazor/security/server/index.md aspnetcore/blazor/security/server/index
aspnetcore/blazor/security/webassembly/index.md aspnetcore/blazor/security/webassembly/index
aspnetcore/blazor/security/webassembly/standalone-with-identity.md aspnetcore/blazor/security/webassembly/standalone-with-identity
aspnetcore/blazor/tutorials/movie-database-app/part-1.md aspnetcore/blazor/tutorials/movie-database-app/part-1
aspnetcore/blazor/tutorials/movie-database-app/part-2.md aspnetcore/blazor/tutorials/movie-database-app/part-2
aspnetcore/blazor/tutorials/movie-database-app/part-4.md aspnetcore/blazor/tutorials/movie-database-app/part-4

@guardrex guardrex self-assigned this Sep 30, 2024
Rick-Anderson
Rick-Anderson approved these changes Sep 30, 2024
View reviewed changes
Copy link
Contributor

@Rick-Anderson Rick-Anderson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A++ work as usual for you.

aspnetcore/blazor/security/server/index.md Outdated Show resolved Hide resolved
aspnetcore/blazor/security/webassembly/index.md Outdated Show resolved Hide resolved
@Rick-Anderson Rick-Anderson mentioned this pull request Oct 4, 2024
Closed
@guardrex
Copy link
Collaborator Author

guardrex commented Oct 7, 2024

I think we'll go ahead and merge this tomorrow (Monday) EOD. I think the only significant question is on if env vars offer enough protection for test/staging. Right now, the updates on this PR advise not to use them except in local dev testing, along with the Secret Manager tool.

@guardrex guardrex mentioned this pull request Oct 7, 2024
Closed
@guardrex
Copy link
Collaborator Author

guardrex commented Oct 7, 2024
edited
Loading

BTW ... As soon as this goes in, I'll be updating the BWA+OIDC sample app and article with guidance to use the Secret Manager tool for the client secret. Tracked by 👉 #33804.

As for the upcoming BWA+Entra sample app and article, it will be set up in the PR that establishes the article.

@guardrex guardrex mentioned this pull request Oct 7, 2024
Closed
@guardrex
Copy link
Collaborator Author

guardrex commented Oct 8, 2024
edited
Loading

@Rick-Anderson ... Try it now. I ended up using "recommendation" language similar to what you used on your PR.

@guardrex guardrex mentioned this pull request Oct 8, 2024
Merged
@guardrex guardrex merged commit 2dbbc89 into main Oct 8, 2024
3 checks passed
@guardrex guardrex deleted the guardrex/blazor-ropc branch October 8, 2024 22:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Rick-Anderson Rick-Anderson Rick-Anderson approved these changes

@danroth27 danroth27 Awaiting requested review from danroth27

@mkArtakMSFT mkArtakMSFT Awaiting requested review from mkArtakMSFT

Assignees

@guardrex guardrex

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ROPC: suggest and review Blazor updates ROPC: Blazor node
2 participants
@guardrex @Rick-Anderson