Make DefaultAntiforgeryStateProvider shared source

javiercn · javiercn · commit d89743bf1dc5 · 2023-07-04T17:33:56.000+02:00
diff --git a/src/Components/Endpoints/src/DependencyInjection/RazorComponentsServiceCollectionExtensions.cs b/src/Components/Endpoints/src/DependencyInjection/RazorComponentsServiceCollectionExtensions.cs
@@ -64,7 +64,7 @@ public static IRazorComponentsBuilder AddRazorComponents(this IServiceCollection
         services.TryAddScoped<IFormValueSupplier, DefaultFormValuesSupplier>();
         services.TryAddEnumerable(ServiceDescriptor.Scoped<CascadingModelBindingProvider, CascadingQueryModelBindingProvider>());
         services.TryAddEnumerable(ServiceDescriptor.Scoped<CascadingModelBindingProvider, CascadingFormModelBindingProvider>());
-        services.TryAddScoped<AntiforgeryStateProvider, EndpointAntiforgeryStateProvider>();
+        services.TryAddScoped<DefaultAntiforgeryStateProvider, EndpointAntiforgeryStateProvider>();
         return new DefaultRazorComponentsBuilder(services);
     }
 
diff --git a/src/Components/Endpoints/src/Forms/EndpointAntiforgeryStateProvider.cs b/src/Components/Endpoints/src/Forms/EndpointAntiforgeryStateProvider.cs
@@ -7,7 +7,7 @@
 
 namespace Microsoft.AspNetCore.Components.Endpoints.Forms;
 
-internal class EndpointAntiforgeryStateProvider(IAntiforgery antiforgery, PersistentComponentState state) : AntiforgeryStateProvider(state)
+internal class EndpointAntiforgeryStateProvider(IAntiforgery antiforgery, PersistentComponentState state) : DefaultAntiforgeryStateProvider(state)
 {
     private HttpContext? _context;
 
diff --git a/src/Components/Endpoints/src/Microsoft.AspNetCore.Components.Endpoints.csproj b/src/Components/Endpoints/src/Microsoft.AspNetCore.Components.Endpoints.csproj
@@ -35,6 +35,7 @@
     <Compile Include="$(RepoRoot)src\Shared\Components\ProtectedPrerenderComponentApplicationStore.cs" LinkBase="DependencyInjection" />
     <Compile Include="$(RepoRoot)src\Shared\ClosedGenericMatcher\ClosedGenericMatcher.cs" LinkBase="Binding" />
     <Compile Include="$(ComponentsSharedSourceRoot)src\CacheHeaderSettings.cs" Link="Shared\CacheHeaderSettings.cs" />
+    <Compile Include="$(ComponentsSharedSourceRoot)src\DefaultAntiforgeryStateProvider.cs" LinkBase="Forms" />
 
     <Compile Include="$(SharedSourceRoot)PropertyHelper\**\*.cs" />
 
diff --git a/src/Components/Endpoints/src/Rendering/EndpointHtmlRenderer.cs b/src/Components/Endpoints/src/Rendering/EndpointHtmlRenderer.cs
@@ -89,7 +89,7 @@ internal static async Task InitializeStandardComponentServicesAsync(
             formData.SetFormData(handler, new FormCollectionReadOnlyDictionary(form));
         }
 
-        if (httpContext.RequestServices.GetService<AntiforgeryStateProvider>() is EndpointAntiforgeryStateProvider antiforgery)
+        if (httpContext.RequestServices.GetService<DefaultAntiforgeryStateProvider>() is EndpointAntiforgeryStateProvider antiforgery)
         {
             antiforgery.SetRequestContext(httpContext);
         }
diff --git a/src/Components/Endpoints/test/EndpointHtmlRendererTest.cs b/src/Components/Endpoints/test/EndpointHtmlRendererTest.cs
@@ -1301,7 +1301,7 @@ private static ServiceCollection CreateDefaultServiceCollection()
         services.AddAntiforgery();
         services.AddSingleton<ComponentStatePersistenceManager>();
         services.AddSingleton<PersistentComponentState>(sp => sp.GetRequiredService<ComponentStatePersistenceManager>().State);
-        services.AddSingleton<AntiforgeryStateProvider, EndpointAntiforgeryStateProvider>();
+        services.AddSingleton<DefaultAntiforgeryStateProvider, EndpointAntiforgeryStateProvider>();
 
