Fix Email.razor's default NewEmail

Author: halter73

src/Components/test/E2ETest/ServerRenderingTests/FormHandlingTests/FormWithParentBindingContextTest.cs

@@ -917,9 +917,7 @@ public void CanUseAntiforgeryTokenWithServerInteractivity()
             Url = "forms/antiforgery-server-interactive",
             FormCssSelector = "form",
             InputFieldId = "value",
-            InputFieldValue = "stranger",
             SuppressEnhancedNavigation = true,
-            Ready = "really-ready",
         };
         DispatchToFormCore(dispatchToForm);
     }

src/Components/test/testassets/Components.TestServer/RazorComponentEndpointsStartup.cs

@@ -72,19 +72,6 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
                 InteractiveStreamingRenderingComponent.MapEndpoints(endpoints);
 
                 MapEnhancedNavigationEndpoints(endpoints);
-
-                endpoints.MapPost("/verify-antiforgery", (
-                    [FromForm] string value,
-                    [FromForm(Name = "__RequestVerificationToken")] string csrfToken) =>
-                {
-                    // We shouldn't get this far without a valid CSRF token, but we double check it's there.
-                    if (string.IsNullOrEmpty(csrfToken))
-                    {
-                        throw new Exception("Invalid POST to /verify-antiforgery!");
-                    }
-
-                    return TypedResults.Text($"<p id='pass'>Hello {value}!</p>", "text/html");
-                });
             });
         });
     }
@@ -167,9 +154,18 @@ private static void MapEnhancedNavigationEndpoints(IEndpointRouteBuilder endpoin
             await response.WriteAsync("<html><body><h1>This is a non-Blazor endpoint</h1><p>That's all</p></body></html>");
         });
 
-        endpoints.MapPost("api/antiforgery-form", ([FromForm] string value) =>
+        endpoints.MapPost("api/antiforgery-form", (
+            [FromForm] string value,
+            [FromForm(Name = "__RequestVerificationToken")] string? inFormCsrfToken,
+            [FromHeader(Name = "RequestVerificationToken")] string? inHeaderCsrfToken) =>
         {
-            return Results.Ok(value);
+            // We shouldn't get this far without a valid CSRF token, but we'll double check it's there.
+            if (string.IsNullOrEmpty(inFormCsrfToken) && string.IsNullOrEmpty(inHeaderCsrfToken))
+            {
+                throw new InvalidOperationException("Invalid POST to api/antiforgery-form!");
+            }
+
+            return TypedResults.Text($"<p id='pass'>Hello {value}!</p>", "text/html");
         });
 
         static Task PerformRedirection(HttpRequest request, HttpResponse response)

src/Components/test/testassets/Components.TestServer/RazorComponents/Pages/Forms/FormRenderedWithServerInteractivityCanUseAntiforgeryToken.razor

@@ -6,17 +6,15 @@
 
 <h3>FormRenderedWithServerInteractivityCanUseAntiforgeryToken</h3>
 
-<form action="verify-antiforgery" method="post" @formname="verify-antiforgery">
+<form action="api/antiforgery-form" method="post">
     <AntiforgeryToken />
     <input type="text" id="value" name="value" />
-    <input id="send" name="send" type="submit" value="Send" />
+    @if (HttpContext is null)
+    {
+        <input id="send" type="submit" value="Send" />
+    }
 </form>
 
-@if (HttpContext is null)
-{
-    <p id="really-ready">Interactively rendered!</p>
-}
-
 @code {
     [CascadingParameter]
     HttpContext? HttpContext { get; set; }

src/ProjectTemplates/Web.ProjectTemplates/content/BlazorWeb-CSharp/BlazorWeb-CSharp/Components/Account/Pages/Manage/Email.razor

@@ -71,18 +71,18 @@
         email = await UserManager.GetEmailAsync(user);
         isEmailConfirmed = await UserManager.IsEmailConfirmedAsync(user);
 
-        Input.NewEmail ??= email!;
+        Input.NewEmail ??= email;
     }
 
     private async Task OnValidSubmitAsync()
     {
-        if (Input.NewEmail == email)
+        if (Input.NewEmail is null || Input.NewEmail == email)
         {
             RedirectManager.RedirectToCurrentPageWithStatus("Your email is unchanged.", HttpContext);
         }
 
         var userId = await UserManager.GetUserIdAsync(user);
-        var code = await UserManager.GenerateChangeEmailTokenAsync(user, Input.NewEmail);
+        var code = await UserManager.GenerateChangeEmailTokenAsync(user, Input.NewEmail!);
         code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
         var callbackUrl = NavigationManager.GetUriWithQueryParameters(
             NavigationManager.ToAbsoluteUri("Account/ConfirmEmailChange").AbsoluteUri,
@@ -94,14 +94,19 @@
 
     private async Task OnSendEmailVerificationAsync()
     {
+        if (email is null)
+        {
+            return;
+        }
+
         var userId = await UserManager.GetUserIdAsync(user);
         var code = await UserManager.GenerateEmailConfirmationTokenAsync(user);
         code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
         var callbackUrl = NavigationManager.GetUriWithQueryParameters(
             NavigationManager.ToAbsoluteUri("Account/ConfirmEmail").AbsoluteUri,
             new Dictionary<string, object?> { ["userId"] = userId, ["code"] = code });
 
-        await EmailSender.SendConfirmationLinkAsync(user, email!, HtmlEncoder.Default.Encode(callbackUrl));
+        await EmailSender.SendConfirmationLinkAsync(user, email, HtmlEncoder.Default.Encode(callbackUrl));
 
         RedirectManager.RedirectToCurrentPageWithStatus("Verification email sent. Please check your email.", HttpContext);
     }
@@ -111,6 +116,6 @@
         [Required]
         [EmailAddress]
         [Display(Name = "New email")]
-        public string NewEmail { get; set; } = "";
+        public string? NewEmail { get; set; }
     }
 }