我正在尝试将JWT身份验证与ServiceStack ServerEvents一起使用,以确保所有用户均已通过身份验证,但是我找不到如何配置服务器事件来执行此操作.我认为这可以在默认配置下工作,因为在文档中没有提到如何使其正常工作,只是它可以正常工作,这意味着我的配置中的某些功能已禁用/破坏了此功能,但我无法解决.
I'm trying to use JWT authentication with ServiceStack ServerEvents to ensure that all users are authenticated but I can't find how to configure server events to do this. I assume that this works in the default configuration since it's not mentioned in the docs how to get it working, only that it does, which would mean that something in my configuration has disabled/broken this feature but I can't work out what.
On the server side the setup in Configure() is pretty simple.
new AuthFeature(
() => { return new AuthenticatedSession(); },
new IAuthProvider[] { jwt, perpetualJwt }
IncludeAssignRoleServices = false,IncludeRegistrationService = false
new ServerEventsFeature
StreamPath = ApiHost.EventSystemRoot +"-stream", // /request/event-stream
HeartbeatPath = ApiHost.EventSystemRoot + "-heartbeat",
UnRegisterPath = null,
SubscribersPath = null,
LimitToAuthenticatedUsers = true,
IdleTimeout = TimeSpan.FromSeconds(30),
HeartbeatInterval = TimeSpan.FromSeconds(20),
NotifyChannelOfSubscriptions = true,
jwt和perpetualJwt提供程序是JsonWebTokeynAuthProviders(句柄承载令牌jwt),我已经将它们与标准servicestack api请求一起使用,因此我确信它们的功能是正确的,但是可能不会被调用.
the jwt and perpetualJwt providers are JsonWebTokeynAuthProviders (handle bearer token jwt) and I've got these working with standard servicestack api requests so I have confidence that their function is correct, however they may not be getting called.
To connect the client I use code like this:
this.directBoardClient = new JsonServiceClient(this.boardUrlTextBox.Text)
BearerToken = this.boardTokenTextBox.Text
this.directBoardEvents = new ServerEventsClient(this.boardUrlTextBox.Text.AppendPath("ueib", "request"))
OnMessage = boardEvents_OnMessage,
OnCommand = boardEvents_OnCommand
When i call start i get a 401. If i don't require auth or i omit the serverevents client the directBoardClient can make calls that require auth successfully.
I think that the auth feature isn't being called when i'm connecting to the stream endpoint and that my moving the events endpoints may have disturbed something but i can't identify what that is. Can anyone help identify what i can do to fix this or suggest further debugging steps?
不用于建立服务器事件连接,仅用于其 CookieContainer已共享,这将允许您通过ServiceClient
The ServerEventsClient.ServiceClient
isn't used for establishing the Server Events connection, only its CookieContainer is shared which will allow you to Authenticate with the ServiceClient
to establish an Authenticated Session.
如果您使用的是JWT AuthProvider,则可以将其发送到内部Cookie ,以便与客户端Web请求一起发送.否则,您可以尝试使用EventStreamRequestFilter
If you're using a JWT AuthProvider you can send it inside a Cookie so it gets sent with client Web Requests. Otherwise you can try adding the JWT Token using the EventStreamRequestFilter
which gets executed before establishing the Server Events connection, e.g:
new ServerEventsClient(...) {
EventStreamRequestFilter = req => req.AddBearerToken(jwt)
添加了支持,这将使您修改用于建立服务器事件连接的URL,该URL还允许您将JWT令牌作为在JWT TypeScript ServerEventsClient示例中看到:
var sseClient = new ServerEventsClient(BaseUrl, ["*"], {
resolveStreamUrl: url => appendQueryString(url, { "ss-tok": JWT }),
handlers: {
onConnect: e => {
console.log(e.isAuthenticated /*true*/, e.userId, e.displayName);
The change also lets you modify the EventStreamPath
independently from the BaseUri
which was previously assumed to be {BaseUrl}/event-stream
这要求您的JWT AuthProvider通过QueryString接受JWT令牌,可以在ServiceStack的JWT AuthProvider中启用QueryString,
This requires that your JWT AuthProvider to accept JWT Tokens via the QueryString which you can enable in ServiceStack's JWT AuthProvider with:
new JwtAuthProvider {
AllowInQueryString = true
这篇关于ServiceStack ServerEvents身份验证配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!