Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

SignalR Client C# - Custom Auth Scheme

See original GitHub issue

Is your feature request related to a problem? Please describe.

I’m trying to override the Authorization scheme for C# SignalR Client e.g. not Bearer, however its doesn’t seems possible as it seems to be hardcoded in https://github.com/aspnet/AspNetCore/blob/master/src/SignalR/clients/csharp/Http.Connections.Client/src/Internal/WebSocketsTransport.cs#L116

Describe the solution you’d like

Ability to override the auth shceme, such as

new HubConnectionBuilder()
	.WithUrl(url, opts =>
	{
		opts.AuthScheme = "Secret";
		opts.AccessTokenProvider = () => Task.FromResult("XXX");
	})

Describe alternatives you’ve considered

Another option would be to pass the auth scheme in the AccessTokenProvider itself but might be breaking depends on how it’s handled

Issue Analytics

  • State:open
  • Created 4 years ago
  • Reactions:4
  • Comments:7 (4 by maintainers)

github_iconTop GitHub Comments

2reactions
BrennanConroycommented, Jul 16, 2021

One major issue is that browsers do not allow setting headers on websocket connections. This means we have to send the token in the query string which breaks your auth header logic.

Because we’ve already used access_token for BEARER, and you would need some way to distinguish what the scheme is, we would have to come up with some sort of identifier. Like myscheme_access_token=<token>, or access_token=<token>&scheme=myscheme

1reaction
analogrelaycommented, May 30, 2019

You can’t include the auth scheme in the AccessTokenProvider, we’ll put Bearer in front of it. So using FooScheme Token would produce a header like Bearer FooScheme Token.

We have some thoughts on custom authentication providers, but until then you can achieve this by adding the header manually and/or using a custom HttpClientHandler. See the SignalR Client Configuration doc for more details.

Backlogging for now as we do think custom authentication is a valuable scenario, we just don’t have capacity in 3.0 for it.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Authentication and authorization in ASP.NET Core SignalR
Authenticate users connecting to a SignalR hub. SignalR can be used with ASP.NET Core authentication to associate a user with each connection.
Read more >
SignalR Client C# - Custom Auth Scheme · Issue #10576
I'm trying to override the Authorization scheme for C# SignalR Client e.g. not Bearer, however its doesn't seems possible as it seems to...
Read more >
How to create custom authentication mechanism based on ...
Using Signal R with custom authentication mechanism. I simply check if connecting client has certain header passed in with connection request.
Read more >
Add Authentication to a SignalR Application - YouTube
Learn how to add authentication to an ASP.NET SignalR hub and handle authentication from a WPF client application.
Read more >
Various Ways to Authenticate and Authorize SignalR Hubs
This article describes the authorization and authentication for SignalR. You can also learn to apply these in various ways.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Blazor app doesn't load after upgrade to 3.0-preview4/preview5

Next page

Request: allow dependency injection in RouteConstraints and IRouter