websocket传输握手上的信号器403状态代码_Websocket_Signalr_Owin_Signalr Hub

websocket传输握手上的信号器403状态代码

websocket signalr

websocket传输握手上的信号器403状态代码,websocket,signalr,owin,signalr-hub,Websocket,Signalr,Owin,Signalr Hub,我正在通过Startup.cs类中的以下代码映射Web Api中的信号器 public void Configuration(IAppBuilder app) { ConfigureAuth(app); app.Map("/signalr", map => { map.UseCors(CorsOptions.AllowAll); var hubConfiguration = new H

我正在通过Startup.cs类中的以下代码映射Web Api中的信号器

public void Configuration(IAppBuilder app)
    {

        ConfigureAuth(app);
        app.Map("/signalr", map =>
        {
            map.UseCors(CorsOptions.AllowAll);
            var hubConfiguration = new HubConfiguration
            {
                EnableDetailedErrors= true,
                EnableJSONP=true
            };
            map.RunSignalR(hubConfiguration);
        });
    }

此外，我还通过以下代码在WebAPI中使用了承载令牌身份验证和cookies身份验证

app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            AuthenticationMode = AuthenticationMode.Active,
            CookieHttpOnly = true,
            CookieSecure = CookieSecureOption.SameAsRequest,
            CookiePath = "/",
            CookieDomain = "xxxx.cloudapp.net",
        });
        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

        PublicClientId = "self";
        OAuthOptions = new OAuthAuthorizationServerOptions
        {
            TokenEndpointPath = new PathString("/Token"),
            Provider = new ApplicationOAuthProvider(PublicClientId),
            AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
            AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
            AllowInsecureHttp = true,
        };

        app.UseOAuthBearerTokens(OAuthOptions);
        app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
        {
            Provider = new QueryStringOAuthBearerProvider("Token")
        });

public static void Register(HttpConfiguration config)
    {
        var cors = new    EnableCorsAttribute("http://localhost:8080,http://www.myweb.com,http://myweb.com", "*", "*");
        cors.SupportsCredentials = true;
        config.EnableCors(cors);   
     ......
     ......
     }

Web Api位于不同的域上，所以我通过以下代码为Api调用启用了Cors

app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            AuthenticationMode = AuthenticationMode.Active,
            CookieHttpOnly = true,
            CookieSecure = CookieSecureOption.SameAsRequest,
            CookiePath = "/",
            CookieDomain = "xxxx.cloudapp.net",
        });
        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

        PublicClientId = "self";
        OAuthOptions = new OAuthAuthorizationServerOptions
        {
            TokenEndpointPath = new PathString("/Token"),
            Provider = new ApplicationOAuthProvider(PublicClientId),
            AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
            AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
            AllowInsecureHttp = true,
        };

        app.UseOAuthBearerTokens(OAuthOptions);
        app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
        {
            Provider = new QueryStringOAuthBearerProvider("Token")
        });

public static void Register(HttpConfiguration config)
    {
        var cors = new    EnableCorsAttribute("http://localhost:8080,http://www.myweb.com,http://myweb.com", "*", "*");
        cors.SupportsCredentials = true;
        config.EnableCors(cors);   
     ......
     ......
     }

现在，当从客户端连接时，我在控制台中遇到以下错误

下面是我在websocket握手中得到的响应

请对此进行指导。

我知道这是一个老问题，但我也遇到了同样的问题，因此，如果有人偶然发现它，作为将来的参考

不知何故：

CookieSecure = CookieSecureOption.SameAsRequest,

这就是问题所在。它不能正常工作（不知道为什么）

这是我的cookie配置：

            builder.Register(ctx => new CookieAuthenticationOptions
            {
                AuthenticationMode = AuthenticationMode.Active,
                AuthenticationType = CookieAuthenticationDefaults.AuthenticationType,
                CookieName = "xxx",
                CookieHttpOnly = false, // Kako bi mu mogli pristupiti iz Javascripta
                ExpireTimeSpan = TimeSpan.FromDays(1),
                LoginPath = PathString.Empty,
                LogoutPath = PathString.Empty,
                SlidingExpiration = true,
#if DEBUG
                CookieSecure = CookieSecureOption.SameAsRequest,
#else
                CookieSecure = CookieSecureOption.Always,
#endif
                CookieDomain = "localhost"
            });

这是我的令牌配置

            builder.Register(ctx => new OAuthAuthorizationServerOptions
            {
                AuthorizeEndpointPath = new PathString("/api/authorize"),
                TokenEndpointPath = new PathString("/api/token"),
                ApplicationCanDisplayErrors = true,
                Provider = ctx.Resolve<ApplicationOAuthProvider>(),
                //RefreshTokenProvider = ctx.Resolve<ApplicationRefreshTokenProvider>(),
                AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
#if DEBUG
                AllowInsecureHttp = true
#endif
            });

builder.Register（ctx=>new OAuthorizationServerOptions
{
AuthorizeEndpointPath=新路径字符串（“/api/authorize”），
TokenEndpointPath=新路径字符串（“/api/token”），
ApplicationAndDisplayErrors=true，
Provider=ctx.Resolve（），
//RefreshTokenProvider=ctx.Resolve（），
AccessTokenExpireTimeSpan=TimeSpan.FromDays（1），
#如果调试
AllowInsecureHttp=true
#恩迪夫
});

在HTTPS localhost上托管我的应用程序后，它自动工作。

为什么？仍然不知道：P

确保您的Web Api应用程序（服务器）中已启用/支持websocket。它在云服务中已启用不确定这是否与此相关，但如果您使用的是framework 4.5，是否已在Web.config>appSettings标记中设置