Open Closed

Permissions not working with Azure SignalR Service #4376


User avatar
0
dave_scobie created

ABP Framework version: v6.0.1 UI type: BlazorServer DB provider: EF Core Tiered & Identity Server Separated

Issue: when setting up the BlazorServerApp to use Azure SignalR Service, the permissions work when logged in to show menus and permissions for navigation. On navigating to a page within Blazor, the API is called and "NO BEARER TOKEN" is presented in the API request when Azure SignalR Service has been configured in the BlazorStartupModule - shown below. When Azure SignalR Service is removed from the configuration, the Bearer Token is added to the every request to the API.

Configuration to reproduce of BlazorStartupModule:

context.Services.AddSignalR(options => { options.AddFilter<AbpSignalRFilter>(); options.EnableDetailedErrors = true; }).AddAzureSignalR(options => { options.ServerStickyMode = Microsoft.Azure.SignalR.ServerStickyMode.Required; });

The AbpSignalRFilter.cs

public class AbpSignalRFilter : IHubFilter
{   
    public async ValueTask<object> InvokeMethodAsync(HubInvocationContext invocationContext, Func<HubInvocationContext, ValueTask<object>> next)
    {
        var currentPrincipalAccessor = invocationContext.ServiceProvider.GetRequiredService<ICurrentPrincipalAccessor>();
        
        using (currentPrincipalAccessor.Change(invocationContext.Context.User))
        {
                return await next(invocationContext);
        }
    }
    public virtual async Task OnConnectedAsync(HubLifetimeContext context, Func<HubLifetimeContext, Task> next)
    {
        var currentPrincipalAccessor = context.ServiceProvider.GetRequiredService<ICurrentPrincipalAccessor>();
        using (currentPrincipalAccessor.Change(context.Context.User))
        {
            await next(context);
        }
    }
    public virtual async Task OnDisconnectedAsync(HubLifetimeContext context, Exception exception, Func<HubLifetimeContext, Exception, Task> next)
    {
        var currentPrincipalAccessor = context.ServiceProvider.GetRequiredService<ICurrentPrincipalAccessor>();
        using (currentPrincipalAccessor.Change(context.Context.User))
        {
            await next(context, exception);
        }
    }
}

On running application no bearer token present when calling API and we get a 401 message from the API, the Azure SignalR connection is the then disconnected.

Please confirm why when using the Azsure SignalR Service the bearer token is not being provided and what we need to implement to get this to work.


8 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you share the URL and username and password so I can reproduce the problem online?

    liming.ma@volosoft.com

  • User Avatar
    0
    john@togarrach.co.uk created

    Instead, could you point us at a working example that uses AzureSignalR, IdentityServer4 and Blazor Server. This might help us to find the issue without any associated loss of security. We don't mind if you use placeholders for secrets etc. in the example, but we haven't been able to find one online even though this must be something that is a requirement for anyone using this setup and deploying to Azure. We followed the docs to the letter. We have a suspicion it's possibly something missing in configuration. As Dave mentioned - the app works fine locally. I have emailed you with the link to the azure configuration

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Can you use AzureSignalR during local development?

    I have not purchased AzureSignalR, so I cannot provide an example. Can you share a project that uses AzureSignalR to reproduce the problem?

  • User Avatar
    0
    john@togarrach.co.uk created
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    HI

    Can you use AzureSignalR during local development? Can you share a project that uses AzureSignalR to reproduce the problem?

  • User Avatar
    0
    john@togarrach.co.uk created

    "Can you use AzureSignalR during local development?" - if you mean can we see our azure signalr connection happening - then yes. What we are not seeing is the authorization being resolved (i.e. as per this) - unfortunately, whatever solved that issue (assuming it was your AbpSignalRFilter) is not resolving ours. It would also be good to know how you managed to test that (i.e. to produce this) without using AzureSignalR.

  • User Avatar
    0
    thanhvl1 created

    Hi,

    I’m also looking for an example to use with AzureS SignalR service, but cannot find

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi john

    Can you share a project that uses AzureSignalR to reproduce the problem? liming.ma@volosoft.com

Made with ❤️ on ABP v9.1.0-preview. Updated on December 10, 2024, 06:38