使用IdentityServer承载的SignalR将不会从集线器接收任何JWTBearerEvent [英] SignalR using IdentityServer bearer won't receive any JWTBearerEvents from Hub
问题描述
我们有一个api(.net核心2.2),对于所有正常工作的控制器,都使用IdentityServerAuthenticationDefaults.AuthenticationScheme
.
We have an api (.net core 2.2) which use IdentityServerAuthenticationDefaults.AuthenticationScheme
for all the controllers which works fine.
我们现在决定为会议服务添加SignalR Hub.
仅当我们删除授权属性[Authorize(AuthenticationSchemes = IdentityServerAuthenticationDefaults.AuthenticationScheme)]
We now decide to add SignalR Hub for a conference service.
The hub is working fine only if we remove the authorize attribute [Authorize(AuthenticationSchemes = IdentityServerAuthenticationDefaults.AuthenticationScheme)]
我们确实尝试使用以下两种方法来处理查询中的令牌(TokenRetriever或JwrBearerEvents):
We did try to handle the token in the query using the following both methods (TokenRetriever or JwrBearerEvents) :
services.AddAuthentication()
.AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, options =>
{
options.Authority = AuthURL;
options.SupportedTokens = SupportedTokens.Jwt;
options.RequireHttpsMetadata = HttpsSetting;
options.ApiName = APIs.API_Commerce;
options.TokenRetriever = new Func<HttpRequest, string>(req =>
{
var fromHeader = TokenRetrieval.FromAuthorizationHeader();
var fromQuery = TokenRetrieval.FromQueryString();
return fromHeader(req) ?? fromQuery(req);
});
options.JwtBearerEvents.OnMessageReceived = context =>
{
var accessToken = context.Request.Query["access_token"];
// If the request is for our hub...
var path = context.HttpContext.Request.Path;
if (!string.IsNullOrEmpty(accessToken) &&
(path.StartsWithSegments("/hubs/")))
{
// Read the token out of the query string
context.Token = accessToken;
}
return Task.CompletedTask;
};
});
出于某种原因,这些问题仅在我们调用控制器时触发,而忽略从客户端调用的所有方法.
For some reason theses only fire when we call controllers but ignore all invoked methods from the client.
请注意,我们有一个提供令牌和API的AuthServer. 我们在客户端使用的是带有aspnet/signalr模块的angular 7.
Note that we have an AuthServer which provide the tokens and an API. We are using angular 7 with aspnet/signalr module for the client side.
推荐答案
我发现了问题...
-
在配置中添加了
- app.UseAuthentication()
-
为身份验证添加默认方案,并删除onmessagereceive->
- app.UseAuthentication() was added in Configure
Add default scheme to authentication and remove onmessagereceive ->
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
})
.AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, options =>
{
options.Authority = AuthURL;
options.SupportedTokens = SupportedTokens.Jwt;
options.RequireHttpsMetadata = HttpsSetting;
options.ApiName = APIs.API_Commerce;
options.TokenRetriever = new Func<HttpRequest, string>(req =>
{
var fromHeader = TokenRetrieval.FromAuthorizationHeader();
var fromQuery = TokenRetrieval.FromQueryString();
return fromHeader(req) ?? fromQuery(req);
});
});
.net core 2.2仅需提及,您必须指定一个原点( withOrigins ),并且不能使用Any ..
Just to mention with .net core 2.2 u must specified an origin (withOrigins) and cannot use Any..
这篇关于使用IdentityServer承载的SignalR将不会从集线器接收任何JWTBearerEvent的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!