         return services;
     }
diff --git a/src/Components/Endpoints/test/RazorComponentResultExecutorTest.cs b/src/Components/Endpoints/test/RazorComponentResultExecutorTest.cs
@@ -417,7 +417,7 @@ public static DefaultHttpContext GetTestHttpContext(string environmentName = nul
             .AddSingleton<FormDataProvider, HttpContextFormDataProvider>()
             .AddSingleton<ComponentStatePersistenceManager>()
             .AddSingleton<PersistentComponentState>(sp => sp.GetRequiredService<ComponentStatePersistenceManager>().State)
-            .AddSingleton<AntiforgeryStateProvider, EndpointAntiforgeryStateProvider>()
+            .AddSingleton<DefaultAntiforgeryStateProvider, EndpointAntiforgeryStateProvider>()
             .AddLogging();
 
         var result = new DefaultHttpContext { RequestServices = serviceCollection.BuildServiceProvider() };
diff --git a/src/Components/Server/src/DependencyInjection/ComponentServiceCollectionExtensions.cs b/src/Components/Server/src/DependencyInjection/ComponentServiceCollectionExtensions.cs
@@ -69,7 +69,7 @@ public static IServerSideBlazorBuilder AddServerSideBlazor(this IServiceCollecti
         services.TryAddSingleton<ComponentParametersTypeCache>();
         services.TryAddSingleton<CircuitIdFactory>();
         services.TryAddScoped<IErrorBoundaryLogger, RemoteErrorBoundaryLogger>();
-        services.TryAddScoped<AntiforgeryStateProvider>();
+        services.TryAddScoped<AntiforgeryStateProvider, DefaultAntiforgeryStateProvider>();
 
         services.TryAddScoped(s => s.GetRequiredService<ICircuitAccessor>().Circuit);
         services.TryAddScoped<ICircuitAccessor, DefaultCircuitAccessor>();
diff --git a/src/Components/Server/src/Microsoft.AspNetCore.Components.Server.csproj b/src/Components/Server/src/Microsoft.AspNetCore.Components.Server.csproj
@@ -64,6 +64,7 @@
     <Compile Include="$(ComponentsSharedSourceRoot)src\ElementReferenceJsonConverter.cs" />
     <Compile Include="$(ComponentsSharedSourceRoot)src\ComponentParametersTypeCache.cs" />
     <Compile Include="$(ComponentsSharedSourceRoot)src\RootComponentTypeCache.cs" />
+    <Compile Include="$(ComponentsSharedSourceRoot)src\DefaultAntiforgeryStateProvider.cs" LinkBase="Forms" />
 
