Add .NET 10 MauiBlazorWebIdentity sample

[mattleibow]

Overview

This PR adds a new 10.0/MauiBlazorWebIdentity sample — a .NET MAUI Blazor Hybrid app with a companion ASP.NET Core Blazor Web server that shares UI and uses ASP.NET Core Identity for authentication. The sample demonstrates how a native MAUI app can authenticate against the same identity system as the web app, sharing Razor components across both hosts.

What the sample demonstrates

• Shared Blazor UI — MauiBlazorWeb.Shared contains pages (Home, Counter, Weather, NotFound) and services consumed by both the MAUI native app and the ASP.NET Core web app.
• MAUI client authentication — The native app authenticates via the /identity/ API endpoints (AddIdentityApiEndpoints) using bearer tokens, with MauiAuthenticationStateProvider, TokenStorage, and HttpClientHelper managing the auth flow.
• Web server authentication — The web app uses ASP.NET Core Identity with Blazor Server interactive rendering, full identity UI (login, register, 2FA, account management), and cookie-based auth.
• Cross-platform database — SQL Server on Windows, SQLite on macOS/Linux, selected automatically via MSBuild OS detection (USE_SQL_SERVER conditional compilation).
• Auto-migration — The database is automatically created and migrated at dev startup.

What's new in .NET 10

This sample was created by copying the existing 9.0/MauiBlazorWebIdentity sample and upgrading it with all .NET 10 Blazor template features:

Passkey support (Identity Schema v3)

• New AspNetUserPasskeys table via IdentitySchemaVersions.Version3
• PasskeySubmit.razor / PasskeySubmit.razor.js shared component for WebAuthn credential creation/assertion
• Passkeys.razor — manage page to list/delete passkeys
• RenamePasskey.razor — manage page to rename a passkey
• PasskeyInputModel.cs / PasskeyOperation.cs — supporting models
• Login.razor updated with passkey sign-in option
• IdentityComponentsEndpointRouteBuilderExtensions.cs updated with passkey assertion/attestation endpoints

NotFound page

• NotFound.razor in the Shared project (available to both MAUI and Web)
• UseStatusCodePagesWithReExecute("/not-found") in Program.cs
• NotFoundPage parameter on <Router> in both Web and MAUI Routes.razor

ReconnectModal component

• ReconnectModal.razor / .razor.css / .razor.js — replaces the old components-reconnect-modal div with a proper Blazor component

App.razor modernization

• <ResourcePreloader /> for optimized static asset loading
• <ImportMap /> for ES module import maps
• @Assets["..."] fingerprinted asset references for cache busting
• <ReconnectModal /> component reference

Identity page updates

• All 27 identity pages (11 account + 12 manage + 4 shared) replaced with official .NET 10 template versions
• IdentityUserAccessor removed — replaced by UserManager<ApplicationUser> with RedirectToInvalidUser() pattern
• IdentityRedirectManager updated with new redirect helpers
• IdentityRevalidatingAuthenticationStateProvider updated
• Input = new() → Input = default! with Input ??= new() pattern
• EditContext model binding improvements

Other .NET 10 updates

• All TFMs updated to net10.0 / net10.0-*
• All NuGet packages updated to 10.0.2
• Bootstrap moved from wwwroot/bootstrap/ to wwwroot/lib/bootstrap/dist/ (full dist from template)
• app.css updated with .form-floating > .form-control:not(:placeholder-shown) styles
• MainLayout.razor.css — added color-scheme: light only;
• NavMenu.razor.css — height → min-height
• BlazorDisableThrowNavigationException property in Web csproj
• Tizen platform target removed
• RedirectToLogin component used in Web Routes.razor (MAUI keeps <Login />)
• File-scoped namespaces for ApplicationDbContext and ApplicationUser

Architecture decisions

Decision	Rationale
Keep AddIdentityApiEndpoints (not template's AddIdentityCore)	MAUI client requires /identity/ REST endpoints for bearer token auth
Do NOT call AddIdentityCookies() alongside AddIdentityApiEndpoints	AddIdentityApiEndpoints registers cookie schemes internally; calling both causes duplicate scheme error
Cross-platform DB via $([MSBuild]::IsOSPlatform('windows'))	SQL Server Express doesn't run on macOS; SQLite is the default, SqlServer opt-in on Windows
Ship SQLite migrations only	Generated on macOS; SqlServer users regenerate with dotnet ef migrations add + /p:UseSqlServer=true
Separate layouts for Web and MAUI	Web has auth-gated NavMenu; MAUI has Login/Logout pages — cannot share layout
NotFound.razor in Shared project	Available to both hosts; no @layout directive (inherits from router)

Preserved from 9.0 (unchanged)

• All MAUI client auth infrastructure (MauiAuthenticationStateProvider, TokenStorage, HttpClientHelper, LoginStatus)
• MAUI Login/Logout pages and NavMenu
• Web NavMenu (custom auth-gated navigation)
• Weather API endpoint with RequireAuthorization()
• OpenAPI support
• AddAdditionalAssemblies for shared component discovery
• Auto-migration at dev startup

Project structure

10.0/MauiBlazorWebIdentity/
└── MauiBlazorWeb/
    ├── MauiBlazorWeb.Shared/     # Shared pages, services, CSS, bootstrap
    ├── MauiBlazorWeb.Web/        # ASP.NET Core Blazor Server + Identity
    └── MauiBlazorWeb/            # .NET MAUI Blazor Hybrid client

Testing

• ✅ Web project builds successfully on macOS
• ✅ Web app starts and serves HTTP 200
• ✅ SQLite database auto-created with all 8 Identity v3 tables (including AspNetUserPasskeys)
• ✅ Migrations apply cleanly at startup

[guardrex]

@BethMassi @mattleibow ... Where are we on this one (and the other one here)? We're still lacking this sample for 10.0, so I'm anxious to get it wrapped up and merged.

[mattleibow]

@guardrex sorry for the delay in getting back to you. I was just doing some more testing and this is ready to go. I just fixed some CSS since last time. It should be an almost identical copy of the .NET 9 sample, but with some new .NET 10 features.

[guardrex]

Awesome! Thanks!

@halter73 ... Do you want to take a look?

[guardrex]

@mattleibow ... Can #590 be closed?

[mattleibow]

I closed it and will do a new PR based on any extra changes later.

[guardrex]

I emailed Stephen, too. Stand-by for a sec to see if he wants to look at this before we merge it.

[guardrex]

Never heard back from Stephen. Let's go ahead, and we can react to any feedback he has later.