SignalR核心JWT身份验证不起作用

时间:2020-06-03 07:48:44

标签: signalr core signalr-hub jwt-auth

因此,我正在尝试使用SignalR在.NET CORE 2.2中通过JWT进行身份验证。我没有收到错误消息,指出它在服务器或客户端均不起作用。我在应该进行身份验证的服务器端设置了断点。有谁知道为什么它不起作用? JWT是不对称构建的。

这就是我生成JWT的方式:

var utcNow = DateTime.UtcNow;  

            using (RSA privateRsa = RSA.Create())  
            {  
                privateRsa.FromXmlFile(Path.Combine(HttpContext.Current.Server.MapPath("~"),  
                    "Keys",  
                    ConfigurationManager.AppSettings["PrivateKey"]
                ));  
                var privateKey = new RsaSecurityKey(privateRsa);  
                SigningCredentials signingCredentials = new SigningCredentials(privateKey, SecurityAlgorithms.RsaSha256);  


                var claims = new Claim[]  
                {  
                    new Claim(JwtRegisteredClaimNames.Sub, user.ID.ToString()),  
                    //new Claim(JwtRegisteredClaimNames.NameId, user.FullName),
                    new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),  
                    new Claim(JwtRegisteredClaimNames.Iat, utcNow.ToString())  
                };  

                var jwt = new JwtSecurityToken(  
                    signingCredentials: signingCredentials,  
                    claims: claims,  
                    notBefore: utcNow,  
                    expires: utcNow.AddMonths(12),  
                    audience: "https://pacsonweb.com",  
                    issuer: "PACSonWEB3 App"  
                );  

                return new JwtSecurityTokenHandler().WriteToken(jwt);

这就是我在服务器端进行身份验证的方式:

RsaSecurityKey signingKey = new RsaSecurityKey(publicRsa);  

        services.AddAuthentication(options =>  
        {  
            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;  
            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;  
        }).AddJwtBearer(config =>  
        {  
            config.RequireHttpsMetadata = true;  
            config.SaveToken = true;  
            config.TokenValidationParameters = new TokenValidationParameters()  
            {  
                IssuerSigningKey = signingKey,  
                ValidateAudience = true,  
                ValidAudience = this.Configuration["Tokens:Audience"],  
                ValidateIssuer = true,  
                ValidIssuer = this.Configuration["Tokens:Issuer"],  
                ValidateLifetime = true,  
                ValidateIssuerSigningKey = true  
            };
        });

这是我通过客户端发送带有SignalR的JWT的方式:

hubConnection = new HubConnectionBuilder().WithUrl(hubUrl, (opts) =>
        {
            opts.AccessTokenProvider = () => Globals.GetJWTToken();
            opts.HttpMessageHandlerFactory = (message) =>
            {
                if (message is HttpClientHandler clientHandler)
                {
                    // bypass SSL certificate
                    clientHandler.ServerCertificateCustomValidationCallback += CheckCertificate;
                    clientHandler.CheckCertificateRevocationList = false;
                }
                return message;
            };
        }).Build();

0 个答案:

没有答案
相关问题
最新问题