SignalR + Angular:如何向Http头部添加承载令牌

Question

我做了一个asp.net核心2.0 SignalR集线器，它使用持有者令牌进行身份验证。现在我对如何通过SignalR Angular 5客户端连接它有点迷惑了。如果我从集线器移除授权，我实际上可以连接，所以连接正在工作，现在我相信我只需要将授权载体添加到连接的Http标头。

我的Angular 5项目的package.json文件中的SignalR客户端引用："@aspnet/signalr-client": "^1.0.0-alpha2-final"

我的角度组件：

import { Component, OnInit } from '@angular/core';
import { finalize } from 'rxjs/operators';
import { HttpClient, HttpHeaders } from '@angular/common/http';
import { ToastrService } from 'ngx-toastr';
import { AuthenticationService } from '../core/authentication/authentication.service';
import { HubConnection } from '@aspnet/signalr-client';

@Component({
  selector: 'app-home',
  templateUrl: './home.component.html',
  styleUrls: ['./home.component.scss']
})
export class HomeComponent implements OnInit {

  quote: string;
  isLoading: boolean;
  jwtToken:string;
  private hubConnection: HubConnection;

  constructor(
    private _http: HttpClient, 
    private _auth : AuthenticationService,
    private _toastr: ToastrService) { }

  ngOnInit() {
    this.isLoading = false;
    this.jwtToken = this._auth.currentToken;

    this.hubConnection = new HubConnection('http://localhost:27081/hub/notification/');
    this.hubConnection
      .start()
      .then(() => console.log('Connection started!'))
     .catch(err => console.error('Error while establishing connection :(', err));        
    this.hubConnection.on("send", data => {
        console.log(data);
    });
  }

  showToastr(){
    this._toastr.success('Hello world!', 'Toastr fun!');
  }

}

由于阅读了类似的问题，我尝试了：this.hubConnection.Headers.Add("token", tokenValue);，但它不工作，Headers属性不存在。

如何将承载令牌添加到HubConnection的Http标头？

谢谢你的帮助

Answer 1

要使用@aspnet/signalr (^1.1.4)执行此操作，可以使用以下代码

const options: IHttpConnectionOptions = {
  accessTokenFactory: () => {
    return "Token is resolved here";
  }
};

const connection = new signalR.HubConnectionBuilder()
  .configureLogging(signalR.LogLevel.Information)
  .withUrl(`${environment.apiUrl}/notify`, options)
  .build();

还可以向Hub添加注解

[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]

注意，在使用websocket协议时，SignalR似乎不会将承载令牌作为标头附加，而是将其作为'access_token‘参数添加到请求URL中，这需要您配置身份验证，以便在signalR选择使用ws时处理此令牌。

services.AddAuthentication(x =>
            {
                x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(x =>
            {
                x.RequireHttpsMetadata = false;
                x.SaveToken = true;
                x.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey = new SymmetricSecurityKey(key),
                    ValidateIssuer = false,
                    ValidateAudience = false
                };
                x.Events= new JwtBearerEvents
                {
                    OnMessageReceived = context =>
                    {
                        var accessToken = context.Request.Query["access_token"];

                        // If the request is for our hub...
                        var path = context.HttpContext.Request.Path;
                        if (!string.IsNullOrEmpty(accessToken) && (path.StartsWithSegments("/notify")))
                        {
                            // Read the token out of the query string
                            context.Token = accessToken;
                        }
                        return Task.CompletedTask;
                    }
                };
            });

Answer 2

通过阅读它们的源代码和测试，看起来您可以提供一个包含访问令牌的options对象，如下所示

var options = {
    transport: transportType,
    logging: signalR.LogLevel.Trace,
    accessToken: function () {
        return jwtToken;
    }
};

hubConnection = new signalR.HubConnection('/authorizedhub', options);
hubConnection.start();

尤其是测试文件here中的代码

Answer 3

我找不到使用angular解决问题的方法，但我在this article之后使用asp.net解决了问题。

这就是我所做的:现在为了连接，我在querystring中传递了jwt令牌，并指定了传输类型：

const options = {
      transport: TransportType.WebSockets
};
this.hubConnection = new HubConnection('http://localhost:27081/hub/notification/?token='+this.jwtToken, options);

然后在startup.cs > ConfigureServices()中：

        services
            .AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(cfg =>
            {
                cfg.RequireHttpsMetadata = false;
                cfg.SaveToken = true;
                cfg.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidIssuer = Configuration["JwtIssuer"],
                    ValidAudience = Configuration["JwtIssuer"],
                    IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JwtKey"])),
                    ClockSkew = TimeSpan.Zero // remove delay of token when expire
                };
                cfg.Events = new JwtBearerEvents
                {
                    OnMessageReceived = context =>
                    {
                        if (context.Request.Query.TryGetValue("token", out StringValues token)
                        )
                        {
                            context.Token = token;
                        }

                        return Task.CompletedTask;
                    },
                    OnAuthenticationFailed = context =>
                    {
                        var te = context.Exception;
                        return Task.CompletedTask;
                    }
                };
            });