Asp.net core 信号授权属性不适用于cookie身份验证_Asp.net Core_Signalr_.net Core

Asp.net core 信号授权属性不适用于cookie身份验证

asp.net-core signalr .net-core

Asp.net core 信号授权属性不适用于cookie身份验证,asp.net-core,signalr,.net-core,Asp.net Core,Signalr,.net Core,我正在使用AspNetCore和cookie中间件进行身份验证，我是这样设置的 app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationScheme = Constants.AuthenticationScheme, AutomaticAuthenticate = true, AutomaticChallenge = true, LoginPath = new Path

我正在使用AspNetCore和cookie中间件进行身份验证，我是这样设置的

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationScheme = Constants.AuthenticationScheme,
    AutomaticAuthenticate = true,
    AutomaticChallenge = true,
    LoginPath = new PathString("/")
});

我正在使用登录表单成功进行身份验证，然后重定向到带有[Authorize]属性的控制器

然后，控制器加载一个页面，其中包含连接到集线器的javascript信号器客户端

但是，当我添加signar[Authorize]属性时。我从服务器上得到一个未经授权的401

如何使信号员识别身份验证cookie？我可以看到它已通过Context.RequestCookies中的cookie传递

如果失败了，我如何手动解密cookie并自己设置用户？

我通过自己解密cookie来解决这个问题，但是我对更好的方法非常感兴趣

我创建了一个helper类，用于在这个类的帮助下生成身份验证票证格式

然后在本文的帮助下，创建了我自己的signarauthentication属性来解密cookie并设置用户主体

/// <summary>
/// Attribute to have signalr hubs authenticate
/// </summary>
[AttributeUsage(AttributeTargets.Class, Inherited = false, AllowMultiple = false)]
public class AuthorizeHubUsersAttribute :  AuthorizeAttribute
{
    /// <summary>
    /// Decrpyt the authentication cookie and set the user principal
    /// </summary>
    /// <param name="hubDescriptor">The hub descriptor</param>
    /// <param name="request">The request object</param>
    /// <returns>If the user is aythenticated</returns>
    public override bool AuthorizeHubConnection(HubDescriptor hubDescriptor, HttpRequest request)
    {
        var cookie = request.Cookies[".AspNetCore.Cookies"];
        var ticketFormat = SecurityHelper.GetTicketFormat(request.HttpContext.RequestServices);
        var authenticationTicket = ticketFormat.Unprotect(cookie);
        request.HttpContext.User = authenticationTicket.Principal; 

        return base.AuthorizeHubConnection(hubDescriptor, request);
    }

    /// <summary>
    /// Check the user is authenticated
    /// </summary>
    /// <param name="user">The user principal</param>
    /// <returns>If the user is aythenticated</returns>
    protected override bool UserAuthorized(IPrincipal user)
    {
        if (user?.Identity == null)
        {
            return false;
        }
        return user.Identity.IsAuthenticated;
    }
}

//
///属性使信号器集线器进行身份验证
/// 
[AttributeUsage（AttributeTargets.Class，Inherited=false，AllowMultiple=false）]
公共类AuthorizeHubUsersAttribute:AuthorizeAttribute
{
/// 
///取消身份验证cookie并设置用户主体
/// 
///集线器描述符
///请求对象
///如果用户是经过身份验证的
公共覆盖bool AuthorizeHubConnection（HubDescriptor HubDescriptor，HttpRequest请求）
{
var cookie=request.Cookies[“.AspNetCore.Cookies”]；
var ticketFormat=SecurityHelper.GetTicketFormat（request.HttpContext.RequestServices）；
var authenticationTicket=ticketFormat.Unprotect（cookie）；
request.HttpContext.User=authenticationTicket.Principal；
返回base.AuthorizeHubConnection（hubDescriptor，request）；
}
/// 
///检查用户是否经过身份验证
/// 
///用户主体
///如果用户是经过身份验证的
受保护的覆盖布尔用户授权（IPrincipal用户）
{
if（用户？.Identity==null）
{
返回false；
}
返回user.Identity.IsAuthenticated；
}
}

然后我所要做的就是用属性装饰我的hub类

[AuthorizeHubUsersAttribute()]
public class GameMessageHub : Hub<IGameMessageHub> {
 ....
}

[AuthorizeHubUsersAttribute（）]
公共类GameMessageHub:Hub{
....
}

我找不到一种将依赖项注入signalr属性的方法，但如果有人发现了，我想知道

/// <summary>
/// Attribute to have signalr hubs authenticate
/// </summary>
[AttributeUsage(AttributeTargets.Class, Inherited = false, AllowMultiple = false)]
public class AuthorizeHubUsersAttribute :  AuthorizeAttribute
{
    /// <summary>
    /// Decrpyt the authentication cookie and set the user principal
    /// </summary>
    /// <param name="hubDescriptor">The hub descriptor</param>
    /// <param name="request">The request object</param>
    /// <returns>If the user is aythenticated</returns>
    public override bool AuthorizeHubConnection(HubDescriptor hubDescriptor, HttpRequest request)
    {
        var cookie = request.Cookies[".AspNetCore.Cookies"];
        var ticketFormat = SecurityHelper.GetTicketFormat(request.HttpContext.RequestServices);
        var authenticationTicket = ticketFormat.Unprotect(cookie);
        request.HttpContext.User = authenticationTicket.Principal; 

        return base.AuthorizeHubConnection(hubDescriptor, request);
    }

    /// <summary>
    /// Check the user is authenticated
    /// </summary>
    /// <param name="user">The user principal</param>
    /// <returns>If the user is aythenticated</returns>
    protected override bool UserAuthorized(IPrincipal user)
    {
        if (user?.Identity == null)
        {
            return false;
        }
        return user.Identity.IsAuthenticated;
    }
}

[AuthorizeHubUsersAttribute()]
public class GameMessageHub : Hub<IGameMessageHub> {
 ....
}