     <Compile Include="..\..\Shared\src\BrowserNavigationManagerInterop.cs" />
     <Compile Include="..\..\Shared\src\JsonSerializerOptionsProvider.cs" />
diff --git a/src/Components/Shared/src/DefaultAntiforgeryStateProvider.cs b/src/Components/Shared/src/DefaultAntiforgeryStateProvider.cs
@@ -0,0 +1,38 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+using System.Diagnostics.CodeAnalysis;
+
+namespace Microsoft.AspNetCore.Components.Forms;
+
+internal class DefaultAntiforgeryStateProvider : AntiforgeryStateProvider, IDisposable
+{
+    private const string PersistenceKey = $"__internal__{nameof(AntiforgeryRequestToken)}";
+    private readonly PersistingComponentStateSubscription _subscription;
+    private readonly AntiforgeryRequestToken? _currentToken;
+
+    [UnconditionalSuppressMessage(
+    "Trimming",
+    "IL2026:Members annotated with 'RequiresUnreferencedCodeAttribute' require dynamic access otherwise can break functionality when trimming application code",
+    Justification = $"{nameof(DefaultAntiforgeryStateProvider)} uses the {nameof(PersistentComponentState)} APIs to deserialize the token, which are already annotated.")]
+    public DefaultAntiforgeryStateProvider(PersistentComponentState state)
+    {
+        // Automatically flow the Request token to server/wasm through
+        // persistent component state. This guarantees that the antiforgery
+        // token is available on the interactive components, even when they
+        // don't have access to the request.
+        _subscription = state.RegisterOnPersisting(() =>
+        {
+            state.PersistAsJson(PersistenceKey, _currentToken);
+            return Task.CompletedTask;
+        });
+
+        state.TryTakeFromJson(PersistenceKey, out _currentToken);
+    }
+
+    /// <inheritdoc />
+    public override AntiforgeryRequestToken? GetAntiforgeryToken() => _currentToken;
+
+    /// <inheritdoc />
+    public void Dispose() => _subscription.Dispose();
+}
diff --git a/src/Components/Web/src/Forms/AntiforgeryStateProvider.cs b/src/Components/Web/src/Forms/AntiforgeryStateProvider.cs
@@ -1,48 +1,16 @@
-// Licensed to the .NET Foundation under one or more agreements.
+﻿// Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
-using System.Diagnostics.CodeAnalysis;
-
 namespace Microsoft.AspNetCore.Components.Forms;
 
 /// <summary>
 /// Provides access to the antiforgery token associated with the current session.
 /// </summary>
-public class AntiforgeryStateProvider : IDisposable
+public abstract class AntiforgeryStateProvider
 {
-    private const string PersistenceKey = $"__internal__{nameof(AntiforgeryRequestToken)}";
-    private readonly PersistingComponentStateSubscription _subscription;
-    private readonly AntiforgeryRequestToken? _currentToken;
-
-    /// <summary>
-    /// Initializes a new instance of <see cref="AntiforgeryStateProvider"/>.
-    /// </summary>
-    /// <param name="state">The <see cref="PersistentComponentState"/> associated with the current session.</param>
-    [UnconditionalSuppressMessage(
-    "Trimming",
-    "IL2026:Members annotated with 'RequiresUnreferencedCodeAttribute' require dynamic access otherwise can break functionality when trimming application code",
-    Justification = $"{nameof(AntiforgeryStateProvider)} uses the {nameof(PersistentComponentState)} APIs to deserialize the token, which are already annotated.")]
-    public AntiforgeryStateProvider(PersistentComponentState state)
-    {
-        // Automatically flow the Request token to server/wasm through
-        // persistent component state. This guarantees that the antiforgery
-        // token is available on the interactive components, even when they
-        // don't have access to the request.
-        _subscription = state.RegisterOnPersisting(() =>
-        {
-            state.PersistAsJson(PersistenceKey, _currentToken);
-            return Task.CompletedTask;
-        });
-
-        state.TryTakeFromJson(PersistenceKey, out _currentToken);
-    }
-
     /// <summary>
     /// Gets the current <see cref="AntiforgeryRequestToken"/> if available.
     /// </summary>
     /// <returns>The current <see cref="AntiforgeryRequestToken"/> if available.</returns>
-    public virtual AntiforgeryRequestToken? GetAntiforgeryToken() => _currentToken;
-
-    /// <inheritdoc />
-    public void Dispose() => _subscription.Dispose();
+    public abstract AntiforgeryRequestToken? GetAntiforgeryToken();
 }
diff --git a/src/Components/Web/src/Microsoft.AspNetCore.Components.Web.csproj b/src/Components/Web/src/Microsoft.AspNetCore.Components.Web.csproj
@@ -14,6 +14,7 @@
 
