websocket传输握手上的信号器403状态代码
我正在通过Startup.cs类中的以下代码映射Web Api中的信号器websocket传输握手上的信号器403状态代码,websocket,signalr,owin,signalr-hub,Websocket,Signalr,Owin,Signalr Hub,我正在通过Startup.cs类中的以下代码映射Web Api中的信号器 public void Configuration(IAppBuilder app) { ConfigureAuth(app); app.Map("/signalr", map => { map.UseCors(CorsOptions.AllowAll); var hubConfiguration = new H
public void Configuration(IAppBuilder app)
{
ConfigureAuth(app);
app.Map("/signalr", map =>
{
map.UseCors(CorsOptions.AllowAll);
var hubConfiguration = new HubConfiguration
{
EnableDetailedErrors= true,
EnableJSONP=true
};
map.RunSignalR(hubConfiguration);
});
}
此外,我还通过以下代码在WebAPI中使用了承载令牌身份验证和cookies身份验证
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
AuthenticationMode = AuthenticationMode.Active,
CookieHttpOnly = true,
CookieSecure = CookieSecureOption.SameAsRequest,
CookiePath = "/",
CookieDomain = "xxxx.cloudapp.net",
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
PublicClientId = "self";
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true,
};
app.UseOAuthBearerTokens(OAuthOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
{
Provider = new QueryStringOAuthBearerProvider("Token")
});
public static void Register(HttpConfiguration config)
{
var cors = new EnableCorsAttribute("http://localhost:8080,http://www.myweb.com,http://myweb.com", "*", "*");
cors.SupportsCredentials = true;
config.EnableCors(cors);
......
......
}
Web Api位于不同的域上,所以我通过以下代码为Api调用启用了Cors
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
AuthenticationMode = AuthenticationMode.Active,
CookieHttpOnly = true,
CookieSecure = CookieSecureOption.SameAsRequest,
CookiePath = "/",
CookieDomain = "xxxx.cloudapp.net",
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
PublicClientId = "self";
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true,
};
app.UseOAuthBearerTokens(OAuthOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions()
{
Provider = new QueryStringOAuthBearerProvider("Token")
});
public static void Register(HttpConfiguration config)
{
var cors = new EnableCorsAttribute("http://localhost:8080,http://www.myweb.com,http://myweb.com", "*", "*");
cors.SupportsCredentials = true;
config.EnableCors(cors);
......
......
}
现在,当从客户端连接时,我在控制台中遇到以下错误
下面是我在websocket握手中得到的响应
请对此进行指导。我知道这是一个老问题,但我也遇到了同样的问题,因此,如果有人偶然发现它,作为将来的参考 不知何故:
CookieSecure = CookieSecureOption.SameAsRequest,
这就是问题所在。
它不能正常工作(不知道为什么)
这是我的cookie配置:
builder.Register(ctx => new CookieAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
AuthenticationType = CookieAuthenticationDefaults.AuthenticationType,
CookieName = "xxx",
CookieHttpOnly = false, // Kako bi mu mogli pristupiti iz Javascripta
ExpireTimeSpan = TimeSpan.FromDays(1),
LoginPath = PathString.Empty,
LogoutPath = PathString.Empty,
SlidingExpiration = true,
#if DEBUG
CookieSecure = CookieSecureOption.SameAsRequest,
#else
CookieSecure = CookieSecureOption.Always,
#endif
CookieDomain = "localhost"
});
这是我的令牌配置
builder.Register(ctx => new OAuthAuthorizationServerOptions
{
AuthorizeEndpointPath = new PathString("/api/authorize"),
TokenEndpointPath = new PathString("/api/token"),
ApplicationCanDisplayErrors = true,
Provider = ctx.Resolve<ApplicationOAuthProvider>(),
//RefreshTokenProvider = ctx.Resolve<ApplicationRefreshTokenProvider>(),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
#if DEBUG
AllowInsecureHttp = true
#endif
});
builder.Register(ctx=>new OAuthorizationServerOptions
{
AuthorizeEndpointPath=新路径字符串(“/api/authorize”),
TokenEndpointPath=新路径字符串(“/api/token”),
ApplicationAndDisplayErrors=true,
Provider=ctx.Resolve(),
//RefreshTokenProvider=ctx.Resolve(),
AccessTokenExpireTimeSpan=TimeSpan.FromDays(1),
#如果调试
AllowInsecureHttp=true
#恩迪夫
});
在HTTPS localhost上托管我的应用程序后,它自动工作。
为什么?仍然不知道:P确保您的Web Api应用程序(服务器)中已启用/支持websocket。它在云服务中已启用不确定这是否与此相关,但如果您使用的是framework 4.5,是否已在Web.config>appSettings标记中设置