Suggested sample additions: Blazor WASM, Blazor Hybrid

[gilm0079]

I've been working on a project and I think I have Blazor server and Blazor wasm both working independently in regards to authentication against identity server. It would be nice to just verify I'm doing best practice for Blazor wasm if you had a sample Blazor wasm project that could be added to the samples repo.

I've come across a Blazor hybrid setup as well that allows for runtime switching between server and wasm. Seems to be a good solution for getting the best performance from both server and wasm as a single experience for the user. The authentication from the hybrid project seems to be hand rolled though so I don't know how the hybrid setup would integrate into auth against an external identity server instance. I'm using the hybrid option, but for now I'm allowing server and wasm to authenticate independently. The hybrid project suggests that using cookies is a common auth mechanism that works for both server and wasm, but I wasn't sure how that fits into auth against identity server or even if what they are saying is still true when performing auth in the wasm project against identity server as OIDC code flow + PKCE seems to be the preferred authentication setup. Long story short, if you also interested in seeing if or how Blazor Hybrid could integrate against Identity Server I'd be interested in seeing it. I may pose this question to the Blazor Hybrid project as well, but I don't know if I trust their security implementation response as much as if I heard it from here.

Thanks for all you do. Feel free to cancel this out if you are not interested.

https://github.com/jdtcn/HybridBlazor

[leastprivilege]

My thinking around Blazor WASM is using the BFF pattern - like here:

https://docs.duendesoftware.com/identityserver/v6/samples/bff/#blazor-wasm