SignalR + Node WebKit / Node在通过身份验证时无法通过websockets连接

时间:2015-04-21 01:03:11

标签: asp.net node.js signalr node-webkit

这是一个管理大量webkit窗口的节点webkit应用程序。每个webkit窗口都使用signalR连接到MVC / webApi / signalR堆栈,没有任何问题。每个窗口通过websockets连接到1-3个集线器。一切都很好。

我的客户希望在管理所有其他窗口的基本节点应用程序中使用SignalR。这是事情变得有趣的地方......

因此,虽然节点应用程序在webkit环境中运行,但它是从文件系统提供的(header:origin = file://)

所以我已经开始使用signalR(没有JSONP,因为我的目标是websockets)

app.Map("/signalr", map =>
           {
                map.UseCors(CorsOptions.AllowAll);
                var hubConfiguration = new HubConfiguration();

                map.RunSignalR(hubConfiguration);
            });

因此,当我在用户登录从Node生成的一个窗口之前连接到节点应用程序时,signalR通过websockets连接正常,并且当他们登录时我没有收到任何错误(即用户已更改身份)

  var connection = window.$.hubConnection("http://localhost");
  connection.logging = true;
  connection.start()
        .done(function () { console.log('Now connected, connection ID=' + connection.id); })
        .fail(function () { console.log('Could not connect'); });

问题是我在HubCallerConext服务器端没有身份。

因此,如果用户首先登录,那么节点应用程序将在另一个衍生窗口中创建cookie,这就是事情变得奇怪的地方。 SignalR无法通过websockets连接以下错误(来自fiddler)

无法识别的用户身份。在活动的SignalR连接期间,用户身份无法更改。

这是协商呼叫,然后是通过websockets连接(升级)的失败呼叫。 我有一个fiddler规则替换Origin:file:// with localhost。以防万一这会影响它。

GET http://localhost/signalr/negotiate?clientProtocol=1.4&connectionToken=qs09pHGxr6x5fff1GJ%2FChWUnpSLX5ljV8FuS3h06P%2FhpS55cjNvh2uFHHTXukDI%2BK%2BcgsC6%2BWVJHba4xrkt6IVc2KwGIfm4eeyHrigNFRotjBYKb&connectionData=%5B%7B%22name%22%3A%22windowmanagementhub%22%7D%5D&_=1429572950768 HTTP/1.1
Host: localhost
Connection: keep-alive
Accept: text/plain, */*; q=0.01
 X-DevTools-Emulate-Network-Conditions-Client-Id: 2E81759B-036D-4E92-ADF4-865AFBF59D2
 User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36
 Content-Type: application/x-www-form-urlencoded; charset=UTF-8
 Accept-Encoding: gzip, deflate
 Accept-Language: en-GB,en-us;q=0.8,en;q=0.6
 Cookie: ASP.NET_SessionId=opyggkqxnudnuag5mtxy40ai; __APPLICATION_LANGUAGE=en-GB; __RequestVerificationToken=eoB...GHjTo1; .ASPXAUTH=6909...82ED0; WindowsAuthCookie.LoginName=userName
 Origin: http://localhost

和回复

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: http://localhost
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Date: Mon, 20 Apr 2015 23:46:49 GMT

177
{"Url":"/signalr","ConnectionToken":"LwJz6Ev3+9C/NbKBqHkrI8KwYaz53qiBbzDJVlcse1qRXU3loCqOI68kUb4kpyk8gdQlkKRJ0wBrpb+VVtUMFtrtSQOEhGQE9ZNaMDBajyK2/Evz","ConnectionId":"68e7751b-aaee-4ed7-aa36-a2d1ab25107f","KeepAliveTimeout":20.0,"DisconnectTimeout":30.0,"ConnectionTimeout":110.0,"TryWebSockets":true,"ProtocolVersion":"1.4","TransportConnectTimeout":5.0,"LongPollDelay":0.0}
0

然后是以下连接标头,这是获取403的请求

GET http://localhost/signalr/connect?transport=webSockets&clientProtocol=1.4&connectionToken=LwJz6Ev3%2B9C%2FNbKBqHkrI8KwYaz53qiBbzDJVlcse1qRXU3loCqOI68kUb4kpyk8gdQlkKRJ0wBrpb%2BVVtUMFtrtSQOEhGQE9ZNaMDBajyK2%2FEvz&connectionData=%5B%7B%22name%22%3A%22windowmanagementhub%22%7D%5D&tid=0 HTTP/1.1
Host: localhost
Connection: Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
Origin: http://localhost
Sec-WebSocket-Version: 13
User-Agent:
Accept-Encoding: gzip, deflate
Accept-Language: en-GB,en-us;q=0.8,en;q=0.6
Sec-WebSocket-Key: HqfgeBw4svkTTpBK2CfaJA==
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

和403响应

HTTP/1.1 403 Forbidden
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: http://localhost
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Date: Mon, 20 Apr 2015 23:46:49 GMT

61
Unrecognized user identity.  The user identity cannot change during an active SignalR connection.
0

以下是控制台中的javascript错误(来自jquery.signalR 2.1.2,不同的连接ID,令牌)

WebSocket connection to 
'ws://localhost/signalr/connect?transport=webSockets&clientProtocol=1.4&connectionToken=xzGshRPvF1XvGnq2S2nDmGZ3TISMGEt01Au0z9J%2FAfMa2OtQUMW5XX5HgW0I4n2MK5UfGfpJ4%2Fl7OkiRpQlSIFrDkfy25WHScwpkubBsn5403%2Ba3&connectionData=%5B%7B%22name%22%3A%22windowmanagementhub%22%7D%2C%7B%22name%22%3A%22browserloghub%22%7D%5D&tid=1' 
failed: Error during WebSocket handshake: Unexpected response code: 403

然后,SignalR将(正确)回退到SSE并成功连接。我可以看到用户服务器端的身份。

我真的很想了解为什么在用户通过身份验证后我无法通过websockets进行连接。如果我通过signalR延迟所有窗口连接到服务器,直到用户通过身份验证,那么我也会看到相同的行为。

任何帮助或线索都将不胜感激。

0 个答案:

没有答案