Unable to Identify User Context in SignalR hub decorated with “Authorize” attribute

前端未结

关注

 2  499

没有蜡笔的小新 2021-01-24 02:42

Server

SignalR hub within MVC 5 WebApi 2, Security: Bearer token

Client

C# class using HttpWebRequest to retrieve bearer token from WebApi controller /

2条回答

清歌不尽 (楼主)

2021-01-24 03:09

Finally figured this out, I was using the wrong library to decrypt the token. DpapiDataProtectionProvider is used in self-host scenarios, we are hosted in IIS. Here is the functioning code.

 public override bool AuthorizeHubConnection(Microsoft.AspNet.SignalR.Hubs.HubDescriptor    hubDescriptor, IRequest request)
 {
       var token = request.QueryString.Get("Bearer");
       var ticket = Startup.OAuthOptions.AccessTokenFormat.Unprotect(token);

        if (ticket != null && ticket.Identity != null && ticket.Identity.IsAuthenticated)
        {
             // set the authenticated user principal into environment so that it can be used in the future
             request.Environment["server.User"] = new ClaimsPrincipal(ticket.Identity);
             return true;
        }

       return false;
  }

0 讨论(0)

查看其它2个回答