SignalR using IdentityServer bearer won't receive any JWTBearerEvents from Hub

喜你入骨 提交于 2021-01-21 10:18:45

问题


We have an api (.net core 2.2) which use IdentityServerAuthenticationDefaults.AuthenticationScheme for all the controllers which works fine.

We now decide to add SignalR Hub for a conference service. The hub is working fine only if we remove the authorize attribute [Authorize(AuthenticationSchemes = IdentityServerAuthenticationDefaults.AuthenticationScheme)]

We did try to handle the token in the query using the following both methods (TokenRetriever or JwrBearerEvents) :

services.AddAuthentication()
        .AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, options =>
        {
            options.Authority = AuthURL;
            options.SupportedTokens = SupportedTokens.Jwt;
            options.RequireHttpsMetadata = HttpsSetting;
            options.ApiName = APIs.API_Commerce;
            options.TokenRetriever = new Func<HttpRequest, string>(req =>
            {
                var fromHeader = TokenRetrieval.FromAuthorizationHeader();
                var fromQuery = TokenRetrieval.FromQueryString();
                return fromHeader(req) ?? fromQuery(req);
            });
            options.JwtBearerEvents.OnMessageReceived = context =>
                {
                    var accessToken = context.Request.Query["access_token"];

                    // If the request is for our hub...
                    var path = context.HttpContext.Request.Path;
                    if (!string.IsNullOrEmpty(accessToken) &&
                        (path.StartsWithSegments("/hubs/")))
                    {
                        // Read the token out of the query string
                        context.Token = accessToken;
                    }
                    return Task.CompletedTask;
                };
        });

For some reason theses only fire when we call controllers but ignore all invoked methods from the client.

Note that we have an AuthServer which provide the tokens and an API. We are using angular 7 with aspnet/signalr module for the client side.


回答1:


I found the problem...

  1. app.UseAuthentication() was added in Configure
  2. Add default scheme to authentication and remove onmessagereceive ->

            services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
        })
        .AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, options =>
        {
            options.Authority = AuthURL;
            options.SupportedTokens = SupportedTokens.Jwt;
            options.RequireHttpsMetadata = HttpsSetting;
            options.ApiName = APIs.API_Commerce;
            options.TokenRetriever = new Func<HttpRequest, string>(req =>
            {
                var fromHeader = TokenRetrieval.FromAuthorizationHeader();
                var fromQuery = TokenRetrieval.FromQueryString();
                return fromHeader(req) ?? fromQuery(req);
            });
        });
    

Just to mention with .net core 2.2 u must specified an origin (withOrigins) and cannot use Any..



来源:https://stackoverflow.com/questions/55925741/signalr-using-identityserver-bearer-wont-receive-any-jwtbearerevents-from-hub

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!