使用 IdentityServer 承载的 SignalR 不会从集线器接收任何 JWTBearerEvents [英] SignalR using IdentityServer bearer won't receive any JWTBearerEvents from Hub
问题描述
我们有一个 api(.net core 2.2),它使用 IdentityServerAuthenticationDefaults.AuthenticationScheme 用于所有运行良好的控制器.
We have an api (.net core 2.2) which use IdentityServerAuthenticationDefaults.AuthenticationScheme for all the controllers which works fine.
我们现在决定为会议服务添加 SignalR Hub.仅当我们删除授权属性 [Authorize(AuthenticationSchemes = IdentityServerAuthenticationDefaults.AuthenticationScheme)]
We now decide to add SignalR Hub for a conference service.
The hub is working fine only if we remove the authorize attribute [Authorize(AuthenticationSchemes = IdentityServerAuthenticationDefaults.AuthenticationScheme)]
我们确实尝试使用以下两种方法处理查询中的令牌(TokenRetriever 或 JwrBearerEvents):
We did try to handle the token in the query using the following both methods (TokenRetriever or JwrBearerEvents) :
services.AddAuthentication()
.AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, options =>
{
options.Authority = AuthURL;
options.SupportedTokens = SupportedTokens.Jwt;
options.RequireHttpsMetadata = HttpsSetting;
options.ApiName = APIs.API_Commerce;
options.TokenRetriever = new Func<HttpRequest, string>(req =>
{
var fromHeader = TokenRetrieval.FromAuthorizationHeader();
var fromQuery = TokenRetrieval.FromQueryString();
return fromHeader(req) ?? fromQuery(req);
});
options.JwtBearerEvents.OnMessageReceived = context =>
{
var accessToken = context.Request.Query["access_token"];
// If the request is for our hub...
var path = context.HttpContext.Request.Path;
if (!string.IsNullOrEmpty(accessToken) &&
(path.StartsWithSegments("/hubs/")))
{
// Read the token out of the query string
context.Token = accessToken;
}
return Task.CompletedTask;
};
});
出于某种原因,这些仅在我们调用控制器时才会触发,但忽略来自客户端的所有调用方法.
For some reason theses only fire when we call controllers but ignore all invoked methods from the client.
请注意,我们有一个提供令牌和 API 的 AuthServer.我们在客户端使用 angular 7 和 aspnet/signalr 模块.
Note that we have an AuthServer which provide the tokens and an API. We are using angular 7 with aspnet/signalr module for the client side.
推荐答案
我发现了问题...
- app.UseAuthentication() 已添加到配置中
为身份验证添加默认方案并删除 onmessagereceive ->
- app.UseAuthentication() was added in Configure
Add default scheme to authentication and remove onmessagereceive ->
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = IdentityServerAuthenticationDefaults.AuthenticationScheme;
})
.AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, options =>
{
options.Authority = AuthURL;
options.SupportedTokens = SupportedTokens.Jwt;
options.RequireHttpsMetadata = HttpsSetting;
options.ApiName = APIs.API_Commerce;
options.TokenRetriever = new Func<HttpRequest, string>(req =>
{
var fromHeader = TokenRetrieval.FromAuthorizationHeader();
var fromQuery = TokenRetrieval.FromQueryString();
return fromHeader(req) ?? fromQuery(req);
});
});
只是提到 .net core 2.2 你必须指定一个来源 (withOrigins) 并且不能使用 Any..
Just to mention with .net core 2.2 u must specified an origin (withOrigins) and cannot use Any..
这篇关于使用 IdentityServer 承载的 SignalR 不会从集线器接收任何 JWTBearerEvents的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
