SignalR不允许在方法中使用Autorize
SignalR不允许在方法中使用Autorize
提问于 2019-01-29 18:15:18
我有一些asp.net核心应用程序。它使用持有者身份验证。
我的身份验证和SignalR seattings。我也使用OpenIddict。
ConfigureServices
services.AddMvc();
...
services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
{
builder
.AllowAnyMethod()
.AllowAnyHeader()
.AllowAnyOrigin()
.AllowCredentials();
}));
//services.AddSignalR();
services.AddSignalR(hubOptions =>
{
hubOptions.EnableDetailedErrors = true;
});
...
services.AddDefaultIdentity<Account>(opt =>
{
opt.Password.RequiredUniqueChars = 1;
opt.Password.RequireNonAlphanumeric = false;
opt.Password.RequireLowercase = false;
opt.Password.RequireDigit = false;
opt.Password.RequireUppercase = false;
opt.Password.RequiredLength = Account.MinPasswordLength;
opt.Lockout.AllowedForNewUsers = false;
opt.ClaimsIdentity.UserNameClaimType = OpenIdConnectConstants.Claims.Name;
opt.ClaimsIdentity.UserIdClaimType = OpenIdConnectConstants.Claims.Subject;
opt.ClaimsIdentity.RoleClaimType = OpenIdConnectConstants.Claims.Role;
})
.AddUserManager<AccountManager>()
.AddRoles<AccountRole>()
.AddEntityFrameworkStores<ApplicationContext>()
.AddDefaultTokenProviders();
services.AddOpenIddict()
.AddCore(opt =>
{
opt.UseEntityFrameworkCore()
.UseDbContext<ApplicationContext>();
})
.AddServer(opt =>
{
opt.SetAccessTokenLifetime(TimeSpan.FromMinutes(5));
opt.UseMvc();
opt.AllowCustomFlow(WebConstants.AdminGrantType)
.EnableTokenEndpoint("/api/common/auth/Token")
.AllowRefreshTokenFlow()
.DisableHttpsRequirement()
.AcceptAnonymousClients();
});
services.AddAuthentication()
.AddOAuthValidation(options =>
{
options.Events.OnRetrieveToken = context =>
{
context.Token = context.Request.Query["access_token"];
return Task.CompletedTask;
};
});配置
app.UseCors("CorsPolicy");
app.UseAuthentication();
app.UseSignalR(routes =>
{
routes.MapHub<SomeHub >("/someHub");
});AuthAccountTypeAttribute
public class AuthAccountTypeAttribute : AuthorizeAttribute
{
public AuthAccountTypeAttribute(params AccountType[] accountType)
{
if (accountType.Any())
{
Roles = string.Join(',', accountType.Select(x => x.ToString()));
}
AuthenticationSchemes = OAuthValidationDefaults.AuthenticationScheme;
}
}和直接集线器
[AuthAccountType(AccountType.Admin)]
public class SomeHub : Hub
{
private readonly AccountManager _accountManager;
private readonly IUnitOfWork _unitOfWork;
public SomeHub (AccountManager accountManager, IUnitOfWork unitOfWork)
{
_accountManager = accountManager;
_unitOfWork = unitOfWork;
}
public override Task OnConnectedAsync()
{
return base.OnConnectedAsync();
}
public async Task OnConnectSmth()
{
}}
如果像这样使用authorize属性,那么一切都可以正常工作,但是如果使用不带AuthAccountType SomeHub和带OnConnectSmth的
[AuthAccountType(AccountType.Admin)]
public async Task OnConnectSmth()
{
}它返回401。我能做什么?
SignalR 1.0.4 .Net核心2.1
如果我使用基本授权,也会出现同样问题
[Authorize(AuthenticationSchemes = OAuthValidationDefaults.AuthenticationScheme)]或者如何在Authorize Hub中建立匿名连接?
回答 1
Stack Overflow用户
回答已采纳
发布于 2019-01-29 18:57:40
未在ConfigureServices()中设置DefaultScheme。和Hub中奇怪的规则。修复:
services.AddAuthentication(options => { options.DefaultScheme = OAuthValidationDefaults.AuthenticationScheme; } );页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/54418655
复制相关文章
相似问题
腾讯云开发者
