我有一个带有一些控制器和SignalR集线器的asp.net Web API应用程序.使用Azure AD B2C进行JWT令牌验证的配置如下:
I have a asp.net web api application with some controllers and a signalR hub.JWT tokens validation with Azure AD B2C is configured like this:
.AddAzureADB2CBearer(options => _configuration.Bind("AzureAdB2C", options))
这在控制器上正常工作,我不必担心 Azure AD B2C令牌验证的复杂性.
Now, for the signalR hub to support Web Sockets or Server-sent events, the authentication token should be read from the querystring. I'm supposed to handle the OnMessageReceived event like this :
.AddJwtBearer(options =>
options.Events = new JwtBearerEvents
OnMessageReceived = context =>
var accessToken = context.Request.Query["access_token"];
// If the request is for our hub...
var path = context.HttpContext.Request.Path;
if (!string.IsNullOrEmpty(accessToken) &&
// Read the token out of the query string
context.Token = accessToken;
return Task.CompletedTask;
Unfortunately, the AzureAdB2COptions object does not give me access to the authentication events.
Maybe get a little more manual by writing your own AuthenticationHandler. You can use the IServiceCollection extensions of .AddAuthorization and .AddAuthentication to write your own logic that does the things that are supposed to happen.
What I find with C# in a post-dotnet core world, use as little of their framework as is necessary to hook in to it. The framework stuff is all janky and brittle, and in 5 years when they've redone it all 3 times nobody will be able to maintain the bizarre 5-year old fluent builder stuff in every Startup.cs.
Writing your own AuthenticationHandler is a good compromise between using a single-line fluent builder extension method vs. completely ignoring the entire framework and writing your own framework that uses logic and reason.
这篇关于如何从Asp.net Core中的查询字符串验证Azure AD B2C令牌?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!