SignalR 不允许在方法中使用 Autorize
SignalR not allow to use Autorize in the method
我有一些 asp.net 核心应用程序。
它使用 Bearer 身份验证。
我的 auth 和 SignalR 座位。我也使用 OpenIddict。
配置服务
services.AddMvc();
...
services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
{
builder
.AllowAnyMethod()
.AllowAnyHeader()
.AllowAnyOrigin()
.AllowCredentials();
}));
//services.AddSignalR();
services.AddSignalR(hubOptions =>
{
hubOptions.EnableDetailedErrors = true;
});
...
services.AddDefaultIdentity<Account>(opt =>
{
opt.Password.RequiredUniqueChars = 1;
opt.Password.RequireNonAlphanumeric = false;
opt.Password.RequireLowercase = false;
opt.Password.RequireDigit = false;
opt.Password.RequireUppercase = false;
opt.Password.RequiredLength = Account.MinPasswordLength;
opt.Lockout.AllowedForNewUsers = false;
opt.ClaimsIdentity.UserNameClaimType = OpenIdConnectConstants.Claims.Name;
opt.ClaimsIdentity.UserIdClaimType = OpenIdConnectConstants.Claims.Subject;
opt.ClaimsIdentity.RoleClaimType = OpenIdConnectConstants.Claims.Role;
})
.AddUserManager<AccountManager>()
.AddRoles<AccountRole>()
.AddEntityFrameworkStores<ApplicationContext>()
.AddDefaultTokenProviders();
services.AddOpenIddict()
.AddCore(opt =>
{
opt.UseEntityFrameworkCore()
.UseDbContext<ApplicationContext>();
})
.AddServer(opt =>
{
opt.SetAccessTokenLifetime(TimeSpan.FromMinutes(5));
opt.UseMvc();
opt.AllowCustomFlow(WebConstants.AdminGrantType)
.EnableTokenEndpoint("/api/common/auth/Token")
.AllowRefreshTokenFlow()
.DisableHttpsRequirement()
.AcceptAnonymousClients();
});
services.AddAuthentication()
.AddOAuthValidation(options =>
{
options.Events.OnRetrieveToken = context =>
{
context.Token = context.Request.Query["access_token"];
return Task.CompletedTask;
};
});
配置
app.UseCors("CorsPolicy");
app.UseAuthentication();
app.UseSignalR(routes =>
{
routes.MapHub<SomeHub >("/someHub");
});
AuthAccountTypeAttribute
public class AuthAccountTypeAttribute : AuthorizeAttribute
{
public AuthAccountTypeAttribute(params AccountType[] accountType)
{
if (accountType.Any())
{
Roles = string.Join(',', accountType.Select(x => x.ToString()));
}
AuthenticationSchemes = OAuthValidationDefaults.AuthenticationScheme;
}
}
然后直接Hub
[AuthAccountType(AccountType.Admin)]
public class SomeHub : Hub
{
private readonly AccountManager _accountManager;
private readonly IUnitOfWork _unitOfWork;
public SomeHub (AccountManager accountManager, IUnitOfWork unitOfWork)
{
_accountManager = accountManager;
_unitOfWork = unitOfWork;
}
public override Task OnConnectedAsync()
{
return base.OnConnectedAsync();
}
public async Task OnConnectSmth()
{
}
}
如果你像这样使用授权属性一切正常,但如果 SomeHub 在没有 AuthAccountType 和 OnConnectSmth 的情况下使用
[AuthAccountType(AccountType.Admin)]
public async Task OnConnectSmth()
{
}
它returns 401。
我能做些什么?
SignalR 1.0.4
.Net 核心 2.1
如果我使用基本授权也会出现同样的问题
[Authorize(AuthenticationSchemes = OAuthValidationDefaults.AuthenticationScheme)]
或者如何在 Authorize Hub 中建立匿名连接?
