Can you use this.jSRuntime.InvokeAsync inside DelegatingHandler?

[VictorioBerra]

I want to add a typed client here https://github.com/damienbod/AspNetCoreExperiments/blob/main/BlazorBffAzureADWithApi/Client/Program.cs#L25

But I cant because my clients must be created with IAntiforgeryHttpClientFactory so that IJSRuntime can work.

Would it work to use DelegatingHandler instead and that way any typed clients inherit that ability?

IE:

builder.Services
  .AddHttpClient("authorizedClient", client =>
  {
      client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress);
      client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
  })
  .AddTypedClient<IGitHubAPIClient>() // Will not pass antiforgery token!!! Must be created with IAntiforgeryHttpClientFactory!!! <---------
  .AddHttpMessageHandler<AuthorizedHandler>();

builder.Services.AddTransient(sp => sp.GetRequiredService<IHttpClientFactory>().CreateClient("default"));
builder.Services.AddTransient<IAntiforgeryHttpClientFactory, AntiforgeryHttpClientFactory>();

[damienbod]

@VictorioBerra I would need to test this, don't know :)

FYI You could also use a HTTP custom header instead of anti-forgery tokens to protect against this threat as well. Validate this on the backend. (forces preflight requests)

Interested if you find a solution.

Greetings Damien