【发布时间】:2021-10-08 18:18:11
【问题描述】:
当 Authorize 属性放置在 SignalR Hub 实现的方法级别时,不会调用自定义 AuthorizationHandler。
我有以下代码,我认为这是自定义授权处理的正确包含。我正在使用以下设置:
ASP.Net Core 5.0 版, .Net 5.0 控制台应用与 Kestrel 主机配置为 Windows 身份验证(身份已填充):
有什么想法缺少/错了吗?
public class Startup
{
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
app.UseDeveloperExceptionPage();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints => endpoints.MapHub<ExampleHub>("/Example"));
}
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
.AddNegotiate();
services.AddAuthorization(options =>
{
options.AddPolicy(nameof(ExampleRequirement), policy => policy.Requirements.Add(new ExampleRequirement()));
});
services.AddSingleton<IUserIdProvider, NameUserIdProvider>();
services.AddSingleton<IAuthorizationRequirement, ExampleAuthorizationRequirementHandler>();
services.AddSignalR(options =>
{
options.EnableDetailedErrors = true;
});
}
}
public class ExampleRequirement : IAuthorizationRequirement
{
}
public class ExampleAuthorizationRequirementHandler : AuthorizationHandler<ExampleRequirement, HubInvocationContext>, IAuthorizationRequirement
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ExampleRequirement requirement,
HubInvocationContext resource)
{
context.Succeed(requirement);
return Task.CompletedTask;
}
}
public class NameUserIdProvider : IUserIdProvider
{
public string GetUserId(HubConnectionContext connection)
{
return connection.User?.Identity?.Name;
}
}
public class ExampleHub : Hub
{
[Authorize(Policy = "ExampleRequirement")]
public Task Register()
{
return Task.CompletedTask;
}
}
【问题讨论】:
-
尝试在 services.AddAuthorization 之后但在注册 IAuthorizationRequirement 之前移动 services.AddSignalR
-
谢谢,但运气还是一样...
标签: c# asp.net-core signalr signalr-hub asp.net-core-signalr