Implements a confidential client using OpenID Connect (code flow with PKCE)
Securing a Blazor Server application using OpenID Connect and security headers
Migrate ASP.NET Core Blazor Server to Blazor Web
Using a CSP nonce in Blazor Web
Add-Migration "init_sts" -c ApplicationDbContext
Update-Database -Context ApplicationDbContext
- 2024-05-26 Updated packages
- 2024-04-24 Updated packages
- 2024-03-24 Updated packages
- 2024-02-19 Updated packages
- 2024-02-16 Updated packages
- 2024-02-12 Fix CSP, use nonce
- 2024-01-14 Updated packages
- 2024-01-11 Added support for Blazor Web, migrated from Blazor Server
https://learn.microsoft.com/en-us/aspnet/core/blazor/security/server/
https://stackoverflow.com/questions/64853618/oidc-authentication-in-server-side-blazor
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/claims
https://openid.net/developers/how-connect-works/
https://github.com/openiddict/openiddict-core
https://datatracker.ietf.org/doc/html/rfc9126
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/claims
Warning
The required security headers can only be applied to Blazor Web in InteractiveServer mode
https://github.com/javiercn/BlazorWebNonceService
https://learn.microsoft.com/en-us/aspnet/core/migration/70-80