   <ItemGroup>
     <Compile Include="$(ComponentsSharedSourceRoot)src\ExpressionFormatting\**\*.cs" LinkBase="Forms\ExpressionFommatting" />
+    <Compile Include="$(ComponentsSharedSourceRoot)src\DefaultAntiforgeryStateProvider.cs" LinkBase="Forms" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/src/Components/Web/src/PublicAPI.Unshipped.txt b/src/Components/Web/src/PublicAPI.Unshipped.txt
@@ -1,5 +1,6 @@
 #nullable enable
 *REMOVED*override Microsoft.AspNetCore.Components.Forms.InputFile.OnInitialized() -> void
+abstract Microsoft.AspNetCore.Components.Forms.AntiforgeryStateProvider.GetAntiforgeryToken() -> Microsoft.AspNetCore.Components.Forms.AntiforgeryRequestToken?
 abstract Microsoft.AspNetCore.Components.Forms.FormDataProvider.Entries.get -> System.Collections.Generic.IReadOnlyDictionary<string!, Microsoft.Extensions.Primitives.StringValues>!
 abstract Microsoft.AspNetCore.Components.Forms.FormDataProvider.Name.get -> string?
 Microsoft.AspNetCore.Components.Binding.CascadingFormModelBindingProvider
@@ -9,8 +10,7 @@ Microsoft.AspNetCore.Components.Forms.AntiforgeryRequestToken.AntiforgeryRequest
 Microsoft.AspNetCore.Components.Forms.AntiforgeryRequestToken.FormFieldName.get -> string!
 Microsoft.AspNetCore.Components.Forms.AntiforgeryRequestToken.Value.get -> string!
 Microsoft.AspNetCore.Components.Forms.AntiforgeryStateProvider
-Microsoft.AspNetCore.Components.Forms.AntiforgeryStateProvider.AntiforgeryStateProvider(Microsoft.AspNetCore.Components.PersistentComponentState! state) -> void
-Microsoft.AspNetCore.Components.Forms.AntiforgeryStateProvider.Dispose() -> void
+Microsoft.AspNetCore.Components.Forms.AntiforgeryStateProvider.AntiforgeryStateProvider() -> void
 Microsoft.AspNetCore.Components.Forms.AntiforgeryToken
 Microsoft.AspNetCore.Components.Forms.AntiforgeryToken.AntiforgeryToken() -> void
 Microsoft.AspNetCore.Components.Forms.FormDataProvider
@@ -82,5 +82,4 @@ override Microsoft.AspNetCore.Components.Web.RenderModeWebAssemblyAttribute.Mode
 static Microsoft.AspNetCore.Components.Web.RenderMode.Auto.get -> Microsoft.AspNetCore.Components.Web.AutoRenderMode!
 static Microsoft.AspNetCore.Components.Web.RenderMode.Server.get -> Microsoft.AspNetCore.Components.Web.ServerRenderMode!
 static Microsoft.AspNetCore.Components.Web.RenderMode.WebAssembly.get -> Microsoft.AspNetCore.Components.Web.WebAssemblyRenderMode!
-virtual Microsoft.AspNetCore.Components.Forms.AntiforgeryStateProvider.GetAntiforgeryToken() -> Microsoft.AspNetCore.Components.Forms.AntiforgeryRequestToken?
 virtual Microsoft.AspNetCore.Components.HtmlRendering.Infrastructure.StaticHtmlRenderer.WriteComponentHtml(int componentId, System.IO.TextWriter! output) -> void
diff --git a/src/Components/Web/test/Forms/EditFormTest.cs b/src/Components/Web/test/Forms/EditFormTest.cs
@@ -25,7 +25,7 @@ public EditFormTest()
         services.AddLogging();
         services.AddSingleton<ComponentStatePersistenceManager>();
         services.AddSingleton(services => services.GetRequiredService<ComponentStatePersistenceManager>().State);
-        services.AddSingleton<AntiforgeryStateProvider, AntiforgeryStateProvider>();
+        services.AddSingleton<AntiforgeryStateProvider, DefaultAntiforgeryStateProvider>();
         _testRenderer = new(services.BuildServiceProvider());
     }
 