ConfigureServices() 中未设置 DefaultScheme。以及 Hub 中的奇怪规则。
修复:
services.AddAuthentication(options => { options.DefaultScheme = OAuthValidationDefaults.AuthenticationScheme; } );
我有一些 asp.net 核心应用程序。 它使用 Bearer 身份验证。
我的 auth 和 SignalR 座位。我也使用 OpenIddict。
配置服务
services.AddMvc();
...
services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
{
builder
.AllowAnyMethod()
.AllowAnyHeader()
.AllowAnyOrigin()
.AllowCredentials();
}));
//services.AddSignalR();
services.AddSignalR(hubOptions =>
{
hubOptions.EnableDetailedErrors = true;
});
...
services.AddDefaultIdentity<Account>(opt =>
{
opt.Password.RequiredUniqueChars = 1;
opt.Password.RequireNonAlphanumeric = false;
opt.Password.RequireLowercase = false;
opt.Password.RequireDigit = false;
opt.Password.RequireUppercase = false;
opt.Password.RequiredLength = Account.MinPasswordLength;
opt.Lockout.AllowedForNewUsers = false;
opt.ClaimsIdentity.UserNameClaimType = OpenIdConnectConstants.Claims.Name;
opt.ClaimsIdentity.UserIdClaimType = OpenIdConnectConstants.Claims.Subject;
opt.ClaimsIdentity.RoleClaimType = OpenIdConnectConstants.Claims.Role;
})
.AddUserManager<AccountManager>()
.AddRoles<AccountRole>()
.AddEntityFrameworkStores<ApplicationContext>()
.AddDefaultTokenProviders();
services.AddOpenIddict()
.AddCore(opt =>
{
opt.UseEntityFrameworkCore()
.UseDbContext<ApplicationContext>();
})
.AddServer(opt =>
{
opt.SetAccessTokenLifetime(TimeSpan.FromMinutes(5));
opt.UseMvc();
opt.AllowCustomFlow(WebConstants.AdminGrantType)
.EnableTokenEndpoint("/api/common/auth/Token")
.AllowRefreshTokenFlow()
.DisableHttpsRequirement()
.AcceptAnonymousClients();
});
services.AddAuthentication()
.AddOAuthValidation(options =>
{
options.Events.OnRetrieveToken = context =>
{
context.Token = context.Request.Query["access_token"];
return Task.CompletedTask;
};
});
配置
app.UseCors("CorsPolicy");
app.UseAuthentication();
app.UseSignalR(routes =>
{
routes.MapHub<SomeHub >("/someHub");
});
AuthAccountTypeAttribute
public class AuthAccountTypeAttribute : AuthorizeAttribute
{
public AuthAccountTypeAttribute(params AccountType[] accountType)
{
if (accountType.Any())
{
Roles = string.Join(',', accountType.Select(x => x.ToString()));
}
AuthenticationSchemes = OAuthValidationDefaults.AuthenticationScheme;
}
}
然后直接Hub
[AuthAccountType(AccountType.Admin)]
public class SomeHub : Hub
{
private readonly AccountManager _accountManager;
private readonly IUnitOfWork _unitOfWork;
public SomeHub (AccountManager accountManager, IUnitOfWork unitOfWork)
{
_accountManager = accountManager;
_unitOfWork = unitOfWork;
}
public override Task OnConnectedAsync()
{
return base.OnConnectedAsync();
}
public async Task OnConnectSmth()
{
}
}
如果你像这样使用授权属性一切正常,但如果 SomeHub 在没有 AuthAccountType 和 OnConnectSmth 的情况下使用
[AuthAccountType(AccountType.Admin)]
public async Task OnConnectSmth()
{
}
它returns 401。 我能做些什么?
SignalR 1.0.4 .Net 核心 2.1
如果我使用基本授权也会出现同样的问题
[Authorize(AuthenticationSchemes = OAuthValidationDefaults.AuthenticationScheme)]
或者如何在 Authorize Hub 中建立匿名连接?
ConfigureServices() 中未设置 DefaultScheme。以及 Hub 中的奇怪规则。 修复:
services.AddAuthentication(options => { options.DefaultScheme = OAuthValidationDefaults.AuthenticationScheme; } );