SignalR authentication with webAPI Bearer Token

Question

+i used this solution to implement Token Based Authentication using ASP.NET Web API 2, Owin, and Identity...which worked out excellently well. i used this other solution and thi

Answer 1

Can't comment so adding my answer after the comments on Peter's excellent answer.

Did a bit more digging and the user id that I had set in my custom owin authorization provider was hiding here (complete hub method shown).

    [Authorize]
    public async Task Test()
    {
        var claims = (Context.User.Identity as System.Security.Claims.ClaimsIdentity).Claims.FirstOrDefault();
        if (claims != null)
        {
            var userId = claims.Value;

            //security party!
            return 1;
        }

        return 0;
    }

More added for texas697:

Startup.Auth.cs add this to ConfigureAuth() if not already there:

app.Map("/signalr", map =>
    {
        map.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
        {
            Provider = new QueryStringOAuthBearerProvider() //important bit!
        });

        var hubConfiguration = new HubConfiguration
        {
            EnableDetailedErrors = true,
            Resolver = GlobalHost.DependencyResolver,
        };
        map.RunSignalR(hubConfiguration);
    });

The custom auth provider looks like this:

public class QueryStringOAuthBearerProvider : OAuthBearerAuthenticationProvider
{
    public override Task RequestToken(OAuthRequestTokenContext context)
    {
        var value = context.Request.Query.Get("access_token");

        if (!string.IsNullOrEmpty(value))
        {
            context.Token = value;
        }

        return Task.FromResult