989384: Authorization not working for Blazor File Manager component upload operation

[ArulmozhiSF4964]

Bug description

989384 - Authorization not working for Blazor File Manager component upload operation.

Root cause

CORS origin restriction caused preflight requests to fail with 401 Unauthorized and Duplicate Authorization headers were being added: one from the HttpClient instance and another from GetCustomHeaders and facing an issue during chunck upload due to JWT sample provider lacked chunk-aware upload handling, so each chunk was treated as a full upload.

Solution description

Updated the CORS policy in Program.cs by correcting the AddPolicy syntax, moving UseCors before authentication/authorization, and replacing UseEndpoints with MapControllers. Additionally, fixed the duplicate header issue in GetCustomHeaders by skipping the Authorization header when building custom header, Implemented chunk-aware upload in the JWT PhysicalFileProvider by porting the logic from ej2-aspcore-fileprovider PhysicalFileProvider.cs

Impact assessment

• Low - Affects a single feature with minimal user impact
• Medium - Affects multiple features or has moderate user impact
• High - Critical functionality or significant user impact

Reason for not identifying earlier

The issues are occurred only in specific scenario

Areas tested against this fix

Tested Conditions

• Verified file upload works correctly with and without the Authorization header
• Confirmed upload action functions properly in both FormSubmit and HttpClient modes.
• Tested single and multiple file uploads with authorization enabled
• Validated directory upload with authorization.
• Ensured whether the chunck upload works properly with and without authoriization headers
• Checked duplicate file uploads with KeepBoth, Skip, and Replace options
• Attempted upload with an invalid issuer to ensure proper error handling
• Verified upload behavior when AutoUpload and AutoClose are set to both true and false.
• Tested upload with disallowed file extensions.
• Ensured upload fails when role is set to user insist of admin

Breaking changes

• Yes (Tag breaking-issue)
• No

If yes, provide breaking commit details link and migration guidance.
https://gitea.syncfusion.com/essential-studio/ej2-blazor-source/pulls/24031

Regression testing

• Verified fix doesn't reintroduce previous bugs
• Checked edge cases and error scenarios

Action taken to prevent recurrence

• Added/updated unit tests
• Other (specify)
• NA

Automation status

• BUnit ((Automation work assigned to testing team to avoid this in the future))
• Playwight (provide PR link: _________________)
• NA

Cross-platform verification

• Blazor Server
• Blazor WASM
• NA

Related issues

Is this issue present in EJ2 or other components?

• Resolved in EJ2 (PR link: _________________)
• Created task for EJ2 (Task link: _________________)
• Needs attention in other components (tag needs-attention-coreteam)
• NA

Output screenshots

Before Fix:

After fix:

API changes

• New API added (API Review task link: _________________)
• Existing API renamed/modified (API Review task link: _________________)
• No API changes

Performance verification

• Verified no memory leaks introduced
• Verified no performance degradation
• Not applicable

Reviewer Checklist

• Feature matrix documentation verified
• Test coverage verified
• Sample implementation reviewed
• Code meets standards and best practices
• C# implementation used appropriately (minimal JavaScript)