Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Talking about Authentication in SignalR #7

Open
ranouf opened this issue Dec 12, 2018 · 0 comments
Open

Talking about Authentication in SignalR #7

ranouf opened this issue Dec 12, 2018 · 0 comments

Comments

@ranouf
Copy link

ranouf commented Dec 12, 2018
edited
Loading

Hi,

I m trying to understand how SignalR works with Authentication, so thanks for your work, it s helpful.
About this page:
https://github.com/damienbod/AspNetCoreAngularSignalRSecurity/blob/master/DirectMessagesAngular/angularApp/app/directmessages/directmessages.service.ts

I read that you can use this instead:

 this._hubConnection = builder.withUrl(
      environment.apiUrl + '/hubs/notification',
      { accessTokenFactory: () => `bearer ${myToken}` }
    ).build();

So the code in startup (https://github.com/damienbod/AspNetCoreAngularSignalRSecurity/blob/master/ApiServer/Startup.cs) will be updated to:
context.HttpContext.Request.Headers.TryGetValue("Authorization", out var accessToken)
instead of
context.Request.Query.TryGetValue("token", out StringValues token)

I read other thing too, about IUserIdProvider, in startup:

            services.AddSignalR();
            services.AddSingleton<IUserIdProvider, UserIdProvider>();

and UserIdProvider

    public class UserIdProvider : IUserIdProvider
    {
        private readonly IUserManager _userManager;

        public UserIdProvider(IUserManager userManager)
        {
            _userManager = userManager;
        }

        public string GetUserId(HubConnectionContext connection)
        {

            return string.Empty;
        }
    }

What I was expecting with the variable connection is to see information about the user. We have set [Authorize] to the Hub, means it uses the authentication process, so, in my mind, i m supposed to receive name and role:
image

Here is how the Token is generated:

var tokenDescriptor = new SecurityTokenDescriptor
            {
                Issuer = authSettings.Issuer,
                Audience = authSettings.Audience,
                NotBefore = DateTime.UtcNow,
                IssuedAt = DateTime.UtcNow,
                Subject = new ClaimsIdentity(new Claim[]
                {
                    new Claim(Constants.ClaimTypes.Sid, user.Id.ToString()), //Currently there an issue with ClaimTypes.Sid which not generate 'sid' (https://github.com/dotnet/corefx/issues/28454)
                    new Claim(ClaimTypes.Name, user.Id.ToString()),
                    new Claim(ClaimTypes.Role, user.RoleName),
                }),
                Expires = token.ExpirationDate,
                SigningCredentials = GenerateSigningCredentials(authSettings.SecretKey)
            };

This post is not really an Issue, more a discussion, I hope you will be interested to talk about it :).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ranouf