52

This is driving me insane.

I'm using latest signalR release (2.0.2). This is my hub code (OnConnected)

        public override Task OnConnected()
        {
            //User is null then Identity and Name too.
            Connections.Add(Context.User.Identity.Name, Context.ConnectionId);
            return base.OnConnected();
        }

And this is my Controller's login method:

        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            if (ModelState.IsValid)
            {
              var user = await UnitOfWork.UserRepository.FindAsync(model.UserName,  model.Password);

                if (user != null)
                {
                    await SignInAsync(user, model.RememberMe);

                    return RedirectToLocal(returnUrl);
                }
            }

            TempData["ErrorMessage"] = Resources.InvalidUserNameOrPassword;

            // If we got this far, something failed, redisplay form
            return RedirectToAction("Index","Home");
        }

I found that some people are having this issue on OnDisconnected, I don't even make it there.

I'm using MCV5 template.

Do you have any idea what is wrong?

MRFerocius
  • 5,509
  • 7
  • 39
  • 47
  • Seems like a tough question even for SO... where are the SignalR owners.. I have been reading that version 2.0.3 might solve something similar when OnDisconnected, however no news for a long time. Something that is crucial to work like security is not working fine. Bad Luck me. – MRFerocius Feb 25 '14 at 13:32
  • For some reason if the computer clock is not on correct time (e.g one month back), Context.User will be null. – Tuomas Hietanen Feb 08 '18 at 13:17

6 Answers6

99

I found the final solution, this is the code of my OWIN startup class:

        public void Configuration(IAppBuilder app)
        {
        app.MapSignalR();

        // Enable the application to use a cookie to store information for the signed i user
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Home/Index")
        });

        // Use a cookie to temporarily store information about a user logging in with a third party login provider
        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
        app.UseMicrosoftAccountAuthentication(new MicrosoftProvider().GetAuthenticationOptions());
        app.UseTwitterAuthentication(new TwitterProvider().GetAuthenticationOptions());
        app.UseFacebookAuthentication(new FacebookProvider().GetAuthenticationOptions());
        app.UseGoogleAuthentication(new GoogleProvider().GetAuthenticationOptions());    
    }

Making myself some coffee, I thought "What about mapping SignalR AFTER the authentication, and voila! Now it's workign as expected.

        public void Configuration(IAppBuilder app)
        {
        // Enable the application to use a cookie to store information for the signed i user
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Home/Index")
        });

        // Use a cookie to temporarily store information about a user logging in with a third party login provider
        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
        app.UseMicrosoftAccountAuthentication(new MicrosoftProvider().GetAuthenticationOptions());
        app.UseTwitterAuthentication(new TwitterProvider().GetAuthenticationOptions());
        app.UseFacebookAuthentication(new FacebookProvider().GetAuthenticationOptions());
        app.UseGoogleAuthentication(new GoogleProvider().GetAuthenticationOptions());

        app.MapSignalR();    
    }
MRFerocius
  • 5,509
  • 7
  • 39
  • 47
5

If you're using Web Api and SignalR in the same project, you have to map SignalR before registering Web Api.

Change this:

app.UseWebApi(GlobalConfiguration.Configuration);
app.MapSignalR();

To this:

app.MapSignalR();
app.UseWebApi(GlobalConfiguration.Configuration);
Josh Noe
  • 2,664
  • 2
  • 35
  • 37
  • 1
    This is the answer provided a year and a half.- – MRFerocius Jun 12 '15 at 14:15
  • 6
    @MRFerocius the answer you provided is similar but different. Your answer is to move `app.MapSignalR()` below Authentication. Mine is to move it **above** `app.UseWebApi()`. Someone using both Web Api and SignalR may find this information useful, as it's not intuitive. – Josh Noe Jun 12 '15 at 14:25
  • 1
    This one did it for me! Thanks! – Chris Woolum Oct 30 '15 at 02:30
  • 1
    Thank you @JoshNoe I spent way too much time on this. This solved my issue. – Jonathan Aug 26 '17 at 20:54
3

just make sure auth. configuration is called befor start app.MapMignalrR()

i changed this 

 public partial class Startup
{
    public void Configuration(IAppBuilder app)
    {
        app.MapSignalR();
        ConfigureAuth(app);



    }
}

to this 

 public partial class Startup
{
    public void Configuration(IAppBuilder app)
    {
        ConfigureAuth(app);
        app.MapSignalR();


    }
}

hugs ..

islam khateeb
  • 31
  • 1
2

If you're mapping /signalr as a 'branched pipeline' you need to do this. Make sure to use bp.UseCookieAuthentication and not app:

app.Map("/signalr", bp =>
{
   bp.UseCookieAuthentication(new CookieAuthenticationOptions
   {
        AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
        LoginPath = new PathString("/store/youRaccount/login")
   });

Tip: I deliverately changed the casing so when I see youRaccount in the URL bar I know it worked :-)

Simon_Weaver
  • 140,023
  • 84
  • 646
  • 689
0

.NET Core SignalR only

For the newer .NET Core SignalR the full instructions explain that when using websockets you need to manually pull out the accessToken from the query string. This is easy to miss.

https://learn.microsoft.com/en-us/aspnet/core/signalr/authn-and-authz?view=aspnetcore-2.2

Basically where you call AddAuthentication() you need to add AddJwtBearer() and then set a handler for the OnMessageReceived handler.

Search for 'OnMessageReceived' in the above link for the code. It's a bit gnarly in the sense that you even have to add this yourself - but that's why it's easy to miss too.

Simon_Weaver
  • 140,023
  • 84
  • 646
  • 689
0

I was doing everything right like above mentioned answers but still it didn't resolve mine.

Below solution solved my issue.

I used the http context to get the access_token from the query params and decoded the token and from that I was able to access all the claims.

public override Task OnConnectedAsync()
{
    var httpContext = Context.GetHttpContext();
    if (httpContext != null)
    {
        var jwtToken = httpContext.Request.Query["access_token"];
        var handler = new JwtSecurityTokenHandler();
        if (!string.IsNullOrEmpty(jwtToken))
        {
            var token = handler.ReadJwtToken(jwtToken);
            var tokenS = token as JwtSecurityToken;

           // replace email with your claim name
            var jti = tokenS.Claims.First(claim => claim.Type == "email").Value;
            if (jti != null && jti != "")
            {
                Groups.AddToGroupAsync(Context.ConnectionId, jti);
            }
        }
    }
    return base.OnConnectedAsync();
}
Raj
  • 385
  • 2
  • 15