Activities of "maliming"

hi

Cookies do not provide isolation by port

Please use .localhost.

Please check the cookies for the http request. Including the current cookies. Are there any warnings in the browser console?

hi

The current workaround is to add the access token to the query string when joining connecting to the hub.

This is the recommended practice.

The localhost domain will share cookies. But after the application is published it will use a different domain/sub-domain.

https://learn.microsoft.com/en-us/aspnet/core/signalr/authn-and-authz?view=aspnetcore-7.0#bearer-token-authentication

HI

What are the steps to reproduce with the latest template project?

hi

I means the usage of UseCookiePolicy

hi

app.UseAuditing();

The main reason is that the audit log middleware is designed for http requests. Blazor Server's signlar is an event model.

You can set IsEnabledForGetRequests=true see more logs.

I need to reproduce the problem locally to troubleshoot, Please share the full error context log.

hi

[15:48:26 INF] [Lenovo] AuthenticationScheme: "Bearer" was forbidden.

What about AuthServer's logs?

The roles seem to be missing in the token. Have you passed the roles in your scope?

context.Services.ConfigureShareCookies();


app.UseCookiePolicy();

public static class ShareCookiesServiceCollectionExtensions
{
        public static IServiceCollection ConfigureShareCookies(this IServiceCollection services)
        {
            services.Configure<CookiePolicyOptions>(options =>
            {
                var previousOnAppendCookie = options.OnAppendCookie;
                options.OnAppendCookie = cookieContext =>
                {
                    SetCookieDomain(cookieContext, null);
                    previousOnAppendCookie?.Invoke(cookieContext);
                };

                var previousOnDeleteCookie = options.OnDeleteCookie;
                options.OnDeleteCookie = cookieContext =>
                {
                    SetCookieDomain(null, cookieContext);
                    previousOnDeleteCookie?.Invoke(cookieContext);
                };
            });

            return services;
        }

        private static void SetCookieDomain(AppendCookieContext appendCookieContext, DeleteCookieContext deleteCookieContext)
        {
            if (appendCookieContext != null)
            {
                appendCookieContext.CookieOptions.Domain = ".abp.io";
            }

            if (deleteCookieContext != null)
            {
                deleteCookieContext.CookieOptions.Domain = ".abp.io";
            }
        }

}

similar https://community.abp.io/posts/patch-for-chrome-login-issue-identityserver4-samesite-cookie-problem-weypwp3n

I sent you a zip file containing my logs.

I didn't receive it. Can you confirm?