SignalR和OpenId Connect [英] SignalR and OpenId Connect

问题描述

我有一台使用ASP.NET Core Web Api和OpenIddict作为授权框架的服务器.现在，我添加了 SignalR 主机，并希望向其添加授权.

I have a server which uses ASP.NET Core Web Api and OpenIddict as authorization framework. Now I've added an SignalR host and want to add authorisation to it.

从其他来源中，我发现SignalR(JS客户端)希望您以查询字符串或cookie的形式发送访问令牌，因为websocket不支持标头.

From different sources I found that SignalR (JS Client) wants that you send the access token in the querystring or by cookie as websockets don't support headers.

由于身份验证中间件不检查授权条目的查询字符串或cookie容器，因此我需要实现这样的提供程序/获取者/解析器，该提供程序/获取者/解析器由我自己读取此值.

As the authentication middleware doesn't check the querystring or cookie container for an authorization entry I need to implement such an provider/retriever/resolver which reads this value by myself.

我找到了IdentityServer 的解决方案，但是关于OpenIddict没什么.

在哪里/如何在OpenIddict中实现这样的令牌解析器?

Where/How do I implement such an token resolver with OpenIddict?

推荐答案

如果使用JwtBearerAuthentication，则可以使用OnMessageReceived设置令牌:

If you use JwtBearerAuthentication then you can use OnMessageReceived to set token:

Events = new JwtBearerEvents()
{
   OnMessageReceived = async (ctx) =>
   {
        ctx.Token = ctx.Request.Query["<qs-name>"];
   }
}

或者，如果您使用IdentityServerAuthentication，则可以使用TokenRetriever(未经测试，但应该是这样):

Or if you use IdentityServerAuthentication then you can use TokenRetriever(not tested but it should be something like this):

   TokenRetriever = (ctx) =>
   {
        return ctx.Request.Query["<qs-name>"];
   }

这篇关于SignalR和OpenId Connect的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！