diff --git a/src/Components/WebAssembly/WebAssembly/src/Hosting/WebAssemblyHostBuilder.cs b/src/Components/WebAssembly/WebAssembly/src/Hosting/WebAssemblyHostBuilder.cs
@@ -256,7 +256,7 @@ internal void InitializeDefaultServices()
         Services.AddSingleton(new LazyAssemblyLoader(DefaultWebAssemblyJSRuntime.Instance));
         Services.AddSingleton<ComponentStatePersistenceManager>();
         Services.AddSingleton<PersistentComponentState>(sp => sp.GetRequiredService<ComponentStatePersistenceManager>().State);
-        Services.AddSingleton<AntiforgeryStateProvider>();
+        Services.AddSingleton<AntiforgeryStateProvider, DefaultAntiforgeryStateProvider>();
         Services.AddSingleton<IErrorBoundaryLogger, WebAssemblyErrorBoundaryLogger>();
         Services.AddLogging(builder =>
         {
diff --git a/src/Components/WebAssembly/WebAssembly/src/Microsoft.AspNetCore.Components.WebAssembly.csproj b/src/Components/WebAssembly/WebAssembly/src/Microsoft.AspNetCore.Components.WebAssembly.csproj
@@ -43,6 +43,7 @@
     <Compile Include="$(SharedSourceRoot)Components\ComponentParameter.cs" Link="Prerendering/ComponentParameter.cs" />
     <Compile Include="$(SharedSourceRoot)Components\PrerenderComponentApplicationStore.cs" />
     <Compile Include="$(SharedSourceRoot)LinkerFlags.cs" LinkBase="Shared" />
+    <Compile Include="$(ComponentsSharedSourceRoot)src\DefaultAntiforgeryStateProvider.cs" LinkBase="Forms" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/src/ProjectTemplates/Web.ProjectTemplates/content/Components-CSharp/.template.config/localize/templatestrings.en.json b/src/ProjectTemplates/Web.ProjectTemplates/content/Components-CSharp/.template.config/localize/templatestrings.en.json
@@ -10,8 +10,8 @@
   "symbols/kestrelHttpsPort/description": "Port number to use for the HTTPS endpoint in launchSettings.json. This option is only applicable when the parameter no-https is not used (no-https will be ignored if either IndividualAuth or OrganizationalAuth is used).",
   "symbols/iisHttpPort/description": "Port number to use for the IIS Express HTTP endpoint in launchSettings.json.",
   "symbols/iisHttpsPort/description": "Port number to use for the IIS Express HTTPS endpoint in launchSettings.json. This option is only applicable when the parameter no-https is not used (no-https will be ignored if either IndividualAuth or OrganizationalAuth is used).",
-  "symbols/UseWebAssembly/displayName": "_Use interactive webassembly components",
-  "symbols/UseWebAssembly/description": "If specified, configures the project to render components interactively on the browser using webassembly.",
+  "symbols/UseWebAssembly/displayName": "_Use interactive WebAssembly components",
+  "symbols/UseWebAssembly/description": "If specified, configures the project to render components interactively in the browser using WebAssembly.",
   "symbols/UseServer/displayName": "_Use interactive server components",
   "symbols/UseServer/description": "If specified, configures the project to render components interactively on the server.",
   "symbols/PWA/displayName": "_Progressive Web Application",

