I have an Angular SPA asp.net core app with Identity built from microsoft template dotnet new angular --auth Individual. the authorization and authentication works fine with controllers out of the box. however I spent hours trying to do the same with SignalR hub and am I sitll nowhere.
I feel it should work out of the box but it doesnt. If I put [Authorize] attribute on the Hub class it doesnt connect: "DenyAnonymousAuthorizationRequirement: Requires an authenticated user."
If I remove that attribute - everything works fine but if I try to send messages to certain users only using
hub.Clients.User(userId)it doesnt work - as SignalR incoming connection have empty Claims and User objects.The closes I got to solving it (which is almost nowhere) is to use
HubConnectionBuilder options.accessTokenFactory- in that case IdentityServer tries to auth the token.. But the token I passed is fake. I have no idea where to get it on the client (Angular). I use@microsoft/signalrpackage
Any ideas?
Startup:
services.AddDefaultIdentity<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddEntityFrameworkStores<AppDbContext>();
services.AddIdentityServer()
.AddApiAuthorization<ApplicationUser, AppDbContext>();
services.AddAuthentication()
.AddIdentityServerJwt()
.AddCookie(o => { o.SlidingExpiration = false; o.ExpireTimeSpan = TimeSpan.FromMinutes(2); }); // TODO X
services.AddAuthorization();
services.AddSignalR();
. . .
app.UseAuthentication();
app.UseIdentityServer();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
...
endpoints.MapHub<NewsHub>("/newshub");
});
repro and simplified question is here: https://docs.microsoft.com/en-us/answers/questions/497227/signalr-authorization-not-working-out-of-the-box-i.html
