How do we preform OWIN oAuth Bearer token based Authentication and Authorization in SignalR?

Question

We are using the built in OWIN oAuth server functionality to generate Bearer tokens. We have them working with ASP.NET Web API but not sure how to get them working with Sign

Answer 1

Unfortunately, the JS WebSocket API does not make it possible to set custom headers.

However, it should be possible to add the bearer token to the query string of all SignalR requests which includes the WebSocket requests.

$.connection.hub.qs = { 'access_token' : accessToken };

Once you do this, you could create a custom OAuthBearerAuthenticationProvider to pull the token from the querystring.