Original file line number	Diff line number	Diff line change
`@@ -64,7 +64,7 @@ public static IRazorComponentsBuilder AddRazorComponents(this IServiceCollection`
`64`	`64`	`services.TryAddScoped<IFormValueSupplier, DefaultFormValuesSupplier>();`
`65`	`65`	`services.TryAddEnumerable(ServiceDescriptor.Scoped<CascadingModelBindingProvider, CascadingQueryModelBindingProvider>());`
`66`	`66`	`services.TryAddEnumerable(ServiceDescriptor.Scoped<CascadingModelBindingProvider, CascadingFormModelBindingProvider>());`
`67`		`- services.TryAddScoped<AntiforgeryStateProvider, EndpointAntiforgeryStateProvider>();`
	`67`	`+ services.TryAddScoped<DefaultAntiforgeryStateProvider, EndpointAntiforgeryStateProvider>();`
`68`	`68`	`return new DefaultRazorComponentsBuilder(services);`
`69`	`69`	`}`
`70`	`70`
Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@`
`7`	`7`
`8`	`8`	`namespace Microsoft.AspNetCore.Components.Endpoints.Forms;`
`9`	`9`
`10`		`-internal class EndpointAntiforgeryStateProvider(IAntiforgery antiforgery, PersistentComponentState state) : AntiforgeryStateProvider(state)`
	`10`	`+internal class EndpointAntiforgeryStateProvider(IAntiforgery antiforgery, PersistentComponentState state) : DefaultAntiforgeryStateProvider(state)`
`11`	`11`	`{`
`12`	`12`	`private HttpContext? _context;`
`13`	`13`
Original file line number	Diff line number	Diff line change
`@@ -89,7 +89,7 @@ internal static async Task InitializeStandardComponentServicesAsync(`
`89`	`89`	`formData.SetFormData(handler, new FormCollectionReadOnlyDictionary(form));`
`90`	`90`	`}`
`91`	`91`
`92`		`- if (httpContext.RequestServices.GetService<AntiforgeryStateProvider>() is EndpointAntiforgeryStateProvider antiforgery)`
	`92`	`+ if (httpContext.RequestServices.GetService<DefaultAntiforgeryStateProvider>() is EndpointAntiforgeryStateProvider antiforgery)`
`93`	`93`	`{`
`94`	`94`	`antiforgery.SetRequestContext(httpContext);`
`95`	`95`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1301,7 +1301,7 @@ private static ServiceCollection CreateDefaultServiceCollection()`
`1301`	`1301`	`services.AddAntiforgery();`
`1302`	`1302`	`services.AddSingleton<ComponentStatePersistenceManager>();`
`1303`	`1303`	`services.AddSingleton<PersistentComponentState>(sp => sp.GetRequiredService<ComponentStatePersistenceManager>().State);`
`1304`		`- services.AddSingleton<AntiforgeryStateProvider, EndpointAntiforgeryStateProvider>();`
	`1304`	`+ services.AddSingleton<DefaultAntiforgeryStateProvider, EndpointAntiforgeryStateProvider>();`
`1305`	`1305`
`1306`	`1306`	`return services;`
`1307`	`1307`	`}`
Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,7 @@ public EditFormTest()`
`25`	`25`	`services.AddLogging();`
`26`	`26`	`services.AddSingleton<ComponentStatePersistenceManager>();`
`27`	`27`	`services.AddSingleton(services => services.GetRequiredService<ComponentStatePersistenceManager>().State);`
`28`		`- services.AddSingleton<AntiforgeryStateProvider, AntiforgeryStateProvider>();`
	`28`	`+ services.AddSingleton<AntiforgeryStateProvider, DefaultAntiforgeryStateProvider>();`
`29`	`29`	`_testRenderer = new(services.BuildServiceProvider());`
`30`	`30`	`}`
`31`	`31`
Original file line number	Diff line number	Diff line change
`@@ -256,7 +256,7 @@ internal void InitializeDefaultServices()`
`256`	`256`	`Services.AddSingleton(new LazyAssemblyLoader(DefaultWebAssemblyJSRuntime.Instance));`
`257`	`257`	`Services.AddSingleton<ComponentStatePersistenceManager>();`
`258`	`258`	`Services.AddSingleton<PersistentComponentState>(sp => sp.GetRequiredService<ComponentStatePersistenceManager>().State);`
`259`		`- Services.AddSingleton<AntiforgeryStateProvider>();`
	`259`	`+ Services.AddSingleton<AntiforgeryStateProvider, DefaultAntiforgeryStateProvider>();`
`260`	`260`	`Services.AddSingleton<IErrorBoundaryLogger, WebAssemblyErrorBoundaryLogger>();`
`261`	`261`	`Services.AddLogging(builder =>`
`262`	`262`	`{`