feat:update state manager (#773)

* feat(TeamStateManager): add support for WASM and Server modes

- Implemented ITeamStateManager interface for managing team states.
- Added registration logic for team state manager in ServiceCollectionExtensions.cs.
- Created ServerTeamStateManager and WasmTeamStateManager to handle team state management in respective environments.
- Updated User.razor to utilize the new team state manager for fetching user team information.

* feat:update WasmTeamStateManager refresh token

* fix:navigate page

Author: MayueCif

src/Masa.Stack.Components/Extensions/ServiceCollectionExtensions.cs

@@ -1,4 +1,6 @@
-namespace Masa.Stack.Components;
+using Microsoft.AspNetCore.Components.WebAssembly.Authentication;
+
+namespace Masa.Stack.Components;
 
 public static class ServiceCollectionExtensions
 {
@@ -40,10 +42,12 @@ private static void AddMasaStackComponentsService(IServiceCollection services, M
             // 检测是否为 WASM 模式
             if (IsWebAssemblyEnvironment(sp))
             {
-                // WASM 模式：使用页面刷新获取最新的 token 和 claims
+                // WASM 模式：使用 refresh token 获取最新的 token 和 claims
                 var authStateProvider = sp.GetRequiredService<AuthenticationStateProvider>();
                 var navigationManager = sp.GetRequiredService<NavigationManager>();
-                return new WasmTeamStateManager(authStateProvider, navigationManager);
+                var tokenProvider = sp.GetRequiredService<IAccessTokenProvider>();
+                var logger = sp.GetRequiredService<ILogger<WasmTeamStateManager>>();
+                return new WasmTeamStateManager(authStateProvider, navigationManager, tokenProvider, logger);
             }
             else
             {

src/Masa.Stack.Components/Infrastructure/Identity/WasmTeamStateManager.cs

@@ -1,45 +1,89 @@
+using Microsoft.AspNetCore.Components.WebAssembly.Authentication;
+
 namespace Masa.Stack.Components.Infrastructure.Identity;
 
 /// <summary>
 /// WASM 模式的团队状态管理器
-/// 在 WASM 模式下，通过页面刷新获取包含最新团队信息的 token
-/// 经测试发现 RequestAccessToken() 只返回缓存的 token，不会真正刷新，所以使用页面刷新确保可靠性
+/// 在 WASM 模式下，通过 refresh token 获取包含最新团队信息的 token
 /// </summary>
 public class WasmTeamStateManager : ITeamStateManager, IScopedDependency
 {
     private readonly AuthenticationStateProvider _authenticationStateProvider;
     private readonly NavigationManager _navigationManager;
+    private readonly IAccessTokenProvider _accessTokenProvider;
+    private readonly ILogger<WasmTeamStateManager> _logger;
 
     public WasmTeamStateManager(
         AuthenticationStateProvider authenticationStateProvider,
-        NavigationManager navigationManager)
+        NavigationManager navigationManager,
+        IAccessTokenProvider accessTokenProvider,
+        ILogger<WasmTeamStateManager> logger)
     {
         _authenticationStateProvider = authenticationStateProvider;
         _navigationManager = navigationManager;
+        _accessTokenProvider = accessTokenProvider;
+        _logger = logger;
+    }
+
+    /// <summary>
+    /// 强制刷新 token，通过清除当前 token 来触发 refresh token 流程
+    /// </summary>
+    private async Task<string?> ForceRefreshTokenAsync()
+    {
+        try
+        {
+            // 通过请求新的 token 来触发 refresh token 流程
+            // 这会在后端更新用户的 claims
+            var refreshTokenResult = await _accessTokenProvider.RequestAccessToken(new AccessTokenRequestOptions
+            {
+                Scopes = new List<string> { "openid", "profile", "offline_access" }
+            });
+
+            if (refreshTokenResult.TryGetToken(out var newToken))
+            {
+                _logger.LogInformation("Token 刷新成功");
+                return newToken.Value;
+            }
+
+            _logger.LogWarning("无法获取有效的 token，需要重新登录");
+            return null;
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(ex, "强制刷新 token 时发生错误");
+            return null;
+        }
     }
 
-        /// <summary>
-    /// 在 WASM 模式下设置团队后，获取最新的身份验证状态
+    /// <summary>
+    /// 在 WASM 模式下设置团队后，通过 refresh token 获取最新的身份验证状态
     /// </summary>
     public async Task SetCurrentTeamAsync(Guid teamId)
     {
         try
         {
-            // 在 WASM 模式下，最可靠的方式是直接刷新页面
-            // 因为 RequestAccessToken() 通常只返回缓存的 token，不会真正刷新
-            // 而团队信息的更新需要服务端重新颁发包含最新 claims 的 token
-            
+            _logger.LogInformation("开始切换团队，团队ID: {TeamId}", teamId);
+
             // 短暂延迟确保后端团队信息更新完成
             await Task.Delay(100);
-            
-            // 直接使用页面刷新，这是最可靠的方式
-            // 页面刷新会重新初始化 OIDC 客户端，获取最新的 token 和 claims
-            _navigationManager.NavigateTo(_navigationManager.Uri, true);
+
+            // 强制刷新 token，获取最新的 claims
+            var newToken = await ForceRefreshTokenAsync();
+
+            if (newToken != null)
+            {
+                _logger.LogInformation("团队切换完成，团队ID: {TeamId}", teamId);
+            }
+            else
+            {
+                // 如果 token 刷新失败，回退到页面刷新
+                _logger.LogWarning("Token 刷新失败，回退到页面刷新");
+                _navigationManager.NavigateTo(_navigationManager.Uri, true);
+            }
         }
-        catch (Exception)
+        catch (Exception ex)
         {
-            // 确保在任何异常情况下都能刷新页面
-            _navigationManager.NavigateTo(_navigationManager.Uri, true);
+            _logger.LogError(ex, "切换团队时发生错误，团队ID: {TeamId}", teamId);
         }
     }
 
@@ -58,9 +102,9 @@ public async Task<Guid> GetCurrentTeamAsync()
                 return teamId;
             }
         }
-        catch (Exception)
+        catch (Exception ex)
         {
-            // 如果获取失败，返回空的 GUID
+            _logger.LogError(ex, "获取当前团队ID时发生错误");
         }
 
         return Guid.Empty;

tests/MasaWasmApp/Program.cs

@@ -11,7 +11,7 @@ await builder.AddMasaOpenIdConnectAsync(new MasaOpenIdConnectOptions
 {
     Authority = masaStackConfig.GetSsoDomain(),
     ClientId = masaStackConfig.GetWebId(MasaStackProject.Auth),
-    Scopes = new List<string> { "openid", "profile" }
+    Scopes = new List<string> { "openid", "profile", "offline_access" }
 });
 
 builder.Services.AddMasaStackComponent(MasaStackProject.Auth, "", microFrontend: false);