SignalR和OpenId Connect [英] SignalR and OpenId Connect
问题描述
我有一台使用ASP.NET Core Web Api
和OpenIddict
作为授权框架的服务器.现在,我添加了 SignalR
主机,并希望向其添加授权.
I have a server which uses ASP.NET Core Web Api
and OpenIddict
as authorization framework. Now I've added an SignalR
host and want to add authorisation to it.
从其他来源中,我发现SignalR
(JS客户端)希望您以查询字符串或cookie的形式发送访问令牌,因为websocket不支持标头.
From different sources I found that SignalR
(JS Client) wants that you send the access token in the querystring or by cookie as websockets don't support headers.
由于身份验证中间件不检查授权条目的查询字符串或cookie容器,因此我需要实现这样的提供程序/获取者/解析器,该提供程序/获取者/解析器由我自己读取此值.
As the authentication middleware doesn't check the querystring or cookie container for an authorization entry I need to implement such an provider/retriever/resolver which reads this value by myself.
我找到了IdentityServer
的解决方案,但是关于OpenIddict
没什么.
在哪里/如何在OpenIddict
中实现这样的令牌解析器?
Where/How do I implement such an token resolver with OpenIddict
?
推荐答案
如果使用JwtBearerAuthentication
,则可以使用OnMessageReceived
设置令牌:
If you use JwtBearerAuthentication
then you can use OnMessageReceived
to set token:
Events = new JwtBearerEvents()
{
OnMessageReceived = async (ctx) =>
{
ctx.Token = ctx.Request.Query["<qs-name>"];
}
}
或者,如果您使用IdentityServerAuthentication
,则可以使用TokenRetriever
(未经测试,但应该是这样):
Or if you use IdentityServerAuthentication
then you can use TokenRetriever
(not tested but it should be something like this):
TokenRetriever = (ctx) =>
{
return ctx.Request.Query["<qs-name>"];
}
这篇关于SignalR和OpenId Connect的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!